Add new REQUIRE_AUTH config parameter, to disable running socks5 server without auth by default
This commit is contained in:
@@ -14,7 +14,8 @@ type params struct {
|
||||
Port string `env:"PROXY_PORT" envDefault:"1080"`
|
||||
AllowedDestFqdn string `env:"ALLOWED_DEST_FQDN" envDefault:""`
|
||||
AllowedIPs []string `env:"ALLOWED_IPS" envSeparator:"," envDefault:""`
|
||||
ListenIP string `env:"PROXY_LISTEN_IP" envDefault:"0.0.0.0"`
|
||||
ListenIP string `env:"PROXY_LISTEN_IP" envDefault:"0.0.0.0"`
|
||||
RequireAuth bool `env:"REQUIRE_AUTH" envDefault:"true"`
|
||||
}
|
||||
|
||||
func main() {
|
||||
@@ -30,12 +31,17 @@ func main() {
|
||||
Logger: log.New(os.Stdout, "", log.LstdFlags),
|
||||
}
|
||||
|
||||
if cfg.User+cfg.Password != "" {
|
||||
if cfg.RequireAuth {
|
||||
if cfg.User == "" || cfg.Password == "" {
|
||||
log.Fatalln("Error: REQUIRE_AUTH is true, but PROXY_USER and PROXY_PASSWORD are not set. The application will now exit.")
|
||||
}
|
||||
creds := socks5.StaticCredentials{
|
||||
os.Getenv("PROXY_USER"): os.Getenv("PROXY_PASSWORD"),
|
||||
cfg.User: cfg.Password,
|
||||
}
|
||||
cator := socks5.UserPassAuthenticator{Credentials: creds}
|
||||
socks5conf.AuthMethods = []socks5.Authenticator{cator}
|
||||
} else {
|
||||
log.Println("Warning: Running the proxy server without authentication. This is NOT recommended for public servers.")
|
||||
}
|
||||
|
||||
if cfg.AllowedDestFqdn != "" {
|
||||
|
||||
Reference in New Issue
Block a user