2019-02-12 19:54:00 +00:00
|
|
|
|
package proxy
|
2019-01-31 18:06:30 +00:00
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
|
"bufio"
|
|
|
|
|
|
"crypto/tls"
|
2019-02-03 04:40:43 +00:00
|
|
|
|
"github.com/cnlh/nps/bridge"
|
2019-02-12 19:54:00 +00:00
|
|
|
|
"github.com/cnlh/nps/lib/common"
|
2019-02-09 09:07:47 +00:00
|
|
|
|
"github.com/cnlh/nps/lib/conn"
|
|
|
|
|
|
"github.com/cnlh/nps/lib/file"
|
2019-03-05 01:23:18 +00:00
|
|
|
|
"github.com/cnlh/nps/server/connection"
|
2019-02-16 12:43:26 +00:00
|
|
|
|
"github.com/cnlh/nps/vender/github.com/astaxie/beego"
|
2019-02-23 15:29:48 +00:00
|
|
|
|
"github.com/cnlh/nps/vender/github.com/astaxie/beego/logs"
|
2019-03-04 05:41:20 +00:00
|
|
|
|
"io"
|
2019-03-01 09:23:14 +00:00
|
|
|
|
"net"
|
2019-01-31 18:06:30 +00:00
|
|
|
|
"net/http"
|
|
|
|
|
|
"net/http/httputil"
|
2019-02-23 15:29:48 +00:00
|
|
|
|
"os"
|
2019-02-05 16:35:23 +00:00
|
|
|
|
"path/filepath"
|
2019-01-31 18:06:30 +00:00
|
|
|
|
"strconv"
|
|
|
|
|
|
"sync"
|
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
type httpServer struct {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
BaseServer
|
2019-03-05 01:23:18 +00:00
|
|
|
|
httpPort int //http端口
|
|
|
|
|
|
httpsPort int //https监听端口
|
|
|
|
|
|
pemPath string
|
|
|
|
|
|
keyPath string
|
|
|
|
|
|
stop chan bool
|
|
|
|
|
|
httpslistener net.Listener
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-09 09:07:47 +00:00
|
|
|
|
func NewHttp(bridge *bridge.Bridge, c *file.Tunnel) *httpServer {
|
2019-03-05 01:23:18 +00:00
|
|
|
|
httpPort, _ := beego.AppConfig.Int("http_proxy_port")
|
|
|
|
|
|
httpsPort, _ := beego.AppConfig.Int("https_proxy_port")
|
|
|
|
|
|
pemPath := beego.AppConfig.String("pem_path")
|
|
|
|
|
|
keyPath := beego.AppConfig.String("key_path")
|
2019-01-31 18:06:30 +00:00
|
|
|
|
return &httpServer{
|
2019-02-23 15:29:48 +00:00
|
|
|
|
BaseServer: BaseServer{
|
2019-01-31 18:06:30 +00:00
|
|
|
|
task: c,
|
|
|
|
|
|
bridge: bridge,
|
|
|
|
|
|
Mutex: sync.Mutex{},
|
|
|
|
|
|
},
|
|
|
|
|
|
httpPort: httpPort,
|
|
|
|
|
|
httpsPort: httpsPort,
|
|
|
|
|
|
pemPath: pemPath,
|
|
|
|
|
|
keyPath: keyPath,
|
|
|
|
|
|
stop: make(chan bool),
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (s *httpServer) Start() error {
|
|
|
|
|
|
var err error
|
2019-03-05 01:23:18 +00:00
|
|
|
|
var httpSrv, httpsSrv *http.Server
|
2019-02-09 09:07:47 +00:00
|
|
|
|
if s.errorContent, err = common.ReadAllFromFile(filepath.Join(common.GetRunPath(), "web", "static", "page", "error.html")); err != nil {
|
2019-01-31 18:06:30 +00:00
|
|
|
|
s.errorContent = []byte("easyProxy 404")
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if s.httpPort > 0 {
|
2019-03-05 01:23:18 +00:00
|
|
|
|
httpSrv = s.NewServer(s.httpPort, "http")
|
2019-01-31 18:06:30 +00:00
|
|
|
|
go func() {
|
2019-03-05 01:23:18 +00:00
|
|
|
|
l, err := connection.GetHttpListener()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
