update

httpreverse/cfg.ini

@@ -10,10 +10,13 @@ reverse=/::https://www.b612.me
 replace=www.b612.me::127.0.0.1:9999
 inheader=Accept-Encoding::none
 host=b612.me
+proxyhost=www.b612.me
 authuser=b612
 authpasswd=b612
 whiteip=
 blackip=
+blackpath=
+whitepath=
 wanringpage=
 ipfiltermode=3
 filterxforward=

httpreverse/cmd.go

@@ -11,7 +11,7 @@ import (
 var remote, config string
 var addr, key, cert, log string
 var port int
-var enablessl, skipsslverify bool
+var enablessl, skipsslverify, autogencert, allowHttpInTls bool
 var host string
 
 func init() {
@@ -25,6 +25,8 @@ func init() {
 	Cmd.Flags().BoolVarP(&enablessl, "enable-ssl", "s", false, "启用ssl")
 	Cmd.Flags().BoolVarP(&skipsslverify, "skil-ssl-verify", "S", false, "跳过证书验证")
 	Cmd.Flags().IntVarP(&port, "port", "p", 8080, "监听端口")
+	Cmd.Flags().BoolVarP(&autogencert, "autogen-cert", "G", false, "自动生成证书，此时使用--ssl-cert和--ssl-key参数无效")
+	Cmd.Flags().BoolVarP(&allowHttpInTls, "allow-http-in-tls", "A", false, "允许在TLS下使用HTTP协议")
 }
 
 var Cmd = &cobra.Command{
@@ -69,11 +71,13 @@ var Cmd = &cobra.Command{
 			ReverseURL: map[string]any{
 				"/": u,
 			},
-			UsingSSL:      enablessl,
+			AllowHTTPWithHttps: allowHttpInTls,
-			SkipSSLVerify: skipsslverify,
+			AutoGenerateCert:   autogencert,
-			Key:           key,
+			UsingSSL:           enablessl,
-			Cert:          cert,
+			SkipSSLVerify:      skipsslverify,
-			IPFilterMode:  1,
+			Key:                key,
+			Cert:               cert,
+			IPFilterMode:       1,
 		}
 		reverse := ReverseConfig{
 			Addr:   addr,

httpreverse/reverse.go

@@ -5,6 +5,7 @@ import (
 	"b612.me/starlog"
 	"b612.me/staros/sysconf"
 	"bufio"
+	"crypto/tls"
 	"errors"
 	"io"
 	"io/ioutil"
@@ -18,13 +19,14 @@ import (
 )
 
 type ReverseConfig struct {
-	Addr        string
+	Addr             string
-	Port        int
+	Port             int
-	httpmux     http.ServeMux
+	httpmux          http.ServeMux
-	httpserver  http.Server
+	httpserver       http.Server
-	Config      []*SingleReverseConfig
+	Config           []*SingleReverseConfig
-	routes      map[string]*SingleReverseConfig
+	routes           map[string]*SingleReverseConfig
-	autogenCert bool //是否自动生成证书
+	autogenCert      bool                   //是否自动生成证书
+	hostnameTlsCache map[string]*tls.Config //缓存证书
 }
 
 type SingleReverseConfig struct {
@@ -94,6 +96,7 @@ func Parse(cfgPath string) (HttpReverseServer, error) {
 		var ins = SingleReverseConfig{
 			Name:               v.Name,
 			Host:               v.Get("host"),
+			ProxyHost:          v.Get("proxyhost"),
 			UsingSSL:           v.Bool("enablessl"),
 			AllowHTTPWithHttps: v.Bool("tlsallowhttp"),
 			AutoGenerateCert:   v.Bool("autogencert"),

httpreverse/service.go

@@ -96,7 +96,6 @@ func (h *ReverseConfig) Run() error {
 				return
 			} else {
 				if !ppr && bp.FullPath != checkPath {
-					fmt.Println(bp.FullPath, checkPath)
 					starlog.Errorf("<%s> Path:%s is not in the write path, reject request\n", c.Name, checkPath)
 					rejectWith403(writer, request)
 					return
@@ -121,7 +120,6 @@ func (h *ReverseConfig) Run() error {
 				FullPath: leaf.FullPath,
 			}
 		}
-		fmt.Println(leaf.Val)
 		if leaf == nil {
 			starlog.Errorf("<%s> No Reverse Proxy Found For Path:%s\n", c.Name, request.URL.Path)
 			writer.WriteHeader(404)
@@ -183,7 +181,6 @@ func (h *ReverseConfig) Run() error {
 	return nil
 }
 
-var certCache = make(map[string]tls.Certificate)
 var toolCa *x509.Certificate
 var toolCaKey any
 
@@ -394,11 +391,14 @@ func (h *ReverseConfig) fileHandle(dirPath, diskpath string, writer http.Respons
 }
 
 func (h *ReverseConfig) getCert(hostname string) *tls.Config {
-	if h.autogenCert {
+	if tlsCfg, ok := h.hostnameTlsCache[hostname]; ok {
-		return h.autoGenCert(hostname)
+		return tlsCfg
 	}
 	c, ok := h.routes[hostname]
 	if !ok {
+		if h.autogenCert {
+			return h.autoGenCert(hostname)
+		}
 		if _, ok := h.routes[""]; ok {
 			c = h.routes[""]
 		} else {
@@ -413,19 +413,25 @@ func (h *ReverseConfig) getCert(hostname string) *tls.Config {
 	if c == nil {
 		return &tls.Config{}
 	}
+	if c.AutoGenerateCert {
+		return h.autoGenCert(hostname)
+	}
 	cert, err := tls.LoadX509KeyPair(c.Cert, c.Key)
 	if err != nil {
 		starlog.Errorln("Load X509 Key Pair Error:", err)
 		return &tls.Config{}
 	}
-	return &tls.Config{
+
+	if h.hostnameTlsCache == nil {
+		h.hostnameTlsCache = make(map[string]*tls.Config)
+	}
+	h.hostnameTlsCache[hostname] = &tls.Config{
 		Certificates: []tls.Certificate{cert},
 	}
+	return h.hostnameTlsCache[hostname]
 }
+
 func (h *ReverseConfig) autoGenCert(hostname string) *tls.Config {
-	if cert, ok := certCache[hostname]; ok {
-		return &tls.Config{Certificates: []tls.Certificate{cert}}
-	}
 	if toolCa == nil {
 		toolCa, toolCaKey = utils.ToolCert("")
 	}
@@ -451,8 +457,11 @@ func (h *ReverseConfig) autoGenCert(hostname string) *tls.Config {
 	if err != nil {
 		return nil
 	}
-	certCache[hostname] = cert
+	if h.hostnameTlsCache == nil {
-	return &tls.Config{Certificates: []tls.Certificate{cert}}
+		h.hostnameTlsCache = make(map[string]*tls.Config)
+	}
+	h.hostnameTlsCache[hostname] = &tls.Config{Certificates: []tls.Certificate{cert}}
+	return h.hostnameTlsCache[hostname]
 }
 
 func (h *ReverseConfig) Close() error {

httpserver/upload.html

@@ -106,6 +106,7 @@
     function uploadFile(file, fileUpload) {
         var formData = new FormData();
         formData.append('victorique', file);
+        formData.append("path",window.location.pathname);
         var start = Date.now();
         var lastLoaded = 0;
         var progressBar = fileUpload.progressBar;