cbeuw / cloak Goto Github PK
View Code? Open in Web Editor NEWA censorship circumvention tool to evade detection by authoritarian state adversaries
License: GNU General Public License v3.0
A censorship circumvention tool to evade detection by authoritarian state adversaries
License: GNU General Public License v3.0
is installing google bbr recommended?
since we are running TCP only via port 443 the speed would be much faster if we used google bbr.
cd /
wget --no-check-certificate https://github.com/teddysun/across/raw/master/bbr.sh && chmod +x bbr.sh && ./bbr.sh
sudo uname -r
sudo sysctl net.ipv4.tcp_available_congestion_control
sudo sysctl net.ipv4.tcp_congestion_control
sudo sysctl net.core.default_qdisc
sudo lsmod | grep bbr
rm bbr.sh
rm install_bbr.log
[0021] Failed to prepare connection to remote: cipher: message authentication failed ERRO[0021] Failed to prepare connection to remote: cipher: message authentication failed
sometime when connection through vpn dc,
become like this
ERRO[0284] Failed to write to stream: the switchboard is broken ERRO[0284] Failed to write to stream: the switchboard is broken ERRO[0284] Failed to write to stream: the switchboard is broken
Hei. I just want to ask. I running it with double server with different port. After 2 hours testing one of server shutdown. now I running only one server. How many concurrent that ckserver handle?
NB: I set user 100concurrrent.
My SS-Server OS : Ubuntu 18.04 LTS (GNU/Linux 4.15.0-20-generic x86_64)
My Local OS : Windows 7 Home
My applications version : Shaowsocks-libev server 3.3.0 with Cloak plugin
Shadowsocks Windows client 4.1.6 with Cloak plugin
The problem is that the proxy speed drops dramatically(can't load web pages at all) every few minutes or just time out.
Sometimes the proxy wouldn't work when i open the browser even i never turn off the ss client.
Two workaround i found are :
A. Switch my SS client proxy mode from Global to Pac then switch back. Sometimes i have to switch'em back and forth until it works lol .
B. Restart Shadowsocks client, but it doesn't work every time.
If i leave it be and do nothing about it, it sometimes it goes back to normal in few minutes, sometime it just stay dead until i perform CPR(the workround lol) to it.
Besides, i found out that when the SS proxy goes extremely slow or failed, so does the SSH connection to my remote server. However, the connectivity testing result of my remote server is all good.
PS. i have set the Timeout on ss server and client into 5 sec, it's better than before a little bit, but the problem's still there.
What distro are u using to test it out?
Running this in ubuntu and it's not working anymore , not sure if it's the OS or what but I am assuming it's the OS
Also can u please take a look at this...
The connment...
https://gist.github.com/cbeuw/dd34bf577db85d857ae2f8bb960733e3
Any idea how I can get this running as a plugin for shadowsocks on my router?
root@OpenWrt:/tmp# opkg print-architecture | awk '{print $2}'
all
noarch
mips_24kc
I've tried a few mips64 ones from the release page and just get a syntax error if I try to run them, so I'm guessing not those.
Really looking forward to using this.
Hello,
The just released 2.0.1 version fails to communicate with fallback https server, nginx reports:
2019/08/14 10:01:42 [crit] 1118#1118: *19087 SSL_do_handshake() failed (SSL: error:1420918C:SSL routines:tls_early_post_process_client_hello:version too low) while SSL handshaking, client: 127.0.0.1, server: 0.0.0.0:10443
nginx config:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
2.0 was working fine.
Such as title
I set up everything according to the guide (master branch).
However, when I try to connect, the server errors out:
WARN[0011] +1 unauthorised UID UID="..............=="
error="UID does not correspond to a user" remoteAddr="..........:11175"
I'm positive the AdminUID is correct.
First of all, many and many thanks for such stuff. @cbeuw
If you don't mind, I'm gonna request some features.
Here's the list:
*Ability to change hard coded User-Agent
*Replay/Record request template (MITM record a genuine HTTP/HTTPS request and use it with server/client configuration.)
*Custom Handshake, Fake Session Tickets for TLS (https://github.com/refraction-networking/utls)
*Rework concurrency (Single channel connection multiplexing)
(Like this one; https://github.com/xtaci/smux)
*Keep-alive for UDP mode (Like this one: https://github.com/xtaci/kcptun)
*Daemon mode for crash prevention restart/monitor
*Alternate tunneling transports for standalone usage (HTTP/HTTPS/SOCKS/KCP etc. SOCKS would be great. Good one to use as lib; https://github.com/shadowsocks/go-shadowsocks2/blob/master/socks/socks.go)
Thanks again.
