Add new REQUIRE_AUTH config parameter, to disable running socks5 server without auth by default

This commit is contained in:
serj
2025-09-25 14:40:25 +03:00
parent 1f5e188a14
commit 1cdfcea4ad
3 changed files with 17 additions and 14 deletions
+9 -3
View File
@@ -14,7 +14,8 @@ type params struct {
Port string `env:"PROXY_PORT" envDefault:"1080"`
AllowedDestFqdn string `env:"ALLOWED_DEST_FQDN" envDefault:""`
AllowedIPs []string `env:"ALLOWED_IPS" envSeparator:"," envDefault:""`
ListenIP string `env:"PROXY_LISTEN_IP" envDefault:"0.0.0.0"`
ListenIP string `env:"PROXY_LISTEN_IP" envDefault:"0.0.0.0"`
RequireAuth bool `env:"REQUIRE_AUTH" envDefault:"true"`
}
func main() {
@@ -30,12 +31,17 @@ func main() {
Logger: log.New(os.Stdout, "", log.LstdFlags),
}
if cfg.User+cfg.Password != "" {
if cfg.RequireAuth {
if cfg.User == "" || cfg.Password == "" {
log.Fatalln("Error: REQUIRE_AUTH is true, but PROXY_USER and PROXY_PASSWORD are not set. The application will now exit.")
}
creds := socks5.StaticCredentials{
os.Getenv("PROXY_USER"): os.Getenv("PROXY_PASSWORD"),
cfg.User: cfg.Password,
}
cator := socks5.UserPassAuthenticator{Credentials: creds}
socks5conf.AuthMethods = []socks5.Authenticator{cator}
} else {
log.Println("Warning: Running the proxy server without authentication. This is NOT recommended for public servers.")
}
if cfg.AllowedDestFqdn != "" {