7x31
/
anylink
mirror of https://github.com/bjdgyc/anylink.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #290 from bjdgyc/dev 

添加github action编译
This commit is contained in:
bjdgyc 2024-01-29 00:15:27 +08:00 committed by GitHub
parent edc7a4a4a3 911b96cc74
commit 9d5f5719d8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
44 changed files with 890 additions and 1367 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.codecov.yml
View File

@ -1,5 +1,7 @@
ignore:
- "screenshot"
- "web"
- "server/conf"
- "server/files"
- "^doc"
- "^home"
- "^web"
- "^server/conf"
- "^server/files"

65
.github/workflows/codeql-analysis.yml vendored
View File

@ -12,13 +12,14 @@
name: "CodeQL"
on:
push:
branches: [ "main", "dev" ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ "main", "dev" ]
schedule:
- cron: '32 12 * * 5'
workflow_dispatch:
# push:
# branches: [ "main", "dev" ]
# pull_request:
# branches: [ "main", "dev" ]
# schedule:
# - cron: '32 12 * * 5'
jobs:
analyze:
@ -38,34 +39,34 @@ jobs:
# https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Checkout repository
uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
# By default, queries listed here will override any specified in a config file.
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
# ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
# and modify them (or add more) to build your code if your project
# uses a compiled language
#- run: |
# make bootstrap
# make release
#- run: |
# make bootstrap
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2

48
.github/workflows/go-update.yml vendored Normal file
View File

@ -0,0 +1,48 @@
name: go-update
on:
workflow_dispatch:
# schedule:
# - cron: "1 2 * * 5"
jobs:
go:
runs-on: ubuntu-latest
steps:
- name: Setup Go 1.x.y
uses: actions/setup-go@main
with:
go-version: '1.20'
stable: true
- name: Checkout codebase
uses: actions/checkout@main
- name: go
run: |
cd ./server
go mod tidy -compat=1.20
#gofmt -w -r 'interface{} -> any' .
go get -u
go mod download
go get -u
go mod download
- name: Git push
run: |
git init
git config --local user.name "github-actions[bot]"
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
git remote rm origin
git remote add origin "https://${{ github.actor }}:${{ secrets.GITHUBTOKEN }}@github.com/${{ github.repository }}"
git gc --aggressive
git add --all
git commit -m "update go.mod $(date +%Y.%m.%d.%H.%M)"
#git push -f -u origin _autoaction
git push -u origin _autoaction
# 删除无用 workflow runs;
- name: Delete workflow runs
uses: GitRML/delete-workflow-runs@main
with:
retain_days: 0.1
keep_minimum_runs: 1

32
.github/workflows/go.yml vendored
View File

@ -1,10 +1,12 @@
name: Go
on:
push:
branches: [ "main", "dev" ]
pull_request:
branches: [ "main", "dev" ]
workflow_dispatch:
# push:
# branches: [ "main", "dev" ]
# pull_request:
# branches: [ "main", "dev" ]
jobs:
@ -12,15 +14,15 @@ jobs:
name: Build
runs-on: ubuntu-latest
steps:
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Set up Go 1.x
uses: actions/setup-go@v2
uses: actions/setup-go@v4
with:
go-version: 1.18
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v2
go-version: '1.20'
go-version-file: 'server/go.mod'
cache-dependency-path: 'server/go.sum'
- name: Get dependencies
run: |
@ -32,7 +34,7 @@ jobs:
cd server
mkdir ui
touch ui/index.html
go build -v -o anylink -ldflags "-X main.CommitId=`git rev-parse HEAD`"
go build -v -o anylink -trimpath -ldflags "-X main.CommitId=`git rev-parse HEAD`"
./anylink tool -v
- name: Test coverage
@ -40,7 +42,7 @@ jobs:
cd server
go test -race -coverprofile=coverage.txt -covermode=atomic -v ./...
- name: Upload coverage to Codecov
run: |
cd server
bash <(curl -s https://codecov.io/bash)
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v3
env:
CODECOV_TOKEN: 28d52fb0-8fc9-460f-95b9-fb84f9138e58

47
.github/workflows/release-tag-version.yml vendored Normal file
View File

@ -0,0 +1,47 @@
name: release-tag-version
on:
workflow_dispatch:
push:
tags:
- "v0.*"
jobs:
Build:
name: build-binary
runs-on: ubuntu-latest
env:
TZ: Asia/Shanghai
steps:
- name: Hello world
run: |
uname -a
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: '1.20'
cache-dependency-path: 'server/go.sum'
- uses: actions/setup-node@v4
with:
node-version: '16'
cache: 'yarn'
cache-dependency-path: 'web/yarn.lock'
- # https://github.com/docker/setup-qemu-action
name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: build
run: |
mkdir server/ui
touch server/ui/index.html
sudo apt-get install -y -q gcc-aarch64-linux-gnu g++-aarch64-linux-gnu
aarch64-linux-gnu-gcc -v
aarch64-linux-gnu-g++ -v
bash build.sh github_action
# Docker:
# name: build-docker

1
.gitignore vendored
View File

@ -3,3 +3,4 @@
anylink-deploy
anylink-deploy.tar.gz
dist

104
.goreleaser.yaml Normal file
View File

@ -0,0 +1,104 @@
#https://goreleaser.com/static/schema.json
# release --skip=publish
# goreleaser build --skip=validate --clean --debug
# GOPROXY=https://goproxy.cn
# docker run -it --rm -v $PWD:/app -v /go:/go -w /app --platform=linux/arm64
# docker run -it --rm -v $PWD:/app -v /go:/go -w /app goreleaser/goreleaser-cross build --skip=validate --clean --debug
# docker run -it --rm -v $PWD:/app -v /go:/go -w /app bjdgyc/dcross goreleaser build --skip=validate --clean --debug
version: 1
dist: dist
before:
hooks:
- pwd
# - cmd: go mod tidy
# dir:
# "{{ dir .Dist}}"
# output: true
# - cmd: go generate
# dir:
# "{{ dir .Dist}}"
# output: true
builds:
- id: "build"
#main: .
dir: ./server
hooks:
pre:
- cmd: go mod tidy
dir: ./server
output: true
- cmd: go generate
dir: ./server
output: true
# {{- if eq .Arch "amd64" }}CC=x86_64-linux-gnu-gcc CXX=x86_64-linux-gnu-g++{{- end }}
env:
- CGO_ENABLED=1
- >-
{{- if eq .Os "linux" }}
{{- if eq .Arch "amd64" }}CC=x86_64-linux-musl-gcc{{- end }}
{{- if eq .Arch "arm64" }}CC=aarch64-linux-gnu-gcc CXX=aarch64-linux-gnu-g++{{- end }}
{{- end }}
{{- if eq .Os "darwin" }}
{{- if eq .Arch "amd64"}}CC=o64-clang{{- end }}
{{- if eq .Arch "arm64"}}CC=oa64-clang{{- end }}
{{- end }}
{{- if eq .Os "windows" }}
{{- if eq .Arch "amd64"}}CC=x86_64-w64-mingw32-gcc{{- end }}
{{- if eq .Arch "arm64"}}CC=aarch64-linux-gnu-gcc{{- end }}
{{- end }}
goos:
- linux
#- darwin
#- windows
goarch:
- amd64
#- arm64
# https://go.dev/wiki/MinimumRequirements
goamd64:
- v1
command: build
flags:
- -trimpath
- -tags osusergo,netgo,sqlite_omit_load_extension
ldflags:
# go tool link -help
# go tool compile -help
# -linkmode external
# -extld=$CC
# -fpic 作为动态链接库的时候 需要添加
- -s -w -extldflags '-static' -X main.version={{.Version}} -X main.commit={{.Commit}} -X main.date={{.Date}} -X main.builtBy=dcross
archives:
- id: "archive1"
format: tar.gz
# this name template makes the OS and Arch compatible with the results of `uname`.
name_template: >-
{{ .ProjectName }}_
{{- title .Os }}_
{{- if eq .Arch "amd64" }}x86_64
{{- else if eq .Arch "386" }}i386
{{- else }}{{ .Arch }}{{ end }}
{{- if .Arm }}v{{ .Arm }}{{ end }}
# use zip for windows archives
format_overrides:
- goos: windows
format: zip
changelog:
sort: asc
filters:
exclude:
- "^docs:"
- "^test:"

