2018-10-09 15:07:54 +00:00
|
|
|
package server
|
|
|
|
|
|
|
|
import (
|
2018-10-14 19:32:54 +00:00
|
|
|
"crypto"
|
2018-10-09 15:07:54 +00:00
|
|
|
"encoding/json"
|
2018-12-22 23:58:03 +00:00
|
|
|
"errors"
|
2019-08-12 22:13:13 +00:00
|
|
|
"fmt"
|
2020-04-08 23:39:40 +00:00
|
|
|
"github.com/cbeuw/Cloak/internal/common"
|
2019-08-03 10:17:09 +00:00
|
|
|
"github.com/cbeuw/Cloak/internal/server/usermanager"
|
2018-10-09 15:07:54 +00:00
|
|
|
"io/ioutil"
|
2019-08-12 22:13:13 +00:00
|
|
|
"net"
|
|
|
|
"strings"
|
2018-10-09 15:07:54 +00:00
|
|
|
"sync"
|
|
|
|
"time"
|
2019-07-25 11:17:29 +00:00
|
|
|
|
|
|
|
gmux "github.com/gorilla/mux"
|
2018-10-09 15:07:54 +00:00
|
|
|
)
|
|
|
|
|
2020-04-09 12:26:23 +00:00
|
|
|
type RawConfig struct {
|
2019-08-19 22:23:41 +00:00
|
|
|
ProxyBook map[string][]string
|
2019-09-15 14:29:29 +00:00
|
|
|
BindAddr []string
|
2019-08-19 22:23:41 +00:00
|
|
|
BypassUID [][]byte
|
|
|
|
RedirAddr string
|
2019-12-29 13:28:52 +00:00
|
|
|
PrivateKey []byte
|
|
|
|
AdminUID []byte
|
2019-08-19 22:23:41 +00:00
|
|
|
DatabasePath string
|
|
|
|
StreamTimeout int
|
2019-12-09 16:12:47 +00:00
|
|
|
KeepAlive int
|
2019-08-19 22:23:41 +00:00
|
|
|
CncMode bool
|
2018-10-09 15:07:54 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// State type stores the global state of the program
|
|
|
|
type State struct {
|
2020-04-08 23:34:02 +00:00
|
|
|
ProxyBook map[string]net.Addr
|
2020-04-08 23:39:40 +00:00
|
|
|
ProxyDialer common.Dialer
|
2019-06-09 06:10:22 +00:00
|
|
|
|
2020-04-09 21:11:12 +00:00
|
|
|
WorldState common.WorldState
|
|
|
|
AdminUID []byte
|
|
|
|
Timeout time.Duration
|
2020-04-08 23:34:02 +00:00
|
|
|
//KeepAlive time.Duration
|
2019-08-04 20:10:59 +00:00
|
|
|
|
|
|
|
BypassUID map[[16]byte]struct{}
|
|
|
|
staticPv crypto.PrivateKey
|
2019-07-22 12:42:39 +00:00
|
|
|
|
2020-04-08 23:34:02 +00:00
|
|
|
// TODO: this doesn't have to be a net.Addr; resolution is done in Dial automatically
|
|
|
|
RedirHost net.Addr
|
|
|
|
RedirPort string
|
2020-04-08 23:39:40 +00:00
|
|
|
RedirDialer common.Dialer
|
2019-07-22 12:42:39 +00:00
|
|
|
|
2018-10-14 19:32:54 +00:00
|
|
|
usedRandomM sync.RWMutex
|
2019-08-03 10:49:05 +00:00
|
|
|
usedRandom map[[32]byte]int64
|
2018-10-14 19:32:54 +00:00
|
|
|
|
2019-07-25 11:17:29 +00:00
|
|
|
Panel *userPanel
|
|
|
|
LocalAPIRouter *gmux.Router
|
2018-10-14 19:32:54 +00:00
|
|
|
}
|
|
|
|
|
2019-12-29 13:28:52 +00:00
|
|
|
func parseRedirAddr(redirAddr string) (net.Addr, string, error) {
|
|
|
|
var host string
|
|
|
|
var port string
|
2019-09-21 15:17:43 +00:00
|
|
|
colonSep := strings.Split(redirAddr, ":")
|
2019-12-29 13:28:52 +00:00
|
|
|
if len(colonSep) > 1 {
|