Quick question, I think I know the answer.
Would it be better to use a domain for the OBFS that resolves to the same IP used for the SS server ?
The default in the config is bing, but this wouldn't work as well as a domain resolving to SS IP ?
Or doesn't it matter with Cloak ?
I downloaded Ck-server-linux-amd64-1.1.1 on Ubuntu 18.04 and was trying to set the server up, but i couldn't find the ckserver.json file. Do i creat the json file locally or do i download it from somewhere or i'm just too dumb to find it lol ?
first shadowsocks+cloak port 7878 using IPs yotube family was work then i am trying to run second shadowsocks cloak port 8989 using ips facebook but only cloak port 7878 which running perfectly, its not like obfs we can run multiple shadowsoks obfs same time
I used the shadowsocks-ck-release.sh script to install on a CentOS 7 Minimal server with Apache. The script finished with a success message and displayed the install info. However, the redirect web page is no longer served and I get the following error in a Firefox browser:
An error occurred during a connection to mysite.com. SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG
I get the same error even when I change the redirect web page to: WebServerAddr=204.79.197.200:443.
Also, connections from the Shadowsocks client are unsuccessful.
Below is what I get if I use ss-server -c /etc/shadowsocks-libev/config.json
2019-05-21 11:26:55 INFO: plugin "ck-server" enabled
2019-05-21 11:26:55 INFO: initializing ciphers... aes-256-gcm
2019-05-21 11:26:55 INFO: using nameserver: 8.8.8.8
2019-05-21 11:26:55 INFO: tcp server listening at 127.0.0.1:54768
2019/05/21 11:26:55 ck-server.go:265: Listening on 0.0.0.0:443
2019/05/21 11:26:55 ck-server.go:267: listen tcp 0.0.0.0:443: bind: address already in use
2019-05-21 11:26:55 ERROR: plugin service exit unexpectedly
I do have my Apache vhost listening on port 444.
Below is my \etc\shadowsocks-libev\config.json
{
"server":"0.0.0.0",
"server_port":443,
"password":"gjxuLfgght$jN",
"timeout":300,
"user":"nobody",
"method":"aes-256-gcm",
"fast_open":false,
"nameserver":"8.8.8.8",
"plugin":"ck-server",
"plugin_opts":"WebServerAddr=127.0.0.1:444;PrivateKey=mOgNzBsdg19xDt+rdffgLZ/VAadffgRlg3strty=;AdminUID=6YoiyuorttypTtruOrW9Ns45ytbIC12/3bI=;DatabasePath=/root/userinfo.db;BackupDirPath=/root"
}
Below is my ck-client.json:
{
"ServerName":"www.mysite.com",
"Key":"Jk4faPMsdfCt/svxbjNl352dghyHWW7Khjjk68WLzkc=",
"TicketTimeHint":3600,
"Browser":"chrome"
}
The shadowsocks and cloak running on both PCs are using identical configs. The only difference is that I haven't used or updated my second PC for half a month because its graphics card was RMA'd.
Shadowsocks says connection was closed by my server. sessionId
of my second PC is 0 for some reason:
Sep 08 14:47:09 *** ss-server[691]: time="2019-09-08T14:47:09Z" level=warning msg="TLS but non-Cloak ClientHello" UID="***" encryptionMethod=0 proxyMethod=shadowsocks remoteAddr="117.:" sessionId=0
Sep 08 14:48:03 *** ss-server[691]: time="2019-09-08T14:48:03Z" level=info msg="New session" UID="***" sessionID=228962224
Hi,
I downloaded the file, and tried in step 2: run ck-server -k, however it seems this can't be executed, even though I chmod already. The alert message is:
flag provided but not defined: -k
Usage of ck-server:
-a Admin mode
-c string
pluginOpts: path to ckclient.json or options seperated with semicolons (default "ckclient.json")
-h Print this message
-l string
localPort: same as server_port in ss config, the plugin listens to SS using this
-p string
remotePort: proxy port, should be 443 (default "443")
-s string
remoteHost: IP of your proxy server
-v Print the version number
What can I do?
Thank you.
