更新程序为单二进制文件

支持远程桌面连接添加后台显示版本号支持邮箱设置加密类型
2025-08-08 00:31:17 +08:00 · 2021-06-18 19:04:16 +08:00
parent 0ef18ee2f9
commit 993cd40c41
13 changed files with 136 additions and 121 deletions
--- a/server/admin/api_set.go
+++ b/server/admin/api_set.go
@@ -67,10 +67,11 @@ func SetSystem(w http.ResponseWriter, r *http.Request) {
 	hi, _ := host.Info()
 	l, _ := load.Avg()
 	data["sys"] = map[string]interface{}{
-		"goOs":      runtime.GOOS,
-		"goArch":    runtime.GOARCH,
-		"goVersion": runtime.Version(),
-		"goroutine": runtime.NumGoroutine(),
+		"goOs":       runtime.GOOS,
+		"goArch":     runtime.GOARCH,
+		"goVersion":  runtime.Version(),
+		"goroutine":  runtime.NumGoroutine(),
+		"appVersion": "v" + base.APP_VER,

 		"hostname": hi.Hostname,
 		"platform": fmt.Sprintf("%v %v %v", hi.Platform, hi.PlatformFamily, hi.PlatformVersion),
--- a/server/admin/common.go
+++ b/server/admin/common.go
@@ -59,8 +59,14 @@ func SendMail(subject, to, htmlBody string) error {
 	server.Port = dataSmtp.Port
 	server.Username = dataSmtp.Username
 	server.Password = dataSmtp.Password
-	if dataSmtp.UseSSl {
-		server.Encryption = mail.EncryptionSSL
+
+	switch dataSmtp.Encryption {
+	case "SSLTLS":
+		server.Encryption = mail.EncryptionSSLTLS
+	case "STARTTLS":
+		server.Encryption = mail.EncryptionSTARTTLS
+	default:
+		server.Encryption = mail.EncryptionNone
 	}

 	// Since v2.3.0 you can specified authentication type:
--- a/server/base/config.go
+++ b/server/base/config.go
@@ -27,8 +27,8 @@ var configs = []config{
 	{Typ: cfgStr, Name: "cert_file", Usage: "证书文件", ValStr: "./vpn_cert.pem"},
 	{Typ: cfgStr, Name: "cert_key", Usage: "证书密钥", ValStr: "./vpn_cert.key"},
 	{Typ: cfgStr, Name: "files_path", Usage: "外部下载文件路径", ValStr: "./files"},
-	{Typ: cfgStr, Name: "log_path", Usage: "日志文件路径", ValStr: ""},
-	{Typ: cfgStr, Name: "log_level", Usage: "日志等级", ValStr: "info"},
+	{Typ: cfgStr, Name: "log_path", Usage: "日志文件路径,默认标准输出", ValStr: ""},
+	{Typ: cfgStr, Name: "log_level", Usage: "日志等级 debug、info、warn、error", ValStr: "info"},
 	{Typ: cfgBool, Name: "pprof", Usage: "开启pprof", ValBool: false},
 	{Typ: cfgStr, Name: "issuer", Usage: "系统名称", ValStr: "XX公司VPN"},
 	{Typ: cfgStr, Name: "admin_user", Usage: "管理用户名", ValStr: "admin"},
--- a/server/dbdata/setting.go
+++ b/server/dbdata/setting.go
@@ -33,12 +33,12 @@ func SettingGet(data interface{}) error {
 }

 type SettingSmtp struct {
-	Host     string `json:"host"`
-	Port     int    `json:"port"`
-	Username string `json:"username"`
-	Password string `json:"password"`
-	From     string `json:"from"`
-	UseSSl   bool   `json:"use_ssl"`
+	Host       string `json:"host"`
+	Port       int    `json:"port"`
+	Username   string `json:"username"`
+	Password   string `json:"password"`
+	From       string `json:"from"`
+	Encryption string `json:"encryption"`
 }

 type SettingOther struct {
--- a/server/handler/link_auth.go
+++ b/server/handler/link_auth.go
@@ -173,6 +173,48 @@ var auth_complete = `<?xml version="1.0" encoding="UTF-8"?>
            <server-cert-hash>240B97A685B2BFA66AD699B90AAC49EA66495D69</server-cert-hash>
        </vpn-base-config>
        <opaque is-for="vpn-client"></opaque>
+        <vpn-profile-manifest>
+            <vpn rev="1.0">
+                <file type="profile" service-type="user">
+                    <uri>/profile.xml</uri>
+                    <hash type="sha1">A8B0B07FBA93D06E8501E40AB807AEE2464E73B7</hash>
+                </file>
+            </vpn>
+        </vpn-profile-manifest>
    </config>
 </config-auth>
 `
+
+var auth_profile = `<?xml version="1.0" encoding="UTF-8"?>
+<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd">
+
+	<ClientInitialization>
+		<UseStartBeforeLogon UserControllable="false">false</UseStartBeforeLogon>
+		<StrictCertificateTrust>false</StrictCertificateTrust>
+		<RestrictPreferenceCaching>false</RestrictPreferenceCaching>
+		<RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
+		<BypassDownloader>true</BypassDownloader>
+		<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
+		<CertEnrollmentPin>pinAllowed</CertEnrollmentPin>
+		<CertificateMatch>
+			<KeyUsage>
+				<MatchKey>Digital_Signature</MatchKey>
+			</KeyUsage>
+			<ExtendedKeyUsage>
+				<ExtendedMatchKey>ClientAuth</ExtendedMatchKey>
+			</ExtendedKeyUsage>
+		</CertificateMatch>
+
+		<BackupServerList>
+	            <HostAddress>localhost</HostAddress>
+		</BackupServerList>
+	</ClientInitialization>
+
+	<ServerList>
+		<HostEntry>
+	            <HostName>VPN Server</HostName>
+	            <HostAddress>localhost</HostAddress>
+		</HostEntry>
+	</ServerList>
+</AnyConnectProfile>
+`
--- a/server/handler/server.go
+++ b/server/handler/server.go
@@ -10,10 +10,11 @@ import (
 	"os"
 	"time"

+	"github.com/pion/dtls/v2/pkg/crypto/selfsign"
+
 	"github.com/bjdgyc/anylink/base"
 	"github.com/bjdgyc/anylink/pkg/proxyproto"
 	"github.com/gorilla/mux"
-	"github.com/pion/dtls/v2/pkg/crypto/selfsign"
 )

 func startTls() {
@@ -79,6 +80,9 @@ func initRoute() http.Handler {
 	r.HandleFunc("/", LinkAuth).Methods(http.MethodPost)
 	r.HandleFunc("/CSCOSSLC/tunnel", LinkTunnel).Methods(http.MethodConnect)
 	r.HandleFunc("/otp_qr", LinkOtpQr).Methods(http.MethodGet)
+	r.HandleFunc("/profile.xml", func(w http.ResponseWriter, r *http.Request) {
+		w.Write([]byte(auth_profile))
+	}).Methods(http.MethodGet)
 	r.PathPrefix("/files/").Handler(
 		http.StripPrefix("/files/",
 			http.FileServer(http.Dir(base.Cfg.FilesPath)),