2019-02-12 19:54:00 +00:00
|
|
|
|
package proxy
|
2019-01-31 18:06:30 +00:00
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
|
"bufio"
|
|
|
|
|
|
"crypto/tls"
|
2019-02-03 04:40:43 +00:00
|
|
|
|
"github.com/cnlh/nps/bridge"
|
2019-02-12 19:54:00 +00:00
|
|
|
|
"github.com/cnlh/nps/lib/common"
|
2019-02-09 09:07:47 +00:00
|
|
|
|
"github.com/cnlh/nps/lib/conn"
|
|
|
|
|
|
"github.com/cnlh/nps/lib/file"
|
2019-02-16 12:43:26 +00:00
|
|
|
|
"github.com/cnlh/nps/vender/github.com/astaxie/beego"
|
2019-02-23 15:29:48 +00:00
|
|
|
|
"github.com/cnlh/nps/vender/github.com/astaxie/beego/logs"
|
2019-01-31 18:06:30 +00:00
|
|
|
|
"net/http"
|
|
|
|
|
|
"net/http/httputil"
|
2019-02-23 15:29:48 +00:00
|
|
|
|
"os"
|
2019-02-05 16:35:23 +00:00
|
|
|
|
"path/filepath"
|
2019-01-31 18:06:30 +00:00
|
|
|
|
"strconv"
|
|
|
|
|
|
"sync"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
type httpServer struct {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
BaseServer
|
2019-01-31 18:06:30 +00:00
|
|
|
|
httpPort int //http端口
|
|
|
|
|
|
httpsPort int //https监听端口
|
|
|
|
|
|
pemPath string
|
|
|
|
|
|
keyPath string
|
|
|
|
|
|
stop chan bool
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-09 09:07:47 +00:00
|
|
|
|
func NewHttp(bridge *bridge.Bridge, c *file.Tunnel) *httpServer {
|
2019-01-31 18:06:30 +00:00
|
|
|
|
httpPort, _ := beego.AppConfig.Int("httpProxyPort")
|
|
|
|
|
|
httpsPort, _ := beego.AppConfig.Int("httpsProxyPort")
|
|
|
|
|
|
pemPath := beego.AppConfig.String("pemPath")
|
|
|
|
|
|
keyPath := beego.AppConfig.String("keyPath")
|
|
|
|
|
|
return &httpServer{
|
2019-02-23 15:29:48 +00:00
|
|
|
|
BaseServer: BaseServer{
|
2019-01-31 18:06:30 +00:00
|
|
|
|
task: c,
|
|
|
|
|
|
bridge: bridge,
|
|
|
|
|
|
Mutex: sync.Mutex{},
|
|
|
|
|
|
},
|
|
|
|
|
|
httpPort: httpPort,
|
|
|
|
|
|
httpsPort: httpsPort,
|
|
|
|
|
|
pemPath: pemPath,
|
|
|
|
|
|
keyPath: keyPath,
|
|
|
|
|
|
stop: make(chan bool),
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (s *httpServer) Start() error {
|
|
|
|
|
|
var err error
|
|
|
|
|
|
var http, https *http.Server
|
2019-02-09 09:07:47 +00:00
|
|
|
|
if s.errorContent, err = common.ReadAllFromFile(filepath.Join(common.GetRunPath(), "web", "static", "page", "error.html")); err != nil {
|
2019-01-31 18:06:30 +00:00
|
|
|
|
s.errorContent = []byte("easyProxy 404")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if s.httpPort > 0 {
|
|
|
|
|
|
http = s.NewServer(s.httpPort)
|
|
|
|
|
|
go func() {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Info("Start http listener, port is", s.httpPort)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
err := http.ListenAndServe()
|
|
|
|
|
|
if err != nil {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Error(err)
|
|
|
|
|
|
os.Exit(0)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
}()
|
|
|
|
|
|
}
|
|
|
|
|
|
if s.httpsPort > 0 {
|
2019-02-09 09:07:47 +00:00
|
|
|
|
if !common.FileExists(s.pemPath) {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Error("ssl certFile %s is not exist", s.pemPath)
|
|
|
|
|
|
os.Exit(0)
|
2019-02-02 16:54:43 +00:00
|
|
|
|
}
|
2019-02-09 09:07:47 +00:00
|
|
|
|