I tested openvpn+ck
In one mobile it is normally worked, however in two mobile it can not work simultaneously.
the installation stopped by this
2019/04/22 05:54:47 ck-server.go:244: Must specify localAddr
root@vultr:~# uname -a
Linux vultr.guest 3.13.0-168-generic #218-Ubuntu SMP Thu Mar 14 16:56:08 UTC 201
9 x86_64 x86_64 x86_64 GNU/Linux
the pakage i download is
./ck-server-linux-amd64-1.1.1
i keep getting
2019-05-15 16:06:38 INFO: plugin "/usr/local/bin/ck-client-darwin-amd64-1.1.1" enabled
2019-05-15 16:06:38 INFO: initializing ciphers... chacha20-ietf-poly1305
2019-05-15 16:06:38 INFO: listening at 127.0.0.1:1080
2019-05-15 16:06:38 INFO: running from root user
2019/05/15 16:06:38 ck-client.go:168: Listening for ss on 127.0.0.1:51709
2019/05/15 16:06:38 ck-client.go:174: Attemtping to start a new session
2019/05/15 16:06:38 ck-client.go:204: Session 2395684801 established
2019/05/15 16:06:45 ck-client.go:231: The optimal connection is nil
2019/05/15 16:06:46 ck-client.go:231: The optimal connection is nil
2019/05/15 16:06:46 ck-client.go:231: The optimal connection is nil
2019/05/15 16:06:46 ck-client.go:231: The optimal connection is nil
ERROR: [udp] bind: Cannot assign requested address
systemctl restart shadowsock-libev
temporarily resolves this)Enter the UID in your ckclient.json as the prompted UID
mean the newly generated UID instead?System info: Ubuntu 19.04 amd64; Shadowsocks-libev 3.2.5; ipv4+ipv6
What I did:
shadowsocks-libev.service
from /lib/systemd/system
into /etc/systemd/system
, changed both User
and Group
to root
. I also added "user": "root"
to /etc/shadowsocks-libev/config.json
.systemctl restart shadowsock-libev
as root user.root@vultr:~# systemctl status shadowsocks-libev
● shadowsocks-libev.service - Shadowsocks-libev Default Server Service
Loaded: loaded (/etc/systemd/system/shadowsocks-libev.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2019-03-22 17:53:03 UTC; 1s ago
Docs: man:shadowsocks-libev(8)
Process: 1660 ExecStart=/usr/bin/ss-server -c $CONFFILE $DAEMON_ARGS (code=exited, status=255/EXCEPTION)
Main PID: 1660 (code=exited, status=255/EXCEPTION)
Mar 22 17:53:03 vultr.guest ss-server[1660]: /home/andy/go/src/github.com/cbeuw/Cloak/internal/server/usermanager/user.go:40 +0x4e
Mar 22 17:53:03 vultr.guest ss-server[1660]: github.com/cbeuw/Cloak/internal/server/usermanager.(*Userpanel).GetAndActivateUser(0xc00004c100, 0xc0000165a0, 0x20, 0x24, 0x20, 0x21, 0xe0c28000)
Mar 22 17:53:03 vultr.guest ss-server[1660]: /home/andy/go/src/github.com/cbeuw/Cloak/internal/server/usermanager/userpanel.go:158 +0x1cb
Mar 22 17:53:03 vultr.guest ss-server[1660]: main.dispatchConnection(0x5d8c00, 0xc00000e090, 0xc00008c000)
Mar 22 17:53:03 vultr.guest ss-server[1660]: /home/andy/go/src/github.com/cbeuw/Cloak/cmd/ck-server/ck-server.go:133 +0xcdb
Mar 22 17:53:03 vultr.guest ss-server[1660]: created by main.main.func1
Mar 22 17:53:03 vultr.guest ss-server[1660]: /home/andy/go/src/github.com/cbeuw/Cloak/cmd/ck-server/ck-server.go:271 +0x2dc
Mar 22 17:53:03 vultr.guest ss-server[1660]: 2019-03-22 17:53:03 ERROR: plugin service exit unexpectedly
Mar 22 17:53:03 vultr.guest systemd[1]: shadowsocks-libev.service: Main process exited, code=exited, status=255/EXCEPTION
Mar 22 17:53:03 vultr.guest systemd[1]: shadowsocks-libev.service: Failed with result 'exit-code'.
Thx
@cbeuw hello sir,
one of my team mate report some issue about deleting UID got error when the UID has /
in text.
here some example: BCuD2N6o7o/LxzlJ02hoI54BRJRr4IWcze7cLvW0GXY=
i tried delete that UID but no luck, here the response
5
Enter UID
BCuD2N6o7o/LxzlJ02hoI54BRJRr4IWcze7cLvW0GXY=
Are you sure to delete this user? y/n
y
open /etc/shadowsocks-libev/BackupDir/1562463369_pre_del_BCuD2N6o7o/LxzlJ02hoI54BRJRr4IWcze7cLvW0GXY=.bak: no such file or directory
i thought when creating backup file its has /
that mean another folder right? all UID without /
normal without issue when deleting those account/UID.
