Https kcp

server/connection/connection.go

@@ -4,7 +4,6 @@ import (
 	"github.com/cnlh/nps/lib/mux"
 	"github.com/cnlh/nps/vender/github.com/astaxie/beego"
 	"github.com/cnlh/nps/vender/github.com/astaxie/beego/logs"
-	"github.com/cnlh/nps/vender/github.com/xtaci/kcp"
 	"net"
 	"os"
 	"strconv"
@@ -32,7 +31,7 @@ func InitConnectionService() {
 	}
 }
 
-func GetBridgeListener(tp string) (interface{}, error) {
+func GetBridgeListener(tp string) (net.Listener, error) {
 	logs.Info("server start, the bridge type is %s, the bridge port is %s", tp, bridgePort)
 	var p int
 	var err error
@@ -41,13 +40,6 @@ func GetBridgeListener(tp string) (interface{}, error) {
 	}
 	if pMux != nil {
 		return pMux.GetClientListener(), nil
-	} else if tp == "udp" {
-		if p, err = beego.AppConfig.Int("bridge_port"); err != nil {
-			logs.Error(err)
-			os.Exit(0)
-		} else {
-			return kcp.ListenWithOptions(":"+strconv.Itoa(p), nil, 150, 3)
-		}
 	}
 	return net.ListenTCP("tcp", &net.TCPAddr{net.ParseIP(beego.AppConfig.String("bridge_ip")), p, ""})
 }

server/proxy/base.go

@@ -72,21 +72,21 @@ func (s *BaseServer) checkFlow() error {
 }
 
 //与客户端建立通道
-func (s *BaseServer) DealClient(c *conn.Conn, addr string, rb []byte, tp string) error {
-	link := conn.NewLink(tp, addr, s.task.Client.Cnf.Crypt, s.task.Client.Cnf.Compress, c.Conn.RemoteAddr().String())
+func (s *BaseServer) DealClient(c *conn.Conn, client *file.Client, addr string, rb []byte, tp string) error {
+	link := conn.NewLink(tp, addr, client.Cnf.Crypt, client.Cnf.Compress, c.Conn.RemoteAddr().String())
 
-	if target, err := s.bridge.SendLinkInfo(s.task.Client.Id, link, c.Conn.RemoteAddr().String(), s.task); err != nil {
-		logs.Warn("task id %d get connection from client id %d  error %s", s.task.Id, s.task.Client.Id, err.Error())
+	if target, err := s.bridge.SendLinkInfo(client.Id, link, c.Conn.RemoteAddr().String(), s.task); err != nil {
+		logs.Warn("task id %d get connection from client id %d  error %s", s.task.Id, client.Id, err.Error())
 		c.Close()
 		return err
 	} else {
 		if rb != nil {
 			//HTTP proxy crypt or compress
-			conn.GetConn(target, link.Crypt, link.Compress, s.task.Client.Rate, true).Write(rb)
+			conn.GetConn(target, link.Crypt, link.Compress, client.Rate, true).Write(rb)
 		}
-		conn.CopyWaitGroup(target, c.Conn, link.Crypt, link.Compress, s.task.Client.Rate, s.task.Flow, true)
+		conn.CopyWaitGroup(target, c.Conn, link.Crypt, link.Compress, client.Rate, s.task.Flow, true)
 	}
 
-	s.task.Client.AddConn()
+	client.AddConn()
 	return nil
 }

server/proxy/http.go

@@ -2,6 +2,7 @@ package proxy
 
 import (
 	"bufio"
+	"bytes"
 	"crypto/tls"
 	"github.com/cnlh/nps/bridge"
 	"github.com/cnlh/nps/lib/common"
@@ -14,6 +15,7 @@ import (
 	"net"
 	"net/http"
 	"net/http/httputil"
+	"net/url"
 	"os"
 	"path/filepath"
 	"strconv"
@@ -49,6 +51,49 @@ func NewHttp(bridge *bridge.Bridge, c *file.Tunnel) *httpServer {
 	}
 }
 