if !common.FileExists(s.keyPath) {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Error("ssl keyFile %s exist", s.keyPath)
|
|
|
|
|
|
os.Exit(0)
|
2019-02-02 16:54:43 +00:00
|
|
|
|
}
|
2019-01-31 18:06:30 +00:00
|
|
|
|
https = s.NewServer(s.httpsPort)
|
|
|
|
|
|
go func() {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Info("Start https listener, port is", s.httpsPort)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
err := https.ListenAndServeTLS(s.pemPath, s.keyPath)
|
|
|
|
|
|
if err != nil {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Error(err)
|
|
|
|
|
|
os.Exit(0)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
}()
|
|
|
|
|
|
}
|
|
|
|
|
|
select {
|
|
|
|
|
|
case <-s.stop:
|
|
|
|
|
|
if http != nil {
|
|
|
|
|
|
http.Close()
|
|
|
|
|
|
}
|
|
|
|
|
|
if https != nil {
|
|
|
|
|
|
https.Close()
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-17 17:05:05 +00:00
|
|
|
|
func (s *httpServer) Close() error {
|
2019-01-31 18:06:30 +00:00
|
|
|
|
s.stop <- true
|
2019-02-17 17:05:05 +00:00
|
|
|
|
return nil
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (s *httpServer) handleTunneling(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
hijacker, ok := w.(http.Hijacker)
|
|
|
|
|
|
if !ok {
|
|
|
|
|
|
http.Error(w, "Hijacking not supported", http.StatusInternalServerError)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
2019-02-09 09:07:47 +00:00
|
|
|
|
c, _, err := hijacker.Hijack()
|
2019-01-31 18:06:30 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
http.Error(w, err.Error(), http.StatusServiceUnavailable)
|
|
|
|
|
|
}
|
2019-02-09 09:07:47 +00:00
|
|
|
|
s.process(conn.NewConn(c), r)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-09 09:07:47 +00:00
|
|
|
|
func (s *httpServer) process(c *conn.Conn, r *http.Request) {
|
2019-01-31 18:06:30 +00:00
|
|
|
|
//多客户端域名代理
|
|
|
|
|
|
var (
|
2019-02-15 14:59:28 +00:00
|
|
|
|
isConn = true
|
|
|
|
|
|
lk *conn.Link
|
|
|
|
|
|
host *file.Host
|
|
|
|
|
|
tunnel *conn.Conn
|
|
|
|
|
|
lastHost *file.Host
|
|
|
|
|
|
err error
|
2019-01-31 18:06:30 +00:00
|
|
|
|
)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
if host, err = file.GetCsvDb().GetInfoByHost(r.Host, r); err != nil {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Notice("the url %s %s can't be parsed!", r.Host, r.RequestURI)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
goto end
|
2019-02-23 15:29:48 +00:00
|
|
|
|
} else if !host.Client.GetConn() {
|
|
|
|
|
|
logs.Notice("Connections exceed the current client %d limit", host.Client.Id)
|
|
|
|
|
|
c.Close()
|
|
|
|
|
|
return
|
2019-02-16 12:43:26 +00:00
|
|
|
|
} else {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Trace("New http(s) connection,clientId %d,host %s,url %s,remote address %s", host.Client.Id, r.Host, r.URL, r.RemoteAddr)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
lastHost = host
|
|
|
|
|
|
}
|
2019-01-31 18:06:30 +00:00
|
|
|
|
for {
|
2019-02-16 12:43:26 +00:00
|
|
|
|
start:
|
2019-01-31 18:06:30 +00:00
|
|
|
|
if isConn {
|
|
|
|
|
|
//流量限制
|
|
|
|
|
|
if host.Client.Flow.FlowLimit > 0 && (host.Client.Flow.FlowLimit<<20) < (host.Client.Flow.ExportFlow+host.Client.Flow.InletFlow) {
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-02-09 09:07:47 +00:00