logs.Error(err)
|
|
|
|
|
|
os.Exit(0)
|
|
|
|
|
|
}
|
|
|
|
|
|
err = httpSrv.Serve(l)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
if err != nil {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Error(err)
|
|
|
|
|
|
os.Exit(0)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
}()
|
|
|
|
|
|
}
|
|
|
|
|
|
if s.httpsPort > 0 {
|
2019-02-09 09:07:47 +00:00
|
|
|
|
if !common.FileExists(s.pemPath) {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
os.Exit(0)
|
2019-02-02 16:54:43 +00:00
|
|
|
|
}
|
2019-02-09 09:07:47 +00:00
|
|
|
|
if !common.FileExists(s.keyPath) {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Error("ssl keyFile %s exist", s.keyPath)
|
|
|
|
|
|
os.Exit(0)
|
2019-02-02 16:54:43 +00:00
|
|
|
|
}
|
2019-03-05 01:23:18 +00:00
|
|
|
|
httpsSrv = s.NewServer(s.httpsPort, "https")
|
2019-01-31 18:06:30 +00:00
|
|
|
|
go func() {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Info("Start https listener, port is", s.httpsPort)
|
2019-03-05 01:23:18 +00:00
|
|
|
|
l, err := connection.GetHttpsListener()
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
logs.Error(err)
|
|
|
|
|
|
os.Exit(0)
|
|
|
|
|
|
}
|
|
|
|
|
|
err = httpsSrv.ServeTLS(l, s.pemPath, s.keyPath)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
if err != nil {
|
2019-02-23 15:29:48 +00:00
|
|
|
|
logs.Error(err)
|
|
|
|
|
|
os.Exit(0)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
}()
|
|
|
|
|
|
}
|
|
|
|
|
|
select {
|
|
|
|
|
|
case <-s.stop:
|
2019-03-05 01:23:18 +00:00
|
|
|
|
if httpSrv != nil {
|
|
|
|
|
|
httpsSrv.Close()
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
2019-03-05 01:23:18 +00:00
|
|
|
|
if httpsSrv != nil {
|
|
|
|
|
|
httpsSrv.Close()
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return nil
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-17 17:05:05 +00:00
|
|
|
|
func (s *httpServer) Close() error {
|
2019-01-31 18:06:30 +00:00
|
|
|
|
s.stop <- true
|
2019-02-17 17:05:05 +00:00
|
|
|
|
return nil
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
func (s *httpServer) handleTunneling(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
hijacker, ok := w.(http.Hijacker)
|
|
|
|
|
|
if !ok {
|
|
|
|
|
|
http.Error(w, "Hijacking not supported", http.StatusInternalServerError)
|
|
|
|
|
|
return
|
|
|
|
|
|
}
|
2019-02-09 09:07:47 +00:00
|
|
|
|
c, _, err := hijacker.Hijack()
|
2019-01-31 18:06:30 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
|
http.Error(w, err.Error(), http.StatusServiceUnavailable)
|
|
|
|
|
|
}
|
2019-02-09 09:07:47 +00:00
|
|
|
|
s.process(conn.NewConn(c), r)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-02-09 09:07:47 +00:00
|
|
|
|
func (s *httpServer) process(c *conn.Conn, r *http.Request) {
|
2019-01-31 18:06:30 +00:00
|
|
|
|
//多客户端域名代理
|
|
|
|
|
|
var (
|
2019-03-04 05:41:20 +00:00
|
|
|
|
isConn = true
|
|
|
|
|
|
host *file.Host
|
|
|
|
|
|
target net.Conn
|
|
|
|
|
|
lastHost *file.Host
|
|
|
|
|
|
err error
