diff --git a/httpreverse/cfg.ini b/httpreverse/cfg.ini index 55a86f3..2d0a0bd 100644 --- a/httpreverse/cfg.ini +++ b/httpreverse/cfg.ini @@ -10,10 +10,13 @@ reverse=/::https://www.b612.me replace=www.b612.me::127.0.0.1:9999 inheader=Accept-Encoding::none host=b612.me +proxyhost=www.b612.me authuser=b612 authpasswd=b612 whiteip= blackip= +blackpath= +whitepath= wanringpage= ipfiltermode=3 filterxforward= diff --git a/httpreverse/cmd.go b/httpreverse/cmd.go index 0120261..949c654 100644 --- a/httpreverse/cmd.go +++ b/httpreverse/cmd.go @@ -11,7 +11,7 @@ import ( var remote, config string var addr, key, cert, log string var port int -var enablessl, skipsslverify bool +var enablessl, skipsslverify, autogencert, allowHttpInTls bool var host string func init() { @@ -25,6 +25,8 @@ func init() { Cmd.Flags().BoolVarP(&enablessl, "enable-ssl", "s", false, "启用ssl") Cmd.Flags().BoolVarP(&skipsslverify, "skil-ssl-verify", "S", false, "跳过证书验证") Cmd.Flags().IntVarP(&port, "port", "p", 8080, "监听端口") + Cmd.Flags().BoolVarP(&autogencert, "autogen-cert", "G", false, "自动生成证书,此时使用--ssl-cert和--ssl-key参数无效") + Cmd.Flags().BoolVarP(&allowHttpInTls, "allow-http-in-tls", "A", false, "允许在TLS下使用HTTP协议") } var Cmd = &cobra.Command{ @@ -69,11 +71,13 @@ var Cmd = &cobra.Command{ ReverseURL: map[string]any{ "/": u, }, - UsingSSL: enablessl, - SkipSSLVerify: skipsslverify, - Key: key, - Cert: cert, - IPFilterMode: 1, + AllowHTTPWithHttps: allowHttpInTls, + AutoGenerateCert: autogencert, + UsingSSL: enablessl, + SkipSSLVerify: skipsslverify, + Key: key, + Cert: cert, + IPFilterMode: 1, } reverse := ReverseConfig{ Addr: addr, diff --git a/httpreverse/reverse.go b/httpreverse/reverse.go index 399c5dd..242fcb6 100644 --- a/httpreverse/reverse.go +++ b/httpreverse/reverse.go @@ -5,6 +5,7 @@ import ( "b612.me/starlog" "b612.me/staros/sysconf" "bufio" + "crypto/tls" "errors" "io" "io/ioutil" @@ -18,13 +19,14 @@ import ( ) type ReverseConfig struct { - Addr string - Port int - httpmux http.ServeMux - httpserver http.Server - Config []*SingleReverseConfig - routes map[string]*SingleReverseConfig - autogenCert bool //是否自动生成证书 + Addr string + Port int + httpmux http.ServeMux + httpserver http.Server + Config []*SingleReverseConfig + routes map[string]*SingleReverseConfig + autogenCert bool //是否自动生成证书 + hostnameTlsCache map[string]*tls.Config //缓存证书 } type SingleReverseConfig struct { @@ -94,6 +96,7 @@ func Parse(cfgPath string) (HttpReverseServer, error) { var ins = SingleReverseConfig{ Name: v.Name, Host: v.Get("host"), + ProxyHost: v.Get("proxyhost"), UsingSSL: v.Bool("enablessl"), AllowHTTPWithHttps: v.Bool("tlsallowhttp"), AutoGenerateCert: v.Bool("autogencert"), diff --git a/httpreverse/service.go b/httpreverse/service.go index 778748d..780df5b 100644 --- a/httpreverse/service.go +++ b/httpreverse/service.go @@ -96,7 +96,6 @@ func (h *ReverseConfig) Run() error { return } else { if !ppr && bp.FullPath != checkPath { - fmt.Println(bp.FullPath, checkPath) starlog.Errorf("<%s> Path:%s is not in the write path, reject request\n", c.Name, checkPath) rejectWith403(writer, request) return @@ -121,7 +120,6 @@ func (h *ReverseConfig) Run() error { FullPath: leaf.FullPath, } } - fmt.Println(leaf.Val) if leaf == nil { starlog.Errorf("<%s> No Reverse Proxy Found For Path:%s\n", c.Name, request.URL.Path) writer.WriteHeader(404) @@ -183,7 +181,6 @@ func (h *ReverseConfig) Run() error { return nil } -var certCache = make(map[string]tls.Certificate) var toolCa *x509.Certificate var toolCaKey any @@ -394,11 +391,14 @@ func (h *ReverseConfig) fileHandle(dirPath, diskpath string, writer http.Respons } func (h *ReverseConfig) getCert(hostname string) *tls.Config { - if h.autogenCert { - return h.autoGenCert(hostname) + if tlsCfg, ok := h.hostnameTlsCache[hostname]; ok { + return tlsCfg } c, ok := h.routes[hostname] if !ok { + if h.autogenCert { + return h.autoGenCert(hostname) + } if _, ok := h.routes[""]; ok { c = h.routes[""] } else { @@ -413,19 +413,25 @@ func (h *ReverseConfig) getCert(hostname string) *tls.Config { if c == nil { return &tls.Config{} } + if c.AutoGenerateCert { + return h.autoGenCert(hostname) + } cert, err := tls.LoadX509KeyPair(c.Cert, c.Key) if err != nil { starlog.Errorln("Load X509 Key Pair Error:", err) return &tls.Config{} } - return &tls.Config{ + + if h.hostnameTlsCache == nil { + h.hostnameTlsCache = make(map[string]*tls.Config) + } + h.hostnameTlsCache[hostname] = &tls.Config{ Certificates: []tls.Certificate{cert}, } + return h.hostnameTlsCache[hostname] } + func (h *ReverseConfig) autoGenCert(hostname string) *tls.Config { - if cert, ok := certCache[hostname]; ok { - return &tls.Config{Certificates: []tls.Certificate{cert}} - } if toolCa == nil { toolCa, toolCaKey = utils.ToolCert("") } @@ -451,8 +457,11 @@ func (h *ReverseConfig) autoGenCert(hostname string) *tls.Config { if err != nil { return nil } - certCache[hostname] = cert - return &tls.Config{Certificates: []tls.Certificate{cert}} + if h.hostnameTlsCache == nil { + h.hostnameTlsCache = make(map[string]*tls.Config) + } + h.hostnameTlsCache[hostname] = &tls.Config{Certificates: []tls.Certificate{cert}} + return h.hostnameTlsCache[hostname] } func (h *ReverseConfig) Close() error { diff --git a/httpserver/upload.html b/httpserver/upload.html index 7a520dc..5625d77 100644 --- a/httpserver/upload.html +++ b/httpserver/upload.html @@ -106,6 +106,7 @@ function uploadFile(file, fileUpload) { var formData = new FormData(); formData.append('victorique', file); + formData.append("path",window.location.pathname); var start = Date.now(); var lastLoaded = 0; var progressBar = fileUpload.progressBar;