Merge pull request #216 from githablocal/master

Make websocket url sub path configurable

README.md

@@ -155,8 +155,13 @@ Example:
 `CDNOriginHost` is the domain name of the _origin_ server (i.e. the server running Cloak) under `CDN` mode. This only
 has effect when `Transport` is set to `CDN`. If unset, it will default to the remote hostname supplied via the
 commandline argument (in standalone mode), or by Shadowsocks (in plugin mode). After a TLS session is established with
-the CDN server, this domain name will be used in the HTTP request to ask the CDN server to establish a WebSocket
-connection with this host.
+the CDN server, this domain name will be used in the `Host` header of the HTTP request to ask the CDN server to
+establish a WebSocket connection with this host.
+
+`CDNWsUrlPath` is the url path used to build websocket request sent under `CDN` mode, and also only has effect
+when `Transport` is set to `CDN`. If unset, it will default to "/". This option is used to build the first line of the
+HTTP request after a TLS session is extablished. It's mainly for a Cloak server behind a reverse proxy, while only
+requests under specific url path are forwarded.
 
 `NumConn` is the amount of underlying TCP connections you want to use. The default of 4 should be appropriate for most
 people. Setting it too high will hinder the performance. Setting it to 0 will disable connection multiplexing and each

cmd/ck-client/ck-client.go

@@ -1,3 +1,4 @@
+//go:build go1.11
 // +build go1.11
 
 package main
@@ -7,10 +8,11 @@ import (
 	"encoding/binary"
 	"flag"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
 	"net"
 	"os"
 
+	"github.com/cbeuw/Cloak/internal/common"
+
 	"github.com/cbeuw/Cloak/internal/client"
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 	log "github.com/sirupsen/logrus"

cmd/ck-client/log.go

@@ -1,3 +1,4 @@
+//go:build !android
 // +build !android
 
 package main

cmd/ck-client/log_android.go

@@ -2,6 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build android
 // +build android
 
 package main
@@ -28,9 +29,10 @@ import "C"
 
 import (
 	"bufio"
-	log "github.com/sirupsen/logrus"
 	"os"
 	"unsafe"
+
+	log "github.com/sirupsen/logrus"
 )
 
 var (

cmd/ck-client/protector.go

@@ -1,3 +1,4 @@
+//go:build !android
 // +build !android
 
 package main

cmd/ck-client/protector_android.go

@@ -1,3 +1,4 @@
+//go:build android
 // +build android
 
 package main
@@ -65,8 +66,9 @@ void set_timeout(int sock) {
 import "C"
 
 import (
-	log "github.com/sirupsen/logrus"
 	"syscall"
+
+	log "github.com/sirupsen/logrus"
 )
 
 // In Android, once an app starts the VpnService, all outgoing traffic are routed by the system

cmd/ck-server/ck-server.go

@@ -3,15 +3,16 @@ package main
 import (
 	"flag"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/Cloak/internal/server"
-	log "github.com/sirupsen/logrus"
 	"net"
 	"net/http"
 	_ "net/http/pprof"
 	"os"
 	"runtime"
 	"strings"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/Cloak/internal/server"
+	log "github.com/sirupsen/logrus"
 )
 
 var version string

cmd/ck-server/ck-server_test.go

@@ -1,9 +1,10 @@
 package main
 
 import (
-	"github.com/stretchr/testify/assert"
 	"net"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestParseBindAddr(t *testing.T) {

cmd/ck-server/keygen.go

@@ -3,6 +3,7 @@ package main
 import (
 	"crypto/rand"
 	"encoding/base64"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	"github.com/cbeuw/Cloak/internal/ecdh"
 )

internal/client/TLS.go

@@ -2,9 +2,10 @@ package client
 
 import (
 	"encoding/binary"
+	"net"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	log "github.com/sirupsen/logrus"
-	"net"
 )
 
 const appDataMaxLength = 16401

internal/client/TLS_test.go

@@ -2,8 +2,9 @@ package client
 
 import (
 	"encoding/hex"
-	"github.com/stretchr/testify/assert"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func htob(s string) []byte {

internal/client/auth.go

@@ -2,6 +2,7 @@ package client
 
 import (
 	"encoding/binary"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	"github.com/cbeuw/Cloak/internal/ecdh"
 	log "github.com/sirupsen/logrus"

internal/client/auth_test.go

@@ -2,11 +2,12 @@ package client
 
 import (
 	"bytes"
+	"testing"
+	"time"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	"github.com/cbeuw/Cloak/internal/multiplex"
 	"github.com/stretchr/testify/assert"
-	"testing"
-	"time"
 )
 
 func TestMakeAuthenticationPayload(t *testing.T) {

internal/client/chrome.go

@@ -5,6 +5,7 @@ package client
 import (
 	"encoding/binary"
 	"encoding/hex"
+
 	"github.com/cbeuw/Cloak/internal/common"
 )
 

internal/client/connector.go

@@ -1,12 +1,13 @@
 package client
 
 import (
-	"github.com/cbeuw/Cloak/internal/common"
 	"net"
 	"sync"
 	"sync/atomic"
 	"time"
 
+	"github.com/cbeuw/Cloak/internal/common"
+
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 	log "github.com/sirupsen/logrus"
 )

internal/client/firefox.go

@@ -5,6 +5,7 @@ package client
 import (
 	"encoding/binary"
 	"encoding/hex"
+
 	"github.com/cbeuw/Cloak/internal/common"
 )
 

internal/client/piper.go

@@ -1,12 +1,13 @@
 package client
 
 import (
-	"github.com/cbeuw/Cloak/internal/common"
 	"io"
 	"net"
 	"sync"
 	"time"
 