Trying to build the client with make client
from the latest source I get the following error:
~/go/src/github.com/cbeuw/Cloak$ make client
mkdir -p build
go build -ldflags "-X main.version=master(8317f44)" ./cmd/ck-client
# github.com/cbeuw/Cloak/cmd/ck-client
cmd/ck-client/protector.go:7: undefined: syscall.RawConn
Makefile:10: recipe for target 'client' failed
make: *** [client] Error 2
Building the server with make server
works fine.
Is the function in protector.go required, since it is empty?
Using go version go1.7.4 linux/amd64
Hello
Just like before I wrote a new script to install Cloak 2. But not only with shadowsocks, but with anything you like. You can set custom forwarding rules.
Plus with the new Admin Panel API, adding users is completely done by script. You just have to define the quota and ... in script and the script takes care of adding it.
Here is the project link:
https://github.com/HirbodBehnam/Shadowsocks-Cloak-Installer
And here is the installer link:
https://github.com/HirbodBehnam/Shadowsocks-Cloak-Installer/blob/master/Cloak2-Installer.sh
If you like you can put it in readme just like the one in Cloak 1.
Also I may add built-in openvpn installer later.
Hi,
I have built ck-client from souce (using latest code from master branch) inside a docker container. The server runs fine, but while attempting to run ck-client I ran into this errors:
2019-03-17 06:41:57 INFO: plugin "/go/github.com/cbeuw/Cloak/build/ck-client" enabled
2019-03-17 06:41:57 INFO: initializing ciphers... chacha20-ietf-poly1305
2019-03-17 06:41:57 INFO: listening at 0.0.0.0:1080
2019-03-17 06:41:57 INFO: udprelay enabled
2019/03/17 06:41:57 ck-client.go:158: Listening for ss on ::1:45643
2019/03/17 06:41:57 ck-client.go:160: listen tcp: address ::1:45643: too many colons in address
2019-03-17 06:41:57 INFO: running from root user
2019-03-17 06:41:57 ERROR: plugin service exit unexpectedly
Any ideas?
Thanks
Hello,
I installed ck-server with shadowsocks-libev3.2.5 on ubuntu18.10.
ck-server's cpu load is very high than ss-server.
ck-server's cpu usage is about 58%. ss-server's cpu usage is about 18%.
Why is ck-server's cpu load very high?
How to reduce ck-server's cpu load?
{ "WebServerAddr":"204.79.197.200:443", "PrivateKey":"EN5aPEpNBO+vw+BtFQY2OnK9bQU7rvEj5qmnmgwEtUc=", "AdminUID":"ugDmcEmxWf0pKxfkZ/8EoP35Ht+wQnqf3L0xYgyQFlQ=", "DatabasePath":"userinfo.db", "BackupDirPath":"" }
can we use IPs in this section
"WebServerAddr":"204.79.197.200:443",
become
"WebServerAddr":"204.79.197.200:443;a.b.c.d:443;e.f.g.h:443",
?
Hi,
I am trying to build Cloak using latest source available, but no matter what I do build fails with either of these two messages:
use of internal package not allowed
or
cannot find package "github.com/cbeuw/Cloak/internal/ecdh" in any of ...
Any suggestions?
Add a new user, When this added new user connect to Server, The cloak service will crash, And unable start again.
添加一个新用户后,当新增的用户连接到服务器时,Cloak服务会崩溃,并且无法再次启动。
By deleted userinfo.db in server, Service back to normal.
通过删除服务器上的 userinfo.db 文件,服务将可以再次启动。
I'm not sure is my operation miss or something else... :(
我不确定这是我操作失误或者出现了其他的问题。。。 :(
System:
Linux debian-s-1vcpu-1gb-lon1-01 4.9.0-9-amd64 #1 SMP Debian 4.9.168-1+deb9u3 (2019-06-16) x86_64 GNU/Linux
ck-server version:
ck-server 1.1.1
Error log:
● shadowsocks-libev.service - Shadowsocks-libev Default Server Service
Loaded: loaded (/lib/systemd/system/shadowsocks-libev.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2019-07-11 07:10:49 UTC; 5s ago
Docs: man:shadowsocks-libev(8)
Process: 2615 ExecStart=/usr/bin/ss-server -c $CONFFILE $DAEMON_ARGS (code=exited, status=255)
Main PID: 2615 (code=exited, status=255)
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 ss-server[2615]: /home/andy/go/src/github.com/cbeuw/Cloak/internal/multiplex/qos.go:34 +0x39
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 ss-server[2615]: github.com/cbeuw/Cloak/internal/multiplex.MakeValve(0x0, 0x8000000, 0xc000072ad0, 0xc000072ad8, 0x0)
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 ss-server[2615]: /home/andy/go/src/github.com/cbeuw/Cloak/internal/multiplex/qos.go:29 +0x69
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 ss-server[2615]: github.com/cbeuw/Cloak/internal/server/usermanager.MakeUser(0xc00004c100, 0xc000072aa0, 0x0)
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 ss-server[2615]: /home/andy/go/src/github.com/cbeuw/Cloak/internal/server/usermanager/user.go:40 +0x4e
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 ss-server[2615]: github.com/cbeuw/Cloak/internal/server/usermanager.(*Userpanel).GetAndActivateUser(0xc00004c100, 0xc00001a1e0, 0x20, 0x24, 0x20, 0x21, 0xa9919d00)
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 ss-server[2615]: /home/andy/go/src/github.com/cbeuw/Cloak/internal/server/usermanager/userpanel.go:158 +0x1cb
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 systemd[1]: shadowsocks-libev.service: Main process exited, code=exited, status=255/n/a
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 systemd[1]: shadowsocks-libev.service: Unit entered failed state.
