override KCP crypt and key if specified explicitly

README.md

@@ -12,11 +12,11 @@ gost - GO Simple Tunnel
 * 支持标准HTTP/HTTPS/SOCKS5代理协议
 * SOCKS5代理支持TLS协商加密
 * Tunnel UDP over TCP
-* 支持Shadowsocks协议，支持OTA (OTA: >=2.2)
+* 支持Shadowsocks协议 (OTA: 2.2+)
-* 支持端口转发 (>=2.1)
+* 支持本地/远程端口转发 (2.1+)
-* 支持HTTP2.0 (>=2.2)
+* 支持HTTP 2.0 (2.2+)
-* 实验性支持QUIC (>=2.3)
+* 实验性支持QUIC (2.3+)
-* KCP (>=2.3)
+* 支持KCP协议 (2.3+)
 
 二进制文件下载：https://github.com/ginuerzh/gost/releases
 
@@ -53,7 +53,7 @@ protocol: 代理协议类型(http, socks5, shadowsocks), transport: 数据传输
 
 > quic - 作为QUIC代理，quic://:6121
 
-> kcp - 作为KCP代理，kcp://:8388
+> kcp - 作为KCP代理，kcp://:8388或kcp://aes:123456@:8388
 
 #### 端口转发
 
@@ -185,6 +185,23 @@ gost -L=kcp://:8388
 gost -L=:8080 -F=kcp://server_ip:8388
 ```
 
+或者手动指定加密方法和密码(手动指定的加密方法和密码会覆盖配置文件中的相应值)
+
+服务端:
+```bash
+gost -L=kcp://aes:123456@:8388
+```
+
+客户端:
+```bash
+gost -L=:8080 -F=kcp://aes:123456@server_ip:8388
+```
+
+gost会自动加载当前工作目录中的kcp.json(如果存在)配置文件，或者可以手动通过参数指定配置文件路径：
+```bash
+gost -L=kcp://:8388?c=/path/to/conf/file
+```
+
 **注：** 客户端若要开启KCP转发，当且仅当代理链不为空且首个代理节点(第一个-F参数)为kcp类型。
 当KCP转发开启，代理链中的其他代理节点将被忽略。
 

README_en.md

@@ -10,11 +10,11 @@ Features
 * Standard HTTP/HTTPS/SOCKS5 proxy protocols support
 * TLS encryption via negotiation support for SOCKS5 proxy
 * Tunnel UDP over TCP
-* Shadowsocks protocol support with OTA option (OTA: >=2.2)
+* Shadowsocks protocol support (OTA: 2.2+)
-* Local/remote port forwarding (>=2.1)
+* Local/remote port forwarding (2.1+)
-* HTTP2.0 (>=2.2)
+* HTTP 2.0 support (2.2+)
-* Experimental QUIC support (>=2.3)
+* Experimental QUIC support (2.3+)
-* KCP (>=2.3)
+* KCP protocol support (2.3+)
 
 Binary file download：https://github.com/ginuerzh/gost/releases
 
@@ -53,7 +53,7 @@ transport: data transmission mode (ws, wss, tls, http2, quic, kcp), may be used
 
 > quic - standard QUIC proxy, quic://:6121
 
-> kcp - standard KCP tunnel，kcp://:8388
+> kcp - standard KCP tunnel，kcp://:8388 or kcp://aes:123456@:8388
 
 #### Port forwarding
 
@@ -185,6 +185,24 @@ Client:
 gost -L=:8080 -F=kcp://server_ip:8388
 ```
 
+Or manually specify the encryption method and password (Manually specifying the encryption method and password overwrites the corresponding value in the configuration file)
+
+Server:
+```bash
+gost -L=kcp://aes:123456@:8388
+```
+
+Client:
+```bash
+gost -L=:8080 -F=kcp://aes:123456@server_ip:8388
+```
+
+Gost will automatically load kcp.json configuration file from current working directory if exists, 
+or you can use the parameter to specify the path to the file.
+```bash
+gost -L=kcp://:8388?c=/path/to/conf/file
+```
+
 **NOTE:** KCP will be enabled if and only if the proxy chain is not empty and the first proxy node (the first -F parameter) is of type KCP.
 When KCP is enabled, other proxy nodes are ignored.
 

chain.go

@@ -86,6 +86,10 @@ func (c *ProxyChain) Init() {
 		if err != nil {
 			glog.V(LWARNING).Infoln("[kcp]", err)
 		}
+		if c.nodes[0].User != nil {
+			config.Crypt = c.nodes[0].User.Username()
+			config.Key, _ = c.nodes[0].User.Password()
+		}
 		c.kcpConfig = config
 		return
 	}

server.go

@@ -80,7 +80,7 @@ func (s *ProxyServer) Serve() error {
 		return NewRTcpForwardServer(s).Serve()
 	case "rudp": // Remote UDP port forwarding
 		return NewRUdpForwardServer(s).Serve()
-	case "ssu": // shadowsocks udp relay
+	case "ssu": // TODO: shadowsocks udp relay
 		return NewShadowUdpServer(s).ListenAndServe()
 	case "quic":
 		return NewQuicServer(s).ListenAndServeTLS(s.TLSConfig)
@@ -89,6 +89,11 @@ func (s *ProxyServer) Serve() error {
 		if err != nil {
 			glog.V(LWARNING).Infoln("[kcp]", err)
 		}
+		// override crypt and key if specified explicitly
+		if s.Node.User != nil {
+			config.Crypt = s.Node.User.Username()
+			config.Key, _ = s.Node.User.Password()
+		}
 		return NewKCPServer(s, config).ListenAndServe()
 	default:
 		ln, err = net.Listen("tcp", node.Addr)