+func (s *httpServer) processHttps(c net.Conn) {
+	buf := make([]byte, 2<<10)
+	n, err := c.Read(buf)
+	if err != nil {
+		return
+	}
+	var host *file.Host
+	file.GetCsvDb().Lock()
+	for _, host = range file.GetCsvDb().Hosts {
+		if bytes.Index(buf[:n], []byte(host.Host)) >= 0 {
+			break
+		}
+	}
+	file.GetCsvDb().Unlock()
+	if host == nil {
+		logs.Error("new https connection can't be parsed!", c.RemoteAddr().String())
+		c.Close()
+		return
+	}
+	var targetAddr string
+	r := new(http.Request)
+	r.RequestURI = "/"
+	r.URL = new(url.URL)
+	r.URL.Scheme = "https"
+	r.Host = host.Host
+	//read the host form connection
+	if !host.Client.GetConn() { //conn num limit
+		logs.Notice("connections exceed the current client %d limit %d ,now connection num %d", host.Client.Id, host.Client.MaxConn, host.Client.NowConn)
+		c.Close()
+		return
+	}
+	//流量限制
+	if host.Client.Flow.FlowLimit > 0 && (host.Client.Flow.FlowLimit<<20) < (host.Client.Flow.ExportFlow+host.Client.Flow.InletFlow) {
+		logs.Warn("Traffic exceeded client id %s", host.Client.Id)
+		return
+	}
+	if targetAddr, err = host.GetRandomTarget(); err != nil {
+		logs.Warn(err.Error())
+	}
+	logs.Trace("new https connection,clientId %d,host %s,remote address %s", host.Client.Id, r.Host, c.RemoteAddr().String())
+	s.DealClient(conn.NewConn(c), host.Client, targetAddr, buf[:n], common.CONN_TCP)
+}
+
 func (s *httpServer) Start() error {
 	var err error
 	var httpSrv, httpsSrv *http.Server
@@ -81,16 +126,26 @@ func (s *httpServer) Start() error {
 		}
 		httpsSrv = s.NewServer(s.httpsPort, "https")
 		go func() {
-			logs.Info("Start https listener, port is", s.httpsPort)
 			l, err := connection.GetHttpsListener()
 			if err != nil {
 				logs.Error(err)
 				os.Exit(0)
 			}
-			err = httpsSrv.ServeTLS(l, s.pemPath, s.keyPath)
-			if err != nil {
-				logs.Error(err)
-				os.Exit(0)
+			if b, err := beego.AppConfig.Bool("https_just_proxy"); err == nil && b {
+				for {
+					c, err := l.Accept()
+					if err != nil {
+						logs.Error(err)
+						break
+					}
+					go s.processHttps(c)
+				}
+			} else {
+				err = httpsSrv.ServeTLS(l, s.pemPath, s.keyPath)
+				if err != nil {
+					logs.Error(err)
+					os.Exit(0)
+				}
 			}
 		}()
 	}

server/proxy/tcp.go

@@ -115,7 +115,7 @@ func ProcessTunnel(c *conn.Conn, s *TunnelModeServer) error {
 		logs.Warn("tcp port %d ,client id %d,task id %d connect error %s", s.task.Port, s.task.Client.Id, s.task.Id, err.Error())
 		return err
 	}
-	return s.DealClient(c, targetAddr, nil, common.CONN_TCP)
+	return s.DealClient(c, s.task.Client, targetAddr, nil, common.CONN_TCP)
 }
 
 //http代理模式
@@ -133,5 +133,5 @@ func ProcessHttp(c *conn.Conn, s *TunnelModeServer) error {
 	if err := s.auth(r, c, s.task.Client.Cnf.U, s.task.Client.Cnf.P); err != nil {
 		return err
 	}
-	return s.DealClient(c, addr, rb, common.CONN_TCP)
+	return s.DealClient(c, s.task.Client, addr, rb, common.CONN_TCP)
 }

server/server.go

@@ -66,7 +66,7 @@ func DealBridgeTask() {
 					logs.Info("Connections exceed the current client %d limit", t.Client.Id)
 					s.Conn.Close()
 				} else if t.Status {
-					go proxy.NewBaseServer(Bridge, t).DealClient(s.Conn, t.Target, nil, common.CONN_TCP)
+					go proxy.NewBaseServer(Bridge, t).DealClient(s.Conn, t.Client, t.Target, nil, common.CONN_TCP)
 				} else {
 					s.Conn.Close()
 					logs.Trace("This key %s cannot be processed,status is close", s.Password)