Jul 11 07:10:49 debian-s-1vcpu-1gb-lon1-01 systemd[1]: shadowsocks-libev.service: Failed with result 'exit-code'.
Add user step:
D:\Software\Shadowsocks\plugins>ck-client.exe -a -c ck-client.json
2019/07/11 15:07:11 ck-client.go:131: Starting standalone mode
Enter the ip:port of your server
xxx.xxx.xxx.xxx:xxxxx
Enter the admin UID
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
1 listActiveUsers none []uids
2 listAllUsers none []userinfo
3 getUserInfo uid userinfo
4 addNewUser userinfo ok
5 delUser uid ok
6 syncMemFromDB uid ok
7 setSessionsCap uid cap ok
8 setUpRate uid rate ok
9 setDownRate uid rate ok
10 setUpCredit uid credit ok
11 setDownCredit uid credit ok
12 setExpiryTime uid time ok
13 addUpCredit uid delta ok
14 addDownCredit uid delta ok
Select your command
2
null
Select your command
4
UID:eXmPhhIlbGSVI45k+CDNdTSfmGFP/X0WaWTh3DOgPbk=
SessionsCap:255
UpRate:DownRate:134217728:134217728
UpCredit:DownCredit:ExpiryTime:10995116277760:10995116277760:1672502399
ok
Select your command
2019/07/11 15:09:22 admin.go:67: Unreconised cmd
Select your command
2
[{"UID":"eXmPhhIlbGSVI45k+CDNdTSfmGFP/X0WaWTh3DOgPbk=","SessionsCap":255,"UpRate":0,"DownRate":134217728,"UpCredit":134217728,"DownCredit":0,"ExpiryTime":10995116277760}]
Select your command
2
2019/07/11 15:11:22 ck-client.go:142: EOF
D:\Software\Shadowsocks\plugins>
Thank you.
Hi @cbeuw, after upgrading my server and my build env. this issue came up. I do not know the reason is recent commits or a golang related bug?
Thank you for all of your efforts.
./ck-server -c server.json -p 443 -s 0.0.0.0
INFO[0000] Starting standalone mode, listening on 0.0.0.0:443
FATA[0000] Configuration file error: Failed to read configuration file: json: cannot unmarshal string into Go struct field rawConfig.ProxyBook of type []string
Server configuration file:
{
"ProxyBook":{
"shadowsocks": "",
"openvpn": "",
"tor": ""},
"BypassUID": "",
"RedirAddr": "",
"PrivateKey": "",
"AdminUID": "",
"DatabasePath": "userinfo.db"
}
Build environment:
go1.12.9.linux-amd64 on Ubuntu.
Hello
At first, your plugin is great! Shadowsocks is throttled in some ISPs in Iran. I used to get around 400 kbit/s but with cloak the speed is boosted to 40Mbit/s.
The script you provided here is not installing shadowsocks-libev for CentOS 7 because dnf
is not installed by default.
Therefore, I have rewritten a script from scratch (well somehow). Here is the link. If you like you can put this in your page. It also creates QR Code and ss://
link at the end of it. I supports Debian 8/9, Ubuntu 16~19 and Centos 7. I will add other features later.
Plus if you have an Ethereum wallet, I am ready to donate to you!
As RedirAddr
I use the IP of one of my personal websites. On the client, I specify the domain that resolves to this IP as ServerName
. This website has an SSL certificate for the domain specified in ServerName
.
