From ba5ad12e138140af46d6b4d9a2ba511292056f77 Mon Sep 17 00:00:00 2001
From: 2dust <31833384+2dust@users.noreply.github.com>
Date: Fri, 15 Nov 2024 09:42:49 +0800
Subject: [PATCH] Linux password encryption storage
---
v2rayN/ServiceLib/Common/DesUtils.cs | 75 +++++++++++++++++++
v2rayN/ServiceLib/Handler/CoreHandler.cs | 10 ++-
v2rayN/ServiceLib/Models/ConfigItems.cs | 2 +-
v2rayN/ServiceLib/Resx/ResUI.Designer.cs | 2 +-
v2rayN/ServiceLib/Resx/ResUI.fa-Ir.resx | 2 +-
v2rayN/ServiceLib/Resx/ResUI.resx | 2 +-
v2rayN/ServiceLib/Resx/ResUI.ru.resx | 2 +-
v2rayN/ServiceLib/Resx/ResUI.zh-Hans.resx | 2 +-
v2rayN/ServiceLib/Resx/ResUI.zh-Hant.resx | 2 +-
.../ViewModels/OptionSettingViewModel.cs | 7 +-
.../ViewModels/StatusBarViewModel.cs | 2 +-
.../Views/OptionSettingWindow.axaml | 3 +-
12 files changed, 95 insertions(+), 16 deletions(-)
create mode 100644 v2rayN/ServiceLib/Common/DesUtils.cs
diff --git a/v2rayN/ServiceLib/Common/DesUtils.cs b/v2rayN/ServiceLib/Common/DesUtils.cs
new file mode 100644
index 00000000..132fff65
--- /dev/null
+++ b/v2rayN/ServiceLib/Common/DesUtils.cs
@@ -0,0 +1,75 @@
+using System.Security.Cryptography;
+using System.Text;
+
+namespace ServiceLib.Common
+{
+ public class DesUtils
+ {
+ ///
+ /// Encrypt
+ ///
+ ///
+ /// ///
+ ///
+ public static string Encrypt(string? text, string? key = null)
+ {
+ if (text.IsNullOrEmpty())
+ {
+ return string.Empty;
+ }
+ GetKeyIv(key ?? GetDefaultKey(), out var rgbKey, out var rgbIv);
+ var dsp = DES.Create();
+ using var memStream = new MemoryStream();
+ using var cryStream = new CryptoStream(memStream, dsp.CreateEncryptor(rgbKey, rgbIv), CryptoStreamMode.Write);
+ using var sWriter = new StreamWriter(cryStream);
+ sWriter.Write(text);
+ sWriter.Flush();
+ cryStream.FlushFinalBlock();
+ memStream.Flush();
+ return Convert.ToBase64String(memStream.GetBuffer(), 0, (int)memStream.Length);
+ }
+
+ ///
+ /// Decrypt
+ ///
+ ///
+ ///
+ ///
+ public static string Decrypt(string? encryptText, string? key = null)
+ {
+ if (encryptText.IsNullOrEmpty())
+ {
+ return string.Empty;
+ }
+ GetKeyIv(key ?? GetDefaultKey(), out var rgbKey, out var rgbIv);
+ var dsp = DES.Create();
+ var buffer = Convert.FromBase64String(encryptText);
+
+ using var memStream = new MemoryStream();
+ using var cryStream = new CryptoStream(memStream, dsp.CreateDecryptor(rgbKey, rgbIv), CryptoStreamMode.Write);
+ cryStream.Write(buffer, 0, buffer.Length);
+ cryStream.FlushFinalBlock();
+ return Encoding.UTF8.GetString(memStream.ToArray());
+ }
+
+ private static void GetKeyIv(string key, out byte[] rgbKey, out byte[] rgbIv)
+ {
+ if (key.IsNullOrEmpty())
+ {
+ throw new ArgumentNullException("The key cannot be null");
+ }
+ if (key.Length <= 8)
+ {
+ throw new ArgumentNullException("The key length cannot be less than 8 characters.");
+ }
+
+ rgbKey = Encoding.ASCII.GetBytes(key.Substring(0, 8));
+ rgbIv = Encoding.ASCII.GetBytes(key.Insert(0, "w").Substring(0, 8));
+ }
+
+ private static string GetDefaultKey()
+ {
+ return Utils.GetMd5(Utils.GetHomePath() + "DesUtils");
+ }
+ }
+}
\ No newline at end of file
diff --git a/v2rayN/ServiceLib/Handler/CoreHandler.cs b/v2rayN/ServiceLib/Handler/CoreHandler.cs
index cd8cdf51..6ebb80e8 100644
--- a/v2rayN/ServiceLib/Handler/CoreHandler.cs
+++ b/v2rayN/ServiceLib/Handler/CoreHandler.cs
