2018-12-11 08:37:12 +00:00
|
|
|
|
package lib
|
2018-11-29 11:55:24 +00:00
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
|
"bufio"
|
|
|
|
|
|
"bytes"
|
2018-12-30 14:36:15 +00:00
|
|
|
|
"encoding/base64"
|
2018-11-29 11:55:24 +00:00
|
|
|
|
"encoding/binary"
|
|
|
|
|
|
"errors"
|
|
|
|
|
|
"fmt"
|
2018-11-29 17:13:41 +00:00
|
|
|
|
"io"
|
2018-12-03 15:03:25 +00:00
|
|
|
|
"log"
|
2018-12-11 08:37:12 +00:00
|
|
|
|
"net"
|
2018-11-29 11:55:24 +00:00
|
|
|
|
"net/http"
|
|
|
|
|
|
"net/http/httputil"
|
|
|
|
|
|
"net/url"
|
2018-12-11 08:37:12 +00:00
|
|
|
|
"regexp"
|
2018-11-29 11:55:24 +00:00
|
|
|
|
"strconv"
|
|
|
|
|
|
"strings"
|
2019-01-06 17:52:54 +00:00
|
|
|
|
"sync"
|
2019-01-07 16:21:02 +00:00
|
|
|
|
"time"
|
2018-11-29 11:55:24 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
|
disabledRedirect = errors.New("disabled redirect.")
|
|
|
|
|
|
)
|
|
|
|
|
|
|
2018-12-03 15:03:25 +00:00
|
|
|
|
const (
|
2019-01-02 17:44:45 +00:00
|
|
|
|
COMPRESS_NONE_ENCODE = iota
|
|
|
|
|
|
COMPRESS_NONE_DECODE
|
2018-12-03 15:03:25 +00:00
|
|
|
|
COMPRESS_SNAPY_ENCODE
|
|
|
|
|
|
COMPRESS_SNAPY_DECODE
|
2019-01-06 17:52:54 +00:00
|
|
|
|
IO_EOF = "PROXYEOF"
|
2018-12-03 15:03:25 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
2019-01-03 16:21:23 +00:00
|
|
|
|
//error
|
2018-11-29 11:55:24 +00:00
|
|
|
|
func BadRequest(w http.ResponseWriter) {
|
|
|
|
|
|
http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//发送请求并转为bytes
|
|
|
|
|
|
func GetEncodeResponse(req *http.Request) ([]byte, error) {
|
|
|
|
|
|
var respBytes []byte
|
|
|
|
|
|
client := new(http.Client)
|
|
|
|
|
|
client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
|
|
|
|
|
|
return disabledRedirect
|
|
|
|
|
|
}
|
|
|
|
|
|
resp, err := client.Do(req)
|
|
|
|
|
|
disRedirect := err != nil && strings.Contains(err.Error(), disabledRedirect.Error())
|
|
|
|
|
|
if err != nil && !disRedirect {
|
|
|
|
|
|
return respBytes, err
|
|
|
|
|
|
}
|
|
|
|
|
|
if !disRedirect {
|
|
|
|
|
|
defer resp.Body.Close()
|
|
|
|
|
|
} else {
|
|
|
|
|
|
resp.Body = nil
|
|
|
|
|
|
resp.ContentLength = 0
|
|
|
|
|
|
}
|
|
|
|
|
|
respBytes, err = EncodeResponse(resp)
|
|
|
|
|
|
return respBytes, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-12-03 15:03:25 +00:00
|
|
|
|
// 将request转为bytes
|
2018-11-29 11:55:24 +00:00
|
|
|
|
func EncodeRequest(r *http.Request) ([]byte, error) {
|
|
|
|
|
|
raw := bytes.NewBuffer([]byte{})
|
|
|
|
|
|
reqBytes, err := httputil.DumpRequest(r, true)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
|
|
|
|
|
binary.Write(raw, binary.LittleEndian, bool(r.URL.Scheme == "https"))
|
2018-12-03 15:03:25 +00:00
|
|
|
|
binary.Write(raw, binary.LittleEndian, reqBytes)
|
2018-11-29 11:55:24 +00:00
|
|
|
|
return raw.Bytes(), nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 将字节转为request
|
|
|
|
|
|
func DecodeRequest(data []byte) (*http.Request, error) {
|
|
|
|
|
|
req, err := http.ReadRequest(bufio.NewReader(bytes.NewReader(data[1:])))
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
|
|
|
|
|
str := strings.Split(req.Host, ":")
|
|