However, the website is hosted on a shared hosting and the domain name is used as a virtual host. As such, simply browsing to the RedirAddr
shows an error page saying "this website is not installed" - because it expects a domain name as vhost. The SSL certificate of the error page does not match the domain specified in ServerName
(a certificate with the hoster's domain name is served e.g. server1.hostingcompany.com).
Browsing to the cloak public IP therefore does redirect all traffic to the correct IP where my website is hosted, but it does not serve my personal website (it serves the error page), and the SSL certificate does not match ServerName
.
Does this impact the active probing mitigation of cloak?
Hello,
Sometimes when internet connection is lost and reconnected, cloak gets stuck and doesn't establish a new session to the server until cloak itself is restarted. Is there a timer keepalive that is implemented for it to detect timeout and connection loss and reconnect more aggressively ?
GoQuiet doesn't suffer this problem as there is 1:1 mapping between tcp connections and goquiet connections so the main operation will timeout and it will reconnect.
But in case of Cloak and multiplexing, the multiplexing layer doesn't reconnect and causes timeout and connection failure to all processes trying to go through it forever (until it is restarted).
this my
opkg print-architecture | awk '{print $2}'
all
noarch
mipsel_24kc
Hello
Is it possible to use Cloak with a CDN like cloudflare?
I successfully done it with V2Ray HTTP websocket mode to route my traffic through cloudflare. It is possible to do the same thing with cloak?
I am running cloak on port 443, AES-128-GCM and even tried to set my ServerName
to my cloudflare domain. (The one that I assigned in cloudflare)
Hello, i set up the SS server with Cloak, but got an error when running ss-server
the error info line : ck-server.go:254: Configuration file error: Failed to unmarshal: invalid character '}' looking for beginning of object key string
My ckserver.json
looks like this :
{
"ProxyBook":{
"shadowsocks":"127.0.0.1:1488",
},
"RedirAddr":"54.222.60.218:443",
"PrivateKey":"myprivatekey",
"AdminUID":"myadminuid",
"DatabasePath":"home/peiper/cloak/userinfo.db"
}
I cpoied the json file in your github code and edit it. Anything wrong with it ?
.
Even a valid json is provided, server failed to start.
Error Msg:
FATA[0000] Configuration file error: Failed to read configuration file: json: cannot unmarshal array into Go struct field rawConfig.ProxyBook of type string
Server Json:
{
"ProxyBook": {
"socks5": [
"tcp",
"127.0.0.1:1080"
]
},
"BindAddr": [
":443"
],
"BypassUID": [
"1rmq6Ag1jZJCImLBIL5wzQ=="
],
"RedirAddr": "202.89.233.100",
"PrivateKey": "yJ5mAFkKYBDBCjqY0a8MFVMs/6iC9x0F4Kk5RNV5QFo=",
"AdminUID": "sbw8iIVASiAL0WVL9Ro0ig==",
"DatabasePath": "userinfo.db",
"StreamTimeout": 300
}
When trying to build the package on Debian Stretch using the command make server
as stated in the readme,md, the build fails with this error message:
make server
mkdir -p build
go build -ldflags "-X main.version=master(cffee14)" ./cmd/ck-server
cmd/ck-server/keygen.go:6:2: cannot find package "github.com/cbeuw/Cloak/internal/ecdh" in any of:
/usr/lib/go-1.7/src/github.com/cbeuw/Cloak/internal/ecdh (from $GOROOT)
($GOPATH not set)
cmd/ck-server/ck-server.go:15:2: cannot find package "github.com/cbeuw/Cloak/internal/multiplex" in any of:
/usr/lib/go-1.7/src/github.com/cbeuw/Cloak/internal/multiplex (from $GOROOT)
($GOPATH not set)
cmd/ck-server/ck-server.go:16:2: cannot find package "github.com/cbeuw/Cloak/internal/server" in any of:
/usr/lib/go-1.7/src/github.com/cbeuw/Cloak/internal/server (from $GOROOT)
($GOPATH not set)
cmd/ck-server/ck-server.go:17:2: cannot find package "github.com/cbeuw/Cloak/internal/server/usermanager" in any of:
/usr/lib/go-1.7/src/github.com/cbeuw/Cloak/internal/server/usermanager (from $GOROOT)
($GOPATH not set)
cmd/ck-server/ck-server.go:18:2: cannot find package "github.com/cbeuw/Cloak/internal/util" in any of:
/usr/lib/go-1.7/src/github.com/cbeuw/Cloak/internal/util (from $GOROOT)
($GOPATH not set)
Makefile:15: recipe for target 'server' failed
make: *** [server] Error 1
root@raspberrypi:/Cloak# make client
mkdir -p build
go build -ldflags "-X main.version=master(6977138)" ./cmd/ck-client
cmd/ck-client/admin.go:21:2: cannot find package "github.com/cbeuw/Cloak/internal/client" in any of:
/usr/lib/go-1.7/src/github.com/cbeuw/Cloak/internal/client (from $GOROOT)
($GOPATH not set)
cmd/ck-client/admin.go:22:2: cannot find package "github.com/cbeuw/Cloak/internal/client/TLS" in any of:
/usr/lib/go-1.7/src/github.com/cbeuw/Cloak/internal/client/TLS (from $GOROOT)
($GOPATH not set)
cmd/ck-client/admin.go:23:2: cannot find package "github.com/cbeuw/Cloak/internal/util" in any of:
/usr/lib/go-1.7/src/github.com/cbeuw/Cloak/internal/util (from $GOROOT)
($GOPATH not set)
Makefile:10: recipe for target 'client' failed
make: *** [client] Error 1
root@raspberrypi:/Cloak#
^ as title. I think it's very non-intuitive the way it is.
