Cloak/internal/server/state.go

241 lines
5.6 KiB
Go
Raw Normal View History

2018-10-09 15:07:54 +00:00
package server
import (
2018-10-14 19:32:54 +00:00
"crypto"
2018-10-09 15:07:54 +00:00
"encoding/json"
2018-12-22 23:58:03 +00:00
"errors"
2019-08-12 22:13:13 +00:00
"fmt"
2020-04-08 23:39:40 +00:00
"github.com/cbeuw/Cloak/internal/common"
2019-08-03 10:17:09 +00:00
"github.com/cbeuw/Cloak/internal/server/usermanager"
2018-10-09 15:07:54 +00:00
"io/ioutil"
2019-08-12 22:13:13 +00:00
"net"
"strings"
2018-10-09 15:07:54 +00:00
"sync"
"time"
gmux "github.com/gorilla/mux"
2018-10-09 15:07:54 +00:00
)
2020-04-09 12:26:23 +00:00
type RawConfig struct {
2019-08-19 22:23:41 +00:00
ProxyBook map[string][]string
BindAddr []string
2019-08-19 22:23:41 +00:00
BypassUID [][]byte
RedirAddr string
PrivateKey []byte
AdminUID []byte
2019-08-19 22:23:41 +00:00
DatabasePath string
StreamTimeout int
KeepAlive int
2019-08-19 22:23:41 +00:00
CncMode bool
2018-10-09 15:07:54 +00:00
}
// State type stores the global state of the program
type State struct {
2020-04-08 23:34:02 +00:00
ProxyBook map[string]net.Addr
2020-04-08 23:39:40 +00:00
ProxyDialer common.Dialer
2020-04-09 21:11:12 +00:00
WorldState common.WorldState
AdminUID []byte
Timeout time.Duration
2020-04-08 23:34:02 +00:00
//KeepAlive time.Duration
2019-08-04 20:10:59 +00:00
BypassUID map[[16]byte]struct{}
staticPv crypto.PrivateKey
2020-04-08 23:34:02 +00:00
// TODO: this doesn't have to be a net.Addr; resolution is done in Dial automatically
RedirHost net.Addr
RedirPort string
2020-04-08 23:39:40 +00:00
RedirDialer common.Dialer
2018-10-14 19:32:54 +00:00
usedRandomM sync.RWMutex
2019-08-03 10:49:05 +00:00
usedRandom map[[32]byte]int64
2018-10-14 19:32:54 +00:00
Panel *userPanel
LocalAPIRouter *gmux.Router
2018-10-14 19:32:54 +00:00
}
func parseRedirAddr(redirAddr string) (net.Addr, string, error) {
var host string
var port string
2019-09-21 15:17:43 +00:00
colonSep := strings.Split(redirAddr, ":")
if len(colonSep) > 1 {
2019-09-21 15:17:43 +00:00
if len(colonSep) == 2 {
// domain or ipv4 with port
host = colonSep[0]
port = colonSep[1]
2019-09-21 15:17:43 +00:00
} else {
if strings.Contains(redirAddr, "[") {
// ipv6 with port
port = colonSep[len(colonSep)-1]
host = strings.TrimSuffix(redirAddr, "]:"+port)
host = strings.TrimPrefix(host, "[")
} else {
// ipv6 without port
host = redirAddr
2019-09-21 15:17:43 +00:00
}
}
} else {
// domain or ipv4 without port
host = redirAddr
2019-09-21 15:17:43 +00:00
}
redirHost, err := net.ResolveIPAddr("ip", host)
if err != nil {
return nil, "", fmt.Errorf("unable to resolve RedirAddr: %v. ", err)
}
return redirHost, port, nil
}
func parseLocalPanel(databasePath string) (*userPanel, *gmux.Router, error) {
manager, err := usermanager.MakeLocalManager(databasePath)
if err != nil {
return nil, nil, err
}
panel := MakeUserPanel(manager)
router := manager.Router
return panel, router, nil
}
func parseProxyBook(bookEntries map[string][]string) (map[string]net.Addr, error) {
proxyBook := map[string]net.Addr{}
for name, pair := range bookEntries {
name = strings.ToLower(name)
2019-08-12 22:13:13 +00:00
if len(pair) != 2 {
return nil, fmt.Errorf("invalid proxy endpoint and address pair for %v: %v", name, pair)
2019-08-12 22:13:13 +00:00
}
network := strings.ToLower(pair[0])
switch network {
case "tcp":
addr, err := net.ResolveTCPAddr("tcp", pair[1])
if err != nil {
return nil, err
2019-08-12 22:13:13 +00:00
}
proxyBook[name] = addr
2019-08-12 22:13:13 +00:00
continue
case "udp":
addr, err := net.ResolveUDPAddr("udp", pair[1])
if err != nil {
return nil, err
2019-08-12 22:13:13 +00:00
}
proxyBook[name] = addr
2019-08-12 22:13:13 +00:00
continue
}
}
return proxyBook, nil
}
2018-12-03 20:30:06 +00:00
2020-04-09 12:26:23 +00:00
func ParseConfig(conf string) (raw RawConfig, err error) {