|
|
|
|
|
|
connClient io.ReadWriteCloser
|
2019-03-05 01:23:18 +00:00
|
|
|
|
scheme = r.URL.Scheme
|
2019-01-31 18:06:30 +00:00
|
|
|
|
)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
if host, err = file.GetCsvDb().GetInfoByHost(r.Host, r); err != nil {
|
2019-03-05 01:23:18 +00:00
|
|
|
|
logs.Notice("the url %s %s %s can't be parsed!", r.URL.Scheme, r.Host, r.RequestURI)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
goto end
|
2019-03-01 09:23:14 +00:00
|
|
|
|
} else if !host.Client.GetConn() { //conn num limit
|
2019-03-04 10:46:33 +00:00
|
|
|
|
logs.Notice("connections exceed the current client %d limit %d ,now connection num %d", host.Client.Id, host.Client.MaxConn, host.Client.NowConn)
|
2019-02-23 15:29:48 +00:00
|
|
|
|
c.Close()
|
|
|
|
|
|
return
|
2019-02-16 12:43:26 +00:00
|
|
|
|
} else {
|
2019-03-05 01:23:18 +00:00
|
|
|
|
logs.Trace("new %s connection,clientId %d,host %s,url %s,remote address %s", r.URL.Scheme, host.Client.Id, r.Host, r.URL, r.RemoteAddr)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
lastHost = host
|
|
|
|
|
|
}
|
2019-01-31 18:06:30 +00:00
|
|
|
|
for {
|
2019-02-16 12:43:26 +00:00
|
|
|
|
start:
|
2019-01-31 18:06:30 +00:00
|
|
|
|
if isConn {
|
|
|
|
|
|
//流量限制
|
|
|
|
|
|
if host.Client.Flow.FlowLimit > 0 && (host.Client.Flow.FlowLimit<<20) < (host.Client.Flow.ExportFlow+host.Client.Flow.InletFlow) {
|
2019-03-01 09:23:14 +00:00
|
|
|
|
logs.Warn("Traffic exceeded client id %s", host.Client.Id)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
break
|
|
|
|
|
|
}
|
|
|
|
|
|
//权限控制
|
|
|
|
|
|
if err = s.auth(r, c, host.Client.Cnf.U, host.Client.Cnf.P); err != nil {
|
2019-03-01 09:23:14 +00:00
|
|
|
|
logs.Warn("auth error", err, r.RemoteAddr)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-03-07 10:07:53 +00:00
|
|
|
|
lk := conn.NewLink(common.CONN_TCP, host.GetRandomTarget(), host.Client.Cnf.Crypt, host.Client.Cnf.Compress, r.RemoteAddr)
|
2019-03-02 09:43:21 +00:00
|
|
|
|
if target, err = s.bridge.SendLinkInfo(host.Client.Id, lk, c.Conn.RemoteAddr().String(), nil); err != nil {
|
2019-03-01 09:23:14 +00:00
|
|
|
|
logs.Notice("connect to target %s error %s", lk.Host, err)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-03-05 01:23:18 +00:00
|
|
|
|
connClient = conn.GetConn(target, lk.Crypt, lk.Compress, host.Client.Rate, true)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
isConn = false
|
2019-03-01 09:23:14 +00:00
|
|
|
|
go func() {
|
2019-03-04 05:41:20 +00:00
|
|
|
|
w, _ := common.CopyBuffer(c, connClient)
|
2019-03-01 09:23:14 +00:00
|
|
|
|
host.Flow.Add(0, w)
|
|
|
|
|
|
c.Close()
|
|
|
|
|
|
target.Close()
|
|
|
|
|
|
}()
|
2019-01-31 18:06:30 +00:00
|
|
|
|
} else {
|
|
|
|
|
|
r, err = http.ReadRequest(bufio.NewReader(c))
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-03-07 10:07:53 +00:00
|
|
|
|
r.URL.Scheme = scheme
|
2019-03-04 10:46:33 +00:00
|
|
|
|
//What happened ,Why one character less???