I'm trying to use shadowsocks client with cloak plugin, but I get this error.
ss-local -s x.x.x.x -p 443 -b 192.168.1.1 -l 1080 -k sspasswd -m chacha20-ietf-poly1305 --plugin ck-client-linux-mips_softfloat-2.0.2 --plugin-opts "UID=xxx;PublicKey=xxx;NumConn=4;BrowserSig=chrome;EncryptionMethod=chacha20-poly1305" -v
2019-08-24 20:16:07 INFO: plugin "ck-client-linux-mips_softfloat-2.0.2" enabled
2019-08-24 20:16:07 INFO: initializing ciphers... chacha20-ietf-poly1305
2019-08-24 20:16:07 INFO: listening at 192.168.1.1:1080
2019-08-24 20:16:07 INFO: running from root user
INFO[0000] Listening on 127.0.0.1:55703 for proxy clients
2019-08-24 20:16:10 INFO: connect to github.com:443
INFO[0003] Attemtping to start a new session
ERRO[0003] Failed to prepare connection to remote: Reading TLS message: message size greater than buffer. message size: 7304
I'm using OpenWrt 18.06.4. What am I doing wrong?
command:
ck-client -s <IP of the server> -l <A local port> -a <AdminUID> -c <path-to-ckclient.json>
error log:
2019/08/05 03:33:11 ck-client.go:166: Starting standalone mode
2019/08/05 03:33:11 ck-client.go:173: open ckclient.json: no such file or directory
I confirm that the configuration file path is correct, and the configuration reference is the currently given example config.
@cbeuw
Hey. Thanks for the plugin. It seems to work faster that ssr with auth_chain_a+ tls1.2 ticket auth for me now, will continue to test it.
The problem is that I can not fully understand how to add new users.
I understand that I have to generate new UID as at mentioned in the Readme of this repo but what about Public and Private Keys? Are they same for all users or we have to provide separate Public and Private key for each user (UID)? If YES, how to do that in proper way?
Thanks.
netstat -ntlp
tcp6 0 0 :::53794 :::* LISTEN 4117/ck-server
request to bind tcp not tcp6
checking how to truncate binary pipes... /bin/dd bs=4096 count=1
checking for mt... mt
checking if mt is a manifest tool... no
checking for dlfcn.h... yes
checking for objdir... .libs
checking if gcc supports -fno-rtti -fno-exceptions... no
checking for gcc option to produce PIC... -fPIC -DPIC
checking if gcc PIC flag -fPIC -DPIC works... yes
checking if gcc static flag -static works... yes
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.o... (cached) yes
checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking for shl_load... no
checking for shl_load in -ldld... no
checking for dlopen... no
checking for dlopen in -ldl... yes
checking whether a program can dlopen itself... yes
checking whether a statically linked program can dlopen itself... no
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... no
checking whether to build static libraries... yes
checking for pcre-config... no
checking for pcre location... not found
configure: error: Cannot find pcre library. Configure --with-pcre=DIR
[Error] shadowsocks-libev install failed.
My English is poor, Sorry.
我注意到一个问题,在长时间运行的情况下,ck-client 客户端可能会频繁出现 "Failed to write to stream: the switchboard is broken" 提示,也无法连接服务器。
如果是以独立模式运行,输出信息如下:
time="2019-08-31T11:33:17+08:00" level=error msg="Failed to write to stream: the
switchboard is broken"
time="2019-08-31T11:33:17+08:00" level=error msg="Failed to write to stream: the
switchboard is broken"
time="2019-08-31T11:33:17+08:00" level=error msg="Failed to write to stream: the
switchboard is broken"
在Shadowsocks的日志中显示(非同时收集):
客户端:
[2019-08-30 10:31:51] System.Net.Sockets.SocketException (0x80004005): 由于以前的关闭调用,套接字在那个方向已经关闭,发送或接收数据的请求没有被接受。
在 System.Net.Sockets.Socket.BeginReceive(Byte[] buffer, Int32 offset, Int32 size, SocketFlags socketFlags, AsyncCallback callback, Object state)
在 Shadowsocks.Controller.TCPHandler.PipeRemoteSendCallback(IAsyncResult ar)
[2019-08-30 10:35:43] Cannot get Windows 10 system theme mode, return default value 0 (dark mode).