2019-09-21 15:17:43 +00:00
|
|
|
if len(colonSep) == 2 {
|
2019-12-29 13:28:52 +00:00
|
|
|
// domain or ipv4 with port
|
|
|
|
host = colonSep[0]
|
|
|
|
port = colonSep[1]
|
2019-09-21 15:17:43 +00:00
|
|
|
} else {
|
|
|
|
if strings.Contains(redirAddr, "[") {
|
2019-12-29 13:28:52 +00:00
|
|
|
// ipv6 with port
|
|
|
|
port = colonSep[len(colonSep)-1]
|
|
|
|
host = strings.TrimSuffix(redirAddr, "]:"+port)
|
|
|
|
host = strings.TrimPrefix(host, "[")
|
|
|
|
} else {
|
|
|
|
// ipv6 without port
|
|
|
|
host = redirAddr
|
2019-09-21 15:17:43 +00:00
|
|
|
}
|
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
} else {
|
|
|
|
// domain or ipv4 without port
|
|
|
|
host = redirAddr
|
2019-09-21 15:17:43 +00:00
|
|
|
}
|
|
|
|
|
2019-12-29 13:28:52 +00:00
|
|
|
redirHost, err := net.ResolveIPAddr("ip", host)
|
|
|
|
if err != nil {
|
|
|
|
return nil, "", fmt.Errorf("unable to resolve RedirAddr: %v. ", err)
|
|
|
|
}
|
|
|
|
return redirHost, port, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func parseLocalPanel(databasePath string) (*userPanel, *gmux.Router, error) {
|
|
|
|
manager, err := usermanager.MakeLocalManager(databasePath)
|
2019-09-15 14:29:29 +00:00
|
|
|
if err != nil {
|
2019-12-29 13:28:52 +00:00
|
|
|
return nil, nil, err
|
2019-09-15 14:29:29 +00:00
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
panel := MakeUserPanel(manager)
|
|
|
|
router := manager.Router
|
|
|
|
return panel, router, nil
|
2019-09-15 14:29:29 +00:00
|
|
|
|
2019-12-29 13:28:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func parseProxyBook(bookEntries map[string][]string) (map[string]net.Addr, error) {
|
|
|
|
proxyBook := map[string]net.Addr{}
|
|
|
|
for name, pair := range bookEntries {
|
2019-09-15 14:29:29 +00:00
|
|
|
name = strings.ToLower(name)
|
2019-08-12 22:13:13 +00:00
|
|
|
if len(pair) != 2 {
|
2019-12-29 13:28:52 +00:00
|
|
|
return nil, fmt.Errorf("invalid proxy endpoint and address pair for %v: %v", name, pair)
|
2019-08-12 22:13:13 +00:00
|
|
|
}
|
|
|
|
network := strings.ToLower(pair[0])
|
|
|
|
switch network {
|
|
|
|
case "tcp":
|
|
|
|
addr, err := net.ResolveTCPAddr("tcp", pair[1])
|
|
|
|
if err != nil {
|
2019-12-29 13:28:52 +00:00
|
|
|
return nil, err
|
2019-08-12 22:13:13 +00:00
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
proxyBook[name] = addr
|
2019-08-12 22:13:13 +00:00
|
|
|
continue
|
|
|
|
case "udp":
|
|
|
|
addr, err := net.ResolveUDPAddr("udp", pair[1])
|
|
|
|
if err != nil {
|
2019-12-29 13:28:52 +00:00
|
|
|
return nil, err
|
2019-08-12 22:13:13 +00:00
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
proxyBook[name] = addr
|
2019-08-12 22:13:13 +00:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