+	"github.com/cbeuw/Cloak/internal/common"
+
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 	log "github.com/sirupsen/logrus"
 )

internal/client/state.go

@@ -4,13 +4,14 @@ import (
 	"crypto"
 	"encoding/json"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	log "github.com/sirupsen/logrus"
 	"io/ioutil"
 	"net"
 	"strings"
 	"time"
 
+	"github.com/cbeuw/Cloak/internal/common"
+	log "github.com/sirupsen/logrus"
+
 	"github.com/cbeuw/Cloak/internal/ecdh"
 	mux "github.com/cbeuw/Cloak/internal/multiplex"
 )
@@ -36,6 +37,7 @@ type RawConfig struct {
 	BrowserSig    string // nullable
 	Transport     string // nullable
 	CDNOriginHost string // nullable
+	CDNWsUrlPath  string // nullable
 	StreamTimeout int    // nullable
 	KeepAlive     int    // nullable
 }
@@ -224,10 +226,13 @@ func (raw *RawConfig) ProcessRawConfig(worldState common.WorldState) (local Loca
 		} else {
 			cdnDomainPort = net.JoinHostPort(raw.CDNOriginHost, raw.RemotePort)
 		}
+		if raw.CDNWsUrlPath == "" {
+			raw.CDNWsUrlPath = "/"
+		}
 
 		remote.TransportMaker = func() Transport {
 			return &WSOverTLS{
-				cdnDomainPort: cdnDomainPort,
+				wsUrl: "ws://" + cdnDomainPort + raw.CDNWsUrlPath,
 			}
 		}
 	case "direct":

internal/client/state_test.go

@@ -1,9 +1,10 @@
 package client
 
 import (
-	"github.com/stretchr/testify/assert"
 	"io/ioutil"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestParseConfig(t *testing.T) {

internal/client/websocket.go

@@ -4,17 +4,18 @@ import (
 	"encoding/base64"
 	"errors"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/gorilla/websocket"
-	utls "gitlab.com/yawning/utls.git"
 	"net"
 	"net/http"
 	"net/url"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/gorilla/websocket"
+	utls "gitlab.com/yawning/utls.git"
 )
 
 type WSOverTLS struct {
 	*common.WebSocketConn
-	cdnDomainPort string
+	wsUrl string
 }
 
 func (ws *WSOverTLS) Handshake(rawConn net.Conn, authInfo AuthInfo) (sessionKey [32]byte, err error) {
@@ -40,7 +41,7 @@ func (ws *WSOverTLS) Handshake(rawConn net.Conn, authInfo AuthInfo) (sessionKey
 		return
 	}
 
-	u, err := url.Parse("ws://" + ws.cdnDomainPort)
+	u, err := url.Parse(ws.wsUrl)
 	if err != nil {
 		return sessionKey, fmt.Errorf("failed to parse ws url: %v", err)
 	}

internal/common/crypto_test.go

@@ -4,10 +4,11 @@ import (
 	"bytes"
 	"encoding/hex"
 	"errors"
-	"github.com/stretchr/testify/assert"
 	"io"
 	"math/rand"
 	"testing"
+
+	"github.com/stretchr/testify/assert"
 )
 
 const gcmTagSize = 16

internal/common/websocket.go

@@ -2,10 +2,11 @@ package common
 
 import (
 	"errors"
-	"github.com/gorilla/websocket"
 	"io"
 	"sync"
 	"time"
+
+	"github.com/gorilla/websocket"
 )
 
 // WebSocketConn implements io.ReadWriteCloser

internal/multiplex/datagramBufferedPipe_test.go

@@ -1,9 +1,10 @@
 package multiplex
 
 import (
-	"github.com/stretchr/testify/assert"
 	"testing"
 	"time"
+
+	"github.com/stretchr/testify/assert"
 )
 
 func TestDatagramBuffer_RW(t *testing.T) {

internal/multiplex/mux_test.go

@@ -2,14 +2,15 @@ package multiplex
 
 import (
 	"bytes"
-	"github.com/cbeuw/Cloak/internal/common"
-	"github.com/cbeuw/connutil"
-	"github.com/stretchr/testify/assert"
 	"io"
 	"math/rand"
 	"net"
 	"sync"
 	"testing"
+
+	"github.com/cbeuw/Cloak/internal/common"
+	"github.com/cbeuw/connutil"
+	"github.com/stretchr/testify/assert"
 )
 
 func serveEcho(l net.Listener) {

internal/multiplex/obfs.go

@@ -6,6 +6,7 @@ import (
 	"encoding/binary"
 	"errors"
 	"fmt"
+
 	"github.com/cbeuw/Cloak/internal/common"
 	"golang.org/x/crypto/chacha20poly1305"
 	"golang.org/x/crypto/salsa20"

internal/multiplex/obfs_test.go

@@ -3,12 +3,13 @@ package multiplex
 import (
 	"crypto/aes"
 	"crypto/cipher"
-	"github.com/stretchr/testify/assert"
-	"golang.org/x/crypto/chacha20poly1305"
 	"math/rand"
 	"reflect"
 	"testing"
 	"testing/quick"
+
+	"github.com/stretchr/testify/assert"
+	"golang.org/x/crypto/chacha20poly1305"
 )
 
 func TestGenerateObfs(t *testing.T) {

internal/multiplex/session.go

@@ -3,12 +3,13 @@ package multiplex
 import (
 	"errors"
 	"fmt"
-	"github.com/cbeuw/Cloak/internal/common"
 	"net"
 	"sync"
 	"sync/atomic"
 	"time"
 
+	"github.com/cbeuw/Cloak/internal/common"
+
 	log "github.com/sirupsen/logrus"
 )
 

internal/multiplex/session_fuzz.go

@@ -1,3 +1,4 @@
+//go:build gofuzz
 // +build gofuzz
 
 package multiplex