20
README.md
View File

@ -3,9 +3,10 @@
[![Go](https://github.com/bjdgyc/anylink/workflows/Go/badge.svg?branch=main)](https://github.com/bjdgyc/anylink/actions)
[![PkgGoDev](https://pkg.go.dev/badge/github.com/bjdgyc/anylink)](https://pkg.go.dev/github.com/bjdgyc/anylink)
[![Go Report Card](https://goreportcard.com/badge/github.com/bjdgyc/anylink)](https://goreportcard.com/report/github.com/bjdgyc/anylink)
[![codecov](https://codecov.io/gh/bjdgyc/anylink/branch/master/graph/badge.svg?token=JTFLIIIBQ0)](https://codecov.io/gh/bjdgyc/anylink)
[![codecov](https://codecov.io/gh/bjdgyc/anylink/graph/badge.svg?token=JTFLIIIBQ0)](https://codecov.io/gh/bjdgyc/anylink)
![GitHub release](https://img.shields.io/github/v/release/bjdgyc/anylink)
![GitHub downloads)](https://img.shields.io/github/downloads/bjdgyc/anylink/total)
![GitHub downloads total)](https://img.shields.io/github/downloads/bjdgyc/anylink/total)
![GitHub Downloads (all assets, latest release)](https://img.shields.io/github/downloads/bjdgyc/anylink/latest/total)
[![Docker pulls)](https://img.shields.io/docker/pulls/bjdgyc/anylink.svg)](https://hub.docker.com/r/bjdgyc/anylink)
![LICENSE](https://img.shields.io/github/license/bjdgyc/anylink)
@ -59,11 +60,13 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
>
> 其他问题 [前往查看](doc/question.md)
>
> 首次使用,请在浏览器访问 https://域名:443浏览器提示安全后在客户端输入 【域名:443】 即可
> 默认管理后台访问地址 https://host:8800 默认账号密码 admin 123456
>
> 首次使用,请在浏览器访问 https://域名:443 浏览器提示安全后,在客户端输入 【域名:443】 即可
### 自行编译安装
> 需要提前安装好 golang >= 1.19 和 nodejs >= 16.x 和 yarn >= v1.22.x
> 需要提前安装好 golang >= 1.20 和 nodejs >= 16.x 和 yarn >= v1.22.x
```shell
git clone https://github.com/bjdgyc/anylink.git
@ -308,7 +311,7 @@ ipv4_end = "10.1.2.200"
## Discussion
添加QQ群(1): 567510628
添加QQ群(1)(已满): 567510628
添加QQ群(2): 739072205
@ -320,6 +323,13 @@ ipv4_end = "10.1.2.200"
![contact_me_qr](doc/screenshot/contact_me_qr.png)
-->
## Support Client
- [AnyConnect Secure Client](https://www.cisco.com/) (可通过群文件下载: Windows/macOS/Linux/Android/iOS)
- [OpenConnect](https://gitlab.com/openconnect/openconnect) (Windows/macOS/Linux)
- [AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
## Contribution
欢迎提交 PR、Issues感谢为 AnyLink 做出贡献。

46
build.sh
View File

@ -1,5 +1,7 @@
#!/bin/bash
github_action=$1
set -x
function RETVAL() {
rt=$1
@ -12,32 +14,53 @@ function RETVAL() {
#当前目录
cpath=$(pwd)
ver=`cat server/base/app_ver.go | grep APP_VER | awk '{print $3}' | sed 's/"//g'`
#ver=`cat server/base/app_ver.go | grep APP_VER | awk '{print $3}' | sed 's/"//g'`
ver=$(cat version)
echo "当前版本 $ver"
echo "编译前端项目"
cd $cpath/web
#国内可替换源加快速度
#npx browserslist@latest --update-db
#npm install --registry=https://registry.npm.taobao.org
#npm install
#npm run build
if [ "$github_action" == "github_action" ]; then
yarn install --registry=https://registry.npmmirror.com
else
yarn install
fi
yarn install --registry=https://registry.npmmirror.com
yarn run build
RETVAL $?
echo "编译二进制文件"
cd $cpath/server
rm -rf ui
cp -rf $cpath/web/ui .
#国内可替换源加快速度
export GOPROXY=https://goproxy.io
flags="-v -trimpath -extldflags '-static' -tags osusergo,netgo,sqlite_omit_load_extension"
ldflags="-s -w -X main.appVer=$ver -X main.commitId=$(git rev-parse HEAD) -X main.date=$(date --iso-8601=seconds)"
if [ "$github_action" == "github_action" ]; then
echo "github_action"
else
#国内可替换源加快速度
export GOPROXY=https://goproxy.io
go mod tidy
go build -o anylink "$flags" -ldflags "$ldflags"
exit 0
fi
#github action
go mod tidy
go build -v -o anylink -ldflags "-s -w -X main.CommitId=$(git rev-parse HEAD)"
RETVAL $?
go build -o anylink_amd64 "$flags" -ldflags "$ldflags"
#arm64交叉编译
CC=aarch64-linux-gnu-gcc CXX=aarch64-linux-gnu-g++ go build -o anylink_arm64 "$flags" -ldflags "$ldflags"
./anylink_amd64 -v
./anylink_arm64 -v
exit 0
cd $cpath
@ -45,9 +68,10 @@ echo "整理部署文件"
deploy="anylink-deploy"
rm -rf $deploy ${deploy}.tar.gz
mkdir $deploy
mkdir $deploy/log
cp -r server/anylink $deploy
#cp -r server/bridge-init.sh $deploy
cp -r server/bridge-init.sh $deploy
cp -r server/conf $deploy
cp -r systemd $deploy

2
build_docker.sh
View File

@ -1,6 +1,6 @@
#!/bin/bash
ver=`cat server/base/app_ver.go | grep APP_VER | awk '{print $3}' | sed 's/"//g'`
ver=`cat server/base/app_ver.go | grep "APP_VER" | awk '{print $3}' | sed 's/"//g'`
echo $ver
#docker login -u bjdgyc

7
doc/README.md
View File

@ -12,7 +12,7 @@
>
> 需要展示主页的同学可以在QQ群 直接联系我添加。
| 昵称 | 主页 / 留言 |
| 昵称 | 主页 / 联系方式 |
|-----------|------------------------------|
| 代码 oo8 | |
| 甘磊 | https://github.com/ganlei333 |
@ -40,9 +40,10 @@
| 悲鸣 | |
| 谢谢 | |
| 云思科技 | |
| 哆啦A伟(张佳伟) | 嘿嘿 |
