diff --git a/shadowsocks-csharp/Controller/Service/PACServer.cs b/shadowsocks-csharp/Controller/Service/PACServer.cs index 4c39cc1a..cf918e0a 100644 --- a/shadowsocks-csharp/Controller/Service/PACServer.cs +++ b/shadowsocks-csharp/Controller/Service/PACServer.cs @@ -12,12 +12,14 @@ using Shadowsocks.Util; namespace Shadowsocks.Controller { - class PACServer : Listener.Service + public class PACServer : Listener.Service { public const string PAC_FILE = "pac.txt"; public const string USER_RULE_FILE = "user-rule.txt"; public const string USER_ABP_FILE = "abp.txt"; + public string PacSecret { get; private set; } = ""; + FileSystemWatcher PACFileWatcher; FileSystemWatcher UserRuleFileWatcher; private Configuration _config; @@ -34,6 +36,17 @@ namespace Shadowsocks.Controller public void UpdateConfiguration(Configuration config) { this._config = config; + + if (config.secureLocalPac) + { + var rd = new byte[32]; + new Random().NextBytes(rd); + PacSecret = $"&secret={Convert.ToBase64String(rd)}"; + } + else + { + PacSecret = ""; + } } public override bool Handle(byte[] firstPacket, int length, Socket socket, object state) diff --git a/shadowsocks-csharp/Controller/ShadowsocksController.cs b/shadowsocks-csharp/Controller/ShadowsocksController.cs index a9da8197..3ad0e7bc 100644 --- a/shadowsocks-csharp/Controller/ShadowsocksController.cs +++ b/shadowsocks-csharp/Controller/ShadowsocksController.cs @@ -269,7 +269,7 @@ namespace Shadowsocks.Controller } if (_config.enabled) { - SystemProxy.Update(_config, true); + SystemProxy.Update(_config, true, null); } Encryption.RNG.Close(); } @@ -347,6 +347,16 @@ namespace Shadowsocks.Controller } } + public void ToggleSecureLocalPac(bool enabled) + { + _config.secureLocalPac = enabled; + SaveConfig(_config); + if (ConfigChanged != null) + { + ConfigChanged(this, new EventArgs()); + } + } + public void ToggleCheckingUpdate(bool enabled) { _config.autoCheckUpdate = enabled; @@ -515,7 +525,7 @@ namespace Shadowsocks.Controller { if (_config.enabled) { - SystemProxy.Update(_config, false); + SystemProxy.Update(_config, false, _pacServer); _systemProxyIsDirty = true; } else @@ -523,7 +533,7 @@ namespace Shadowsocks.Controller // only switch it off if we have switched it on if (_systemProxyIsDirty) { - SystemProxy.Update(_config, false); + SystemProxy.Update(_config, false, _pacServer); _systemProxyIsDirty = false; } } diff --git a/shadowsocks-csharp/Controller/System/SystemProxy.cs b/shadowsocks-csharp/Controller/System/SystemProxy.cs index b06b00c6..92da7784 100644 --- a/shadowsocks-csharp/Controller/System/SystemProxy.cs +++ b/shadowsocks-csharp/Controller/System/SystemProxy.cs @@ -11,7 +11,7 @@ namespace Shadowsocks.Controller return value.ToString("yyyyMMddHHmmssfff"); } - public static void Update(Configuration config, bool forceDisable) + public static void Update(Configuration config, bool forceDisable, PACServer pacSrv) { bool global = config.global; bool enabled = config.enabled; @@ -35,7 +35,7 @@ namespace Shadowsocks.Controller if (config.useOnlinePac && !config.pacUrl.IsNullOrEmpty()) pacUrl = config.pacUrl; else - pacUrl = $"http://127.0.0.1:{config.localPort}/pac?t={GetTimestamp(DateTime.Now)}"; + pacUrl = $"http://127.0.0.1:{config.localPort}/pac?t={GetTimestamp(DateTime.Now)}{pacSrv.PacSecret}"; WinINet.SetIEProxy(true, false, "", pacUrl); } } diff --git a/shadowsocks-csharp/Model/Configuration.cs b/shadowsocks-csharp/Model/Configuration.cs index 546974a0..e2a640a8 100644 --- a/shadowsocks-csharp/Model/Configuration.cs +++ b/shadowsocks-csharp/Model/Configuration.cs @@ -22,6 +22,7 @@ namespace Shadowsocks.Model public int localPort; public string pacUrl; public bool useOnlinePac; + public bool secureLocalPac = true; public bool availabilityStatistics; public bool autoCheckUpdate; public bool checkPreRelease; diff --git a/shadowsocks-csharp/View/MenuViewController.cs b/shadowsocks-csharp/View/MenuViewController.cs index 4daeddc8..fa73ff57 100644 --- a/shadowsocks-csharp/View/MenuViewController.cs +++ b/shadowsocks-csharp/View/MenuViewController.cs @@ -47,6 +47,7 @@ namespace Shadowsocks.View private MenuItem updateFromGFWListItem; private MenuItem editGFWUserRuleItem; private MenuItem editOnlinePACItem; + private MenuItem secureLocalPacUrlToggleItem; private MenuItem autoCheckUpdatesToggleItem; private MenuItem checkPreReleaseToggleItem; private MenuItem proxyItem; @@ -271,6 +272,7 @@ namespace Shadowsocks.View this.updateFromGFWListItem = CreateMenuItem("Update Local PAC from GFWList", new EventHandler(this.UpdatePACFromGFWListItem_Click)), this.editGFWUserRuleItem = CreateMenuItem("Edit User Rule for GFWList...", new EventHandler(this.EditUserRuleFileForGFWListItem_Click)), this.editOnlinePACItem = CreateMenuItem("Edit Online PAC URL...", new EventHandler(this.UpdateOnlinePACURLItem_Click)), + this.secureLocalPacUrlToggleItem = CreateMenuItem("Secure Local PAC", new EventHandler(this.SecureLocalPacUrlToggleItem_Click)), }), this.proxyItem = CreateMenuItem("Forward Proxy...", new EventHandler(this.proxyItem_Click)), new MenuItem("-"), @@ -397,6 +399,7 @@ namespace Shadowsocks.View AutoStartupItem.Checked = AutoStartup.Check(); onlinePACItem.Checked = onlinePACItem.Enabled && config.useOnlinePac; localPACItem.Checked = !onlinePACItem.Checked; + secureLocalPacUrlToggleItem.Checked = config.secureLocalPac; UpdatePACItemsEnabledStatus(); UpdateUpdateMenu(); } @@ -796,6 +799,12 @@ namespace Shadowsocks.View } } + private void SecureLocalPacUrlToggleItem_Click(object sender, EventArgs e) + { + Configuration configuration = controller.GetConfigurationCopy(); + controller.ToggleSecureLocalPac(!configuration.secureLocalPac); + } + private void UpdatePACItemsEnabledStatus() { if (this.localPACItem.Checked) @@ -814,6 +823,7 @@ namespace Shadowsocks.View } } + private void UpdateUpdateMenu() { Configuration configuration = controller.GetConfigurationCopy();