服务端:
Aug 29 23:21:45 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-29 23:21:45 ERROR: getpeername: Transport endpoint is not connected
Aug 29 23:21:45 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-29 23:21:45 ERROR: getpeername: Transport endpoint is not connected
Aug 29 23:21:45 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-29 23:21:45 ERROR: getpeername: Transport endpoint is not connected
Aug 29 23:21:46 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-29 23:21:46 ERROR: getpeername: Transport endpoint is not connected
Aug 29 23:21:46 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-29 23:21:46 ERROR: getpeername: Transport endpoint is not connected
Aug 30 00:08:44 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: time="2019-08-30T00:08:44Z" level=warning msg="TLS but non-Cloak ClientHello" UID= encryptionMethod=0 proxyMethod= remoteAddr="35.161.49.247:53764" sessionId=0
Aug 30 00:32:46 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: time="2019-08-30T00:32:46Z" level=warning msg="TLS but non-Cloak ClientHello" UID= encryptionMethod=0 proxyMethod= remoteAddr="207.46.13.17:14589" sessionId=0
Aug 30 00:32:46 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: time="2019-08-30T00:32:46Z" level=warning msg="TLS but non-Cloak ClientHello" UID= encryptionMethod=0 proxyMethod= remoteAddr="207.46.13.17:15108" sessionId=0
Aug 30 00:32:47 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: time="2019-08-30T00:32:47Z" level=warning msg="TLS but non-Cloak ClientHello" UID= encryptionMethod=0 proxyMethod= remoteAddr="207.46.13.17:1052" sessionId=0
Aug 30 00:59:25 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: time="2019-08-30T00:59:25Z" level=info msg="New session" UID="CVtm0jH66wNhG9sDEg1ykw==" sessionID=2492795987
Aug 30 01:06:51 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: time="2019-08-30T01:06:51Z" level=warning msg="TLS but non-Cloak ClientHello" UID= encryptionMethod=0 proxyMethod= remoteAddr="213.32.122.82:35873" sessionId=0
Aug 30 01:06:51 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: time="2019-08-30T01:06:51Z" level=warning msg="TLS but non-Cloak ClientHello" UID= encryptionMethod=0 proxyMethod= remoteAddr="213.32.122.82:39809" sessionId=0
Aug 30 01:06:51 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: time="2019-08-30T01:06:51Z" level=warning msg="non (or malformed) ClientHello" UID= encryptionMethod=0 proxyMethod= remoteAddr="213.32.122.82:38591" sessionId=0
Aug 30 01:07:33 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: time="2019-08-30T01:07:33Z" level=warning msg="TLS but non-Cloak ClientHello" UID= encryptionMethod=0 proxyMethod= remoteAddr="66.249.66.56:50083" sessionId=0
Aug 30 01:13:24 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-30 01:13:24 ERROR: getpeername: Transport endpoint is not connected
Aug 30 01:13:24 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-30 01:13:24 ERROR: getpeername: Transport endpoint is not connected
Aug 30 01:13:24 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-30 01:13:24 ERROR: getpeername: Transport endpoint is not connected
Aug 30 01:13:45 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-30 01:13:45 ERROR: getpeername: Transport endpoint is not connected
Aug 30 02:00:55 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-30 02:00:55 ERROR: server recv: Connection reset by peer
Aug 30 02:01:28 debian-s-1vcpu-1gb-lon1-01 ss-server[1925]: 2019-08-30 02:01:28 ERROR: server recv: Connection reset by peer
我注意到一个非常有意思的地方,当出现该问题时,如果使用Wireshark抓包,不会有任何通信过程(已确定抓包配置没有问题):
如果使用TCP连接状态软件,会看到只有一条连接链接到服务器:
当出现该问题时,如果切换一下代理(插件方式运行),或者Ctrl+C结束任务后立刻再起动,就能恢复正常。
我不确定是Wa11的问题,还是客户端存在某些问题?
感谢。
How do I create userinfo.db? I get an error message when I start ss-server because userinfo.db does not exist.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.