| 人类的悲欢并不相通 | 开源不易,感谢分享 |
| 哆啦A伟(张佳伟) | |
| 人类的悲欢并不相通 | |
| 做人要低调 | |
| 洛洛 | |

4
docker/Dockerfile
View File

@ -27,7 +27,7 @@ COPY --from=builder_node /web/ui /anylink/ui
#TODO 本地打包时使用镜像
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
RUN apk add gcc musl-dev
RUN cd /anylink;go mod tidy;go build -o anylink -ldflags "-s -w -X main.CommitId=${GitCommitId}" \
RUN cd /anylink;go mod tidy;go build -o anylink -trimpath -ldflags "-s -w -X main.CommitId=${GitCommitId}" \
&& /anylink/anylink tool -v
@ -47,7 +47,7 @@ COPY ./home /app/home
#TODO 本地打包时使用镜像
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
RUN apk add --no-cache bash iptables \
RUN apk add --no-cache bash iptables iproute2\
&& chmod +x /app/docker_entrypoint.sh \
&& ls /app

2
server/admin/api_base.go
View File

@ -36,7 +36,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
totp := gotp.NewDefaultTOTP(base.Cfg.AdminOtp)
unix := time.Now().Unix()
verify := totp.Verify(otp, int(unix))
verify := totp.Verify(otp, unix)
if !verify {
RespError(w, RespUserOrPassErr)

10
server/admin/api_user.go
View File

@ -22,6 +22,7 @@ import (
func UserList(w http.ResponseWriter, r *http.Request) {
_ = r.ParseForm()
prefix := r.FormValue("prefix")
prefix = strings.TrimSpace(prefix)
pageS := r.FormValue("page")
page, _ := strconv.Atoi(pageS)
if page < 1 {
@ -37,8 +38,11 @@ func UserList(w http.ResponseWriter, r *http.Request) {
// 查询前缀匹配
if len(prefix) > 0 {
count = dbdata.CountPrefix("username", prefix, &dbdata.User{})
err = dbdata.Prefix("username", prefix, &datas, pageSize, 1)
fuzzy := "%" + prefix + "%"
where := "username LIKE ? OR nickname LIKE ? OR email LIKE ?"
count = dbdata.FindWhereCount(&dbdata.User{}, where, fuzzy, fuzzy, fuzzy)
err = dbdata.FindWhere(&datas, pageSize, page, where, fuzzy, fuzzy, fuzzy)
} else {
count = dbdata.CountAll(&dbdata.User{})
err = dbdata.Find(&datas, pageSize, page)
@ -107,7 +111,7 @@ func UserSet(w http.ResponseWriter, r *http.Request) {
return
}
}
//修改用户资料后执行过期用户检测
// 修改用户资料后执行过期用户检测
sessdata.CloseUserLimittimeSession()
RespSucess(w, nil)
}

7
server/admin/server.go
View File

@ -25,6 +25,7 @@ func StartAdmin() {
r.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
utils.SetSecureHeader(w)
w.Header().Set("Server", "AnyLinkAdminOpenSource")
next.ServeHTTP(w, req)
})
})
@ -96,8 +97,9 @@ func StartAdmin() {
r.HandleFunc("/debug/pprof", location("/debug/pprof/")).Name("debug")
r.PathPrefix("/debug/pprof/").HandlerFunc(pprof.Index).Name("debug")
// statsviz
r.Path("/debug/statsviz/ws").Name("debug").HandlerFunc(statsviz.Ws)
r.PathPrefix("/debug/statsviz/").Name("debug").Handler(statsviz.Index)
srv, _ := statsviz.NewServer() // Create server or handle error
r.Path("/debug/statsviz/ws").Name("debug").HandlerFunc(srv.Ws())
r.PathPrefix("/debug/statsviz/").Name("debug").Handler(srv.Index())
}
base.Info("Listen admin", base.Cfg.AdminAddr)
@ -128,6 +130,7 @@ func StartAdmin() {
Addr: base.Cfg.AdminAddr,
Handler: r,
TLSConfig: tlsConfig,
ErrorLog: base.GetServerLog(),
}
err := srv.ListenAndServeTLS("", "")
if err != nil {

10
server/base/app_ver.go
View File

@ -2,6 +2,12 @@ package base
const (
APP_NAME = "AnyLink"
// app版本号
APP_VER = "0.10.1"
)
var (
// APP_VER app版本号
APP_VER = "0.0.1"
// 提交id
CommitId string
Date string
)

2
server/base/cfg.go
View File

@ -45,6 +45,7 @@ type ServerConfig struct {
FilesPath string `json:"files_path"`
LogPath string `json:"log_path"`
LogLevel string `json:"log_level"`
HttpServerLog bool `json:"http_server_log"`
Pprof bool `json:"pprof"`
Issuer string `json:"issuer"`
AdminUser string `json:"admin_user"`
@ -70,6 +71,7 @@ type ServerConfig struct {
Mtu int `json:"mtu"`
DefaultDomain string `json:"default_domain"`
IdleTimeout int `json:"idle_timeout"` // in seconds
SessionTimeout int `json:"session_timeout"` // in seconds
// AuthTimeout int `json:"auth_timeout"` // in seconds
AuditInterval int `json:"audit_interval"` // in seconds

49
server/base/cmd.go
View File

@ -1,7 +1,6 @@
package base
import (
"errors"
"fmt"
"io"
"os"
@ -17,8 +16,6 @@ import (
)
var (
// 提交id
CommitId string
// pass明文
passwd string
// 生成otp
@ -60,6 +57,15 @@ func execute() {
envs[rr.Key().String()] = rr.Value().Index(0).String()
}
//移动配置解析代码
conf := linkViper.GetString("conf")
linkViper.SetConfigFile(conf)
err = linkViper.ReadInConfig()
if err != nil {
// 没有配置文件,直接报错
panic("config file err:" + err.Error())
}
if !runSrv {
os.Exit(0)
}
@ -106,19 +112,28 @@ func initCmd() {
cobra.OnInitialize(func() {
linkViper.AutomaticEnv()
conf := linkViper.GetString("conf")
_, err := os.Stat(conf)