|
|
|
|
host.Client.Cnf.CompressDecode, host.Client.Cnf.CompressEncode = common.GetCompressType(host.Client.Cnf.Compress)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
//权限控制
|
|
|
|
|
|
if err = s.auth(r, c, host.Client.Cnf.U, host.Client.Cnf.P); err != nil {
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-02-09 09:07:47 +00:00
|
|
|
|
lk = conn.NewLink(host.Client.GetId(), common.CONN_TCP, host.GetRandomTarget(), host.Client.Cnf.CompressEncode, host.Client.Cnf.CompressDecode, host.Client.Cnf.Crypt, c, host.Flow, nil, host.Client.Rate, nil)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
if tunnel, err = s.bridge.SendLinkInfo(host.Client.Id, lk, c.Conn.RemoteAddr().String()); err != nil {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Notice(err)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-02-26 14:40:28 +00:00
|
|
|
|
lk.RunWrite()
|
2019-01-31 18:06:30 +00:00
|
|
|
|
isConn = false
|
|
|
|
|
|
} else {
|
|
|
|
|
|
r, err = http.ReadRequest(bufio.NewReader(c))
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-02-24 05:17:43 +00:00
|
|
|
|
logs.Trace("New http(s) connection,clientId %d,host %s,url %s,remote address %s", host.Client.Id, r.Host, r.URL, r.RemoteAddr)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
if host, err = file.GetCsvDb().GetInfoByHost(r.Host, r); err != nil {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Notice("the url %s %s can't be parsed!", r.Host, r.RequestURI)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
break
|
|
|
|
|
|
} else if host != lastHost {
|
|
|
|
|
|
lastHost = host
|
|
|
|
|
|
isConn = true
|
2019-02-23 15:29:48 +00:00
|
|
|
|
host.Client.AddConn()
|
2019-02-16 12:43:26 +00:00
|
|
|
|
goto start
|
|
|
|
|
|
}
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
//根据设定,修改header和host
|
2019-02-09 09:07:47 +00:00
|
|
|
|
common.ChangeHostAndHeader(r, host.HostChange, host.HeaderChange, c.Conn.RemoteAddr().String())
|
2019-01-31 18:06:30 +00:00
|
|
|
|
b, err := httputil.DumpRequest(r, true)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
|
|
|
|
|
host.Flow.Add(len(b), 0)
|
2019-02-09 09:07:47 +00:00
|
|
|
|
if _, err := tunnel.SendMsg(b, lk); err != nil {
|
2019-01-31 18:06:30 +00:00
|
|
|
|
c.Close()
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-02-17 11:36:48 +00:00
|
|
|
|
<-lk.StatusCh
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
2019-02-16 12:43:26 +00:00
|
|
|
|
end:
|
2019-01-31 18:06:30 +00:00
|
|
|
|
if isConn {
|
|
|
|
|
|
s.writeConnFail(c.Conn)
|
|
|
|
|
|
} else {
|
2019-02-09 09:07:47 +00:00
|
|
|
|
tunnel.SendMsg([]byte(common.IO_EOF), lk)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
c.Close()
|
2019-02-23 15:29:48 +00:00
|
|
|
|
if host != nil {
|
|
|
|
|
|
host.Client.AddConn()
|
|
|
|
|
|
}
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (s *httpServer) NewServer(port int) *http.Server {
|
|
|
|
|
|
return &http.Server{
|
|
|
|
|
|
Addr: ":" + strconv.Itoa(port),
|
|
|
|
|
|
Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
s.handleTunneling(w, r)
|
|
|
|
|
|
}),
|
|
|
|
|
|
// Disable HTTP/2.
|
|
|
|
|
|
TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler)),
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