@@ -261,7 +261,7 @@ namespace ServiceLib.Handler
return _config.TunModeItem.EnableTun
&& eCoreType == ECoreType.sing_box
&& Utils.IsLinux()
- && _config.TunModeItem.LinuxSudoPassword.IsNotEmpty()
+ && _config.TunModeItem.LinuxSudoPwd.IsNotEmpty()
;
}
@@ -299,7 +299,8 @@ namespace ServiceLib.Handler
if (isNeedSudo)
{
proc.StartInfo.FileName = $"/bin/sudo";
- proc.StartInfo.Arguments = $"-S {fileName} {string.Format(coreInfo.Arguments, configPath)}";
+ proc.StartInfo.Arguments = $"-S {fileName} {string.Format(coreInfo.Arguments, Utils.GetConfigPath(configPath))}";
+ proc.StartInfo.WorkingDirectory = null;
proc.StartInfo.StandardInputEncoding = Encoding.UTF8;
proc.StartInfo.RedirectStandardInput = true;
}
@@ -328,10 +329,11 @@ namespace ServiceLib.Handler
if (isNeedSudo)
{
+ var pwd = DesUtils.Decrypt(_config.TunModeItem.LinuxSudoPwd);
await Task.Delay(10);
- await proc.StandardInput.WriteLineAsync(_config.TunModeItem.LinuxSudoPassword);
+ await proc.StandardInput.WriteLineAsync(pwd);
await Task.Delay(10);
- await proc.StandardInput.WriteLineAsync(_config.TunModeItem.LinuxSudoPassword);
+ await proc.StandardInput.WriteLineAsync(pwd);
}
if (displayLog)
diff --git a/v2rayN/ServiceLib/Models/ConfigItems.cs b/v2rayN/ServiceLib/Models/ConfigItems.cs
index 8ec47b88..06bcfbeb 100644
--- a/v2rayN/ServiceLib/Models/ConfigItems.cs
+++ b/v2rayN/ServiceLib/Models/ConfigItems.cs
@@ -161,7 +161,7 @@
public int Mtu { get; set; }
public bool EnableExInbound { get; set; }
public bool EnableIPv6Address { get; set; }
- public string? LinuxSudoPassword { get; set; }
+ public string? LinuxSudoPwd { get; set; }
}
[Serializable]
diff --git a/v2rayN/ServiceLib/Resx/ResUI.Designer.cs b/v2rayN/ServiceLib/Resx/ResUI.Designer.cs
index 30568641..fa71ced0 100644
--- a/v2rayN/ServiceLib/Resx/ResUI.Designer.cs
+++ b/v2rayN/ServiceLib/Resx/ResUI.Designer.cs
@@ -3176,7 +3176,7 @@ namespace ServiceLib.Resx {
}
///
- /// 查找类似 The password will only be stored in the local file. 的本地化字符串。
+ /// 查找类似 The password is encrypted and stored only in local files. 的本地化字符串。
///
public static string TbSettingsLinuxSudoPasswordTip {
get {
diff --git a/v2rayN/ServiceLib/Resx/ResUI.fa-Ir.resx b/v2rayN/ServiceLib/Resx/ResUI.fa-Ir.resx
index 991c9fe2..0bf2fecb 100644
--- a/v2rayN/ServiceLib/Resx/ResUI.fa-Ir.resx
+++ b/v2rayN/ServiceLib/Resx/ResUI.fa-Ir.resx
@@ -1373,7 +1373,7 @@
Linux system sudo password
- The password will only be stored in the local file.
+ The password is encrypted and stored only in local files.
Please set the sudo password in Tun mode settings first
diff --git a/v2rayN/ServiceLib/Resx/ResUI.resx b/v2rayN/ServiceLib/Resx/ResUI.resx
index 9c69dc95..1d6b722b 100644
--- a/v2rayN/ServiceLib/Resx/ResUI.resx
+++ b/v2rayN/ServiceLib/Resx/ResUI.resx
@@ -1373,7 +1373,7 @@
Linux system sudo password
- The password will only be stored in the local file.
+ The password is encrypted and stored only in local files.
Please set the sudo password in Tun mode settings first
diff --git a/v2rayN/ServiceLib/Resx/ResUI.ru.resx b/v2rayN/ServiceLib/Resx/ResUI.ru.resx
index 20395013..de7bce46 100644
--- a/v2rayN/ServiceLib/Resx/ResUI.ru.resx
+++ b/v2rayN/ServiceLib/Resx/ResUI.ru.resx
@@ -1373,7 +1373,7 @@
Linux system sudo password
- The password will only be stored in the local file.