if errors.Is(err, os.ErrNotExist) {
// 没有配置文件,不做处理
panic(err)
}
linkViper.SetConfigFile(conf)
err = linkViper.ReadInConfig()
if err != nil {
panic("config file err:" + err.Error())
}
//ver := linkViper.GetBool("version")
//if ver {
// printVersion()
// os.Exit(0)
//}
//
//return
//
//conf := linkViper.GetString("conf")
//_, err := os.Stat(conf)
//if errors.Is(err, os.ErrNotExist) {
// // 没有配置文件,不做处理
// panic("conf stat err:" + err.Error())
//}
//
//
//linkViper.SetConfigFile(conf)
//err = linkViper.ReadInConfig()
//if err != nil {
// panic("config file err:" + err.Error())
//}
})
}
@ -164,6 +179,6 @@ func initToolCmd() *cobra.Command {
}
func printVersion() {
fmt.Printf("%s v%s build on %s [%s, %s] commit_id(%s) \n",
APP_NAME, APP_VER, runtime.Version(), runtime.GOOS, runtime.GOARCH, CommitId)
fmt.Printf("%s v%s build on %s [%s, %s] %s commit_id(%s)\n",
APP_NAME, APP_VER, runtime.Version(), runtime.GOOS, runtime.GOARCH, Date, CommitId)
}

16
server/base/config.go
View File

@ -22,9 +22,9 @@ type config struct {
var configs = []config{
{Typ: cfgStr, Name: "conf", Usage: "config file", ValStr: "./conf/server.toml", Short: "c"},
{Typ: cfgStr, Name: "profile", Usage: "profile.xml file", ValStr: "./conf/profile.xml"},
{Typ: cfgStr, Name: "server_addr", Usage: "服务监听地址", ValStr: ":443"},
{Typ: cfgStr, Name: "server_addr", Usage: "TCP服务监听地址(任意端口)", ValStr: ":443"},
{Typ: cfgBool, Name: "server_dtls", Usage: "开启DTLS", ValBool: false},
{Typ: cfgStr, Name: "server_dtls_addr", Usage: "DTLS监听地址", ValStr: ":443"},
{Typ: cfgStr, Name: "server_dtls_addr", Usage: "DTLS监听地址(任意端口)", ValStr: ":443"},
{Typ: cfgStr, Name: "admin_addr", Usage: "后台服务监听地址", ValStr: ":8800"},
{Typ: cfgBool, Name: "proxy_protocol", Usage: "TCP代理协议", ValBool: false},
{Typ: cfgStr, Name: "db_type", Usage: "数据库类型 [sqlite3 mysql postgres]", ValStr: "sqlite3"},
@ -34,6 +34,7 @@ var configs = []config{
{Typ: cfgStr, Name: "files_path", Usage: "外部下载文件路径", ValStr: "./conf/files"},
{Typ: cfgStr, Name: "log_path", Usage: "日志文件路径,默认标准输出", ValStr: ""},
{Typ: cfgStr, Name: "log_level", Usage: "日志等级 [debug info warn error]", ValStr: "debug"},
{Typ: cfgBool, Name: "http_server_log", Usage: "开启go标准库http.Server的日志", ValBool: false},
{Typ: cfgBool, Name: "pprof", Usage: "开启pprof", ValBool: false},
{Typ: cfgStr, Name: "issuer", Usage: "系统名称", ValStr: "XX公司VPN"},
{Typ: cfgStr, Name: "admin_user", Usage: "管理用户名", ValStr: "admin"},
@ -52,14 +53,15 @@ var configs = []config{
{Typ: cfgInt, Name: "ip_lease", Usage: "IP租期(秒)", ValInt: 86400},
{Typ: cfgInt, Name: "max_client", Usage: "最大用户连接", ValInt: 200},
{Typ: cfgInt, Name: "max_user_client", Usage: "最大单用户连接", ValInt: 3},
{Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 4},
{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 9},
{Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 7},
{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 15},
{Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 5},
{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 12},
{Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 10},
{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 22},
{Typ: cfgInt, Name: "mtu", Usage: "最大传输单元MTU", ValInt: 1460},
{Typ: cfgInt, Name: "idle_timeout", Usage: "空闲链接超时时间(秒)-超时后断开链接0关闭此功能", ValInt: 7200},
{Typ: cfgInt, Name: "session_timeout", Usage: "session过期时间(秒)-用于断线重连0永不过期", ValInt: 3600},
// {Typ: cfgInt, Name: "auth_timeout", Usage: "auth_timeout", ValInt: 0},
{Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),-1关闭", ValInt: -1},
{Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),-1关闭", ValInt: 600},
{Typ: cfgBool, Name: "show_sql", Usage: "显示sql语句用于调试", ValBool: false},
{Typ: cfgBool, Name: "iptables_nat", Usage: "是否自动添加NAT", ValBool: true},

21
server/base/log.go
View File

@ -28,6 +28,10 @@ var (
logName = "anylink.log"
)
func init() {
log.SetFlags(log.LstdFlags | log.Lshortfile)
}
// 实现 os.Writer 接口
type logWriter struct {
UseStdout bool
@ -77,15 +81,28 @@ func initLog() {
baseLw.newFile()
baseLevel = logLevel2Int(Cfg.LogLevel)
baseLog = log.New(baseLw, "", log.LstdFlags|log.Lshortfile)
serverLog = log.New(&sLogWriter{}, "[http_server]", log.LstdFlags|log.Lshortfile)
}
func GetBaseLw() *logWriter {
return baseLw
}
var serverLog *log.Logger
type sLogWriter struct{}
func (w *sLogWriter) Write(p []byte) (n int, err error) {
if Cfg.HttpServerLog {
return os.Stderr.Write(p)
}
return 0, nil
}
// 获取 log.Logger
func GetBaseLog() *log.Logger {
return baseLog
func GetServerLog() *log.Logger {
return serverLog
}
func GetLogLevel() int {

17
server/base/mod.go
View File