|
|
|
|
req.Host, err = getHost(str[0])
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
|
|
|
|
|
scheme := "http"
|
|
|
|
|
|
if data[0] == 1 {
|
|
|
|
|
|
scheme = "https"
|
|
|
|
|
|
}
|
|
|
|
|
|
req.URL, _ = url.Parse(fmt.Sprintf("%s://%s%s", scheme, req.Host, req.RequestURI))
|
|
|
|
|
|
req.RequestURI = ""
|
|
|
|
|
|
return req, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-01-03 16:21:23 +00:00
|
|
|
|
// 将response转为字节
|
2018-11-29 11:55:24 +00:00
|
|
|
|
func EncodeResponse(r *http.Response) ([]byte, error) {
|
|
|
|
|
|
respBytes, err := httputil.DumpResponse(r, true)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
2018-12-03 15:03:25 +00:00
|
|
|
|
if config.Replace == 1 {
|
|
|
|
|
|
respBytes = replaceHost(respBytes)
|
2018-11-29 11:55:24 +00:00
|
|
|
|
}
|
2018-12-03 15:03:25 +00:00
|
|
|
|
return respBytes, nil
|
2018-11-29 11:55:24 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 将字节转为response
|
|
|
|
|
|
func DecodeResponse(data []byte) (*http.Response, error) {
|
2018-12-03 15:03:25 +00:00
|
|
|
|
resp, err := http.ReadResponse(bufio.NewReader(bytes.NewReader(data)), nil)
|
2018-11-29 11:55:24 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
return nil, err
|
|
|
|
|
|
}
|
|
|
|
|
|
return resp, nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-01-03 16:21:23 +00:00
|
|
|
|
// 根据host地址从配置是文件中查找对应目标
|
2018-11-29 11:55:24 +00:00
|
|
|
|
func getHost(str string) (string, error) {
|
|
|
|
|
|
for _, v := range config.SiteList {
|
|
|
|
|
|
if v.Host == str {
|
|
|
|
|
|
return v.Url + ":" + strconv.Itoa(v.Port), nil
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return "", errors.New("没有找到解析的的host!")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-01-03 16:21:23 +00:00
|
|
|
|
//替换
|
2018-11-29 11:55:24 +00:00
|
|
|
|
func replaceHost(resp []byte) []byte {
|
|
|
|
|
|
str := string(resp)
|
|
|
|
|
|
for _, v := range config.SiteList {
|
|
|
|
|
|
str = strings.Replace(str, v.Url+":"+strconv.Itoa(v.Port), v.Host, -1)
|
|
|
|
|
|
str = strings.Replace(str, v.Url, v.Host, -1)
|
|
|
|
|
|
}
|
|
|
|
|
|
return []byte(str)
|
|
|
|
|
|
}
|
2018-11-29 17:13:41 +00:00
|
|
|
|
|
2019-01-03 16:21:23 +00:00
|
|
|
|
//copy
|
2019-01-06 17:52:54 +00:00
|
|
|
|
func relay(in, out net.Conn, compressType int, crypt, mux bool) {
|
2018-12-03 15:03:25 +00:00
|
|
|
|
switch compressType {
|
|
|
|
|
|
case COMPRESS_SNAPY_ENCODE:
|
2019-01-06 17:52:54 +00:00
|
|
|
|
copyBuffer(NewSnappyConn(in, crypt), out)
|
2019-01-05 19:16:46 +00:00
|
|
|
|
if mux {
|
|
|
|
|
|
out.Close()
|
2019-01-06 17:52:54 +00:00
|
|
|
|
NewSnappyConn(in, crypt).Write([]byte(IO_EOF))
|
2019-01-05 19:16:46 +00:00
|
|
|
|
}
|
2018-12-03 15:03:25 +00:00
|
|
|
|
case COMPRESS_SNAPY_DECODE:
|
2019-01-06 17:52:54 +00:00
|
|
|
|
copyBuffer(in, NewSnappyConn(out, crypt))
|
2019-01-05 19:16:46 +00:00
|
|
|
|
if mux {
|
|
|
|
|
|
in.Close()
|
|
|
|
|
|
}
|
2019-01-02 17:44:45 +00:00
|
|
|
|
case COMPRESS_NONE_ENCODE:
|
2019-01-06 17:52:54 +00:00
|
|
|
|
copyBuffer(NewCryptConn(in, crypt), out)
|
2019-01-05 19:16:46 +00:00
|
|
|
|
if mux {
|
|
|
|
|
|