|
|
|
|
|
|
if r.Method == "ET" {
|
|
|
|
|
|
r.Method = "GET"
|
|
|
|
|
|
}
|
|
|
|
|
|
if r.Method == "OST" {
|
|
|
|
|
|
r.Method = "POST"
|
|
|
|
|
|
}
|
2019-03-05 01:23:18 +00:00
|
|
|
|
logs.Trace("new %s connection,clientId %d,host %s,url %s,remote address %s", r.URL.Scheme, host.Client.Id, r.Host, r.URL, r.RemoteAddr)
|
|
|
|
|
|
if hostTmp, err := file.GetCsvDb().GetInfoByHost(r.Host, r); err != nil {
|
|
|
|
|
|
logs.Notice("the url %s %s %s can't be parsed!", r.URL.Scheme, r.Host, r.RequestURI)
|
2019-02-16 12:43:26 +00:00
|
|
|
|
break
|
|
|
|
|
|
} else if host != lastHost {
|
2019-03-07 10:07:53 +00:00
|
|
|
|
host.Client.AddConn()
|
|
|
|
|
|
if !hostTmp.Client.GetConn() {
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-03-05 01:23:18 +00:00
|
|
|
|
host = hostTmp
|
2019-02-16 12:43:26 +00:00
|
|
|
|
lastHost = host
|
|
|
|
|
|
isConn = true
|
2019-03-07 10:07:53 +00:00
|
|
|
|
|
2019-02-16 12:43:26 +00:00
|
|
|
|
goto start
|
|
|
|
|
|
}
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
//根据设定,修改header和host
|
2019-02-09 09:07:47 +00:00
|
|
|
|
common.ChangeHostAndHeader(r, host.HostChange, host.HeaderChange, c.Conn.RemoteAddr().String())
|
2019-01-31 18:06:30 +00:00
|
|
|
|
b, err := httputil.DumpRequest(r, true)
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
|
break
|
|
|
|
|
|
}
|
2019-03-01 09:23:14 +00:00
|
|
|
|
host.Flow.Add(int64(len(b)), 0)
|
2019-03-07 10:07:53 +00:00
|
|
|
|
logs.Trace("%s request, method %s, host %s, url %s, remote address %s, target %s", r.URL.Scheme, r.Method, r.Host, r.RequestURI, r.RemoteAddr, host.Target)
|
2019-03-01 09:23:14 +00:00
|
|
|
|
//write
|
2019-03-04 05:41:20 +00:00
|
|
|
|
connClient.Write(b)
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
2019-02-16 12:43:26 +00:00
|
|
|
|
end:
|
2019-01-31 18:06:30 +00:00
|
|
|
|
if isConn {
|
|
|
|
|
|
s.writeConnFail(c.Conn)
|
|
|
|
|
|
}
|
|
|
|
|
|
c.Close()
|
2019-03-01 09:23:14 +00:00
|
|
|
|
if target != nil {
|
|
|
|
|
|
target.Close()
|
|
|
|
|
|
}
|
2019-02-23 15:29:48 +00:00
|
|
|
|
if host != nil {
|
|
|
|
|
|
host.Client.AddConn()
|
|
|
|
|
|
}
|
2019-01-31 18:06:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2019-03-05 01:23:18 +00:00
|
|
|
|
func (s *httpServer) NewServer(port int, scheme string) *http.Server {
|
2019-01-31 18:06:30 +00:00
|
|
|
|
return &http.Server{
|
|
|
|
|
|
Addr: ":" + strconv.Itoa(port),
|
|
|
|
|
|
Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
2019-03-05 01:23:18 +00:00
|
|
|
|
r.URL.Scheme = scheme
|
2019-01-31 18:06:30 +00:00
|
|
|
|
s.handleTunneling(w, r)
|
|
|
|
|
|
}),
|
|
|
|
|
|
// Disable HTTP/2.
|
|
|
|
|
|
TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler)),
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