return proxyBook, nil
|
|
|
|
}
|
2018-12-03 20:30:06 +00:00
|
|
|
|
2020-04-09 12:26:23 +00:00
|
|
|
func ParseConfig(conf string) (raw RawConfig, err error) {
|
2019-12-29 13:28:52 +00:00
|
|
|
content, errPath := ioutil.ReadFile(conf)
|
|
|
|
if errPath != nil {
|
2020-04-09 12:26:23 +00:00
|
|
|
errJson := json.Unmarshal(content, &raw)
|
2019-12-29 13:28:52 +00:00
|
|
|
if errJson != nil {
|
2020-04-09 12:26:23 +00:00
|
|
|
err = fmt.Errorf("failed to read/unmarshal configuration, path is invalid or %v", errJson)
|
|
|
|
return
|
2019-12-29 13:28:52 +00:00
|
|
|
}
|
|
|
|
} else {
|
2020-04-09 12:26:23 +00:00
|
|
|
errJson := json.Unmarshal(content, &raw)
|
2019-12-29 13:28:52 +00:00
|
|
|
if errJson != nil {
|
2020-04-09 12:26:23 +00:00
|
|
|
err = fmt.Errorf("failed to read configuration file: %v", errJson)
|
|
|
|
return
|
2019-12-29 13:28:52 +00:00
|
|
|
}
|
|
|
|
}
|
2020-04-09 12:26:23 +00:00
|
|
|
return
|
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
|
2020-04-09 12:26:23 +00:00
|
|
|
// ParseConfig parses the config (either a path to json or the json itself as argument) into a State variable
|
2020-04-09 21:11:12 +00:00
|
|
|
func InitState(preParse RawConfig, worldState common.WorldState) (sta *State, err error) {
|
2020-04-09 12:26:23 +00:00
|
|
|
sta = &State{
|
2020-04-09 12:37:33 +00:00
|
|
|
BypassUID: make(map[[16]byte]struct{}),
|
|
|
|
ProxyBook: map[string]net.Addr{},
|
|
|
|
usedRandom: map[[32]byte]int64{},
|
|
|
|
RedirDialer: &net.Dialer{},
|
2020-04-09 21:11:12 +00:00
|
|
|
WorldState: worldState,
|
2020-04-09 12:26:23 +00:00
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
if preParse.CncMode {
|
2020-04-09 12:26:23 +00:00
|
|
|
err = errors.New("command & control mode not implemented")
|
|
|
|
return
|
2019-12-29 13:28:52 +00:00
|
|
|
} else {
|
|
|
|
sta.Panel, sta.LocalAPIRouter, err = parseLocalPanel(preParse.DatabasePath)
|
2020-04-09 12:26:23 +00:00
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if preParse.StreamTimeout == 0 {
|
|
|
|
sta.Timeout = time.Duration(300) * time.Second
|
|
|
|
} else {
|
|
|
|
sta.Timeout = time.Duration(preParse.StreamTimeout) * time.Second
|
|
|
|
}
|
|
|
|
|
2019-12-09 16:12:47 +00:00
|
|
|
if preParse.KeepAlive <= 0 {
|
2020-04-08 23:34:02 +00:00
|
|
|
sta.ProxyDialer = &net.Dialer{KeepAlive: -1}
|
2019-12-09 16:12:47 +00:00
|
|
|
} else {
|
2020-04-08 23:34:02 +00:00
|
|
|
sta.ProxyDialer = &net.Dialer{KeepAlive: time.Duration(preParse.KeepAlive) * time.Second}
|
2019-12-09 16:12:47 +00:00
|
|
|
}
|
|
|
|
|
2019-12-29 13:28:52 +00:00
|
|
|
sta.RedirHost, sta.RedirPort, err = parseRedirAddr(preParse.RedirAddr)
|
2018-10-14 19:32:54 +00:00
|
|
|
if err != nil {
|