@ -50,20 +50,25 @@ func CheckModOrLoad(mod string) {
return
}
var err error
if mod == "tun" || mod == "tap" {
_, err := os.Stat(tunPath)
_, err = os.Stat(tunPath)
if err == nil {
// 文件存在
return
}
panic("Linux tunFile is null " + tunPath)
err = fmt.Errorf("[error] Linux tunFile is null %s", tunPath)
log.Println(err)
return
// panic(err)
}
if InContainer {
err := fmt.Errorf("Linux module %s is not loaded, please run `modprobe %s`", mod, mod)
// log.Println(err)
// return
panic(err)
err = fmt.Errorf("[error] Linux module %s is not loaded, please run `modprobe %s`", mod, mod)
log.Println(err)
return
// panic(err)
}
cmdstr := fmt.Sprintln("modprobe", mod)

16
server/conf/server-sample.toml
View File

@ -29,10 +29,11 @@ admin_otp = ""
jwt_secret = "abcdef.0123456789.abcdef"
#服务监听地址
#TCP服务监听地址(任意端口)
server_addr = ":443"
#开启 DTLS, 默认关闭
server_dtls = false
#UDP监听地址(任意端口)
server_dtls_addr = ":443"
#后台服务监听地址
admin_addr = ":8800"
@ -49,7 +50,7 @@ ipv4_start = "192.168.90.100"
ipv4_end = "192.168.90.200"
#最大客户端数量
max_client = 100
max_client = 200
#单个用户同时在线数量
max_user_client = 3
#IP租期(秒)
@ -59,10 +60,10 @@ ip_lease = 86400
default_group = "one"
#客户端失效检测时间(秒) dpd > keepalive
cstp_keepalive = 6
cstp_dpd = 10
mobile_keepalive = 15
mobile_dpd = 20
cstp_keepalive = 5
cstp_dpd = 12
mobile_keepalive = 10
mobile_dpd = 22
#设置最大传输单元
mtu = 1460
@ -71,10 +72,11 @@ mtu = 1460
default_domain = "example.com"
#default_domain = "example.com abc.example.com"
idle_timeout = 7200
#session过期时间用于断线重连0永不过期
session_timeout = 3600
auth_timeout = 0
audit_interval = -1
audit_interval = 600
show_sql = false

2
server/conf/server.toml
View File

@ -23,7 +23,7 @@ admin_pass = "$2a$10$UQ7C.EoPifDeJh6d8.31TeSPQU7hM/NOM2nixmBucJpAuXDQNqNke"
admin_otp = ""
jwt_secret = "abcdef.0123456789.abcdef"
#服务监听地址
#TCP服务监听地址(任意端口)
server_addr = ":443"
#后台服务监听地址
admin_addr = ":8800"

120
server/conf/vpn_cert.crt
View File

@ -1,61 +1,67 @@
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgIQAuUy6Rv6Bo3nDXn5FackbDANBgkqhkiG9w0BAQsFADBu
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMS0wKwYDVQQDEyRFbmNyeXB0aW9uIEV2ZXJ5d2hlcmUg
RFYgVExTIENBIC0gRzEwHhcNMjMwMTAzMDAwMDAwWhcNMjQwMTAzMjM1OTU5WjAc
MRowGAYDVQQDExF2cG4udGVzdC52cWlsdS5jbjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANJAJPYBvOP/7v8SgMIkVLIulN/ziPALvFcEwVnQDImUIky8
4udy0fmvJ2E3E3NL6Qv14ZHDGtH7CafukimNWTT2BVmQBYiO1ZlUkHcHUX4IoYEh
egdy2xw0WwknJWTOyvkRkeDhtT9QUpA/zeemS4q1TG95zRDf5htUR4OMZXsZpkQ2
bkSgnLtdyUmw2nhfSWgsD9fbwr6WnOx/swsUe52N3sIDZ6JTgn3N7xeT3/lVJKVN
wyYkZldialmRzrs6btr3mmnqpWObcc4FvKr/CLmoOSXl0I1wWsr+HnQ4X9hHsJUk
jk3EZKfhH3mM37HF8apqztb6WjC3R96Zam6Z8bMCAwEAAaOCAuAwggLcMB8GA1Ud
IwQYMBaAFFV0T7JyT/VgulDR1+ZRXJoBhxrXMB0GA1UdDgQWBBSUpPcW3emC2l0o
q6qRBOBDMjQ2rDAcBgNVHREEFTATghF2cG4udGVzdC52cWlsdS5jbjAOBgNVHQ8B
Af8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD4GA1UdIAQ3
MDUwMwYGZ4EMAQIBMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQu
Y29tL0NQUzCBgAYIKwYBBQUHAQEEdDByMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
cC5kaWdpY2VydC5jb20wSgYIKwYBBQUHMAKGPmh0dHA6Ly9jYWNlcnRzLmRpZ2lj
ZXJ0LmNvbS9FbmNyeXB0aW9uRXZlcnl3aGVyZURWVExTQ0EtRzEuY3J0MAkGA1Ud
EwQCMAAwggF9BgorBgEEAdZ5AgQCBIIBbQSCAWkBZwB2AO7N0GTV2xrOxVy3nbTN
E6Iyh0Z8vOzew1FIWUZxH7WbAAABhXXkyXMAAAQDAEcwRQIgVhLvLOPcW0V1xhBv
5KSeqGHbAnRVhew3kutV3Bu1x+ICIQCbYjRtmkDo1hx6p0YNdNfkZ3N5u+syVjwH
Al3a9NpVxgB1AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRzAAABhXXk
yY4AAAQDAEYwRAIgcuscG2kkSGNvAsVH9CAtXjNUwk9UJriY0+3OtQ4WVrMCIAsC
CkqEI1Ek5M26yrWt0Q7+u+UZ8rXhfYu3kcMMq7PVAHYAO1N3dT4tuYBOizBbBv5A
O2fYT8P0x70ADS1yb+H61BcAAAGFdeTJkAAABAMARzBFAiAEJbJTN8hrRUZ6UaaD
2TlyDQfzUvTkex0XGT6PGKHkagIhAJ+Kg6tdt/csKde2vdweu+dT01fzg/fq4q3o
mjfPhFm1MA0GCSqGSIb3DQEBCwUAA4IBAQAKFTUHbpgKsXARCBIIfEZGqkOvaafm
QaoNodc6cj0+LJCbuMzrTlkzmII0X/U52MBG8JCEIO8BPe5R4NIFqqaE066zQANq
HOsROOJi2A+WTTZcSEHbH3uhdVwcEQHvDzaOEEJc9Ilz6pdYsrv+trOmeR5PeIxv
t1jQacSwN1z6z0N4CRjBpePV/9nwETkEaKjQuXSoYlN+pczK/4nX2W9+E/OnwtZs
ScyFffPtTLHf1u4eSYuBT/AdwaKHXetxWzh98GP9LRfQhm63Gs+/WcloYl489dG/
FOFjch2TdmrPcUwxxGEbbPt3zXRxSVlzvIaf4gTUl2+PsKwbKy/w4OLS
MIIGbTCCBNWgAwIBAgIQIodwqN03+Y3aYpdvfq2qKTANBgkqhkiG9w0BAQwFADBZ
MQswCQYDVQQGEwJDTjElMCMGA1UEChMcVHJ1c3RBc2lhIFRlY2hub2xvZ2llcywg
SW5jLjEjMCEGA1UEAxMaVHJ1c3RBc2lhIFJTQSBEViBUTFMgQ0EgRzIwHhcNMjQw
MTIyMDAwMDAwWhcNMjUwMTIxMjM1OTU5WjAcMRowGAYDVQQDExF2cG4udGVzdC52
cWlsdS5jbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANFWPBr5g8py
8oPZhklQw9zBcIvfaEX2AVPIwW6iOm+j8v0LvXTGQkE1bZx4RwB1jKiEGG3KVsIU
pTJCkNEmwCZGJYvnNKN952zhtUQieZe8X4Zr0W43+j9Hbv+TKt6MFV3u70ArOD2T
m8j/gWFcUyK9mDCCFpKImRUckbp6GYJUZHXUDktQiOu5v6Jgl9pLZ2XhZXGf2TJh
