github
/
nps
mirror of https://github.com/ehang-io/nps
1
0
Fork 0
Code Issues Releases Wiki Activity

Https defaule support

pull/103/head
刘河 2019-04-01 23:54:03 +08:00
parent b1b91b0c53
commit dd65e32fb5
2 changed files with 29 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
conf/nps.conf
View File

@ -3,10 +3,13 @@ appname = nps
runmode = pro runmode = pro
#HTTP(S) proxy port, no startup if empty #HTTP(S) proxy port, no startup if empty
http_proxy_ip=0.0.0.0
http_proxy_port=80 http_proxy_port=80
https_proxy_port=443 https_proxy_port=443
https_just_proxy=true https_just_proxy=true
http_proxy_ip=0.0.0.0 #default https certificate setting
https_default_cert_file=conf/server.pem
https_default_key_file=conf/server.key
##bridge ##bridge
bridge_type=tcp bridge_type=tcp

32
server/proxy/https.go
View File

@ -33,8 +33,20 @@ func (https *HttpsServer) Start() error {
https.handleHttps(c) https.handleHttps(c)
}) })
} else { } else {
//start the default listener
certFile := beego.AppConfig.String("https_default_cert_file")
keyFile := beego.AppConfig.String("https_default_key_file")
if common.FileExists(certFile) && common.FileExists(keyFile) {
l := NewHttpsListener(https.listener)
https.NewHttps(l, certFile, keyFile)
https.httpsListenerMap.Store("default", l)
}
conn.Accept(https.listener, func(c net.Conn) { conn.Accept(https.listener, func(c net.Conn) {
serverName, rb := GetServerNameFromClientHello(c) serverName, rb := GetServerNameFromClientHello(c)
//if the clientHello does not contains sni ,use the default ssl certificate
if serverName == "" {
serverName = "default"
}
var l *HttpsListener var l *HttpsListener
if v, ok := https.httpsListenerMap.Load(serverName); ok { if v, ok := https.httpsListenerMap.Load(serverName); ok {
l = v.(*HttpsListener) l = v.(*HttpsListener)
@ -42,17 +54,23 @@ func (https *HttpsServer) Start() error {
r := buildHttpsRequest(serverName) r := buildHttpsRequest(serverName)
if host, err := file.GetDb().GetInfoByHost(serverName, r); err != nil { if host, err := file.GetDb().GetInfoByHost(serverName, r); err != nil {
c.Close() c.Close()
logs.Notice("the url %s can't be parsed!", serverName) logs.Notice("the url %s can't be parsed!,remote addr %s", serverName, c.RemoteAddr().String())
return return
} else { } else {
if !common.FileExists(host.CertFilePath) || !common.FileExists(host.KeyFilePath) { if !common.FileExists(host.CertFilePath) || !common.FileExists(host.KeyFilePath) {
c.Close() //if the host cert file or key file is not set ,use the default file
logs.Error("the key %s cert %s file is not exist", host.KeyFilePath, host.CertFilePath) if v, ok := https.httpsListenerMap.Load("default"); ok {
return l = v.(*HttpsListener)
} else {
c.Close()
logs.Error("the key %s cert %s file is not exist", host.KeyFilePath, host.CertFilePath)
return
}
} else {
l = NewHttpsListener(https.listener)
https.NewHttps(l, host.CertFilePath, host.KeyFilePath)
https.httpsListenerMap.Store(serverName, l)
} }
l = NewHttpsListener(https.listener)
https.NewHttps(l, host.CertFilePath, host.KeyFilePath)
https.httpsListenerMap.Store(serverName, l)
} }
} }
acceptConn := conn.NewConn(c) acceptConn := conn.NewConn(c)