+ The password is encrypted and stored only in local files.
Please set the sudo password in Tun mode settings first
diff --git a/v2rayN/ServiceLib/Resx/ResUI.zh-Hans.resx b/v2rayN/ServiceLib/Resx/ResUI.zh-Hans.resx
index 18631825..55e14aed 100644
--- a/v2rayN/ServiceLib/Resx/ResUI.zh-Hans.resx
+++ b/v2rayN/ServiceLib/Resx/ResUI.zh-Hans.resx
@@ -1370,7 +1370,7 @@
Linux系统的sudo密码
- 密码只会存储在本地文件中,没有密码无法开启Tun
+ 密码已加密且只存储在本地文件中,无密码无法开启Tun
请先在Tun模式设置中设置sudo密码
diff --git a/v2rayN/ServiceLib/Resx/ResUI.zh-Hant.resx b/v2rayN/ServiceLib/Resx/ResUI.zh-Hant.resx
index c68e0da6..528ed027 100644
--- a/v2rayN/ServiceLib/Resx/ResUI.zh-Hant.resx
+++ b/v2rayN/ServiceLib/Resx/ResUI.zh-Hant.resx
@@ -1370,7 +1370,7 @@
Linux系統的sudo密碼
- 密碼只會儲存在本機檔案中,沒有密碼無法開啟Tun
+ 密碼已加密且只儲存在本機檔案中,無密碼無法開啟Tun
請先在Tun模式設定中設定sudo密碼
diff --git a/v2rayN/ServiceLib/ViewModels/OptionSettingViewModel.cs b/v2rayN/ServiceLib/ViewModels/OptionSettingViewModel.cs
index 40aadaca..e1608906 100644
--- a/v2rayN/ServiceLib/ViewModels/OptionSettingViewModel.cs
+++ b/v2rayN/ServiceLib/ViewModels/OptionSettingViewModel.cs
@@ -198,7 +198,7 @@ namespace ServiceLib.ViewModels
TunMtu = _config.TunModeItem.Mtu;
TunEnableExInbound = _config.TunModeItem.EnableExInbound;
TunEnableIPv6Address = _config.TunModeItem.EnableIPv6Address;
- TunLinuxSudoPassword = _config.TunModeItem.LinuxSudoPassword;
+ TunLinuxSudoPassword = _config.TunModeItem.LinuxSudoPwd;
#endregion Tun mode
@@ -342,7 +342,10 @@ namespace ServiceLib.ViewModels
_config.TunModeItem.Mtu = TunMtu;
_config.TunModeItem.EnableExInbound = TunEnableExInbound;
_config.TunModeItem.EnableIPv6Address = TunEnableIPv6Address;
- _config.TunModeItem.LinuxSudoPassword = TunLinuxSudoPassword;
+ if (TunLinuxSudoPassword != _config.TunModeItem.LinuxSudoPwd)
+ {
+ _config.TunModeItem.LinuxSudoPwd = DesUtils.Encrypt(TunLinuxSudoPassword);
+ }
//coreType
await SaveCoreType();
diff --git a/v2rayN/ServiceLib/ViewModels/StatusBarViewModel.cs b/v2rayN/ServiceLib/ViewModels/StatusBarViewModel.cs
index 47c7312a..3298f636 100644
--- a/v2rayN/ServiceLib/ViewModels/StatusBarViewModel.cs
+++ b/v2rayN/ServiceLib/ViewModels/StatusBarViewModel.cs
@@ -440,7 +440,7 @@ namespace ServiceLib.ViewModels
}
else if (Utils.IsLinux())
{
- return _config.TunModeItem.LinuxSudoPassword.IsNotEmpty();
+ return _config.TunModeItem.LinuxSudoPwd.IsNotEmpty();
}
return false;
}
diff --git a/v2rayN/v2rayN.Desktop/Views/OptionSettingWindow.axaml b/v2rayN/v2rayN.Desktop/Views/OptionSettingWindow.axaml
index 6176dfe3..92919952 100644
--- a/v2rayN/v2rayN.Desktop/Views/OptionSettingWindow.axaml
+++ b/v2rayN/v2rayN.Desktop/Views/OptionSettingWindow.axaml
@@ -808,8 +808,7 @@
Grid.Column="1"
Width="200"
HorizontalAlignment="Left"
- Classes="Margin8"
- PasswordChar="*" />
+ Classes="Margin8" />