out.Close()
|
2019-01-06 17:52:54 +00:00
|
|
|
|
NewCryptConn(in, crypt).Write([]byte(IO_EOF))
|
2019-01-05 19:16:46 +00:00
|
|
|
|
}
|
2019-01-02 17:44:45 +00:00
|
|
|
|
case COMPRESS_NONE_DECODE:
|
2019-01-06 17:52:54 +00:00
|
|
|
|
copyBuffer(in, NewCryptConn(out, crypt))
|
2019-01-05 19:16:46 +00:00
|
|
|
|
if mux {
|
|
|
|
|
|
in.Close()
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if !mux {
|
|
|
|
|
|
in.Close()
|
|
|
|
|
|
out.Close()
|
2018-12-03 15:03:25 +00:00
|
|
|
|
}
|
2018-12-11 08:37:12 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//判断压缩方式
|
|
|
|
|
|
func getCompressType(compress string) (int, int) {
|
|
|
|
|
|
switch compress {
|
|
|
|
|
|
case "":
|
2019-01-02 17:44:45 +00:00
|
|
|
|
return COMPRESS_NONE_DECODE, COMPRESS_NONE_ENCODE
|
2018-12-11 08:37:12 +00:00
|
|
|
|
case "snappy":
|
|
|
|
|
|
return COMPRESS_SNAPY_DECODE, COMPRESS_SNAPY_ENCODE
|
|
|
|
|
|
default:
|
|
|
|
|
|
log.Fatalln("数据压缩格式错误")
|
|
|
|
|
|
}
|
2019-01-02 17:44:45 +00:00
|
|
|
|
return COMPRESS_NONE_DECODE, COMPRESS_NONE_ENCODE
|
2018-12-11 08:37:12 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-01-02 17:44:45 +00:00
|
|
|
|
//简单的一个校验值
|
2018-12-11 08:37:12 +00:00
|
|
|
|
func getverifyval(vkey string) string {
|
|
|
|
|
|
//单客户端模式
|
|
|
|
|
|
if *verifyKey != "" {
|
|
|
|
|
|
return Md5(*verifyKey)
|
|
|
|
|
|
}
|
|
|
|
|
|
return Md5(vkey)
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-01-02 17:44:45 +00:00
|
|
|
|
//验证
|
2018-12-11 08:37:12 +00:00
|
|
|
|
func verify(verifyKeyMd5 string) bool {
|
2018-12-30 14:36:15 +00:00
|
|
|
|
if *verifyKey != "" && getverifyval(*verifyKey) == verifyKeyMd5 {
|
2018-12-11 08:37:12 +00:00
|
|
|
|
return true
|
|
|
|
|
|
}
|
|
|
|
|
|
if *verifyKey == "" {
|
2018-12-30 14:36:15 +00:00
|
|
|
|
for k := range RunList {
|
|
|
|
|
|
if getverifyval(k) == verifyKeyMd5 {
|
2018-12-11 08:37:12 +00:00
|
|
|
|
return true
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-01-02 17:44:45 +00:00
|
|
|
|
//get key by host from x
|
2019-01-05 19:16:46 +00:00
|
|
|
|
func getKeyByHost(host string) (h *HostList, t *ServerConfig, err error) {
|
2018-12-11 08:37:12 +00:00
|
|
|
|
for _, v := range CsvDb.Hosts {
|
|
|
|
|
|
if strings.Contains(host, v.Host) {
|
|
|
|
|
|
h = v
|
|
|
|
|
|
t, err = CsvDb.GetTask(v.Vkey)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
err = errors.New("未找到host对应的内网目标")
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-12-30 14:36:15 +00:00
|
|
|
|
//通过host获取对应的ip地址
|
2018-12-11 08:37:12 +00:00
|
|
|
|
func Gethostbyname(hostname string) string {
|
|
|
|
|
|
if !DomainCheck(hostname) {
|
|
|
|
|
|
return hostname
|
|
|
|
|
|
}
|
|
|
|
|
|
ips, _ := net.LookupIP(hostname)
|
|
|
|
|
|
if ips != nil {
|
|
|
|
|
|
for _, v := range ips {
|
|
|
|
|
|
if v.To4() != nil {
|
|
|
|
|
|
return v.String()
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return ""
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-12-30 14:36:15 +00:00
|
|
|
|
//检查是否是域名
|
2018-12-11 08:37:12 +00:00
|
|
|
|
func DomainCheck(domain string) bool {
|
|
|
|
|
|
var match bool
|
|
|
|
|
|