content, errPath := ioutil.ReadFile(conf)
if errPath != nil {
2020-04-09 12:26:23 +00:00
errJson := json.Unmarshal(content, &raw)
if errJson != nil {
2020-04-09 12:26:23 +00:00
err = fmt.Errorf("failed to read/unmarshal configuration, path is invalid or %v", errJson)
return
}
} else {
2020-04-09 12:26:23 +00:00
errJson := json.Unmarshal(content, &raw)
if errJson != nil {
2020-04-09 12:26:23 +00:00
err = fmt.Errorf("failed to read configuration file: %v", errJson)
return
}
}
2020-04-09 12:26:23 +00:00
return
}
2020-04-09 12:26:23 +00:00
// ParseConfig parses the config (either a path to json or the json itself as argument) into a State variable
2020-04-09 21:11:12 +00:00
func InitState(preParse RawConfig, worldState common.WorldState) (sta *State, err error) {
2020-04-09 12:26:23 +00:00
sta = &State{
2020-04-09 12:37:33 +00:00
BypassUID: make(map[[16]byte]struct{}),
ProxyBook: map[string]net.Addr{},
usedRandom: map[[32]byte]int64{},
RedirDialer: &net.Dialer{},
2020-04-09 21:11:12 +00:00
WorldState: worldState,
2020-04-09 12:26:23 +00:00
}
if preParse.CncMode {
2020-04-09 12:26:23 +00:00
err = errors.New("command & control mode not implemented")
return
} else {
sta.Panel, sta.LocalAPIRouter, err = parseLocalPanel(preParse.DatabasePath)
2020-04-09 12:26:23 +00:00
if err != nil {
return
}
}
if preParse.StreamTimeout == 0 {
sta.Timeout = time.Duration(300) * time.Second
} else {
sta.Timeout = time.Duration(preParse.StreamTimeout) * time.Second
}
if preParse.KeepAlive <= 0 {
2020-04-08 23:34:02 +00:00
sta.ProxyDialer = &net.Dialer{KeepAlive: -1}
} else {
2020-04-08 23:34:02 +00:00
sta.ProxyDialer = &net.Dialer{KeepAlive: time.Duration(preParse.KeepAlive) * time.Second}
}
sta.RedirHost, sta.RedirPort, err = parseRedirAddr(preParse.RedirAddr)
2018-10-14 19:32:54 +00:00
if err != nil {
2020-04-09 12:26:23 +00:00
err = fmt.Errorf("unable to parse RedirAddr: %v", err)
return
2018-11-22 21:55:23 +00:00
}
sta.ProxyBook, err = parseProxyBook(preParse.ProxyBook)
if err != nil {
2020-04-09 12:26:23 +00:00
err = fmt.Errorf("unable to parse ProxyBook: %v", err)
return
}
var pv [32]byte
copy(pv[:], preParse.PrivateKey)
sta.staticPv = &pv
sta.AdminUID = preParse.AdminUID
2019-08-04 20:10:59 +00:00
var arrUID [16]byte
for _, UID := range preParse.BypassUID {
copy(arrUID[:], UID)
sta.BypassUID[arrUID] = struct{}{}
}
copy(arrUID[:], sta.AdminUID)
2019-08-04 20:10:59 +00:00
sta.BypassUID[arrUID] = struct{}{}
2020-04-09 12:26:23 +00:00
go sta.UsedRandomCleaner()
return sta, nil
2018-10-09 15:07:54 +00:00
}
2019-08-20 21:43:04 +00:00
// IsBypass checks if a UID is a bypass user
2019-08-04 20:10:59 +00:00
func (sta *State) IsBypass(UID []byte) bool {
var arrUID [16]byte
copy(arrUID[:], UID)
_, exist := sta.BypassUID[arrUID]
return exist
}
const TIMESTAMP_TOLERANCE = 180 * time.Second
const CACHE_CLEAN_INTERVAL = 12 * time.Hour
2019-08-02 00:01:19 +00:00
2019-08-20 21:43:04 +00:00
// UsedRandomCleaner clears the cache of used random fields every CACHE_CLEAN_INTERVAL
2018-10-09 15:07:54 +00:00
func (sta *State) UsedRandomCleaner() {
for {
time.Sleep(CACHE_CLEAN_INTERVAL)
2018-10-14 19:32:54 +00:00
sta.usedRandomM.Lock()
for key, t := range sta.usedRandom {
2020-04-09 21:11:12 +00:00
// todo: inpure time
if time.Unix(t, 0).Before(sta.WorldState.Now().Add(TIMESTAMP_TOLERANCE)) {
2018-10-14 19:32:54 +00:00
delete(sta.usedRandom, key)
2018-10-09 15:07:54 +00:00
}
}
2018-10-14 19:32:54 +00:00
sta.usedRandomM.Unlock()
2018-10-09 15:07:54 +00:00
}
}
2019-08-03 10:49:05 +00:00
2020-01-24 15:13:26 +00:00
func (sta *State) registerRandom(r [32]byte) bool {
2019-08-03 10:49:05 +00:00
sta.usedRandomM.Lock()
2020-01-24 15:13:26 +00:00
_, used := sta.usedRandom[r]
2020-04-09 21:11:12 +00:00
sta.usedRandom[r] = sta.WorldState.Now().Unix()
2019-08-03 10:49:05 +00:00
sta.usedRandomM.Unlock()
return used
}