Home Explore Help
Register Sign In
Apq
/
dockerfiles
mirror of https://github.com/stilleshan/dockerfiles.git
1
0
Fork 0
Files Issues 0 Wiki
Tree: bc08f87b78
Branches Tags
dockerfiles
/
anylink
/
server
/
handler
/
server.go

server.go 2.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102 
  1. package handler
    2. 

  2. 

  3. import (
    4. 

  4. 	"crypto/tls"
    5. 

  5. 	"fmt"
    6. 

  6. 	"log"
    7. 

  7. 	"net"
    8. 

  8. 	"net/http"
    9. 

  9. 	"os"
    10. 

  10. 	"time"
    11. 

  11. 

  12. 	"github.com/bjdgyc/anylink/base"
    13. 

  13. 	"github.com/bjdgyc/anylink/pkg/proxyproto"
    14. 

  14. 	"github.com/gorilla/mux"
    15. 

  15. )
    16. 

  16. 

  17. func startTls() {
    18. 

  18. 

  19. 	var (
    20. 

  20. 		err error
    21. 

  21. 

  22. 		addr = base.Cfg.ServerAddr
    23. 

  23. 		ln   net.Listener
    24. 

  24. 	)
    25. 

  25. 

  26. 	// 判断证书文件
    27. 

  27. 	// _, err = os.Stat(certFile)
    28. 

  28. 	// if errors.Is(err, os.ErrNotExist) {
    29. 

  29. 	//	// 自动生成证书
    30. 

  30. 	//	certs[0], err = selfsign.GenerateSelfSignedWithDNS("vpn.anylink")
    31. 

  31. 	// } else {
    32. 

  32. 	//	// 使用自定义证书
    33. 

  33. 	//	certs[0], err = tls.LoadX509KeyPair(certFile, keyFile)
    34. 

  34. 	// }
    35. 

  35. 

  36. 	// 修复 CVE-2016-2183
    37. 

  37. 	// https://segmentfault.com/a/1190000038486901
    38. 

  38. 	// nmap -sV --script ssl-enum-ciphers -p 443 www.example.com
    39. 

  39. 	cipherSuites := tls.CipherSuites()
    40. 

  40. 	selectedCipherSuites := make([]uint16, 0, len(cipherSuites))
    41. 

  41. 	for _, s := range cipherSuites {
    42. 

  42. 		selectedCipherSuites = append(selectedCipherSuites, s.ID)
    43. 

  43. 	}
    44. 

  44. 

  45. 	// 设置tls信息
    46. 

  46. 	tlsConfig := &tls.Config{
    47. 

  47. 		NextProtos:   []string{"http/1.1"},
    48. 

  48. 		MinVersion:   tls.VersionTLS12,
    49. 

  49. 		CipherSuites: selectedCipherSuites,
    50. 

  50. 		// InsecureSkipVerify: true,
    51. 

  51. 	}
    52. 

  52. 	srv := &http.Server{
    53. 

  53. 		Addr:      addr,
    54. 

  54. 		Handler:   initRoute(),
    55. 

  55. 		TLSConfig: tlsConfig,
    56. 

  56. 		ErrorLog:  base.GetBaseLog(),
    57. 

  57. 	}
    58. 

  58. 

  59. 	ln, err = net.Listen("tcp", addr)
    60. 

  60. 	if err != nil {
    61. 

  61. 		log.Fatal(err)
    62. 

  62. 	}
    63. 

  63. 	defer ln.Close()
    64. 

  64. 

  65. 	if base.Cfg.ProxyProtocol {
    66. 

  66. 		ln = &proxyproto.Listener{Listener: ln, ProxyHeaderTimeout: time.Second * 5}
    67. 

  67. 	}
    68. 

  68. 

  69. 	base.Info("listen server", addr)
    70. 

  70. 	err = srv.ServeTLS(ln, base.Cfg.CertFile, base.Cfg.CertKey)
    71. 

  71. 	if err != nil {
    72. 

  72. 		base.Fatal(err)
    73. 

  73. 	}
    74. 

  74. }
    75. 

  75. 

  76. func initRoute() http.Handler {
    77. 

  77. 	r := mux.NewRouter()
    78. 

  78. 	r.HandleFunc("/", LinkHome).Methods(http.MethodGet)
    79. 

  79. 	r.HandleFunc("/", LinkAuth).Methods(http.MethodPost)
    80. 

  80. 	r.HandleFunc("/CSCOSSLC/tunnel", LinkTunnel).Methods(http.MethodConnect)
    81. 

  81. 	r.HandleFunc("/otp_qr", LinkOtpQr).Methods(http.MethodGet)
    82. 

  82. 	r.HandleFunc("/profile.xml", func(w http.ResponseWriter, r *http.Request) {
    83. 

  83. 		b, _ := os.ReadFile(base.Cfg.Profile)
    84. 

  84. 		w.Write(b)
    85. 

  85. 	}).Methods(http.MethodGet)
    86. 

  86. 	r.PathPrefix("/files/").Handler(
    87. 

  87. 		http.StripPrefix("/files/",
    88. 

  88. 			http.FileServer(http.Dir(base.Cfg.FilesPath)),
    89. 

  89. 		),
    90. 

  90. 	)
    91. 

  91. 	r.NotFoundHandler = http.HandlerFunc(notFound)
    92. 

  92. 	return r
    93. 

  93. }
    94. 

  94. 

  95. func notFound(w http.ResponseWriter, r *http.Request) {
    96. 

  96. 	// fmt.Println(r.RemoteAddr)
    97. 

  97. 	// hu, _ := httputil.DumpRequest(r, true)
    98. 

  98. 	// fmt.Println("NotFound: ", string(hu))
    99. 

  99. 

  100. 	w.WriteHeader(http.StatusNotFound)
    101. 

  101. 	fmt.Fprintln(w, "404 page not found")
    102. 

  102. }
    103.