G441TScMwidYToX51VrnscRQQ6iUMSav1H43lchdh9fAThbheP/kIv6YEswT45oA
MrxET10+iaCTdWpz+zy2GWXLO2pH9N9AjALCZA1/5QHkMhavmJgOxfitTeGzAlBQ
JNAIs0Rx1K0CAwEAAaOCAuwwggLoMB8GA1UdIwQYMBaAFF86fBEQfgxncWHci6O1
AANn9VccMB0GA1UdDgQWBBRDRfNBNYRlLb4V1MRTnU+bUVnvnDAOBgNVHQ8BAf8E
BAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
AwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICMTAlMCMGCCsGAQUFBwIBFhdodHRw
czovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwfQYIKwYBBQUHAQEEcTBvMEIG
CCsGAQUFBzAChjZodHRwOi8vY3J0LnRydXN0LXByb3ZpZGVyLmNuL1RydXN0QXNp
YVJTQURWVExTQ0FHMi5jcnQwKQYIKwYBBQUHMAGGHWh0dHA6Ly9vY3NwLnRydXN0
LXByb3ZpZGVyLmNuMBwGA1UdEQQVMBOCEXZwbi50ZXN0LnZxaWx1LmNuMIIBfwYK
KwYBBAHWeQIEAgSCAW8EggFrAWkAdgDPEVbu1S58r/OHW9lpLpvpGnFnSrAX7KwB
0lt3zsw7CAAAAY0v95Z6AAAEAwBHMEUCIDbFVgzV1DDvqTq6UnYisMqAEJn1cR+d
mc+agwaOuRbrAiEAz3W2HooNcKqADX9QyK8xQQ8r9BQKVCQzF76g9AZKeDoAdwCi
4wrkRe+9rZt+OO1HZ3dT14JbhJTXK14bLMS5UKRH5wAAAY0v95ZkAAAEAwBIMEYC
IQCWVxDjciJ/KMbwbqMbEZdsDq0nCrotlPhIBb5wFBurVgIhAOgnw3nqSqFYRm8y
OL3nz8rop0V5IEtgiNarOqMfLf33AHYATnWjJ1yaEMM4W2zU3z9S6x3w4I4bjWnA
sfpksWKaOd8AAAGNL/eWFwAABAMARzBFAiBB+V0NBebuCniZVuin5OaMYvWyNvRd
NJ6hRmLbSKQAwwIhAKrPRrAP3An/9HSrFN/70eEK5DHT8+q8m0L5tc0+TckmMA0G
CSqGSIb3DQEBDAUAA4IBgQCB65Q0V6Mewca0iVCxLJxczu6XYCCwsUzJiTWYjao3
XZVe8yB4RhAimsUY+U3nXIL3RivkJydqfOO9N5APWndDgbtS4r55TFdscDUDmzsR
S5kYCoEudbDWT89U+tHMOxzUKkb3nDA0WvJEN52CAanYO3blihnX3eX7enQMGtsM
gfDrArcQyS+WMKUkyOlNysqGtj3XWYKssBPrX/0GqMimoeYkg+B4daBTbOVB6sKs
+USnmhI2MF3QUxn0+fC207HbSDj7s4a6npjg5KsL0zUsFrNZlMH30Tx2L0WuI1T7
65lKHaKt8CyuL/YTjD5lAGYtJ+K9ypl5sBUFCXeW1lazTocjDa2CKv3WV+kVBhyO
2nA2Lo4e643YXwXw98+ufU2U9yUjn1OrhsUXo3qaxETGVMumRwubtX4O2dUKnYGF
xBxfHzXJKhZjX+U2ENIwsrm7pp3dcpIZqKxPCeowU5Ma9tvYpM7kgDhploMfsVic
H7pWcFY99X5nMwJoDDBYomY=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH
MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc
oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo
lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj
pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h
yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n
wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M
pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf
BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw
HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C
AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu
Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG
/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B
SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW
M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV
4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ
sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy
rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg==
MIIFBzCCA++gAwIBAgIRALIM7VUuMaC/NDp1KHQ76aswDQYJKoZIhvcNAQELBQAw
ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yMjAxMTAwMDAwMDBaFw0y
ODEyMzEyMzU5NTlaMFkxCzAJBgNVBAYTAkNOMSUwIwYDVQQKExxUcnVzdEFzaWEg
VGVjaG5vbG9naWVzLCBJbmMuMSMwIQYDVQQDExpUcnVzdEFzaWEgUlNBIERWIFRM
UyBDQSBHMjCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAKjGDe0GSaBs
Yl/VhMaTM6GhfR1TAt4mrhN8zfAMwEfLZth+N2ie5ULbW8YvSGzhqkDhGgSBlafm
qq05oeESrIJQyz24j7icGeGyIZ/jIChOOvjt4M8EVi3O0Se7E6RAgVYcX+QWVp5c
Sy+l7XrrtL/pDDL9Bngnq/DVfjCzm5ZYUb1PpyvYTP7trsV+yYOCNmmwQvB4yVjf
IIpHC1OcsPBntMUGeH1Eja4D+qJYhGOxX9kpa+2wTCW06L8T6OhkpJWYn5JYiht5
8exjAR7b8Zi3DeG9oZO5o6Qvhl3f8uGU8lK1j9jCUN/18mI/5vZJ76i+hsgdlfZB
Rh5lmAQjD80M9TY+oD4MYUqB5XrigPfFAUwXFGehhlwCVw7y6+5kpbq/NpvM5Ba8
SeQYUUuMA8RXpTtGlrrTPqJryfa55hTuX/ThhX4gcCVkbyujo0CYr+Uuc14IOyNY
1fD0/qORbllbgV41wiy/2ZUWZQUodqHWkjT1CwIMbQOY5jmrSYGBwwIDAQABo4IB
JjCCASIwHwYDVR0jBBgwFoAUoBEKIz6W8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYE
FF86fBEQfgxncWHci6O1AANn9VccMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E
CDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAE
GzAZMA0GCysGAQQBsjEBAgIxMAgGBmeBDAECATBDBgNVHR8EPDA6MDigNqA0hjJo
dHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNy
bDA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9k
b2NhLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAHMUom5cxIje2IiFU7mOCsBr2F6CY
eU5cyfQ/Aep9kAXYUDuWsaT85721JxeXFYkf4D/cgNd9+hxT8ZeDOJrn+ysqR7NO
2K9AdqTdIY2uZPKmvgHOkvH2gQD6jc05eSPOwdY/10IPvmpgUKaGOa/tyygL8Og4
3tYyoHipMMnS4OiYKakDJny0XVuchIP7ZMKiP07Q3FIuSS4omzR77kmc75/6Q9dP
v4wa90UCOn1j6r7WhMmX3eT3Gsdj3WMe9bYD0AFuqa6MDyjIeXq08mVGraXiw73s
Zale8OMckn/BU3O/3aFNLHLfET2H2hT6Wb3nwxjpLIfXmSVcVd8A58XH0g==
-----END CERTIFICATE-----

55
server/conf/vpn_cert.key
View File

