From e159216280d0d945f8d66496a3b6149d46bbfcd0 Mon Sep 17 00:00:00 2001 From: "rui.zheng" Date: Fri, 28 Oct 2016 16:12:13 +0800 Subject: [PATCH] override KCP crypt and key if specified explicitly --- README.md | 29 +++++++++++++++++++++++------ README_en.md | 30 ++++++++++++++++++++++++------ chain.go | 4 ++++ server.go | 7 ++++++- 4 files changed, 57 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index af53e42..fa2fc26 100644 --- a/README.md +++ b/README.md @@ -12,11 +12,11 @@ gost - GO Simple Tunnel * 支持标准HTTP/HTTPS/SOCKS5代理协议 * SOCKS5代理支持TLS协商加密 * Tunnel UDP over TCP -* 支持Shadowsocks协议,支持OTA (OTA: >=2.2) -* 支持端口转发 (>=2.1) -* 支持HTTP2.0 (>=2.2) -* 实验性支持QUIC (>=2.3) -* KCP (>=2.3) +* 支持Shadowsocks协议 (OTA: 2.2+) +* 支持本地/远程端口转发 (2.1+) +* 支持HTTP 2.0 (2.2+) +* 实验性支持QUIC (2.3+) +* 支持KCP协议 (2.3+) 二进制文件下载:https://github.com/ginuerzh/gost/releases @@ -53,7 +53,7 @@ protocol: 代理协议类型(http, socks5, shadowsocks), transport: 数据传输 > quic - 作为QUIC代理,quic://:6121 -> kcp - 作为KCP代理,kcp://:8388 +> kcp - 作为KCP代理,kcp://:8388或kcp://aes:123456@:8388 #### 端口转发 @@ -185,6 +185,23 @@ gost -L=kcp://:8388 gost -L=:8080 -F=kcp://server_ip:8388 ``` +或者手动指定加密方法和密码(手动指定的加密方法和密码会覆盖配置文件中的相应值) + +服务端: +```bash +gost -L=kcp://aes:123456@:8388 +``` + +客户端: +```bash +gost -L=:8080 -F=kcp://aes:123456@server_ip:8388 +``` + +gost会自动加载当前工作目录中的kcp.json(如果存在)配置文件,或者可以手动通过参数指定配置文件路径: +```bash +gost -L=kcp://:8388?c=/path/to/conf/file +``` + **注:** 客户端若要开启KCP转发,当且仅当代理链不为空且首个代理节点(第一个-F参数)为kcp类型。 当KCP转发开启,代理链中的其他代理节点将被忽略。 diff --git a/README_en.md b/README_en.md index f29e2b7..9df0181 100644 --- a/README_en.md +++ b/README_en.md @@ -10,11 +10,11 @@ Features * Standard HTTP/HTTPS/SOCKS5 proxy protocols support * TLS encryption via negotiation support for SOCKS5 proxy * Tunnel UDP over TCP -* Shadowsocks protocol support with OTA option (OTA: >=2.2) -* Local/remote port forwarding (>=2.1) -* HTTP2.0 (>=2.2) -* Experimental QUIC support (>=2.3) -* KCP (>=2.3) +* Shadowsocks protocol support (OTA: 2.2+) +* Local/remote port forwarding (2.1+) +* HTTP 2.0 support (2.2+) +* Experimental QUIC support (2.3+) +* KCP protocol support (2.3+) Binary file download:https://github.com/ginuerzh/gost/releases @@ -53,7 +53,7 @@ transport: data transmission mode (ws, wss, tls, http2, quic, kcp), may be used > quic - standard QUIC proxy, quic://:6121 -> kcp - standard KCP tunnel,kcp://:8388 +> kcp - standard KCP tunnel,kcp://:8388 or kcp://aes:123456@:8388 #### Port forwarding @@ -185,6 +185,24 @@ Client: gost -L=:8080 -F=kcp://server_ip:8388 ``` +Or manually specify the encryption method and password (Manually specifying the encryption method and password overwrites the corresponding value in the configuration file) + +Server: +```bash +gost -L=kcp://aes:123456@:8388 +``` + +Client: +```bash +gost -L=:8080 -F=kcp://aes:123456@server_ip:8388 +``` + +Gost will automatically load kcp.json configuration file from current working directory if exists, +or you can use the parameter to specify the path to the file. +```bash +gost -L=kcp://:8388?c=/path/to/conf/file +``` + **NOTE:** KCP will be enabled if and only if the proxy chain is not empty and the first proxy node (the first -F parameter) is of type KCP. When KCP is enabled, other proxy nodes are ignored. diff --git a/chain.go b/chain.go index a323642..f9820e2 100644 --- a/chain.go +++ b/chain.go @@ -86,6 +86,10 @@ func (c *ProxyChain) Init() { if err != nil { glog.V(LWARNING).Infoln("[kcp]", err) } + if c.nodes[0].User != nil { + config.Crypt = c.nodes[0].User.Username() + config.Key, _ = c.nodes[0].User.Password() + } c.kcpConfig = config return } diff --git a/server.go b/server.go index 20da5d9..438e542 100644 --- a/server.go +++ b/server.go @@ -80,7 +80,7 @@ func (s *ProxyServer) Serve() error { return NewRTcpForwardServer(s).Serve() case "rudp": // Remote UDP port forwarding return NewRUdpForwardServer(s).Serve() - case "ssu": // shadowsocks udp relay + case "ssu": // TODO: shadowsocks udp relay return NewShadowUdpServer(s).ListenAndServe() case "quic": return NewQuicServer(s).ListenAndServeTLS(s.TLSConfig) @@ -89,6 +89,11 @@ func (s *ProxyServer) Serve() error { if err != nil { glog.V(LWARNING).Infoln("[kcp]", err) } + // override crypt and key if specified explicitly + if s.Node.User != nil { + config.Crypt = s.Node.User.Username() + config.Key, _ = s.Node.User.Password() + } return NewKCPServer(s, config).ListenAndServe() default: ln, err = net.Listen("tcp", node.Addr)