IsLine := "^((http://)|(https://))?([a-zA-Z0-9]([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?\\.)+[a-zA-Z]{2,6}(/)"
|
|
|
|
|
|
NotLine := "^((http://)|(https://))?([a-zA-Z0-9]([a-zA-Z0-9\\-]{0,61}[a-zA-Z0-9])?\\.)+[a-zA-Z]{2,6}"
|
|
|
|
|
|
match, _ = regexp.MatchString(IsLine, domain)
|
|
|
|
|
|
if !match {
|
|
|
|
|
|
match, _ = regexp.MatchString(NotLine, domain)
|
|
|
|
|
|
}
|
|
|
|
|
|
return match
|
2018-11-29 17:13:41 +00:00
|
|
|
|
}
|
2018-12-30 14:36:15 +00:00
|
|
|
|
|
|
|
|
|
|
//检查basic认证
|
|
|
|
|
|
func checkAuth(r *http.Request, user, passwd string) bool {
|
|
|
|
|
|
s := strings.SplitN(r.Header.Get("Authorization"), " ", 2)
|
|
|
|
|
|
if len(s) != 2 {
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
b, err := base64.StdEncoding.DecodeString(s[1])
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
pair := strings.SplitN(string(b), ":", 2)
|
|
|
|
|
|
if len(pair) != 2 {
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
return pair[0] == user && pair[1] == passwd
|
|
|
|
|
|
}
|
2019-01-02 17:44:45 +00:00
|
|
|
|
|
|
|
|
|
|
//get bool by str
|
|
|
|
|
|
func GetBoolByStr(s string) bool {
|
|
|
|
|
|
switch s {
|
|
|
|
|
|
case "1", "true":
|
|
|
|
|
|
return true
|
|
|
|
|
|
}
|
|
|
|
|
|
return false
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
//get str by bool
|
|
|
|
|
|
func GetStrByBool(b bool) string {
|
|
|
|
|
|
if b {
|
|
|
|
|
|
return "1"
|
|
|
|
|
|
}
|
|
|
|
|
|
return "0"
|
|
|
|
|
|
}
|
2019-01-05 19:16:46 +00:00
|
|
|
|
func GetIntNoerrByStr(str string) int {
|
|
|
|
|
|
i, _ := strconv.Atoi(str)
|
|
|
|
|
|
return i
|
|
|
|
|
|
}
|
2019-01-02 17:44:45 +00:00
|
|
|
|
|
2019-01-06 17:52:54 +00:00
|
|
|
|
var bufPool = sync.Pool{
|
|
|
|
|
|
New: func() interface{} {
|
|
|
|
|
|
return make([]byte, 65535)
|
|
|
|
|
|
},
|
|
|
|
|
|
}
|
2019-01-03 16:21:23 +00:00
|
|
|
|
// io.copy的优化版,读取buffer长度原为32*1024,与snappy不同,导致读取出的内容存在差异,不利于解密,特此修改
|
2019-01-02 17:44:45 +00:00
|
|
|
|
func copyBuffer(dst io.Writer, src io.Reader) (written int64, err error) {
|
2019-01-06 17:52:54 +00:00
|
|
|
|
//TODO 回收问题
|
|
|
|
|
|
buf := bufPool.Get().([]byte)
|
2019-01-02 17:44:45 +00:00
|
|
|
|
for {
|
|
|
|
|
|
nr, er := src.Read(buf)
|
|
|
|
|
|
if nr > 0 {
|
|
|
|
|
|
nw, ew := dst.Write(buf[0:nr])
|
|
|
|
|
|
if nw > 0 {
|
|
|
|
|
|
written += int64(nw)
|
|
|
|
|
|
}
|
|
|
|
|
|
if ew != nil {
|
|
|
|
|
|
err = ew
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
|
|
|
|
|
if nr != nw {
|
|
|
|
|
|
err = io.ErrShortWrite
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
if er != nil {
|
|
|
|
|
|
if er != io.EOF {
|
|
|
|
|
|
err = er
|
|
|
|
|
|
}
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return written, err
|
|
|
|
|
|
}
|
2019-01-07 16:21:02 +00:00
|
|
|
|
|
|
|
|
|
|
//连接重置 清空缓存区
|
|
|
|
|
|
func FlushConn(c net.Conn) {
|
|
|
|
|
|
c.SetReadDeadline(time.Now().Add(time.Second * 3))
|
|
|
|
|
|
buf := bufPool.Get().([]byte)
|
|
|
|
|
|
for {
|
|
|
|
|
|
if _, err := c.Read(buf); err != nil {
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
c.SetReadDeadline(time.Time{})
|
|
|
|
|
|
}
|