@ -1,27 +1,28 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA0kAk9gG84//u/xKAwiRUsi6U3/OI8Au8VwTBWdAMiZQiTLzi
53LR+a8nYTcTc0vpC/XhkcMa0fsJp+6SKY1ZNPYFWZAFiI7VmVSQdwdRfgihgSF6
B3LbHDRbCSclZM7K+RGR4OG1P1BSkD/N56ZLirVMb3nNEN/mG1RHg4xlexmmRDZu
RKCcu13JSbDaeF9JaCwP19vCvpac7H+zCxR7nY3ewgNnolOCfc3vF5Pf+VUkpU3D
JiRmV2JqWZHOuzpu2veaaeqlY5txzgW8qv8Iuag5JeXQjXBayv4edDhf2EewlSSO
TcRkp+EfeYzfscXxqmrO1vpaMLdH3plqbpnxswIDAQABAoIBAGKKzugAi4Q/Vch2
ZyPXPF0hCQToE3QSxAzy/R53rRCkfekClMTO44xHpEjjs/mTiCBjd3xGeiEVrIJp
hlb0WW3Bq2M9ZeKJs6JAaM9o/jB4oh2wT44DLqALB+oDz3puk+Jl8j34++a3YmMa
jIq4veo+rBsJduwkTKjdeQE2ge/ODZEQ6bUmSjYo1P9LNGEyO2wmcVk+jHx0zBi7
8fR3oY03Io+byuN0494Di1m3IpIdj3ma0MV5zJf31urLXqqYtOApouWL/yhZOIuo
YW+mcuS7ZgK5FsqrUm0vGBcf24GcKhhlBlUu0mfLrCRrWLDsqJDQ/8alvuNP0IVm
gqz0H5UCgYEA8yaKzMfkeRXSTERt6NZHo/8ShIn26Yf+pMDpVdYKfVBL254vGTeq
B+LQhDpxZV1iMr1FNvkhHtNGQ74ZbWOj4+5Xjsllaw1ao2iGp1w/chuJ6FG/Go4q
9FaY3eGiCqRJOQNivBxU/D7sN0y4b48HAEQdmp516pItlGtG+C8TY38CgYEA3VyD
6EczHdAmPO7bdbYn/irfe78so1lHT04P0FiVg2W77ZKuQINTNDK9w/alYyZ2tH1b
N2JznulJ6UDcl4xw43xJixxhme2jWPaYzmQUuQHviZ0D0tCgmOkN8bUnc9LSvEGA
SnaiKbOtUfP8Z3c/mF997wuFNfdmhww8LBpbO80CgYEAmdRKf9/+5bQuhd3NAz99
t31KQ9vdAEXvjmAVvx5ZKIrCU0EyXuvegHq4nM80qoJ3+83Omkbm80+K5pTAFXqy
VyOU9Vro9N9P9o3MktlDsndFulrtYmmLN2YJ9GYpVD43rQA9WPE7uxI784hwLvP3
4+00JXwW8b5lY76y+ZUe2RUCgYEAt6BQN/YgPCH4JmHKIWp64If2HbQntlWQJwRN
b/qcBIT3EQu1iwSll85jxtSqu4YjwHOgoGAGI5PIYTsSApFY8AyhAUoI2OTdtSXS
+prg6dvmNhTPICk6n73seE5bLOR9NfdsEdk5ijhnlW09OyMb2S2VzR+UYIEbRvnq
THeMqR0CgYEAwQ9aAIGD4t4DXjHHtz6Wqpbq6jj6mmYBsL9jqRgu8ASj1/THgWWn
iUrlCbFIXWu2vnP1h0SBV56GA7MSTqAt0ZdTzpI1PRkMOIO9z1dN4Q2R1SEya1eF
7/LPLqJIoLbILGvy6U3DLYdMckPZaoTPf5BNKD52paZcNbjkXTlVLSY=
-----END RSA PRIVATE KEY-----
-----BEGIN PRIVATE KEY-----
MIIEuwIBADANBgkqhkiG9w0BAQEFAASCBKUwggShAgEAAoIBAQDRVjwa+YPKcvKD
2YZJUMPcwXCL32hF9gFTyMFuojpvo/L9C710xkJBNW2ceEcAdYyohBhtylbCFKUy
QpDRJsAmRiWL5zSjfeds4bVEInmXvF+Ga9FuN/o/R27/kyrejBVd7u9AKzg9k5vI
/4FhXFMivZgwghaSiJkVHJG6ehmCVGR11A5LUIjrub+iYJfaS2dl4WVxn9kyYRuO
NU0nDMInWE6F+dVa57HEUEOolDEmr9R+N5XIXYfXwE4W4Xj/5CL+mBLME+OaADK8
RE9dPomgk3Vqc/s8thllyztqR/TfQIwCwmQNf+UB5DIWr5iYDsX4rU3hswJQUCTQ
CLNEcdStAgMBAAECgf97UHp7u8+x4lz6BQB8/c0xHWdAw1clIveZbEVl0hNoVUN/
EKku+q/1Sf+CuhnbgLjT1bkVnnotmVcGeWH2DeCnkMJqHVMOBRb/dso2fw+pCTzY
VofQpmbPy1xCXb6chqrpT3MTaJdI7IrBCNEQ54cOxsojwzp0MfejS/NI41q8iuCS
hVry+VEbmtA22vjwMvsF6NsRKlfc1DUyC/ZoHB91gzKmvLdXBREwBXtdiJfMlu9G
EKH3ORxbcanmdsXWIG84t5M9Sf9L5FZe6tlL4FdoKv25Vxv2z+PVM8Y/0B3IBTCb
yqMK8579PTlHl40WRjSgzpijGvMxuIpgm5KaXQECgYEA7U6lBhRWmPsJRaK0jyAv
qnaC5AbnM8OjIbsDtnQxn0BWvx7aZznxOE4jL0QejUD/gov6yYkNhIu797LzO8Mq
fEqEX7Bp23PfLvybqkyhJWFz26v0erU5q8Rlt648bK7Ul1j8FkmsEN3qu+64c8Fu
pzN081bqOGjEcaCjsHswvkMCgYEA4dOPvYYu8wBfrH3Gn94XHWWVvFMnWErXEOzK
eL0dFg3Ae+y8Sg5x9YTz3XjwyzwcTbrD0zg4huWwmD64BgPcliG7XKA093ea2JIs
Mah5/KTQmltcIut7qUvzwwbQVfN3xTwWzd7eDtEIAeFZ8r/HzJM6X21b/LaQIXUY
Gb7dik8CgYAaaUxYlt7ke9wWUfuCinSDplj/A/2rdzSqxmOtZNU5AjIlZ0urfXlp
aNjlo9E6q2dEokuxLn3AqMSs1s/XcOtDlg+RjtLZR9YpJpg0pf6xaF06r7KwDYdz
pJIllVDIT9T9WzwDRwPNhMVhUTpaN8cW+NUlWCENUiu68cQGGk/cfQKBgEmvRk+I
4PjZPl6CC7VOOiyVYO46E7RzdwlGuin7SupPQmctL6LaY8TAxPGW7LrjujiCoDLj
PU6G08BZdqI/0FIMX54xiBbXJ+dSiqkJWARfotE6zi12uLrc1YTlTEU/U+0/VhGG
jt42xm4WocrbWM4fnARXIpSq3QyNsHd2F8NxAoGBAMEcT0mFQ0J7HCQ+zL36ogGv
Bc/N6WR0xSEBQVG9D4iysxX4XyJukCuUCvMIbsBj5IVAVBlMNxfDtL/kD6tgy0L7
tdN7nOaYgnqTyZfQItz92cQ6oiIqW7GPJA5ATJe1fxXINjcP6EkRDAfACBW7/l85
Cd/yRpaOSMPbqKO1OOSn
-----END PRIVATE KEY-----

5
server/dbdata/db_orm.go
View File

@ -75,6 +75,11 @@ func Find(data interface{}, limit, page int) error {
return xdb.Limit(limit, start).Find(data)
}
func FindWhereCount(data interface{}, where string, args ...interface{}) int {
n, _ := xdb.Where(where, args...).Count(data)
return int(n)
}
func FindWhere(data interface{}, limit int, page int, where string, args ...interface{}) error {
if limit == 0 {
return xdb.Where(where, args...).Find(data)

2
server/dbdata/setting.go
View File

@ -62,7 +62,7 @@ func SettingSet(data interface{}) error {
func SettingGet(data interface{}) error {
name := StructName(data)
s := &Setting{Name: name}
s := &Setting{}
err := One("name", name, s)
if err != nil {
return err

2
server/dbdata/user.go
View File

@ -186,7 +186,7 @@ func checkOtp(name, otp, secret string) bool {
totp := gotp.NewDefaultTOTP(secret)
unix := time.Now().Unix()
verify := totp.Verify(otp, int(unix))
verify := totp.Verify(otp, unix)
return verify
}

2
server/dbdata/user_act_log.go
View File

@ -22,6 +22,7 @@ const (
UserLogoutTimeout = 3 // 用户超时登出
UserLogoutAdmin = 4 // 账号被管理员踢下线
UserLogoutExpire = 5 // 账号过期被踢下线
UserIdleTimeout = 6 // 用户空闲链接超时
)
type UserActLogProcess struct {
@ -62,6 +63,7 @@ var (