2020-04-09 12:26:23 +00:00
|
|
|
err = fmt.Errorf("unable to parse RedirAddr: %v", err)
|
|
|
|
return
|
2018-11-22 21:55:23 +00:00
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
|
|
|
|
sta.ProxyBook, err = parseProxyBook(preParse.ProxyBook)
|
|
|
|
if err != nil {
|
2020-04-09 12:26:23 +00:00
|
|
|
err = fmt.Errorf("unable to parse ProxyBook: %v", err)
|
|
|
|
return
|
2019-12-29 13:28:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
var pv [32]byte
|
|
|
|
copy(pv[:], preParse.PrivateKey)
|
|
|
|
sta.staticPv = &pv
|
|
|
|
|
|
|
|
sta.AdminUID = preParse.AdminUID
|
2019-08-04 20:10:59 +00:00
|
|
|
|
|
|
|
var arrUID [16]byte
|
|
|
|
for _, UID := range preParse.BypassUID {
|
|
|
|
copy(arrUID[:], UID)
|
|
|
|
sta.BypassUID[arrUID] = struct{}{}
|
|
|
|
}
|
2019-12-29 13:28:52 +00:00
|
|
|
copy(arrUID[:], sta.AdminUID)
|
2019-08-04 20:10:59 +00:00
|
|
|
sta.BypassUID[arrUID] = struct{}{}
|
2019-12-29 13:28:52 +00:00
|
|
|
|
2020-04-09 12:26:23 +00:00
|
|
|
go sta.UsedRandomCleaner()
|
|
|
|
return sta, nil
|
2018-10-09 15:07:54 +00:00
|
|
|
}
|
|
|
|
|
2019-08-20 21:43:04 +00:00
|
|
|
// IsBypass checks if a UID is a bypass user
|
2019-08-04 20:10:59 +00:00
|
|
|
func (sta *State) IsBypass(UID []byte) bool {
|
|
|
|
var arrUID [16]byte
|
|
|
|
copy(arrUID[:], UID)
|
|
|
|
_, exist := sta.BypassUID[arrUID]
|
|
|
|
return exist
|
|
|
|
}
|
|
|
|
|
2019-08-08 14:05:36 +00:00
|
|
|
const TIMESTAMP_TOLERANCE = 180 * time.Second
|
|
|
|
|
|
|
|
const CACHE_CLEAN_INTERVAL = 12 * time.Hour
|
2019-08-02 00:01:19 +00:00
|
|
|
|
2019-08-20 21:43:04 +00:00
|
|
|
// UsedRandomCleaner clears the cache of used random fields every CACHE_CLEAN_INTERVAL
|
2018-10-09 15:07:54 +00:00
|
|
|
func (sta *State) UsedRandomCleaner() {
|
|
|
|
for {
|
2019-08-08 14:05:36 +00:00
|
|
|
time.Sleep(CACHE_CLEAN_INTERVAL)
|
2018-10-14 19:32:54 +00:00
|
|
|
sta.usedRandomM.Lock()
|
|
|
|
for key, t := range sta.usedRandom {
|
2020-04-09 21:11:12 +00:00
|
|
|
// todo: inpure time
|
|
|
|
if time.Unix(t, 0).Before(sta.WorldState.Now().Add(TIMESTAMP_TOLERANCE)) {
|
2018-10-14 19:32:54 +00:00
|
|
|
delete(sta.usedRandom, key)
|
2018-10-09 15:07:54 +00:00
|
|
|
}
|
|
|
|
}
|
2018-10-14 19:32:54 +00:00
|
|
|
sta.usedRandomM.Unlock()
|
2018-10-09 15:07:54 +00:00
|
|
|
}
|
|
|
|
}
|
2019-08-03 10:49:05 +00:00
|
|
|
|
2020-01-24 15:13:26 +00:00
|
|
|
func (sta *State) registerRandom(r [32]byte) bool {
|
2019-08-03 10:49:05 +00:00
|
|
|
sta.usedRandomM.Lock()
|
2020-01-24 15:13:26 +00:00
|
|
|
_, used := sta.usedRandom[r]
|
2020-04-09 21:11:12 +00:00
|
|
|
sta.usedRandom[r] = sta.WorldState.Now().Unix()
|
2019-08-03 10:49:05 +00:00
|
|
|
sta.usedRandomM.Unlock()
|
|
|
|
return used
|
|
|
|
}
|