github/nps
1
0
Fork 0
mirror of https://github.com/ehang-io/nps.git synced 2025-07-03 04:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #522 from ehang-io/pull/508, close #507

Browse Source 
Pull/508
This commit is contained in:
ffdfgdfg 2020-04-30 23:47:26 +08:00 committed by GitHub
commit 878c717f89
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 72 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
cmd/nps/nps.go
View File

@ -1,14 +1,6 @@
package main package main
import ( import (
"ehang.io/nps/lib/crypt"
"ehang.io/nps/lib/file"
"ehang.io/nps/lib/install"
"ehang.io/nps/lib/version"
"ehang.io/nps/server"
"ehang.io/nps/server/connection"
"ehang.io/nps/server/tool"
"ehang.io/nps/web/routers"
"flag" "flag"
"log" "log"
"os" "os"
@ -18,7 +10,16 @@ import (
"strings" "strings"
"sync" "sync"
"ehang.io/nps/lib/file"
"ehang.io/nps/lib/install"
"ehang.io/nps/lib/version"
"ehang.io/nps/server"
"ehang.io/nps/server/connection"
"ehang.io/nps/server/tool"
"ehang.io/nps/web/routers"
"ehang.io/nps/lib/common" "ehang.io/nps/lib/common"
"ehang.io/nps/lib/crypt"
"ehang.io/nps/lib/daemon" "ehang.io/nps/lib/daemon"
"github.com/astaxie/beego" "github.com/astaxie/beego"
"github.com/astaxie/beego/logs" "github.com/astaxie/beego/logs"
@ -200,7 +201,8 @@ func run() {
} }
logs.Info("the version of server is %s ,allow client core version to be %s", version.VERSION, version.GetVersion()) logs.Info("the version of server is %s ,allow client core version to be %s", version.VERSION, version.GetVersion())
connection.InitConnectionService() connection.InitConnectionService()
crypt.InitTls(filepath.Join(common.GetRunPath(), "conf", "server.pem"), filepath.Join(common.GetRunPath(), "conf", "server.key")) //crypt.InitTls(filepath.Join(common.GetRunPath(), "conf", "server.pem"), filepath.Join(common.GetRunPath(), "conf", "server.key"))
crypt.InitTls()
tool.InitAllowPort() tool.InitAllowPort()
tool.StartSystemInfo() tool.StartSystemInfo()
go server.StartNewServer(bridgePort, task, beego.AppConfig.String("bridge_type")) go server.StartNewServer(bridgePort, task, beego.AppConfig.String("bridge_type"))

63
lib/crypt/tls.go
View File

@ -1,22 +1,37 @@
package crypt package crypt
import ( import (
"crypto/rand"
"crypto/rsa"
"crypto/tls" "crypto/tls"
"crypto/x509"
"crypto/x509/pkix"
"encoding/pem"
"log"
"math/big"
"net" "net"
"os" "os"
"time"
"github.com/astaxie/beego/logs" "github.com/astaxie/beego/logs"
) )
var pemPath, keyPath string var (
cert tls.Certificate
)
func InitTls(pem, key string) { func InitTls() {
pemPath = pem c, k, err := generateKeyPair("NPS Org")
keyPath = key if err == nil {
cert, err = tls.X509KeyPair(c, k)
}
if err != nil {
log.Fatalln("Error initializing crypto certs", err)
}
} }
func NewTlsServerConn(conn net.Conn) net.Conn { func NewTlsServerConn(conn net.Conn) net.Conn {
cert, err := tls.LoadX509KeyPair(pemPath, keyPath) var err error
if err != nil { if err != nil {
logs.Error(err) logs.Error(err)
os.Exit(0) os.Exit(0)
@ -32,3 +47,41 @@ func NewTlsClientConn(conn net.Conn) net.Conn {
} }
return tls.Client(conn, conf) return tls.Client(conn, conf)
} }
func generateKeyPair(CommonName string) (rawCert, rawKey []byte, err error) {
// Create private key and self-signed certificate
// Adapted from https://golang.org/src/crypto/tls/generate_cert.go
priv, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return
}
validFor := time.Hour * 24 * 365 * 10 // ten years
notBefore := time.Now()
notAfter := notBefore.Add(validFor)
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
template := x509.Certificate{
SerialNumber: serialNumber,
Subject: pkix.Name{
Organization: []string{"My Company Name LTD."},
CommonName: CommonName,
Country: []string{"US"},
},
NotBefore: notBefore,
NotAfter: notAfter,
KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true,
}
derBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
if err != nil {
return
}
rawCert = pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: derBytes})
rawKey = pem.EncodeToMemory(&pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(priv)})
return
}

2
server/proxy/http.go
View File

@ -130,7 +130,7 @@ func (s *httpServer) handleHttp(c *conn.Conn, r *http.Request) {
defer func() { defer func() {
if connClient != nil { if connClient != nil {
connClient.Close() connClient.Close()
}else { } else {
s.writeConnFail(c.Conn) s.writeConnFail(c.Conn)
} }
c.Close() c.Close()

4
server/test/test.go
View File

@ -52,10 +52,10 @@ func TestServerConfig() {
if port, err := strconv.Atoi(p); err != nil { if port, err := strconv.Atoi(p); err != nil {
log.Fatalln("get https port error", err) log.Fatalln("get https port error", err)
} else { } else {
if !common.FileExists(filepath.Join(common.GetRunPath(), beego.AppConfig.String("pemPath"))) { if beego.AppConfig.String("pemPath") != "" && !common.FileExists(filepath.Join(common.GetRunPath(), beego.AppConfig.String("pemPath"))) {
log.Fatalf("ssl certFile %s is not exist", beego.AppConfig.String("pemPath")) log.Fatalf("ssl certFile %s is not exist", beego.AppConfig.String("pemPath"))
} }
if !common.FileExists(filepath.Join(common.GetRunPath(), beego.AppConfig.String("ketPath"))) { if beego.AppConfig.String("keyPath") != "" && !common.FileExists(filepath.Join(common.GetRunPath(), beego.AppConfig.String("keyPath"))) {
log.Fatalf("ssl keyFile %s is not exist", beego.AppConfig.String("pemPath")) log.Fatalf("ssl keyFile %s is not exist", beego.AppConfig.String("pemPath"))
} }
isInArr(&postTcpArr, port, "http port", "tcp") isInArr(&postTcpArr, port, "http port", "tcp")