UserLogoutTimeout: "Session过期被踢下线",
UserLogoutAdmin: "账号被管理员踢下线",
UserLogoutExpire: "账号过期被踢下线",
UserIdleTimeout: "用户空闲链接超时",
},
}
)

134
server/go.mod
View File

@ -1,103 +1,107 @@
module github.com/bjdgyc/anylink
go 1.19
go 1.20
require (
github.com/arl/statsviz v0.5.1
github.com/arl/statsviz v0.6.0
github.com/deckarep/golang-set v1.8.0
github.com/go-acme/lego/v4 v4.10.2
github.com/go-co-op/gocron v1.17.0
github.com/go-acme/lego/v4 v4.14.2
github.com/go-co-op/gocron v1.37.0
github.com/go-ldap/ldap v3.0.3+incompatible
github.com/go-sql-driver/mysql v1.6.0
github.com/gocarina/gocsv v0.0.0-20220712153207-8b2118da4570
github.com/golang-jwt/jwt/v4 v4.2.0
github.com/go-sql-driver/mysql v1.7.1
github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a
github.com/golang-jwt/jwt/v4 v4.5.0
github.com/google/gopacket v1.1.19
github.com/gorilla/handlers v1.5.1
github.com/gorilla/mux v1.8.0
github.com/gorilla/handlers v1.5.2
github.com/gorilla/mux v1.8.1
github.com/ivpusic/grpool v1.0.0
github.com/lanrenwo/lzsgo v0.0.2
github.com/lib/pq v1.10.2
github.com/mattn/go-sqlite3 v1.14.9
github.com/lib/pq v1.10.9
github.com/mattn/go-sqlite3 v1.14.19
github.com/orcaman/concurrent-map v1.0.0
github.com/pion/dtls/v2 v2.2.7
github.com/pion/dtls/v2 v2.2.9
github.com/pion/logging v0.2.2
github.com/pires/go-proxyproto v0.6.2
github.com/shirou/gopsutil v3.21.7+incompatible
github.com/pires/go-proxyproto v0.7.0
github.com/shirou/gopsutil v3.21.11+incompatible
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
github.com/songgao/packets v0.0.0-20160404182456-549a10cd4091
github.com/songgao/water v0.0.0-20200317203138-2b4b6d7c09d8
github.com/spf13/cast v1.3.1
github.com/spf13/cobra v1.2.1
github.com/spf13/viper v1.8.1
github.com/stretchr/testify v1.8.3
github.com/xhit/go-simple-mail/v2 v2.10.0
github.com/xlzd/gotp v0.0.0-20181030022105-c8557ba2c119
github.com/xuri/excelize/v2 v2.6.1
go.uber.org/atomic v1.10.0
golang.org/x/crypto v0.8.0
golang.org/x/net v0.9.0
golang.org/x/text v0.9.0
golang.org/x/time v0.3.0
layeh.com/radius v0.0.0-20210819152912-ad72663a72ab
xorm.io/xorm v1.3.2
github.com/spf13/cast v1.6.0
github.com/spf13/cobra v1.8.0
github.com/spf13/viper v1.18.2
github.com/stretchr/testify v1.8.4
github.com/xhit/go-simple-mail/v2 v2.16.0
github.com/xlzd/gotp v0.1.0
github.com/xuri/excelize/v2 v2.8.0
go.uber.org/atomic v1.11.0
golang.org/x/crypto v0.18.0
golang.org/x/net v0.20.0
golang.org/x/text v0.14.0
golang.org/x/time v0.5.0
layeh.com/radius v0.0.0-20231213012653-1006025d24f8
xorm.io/xorm v1.3.7
)
require (
github.com/aliyun/alibaba-cloud-sdk-go v1.61.1755 // indirect
github.com/cenkalti/backoff/v4 v4.2.0 // indirect
github.com/cloudflare/cloudflare-go v0.49.0 // indirect
github.com/felixge/httpsnoop v1.0.1 // indirect
github.com/go-jose/go-jose/v3 v3.0.0 // indirect
github.com/aliyun/alibaba-cloud-sdk-go v1.62.664 // indirect
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
github.com/cloudflare/cloudflare-go v0.86.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-jose/go-jose/v3 v3.0.1 // indirect
github.com/go-test/deep v1.1.0 // indirect
github.com/google/go-querystring v1.1.0 // indirect
github.com/google/uuid v1.5.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-retryablehttp v0.7.1 // indirect
github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/kr/text v0.2.0 // indirect
github.com/miekg/dns v1.1.50 // indirect
github.com/pion/transport/v2 v2.2.1 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.490 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.490 // indirect
golang.org/x/mod v0.8.0 // indirect
golang.org/x/tools v0.6.0 // indirect
github.com/miekg/dns v1.1.58 // indirect
github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect
github.com/pelletier/go-toml/v2 v2.1.1 // indirect
github.com/pion/transport/v2 v2.2.4 // indirect
github.com/sagikazarmark/locafero v0.4.0 // indirect
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
github.com/sourcegraph/conc v0.3.0 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.846 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.846 // indirect
github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92 // indirect
github.com/yusufpapurcu/wmi v1.2.3 // indirect
go.uber.org/multierr v1.11.0 // indirect
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a // indirect
golang.org/x/mod v0.14.0 // indirect
golang.org/x/tools v0.17.0 // indirect
)
require (
github.com/StackExchange/wmi v1.2.1 // indirect
github.com/coreos/go-iptables v0.6.0
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/fsnotify/fsnotify v1.5.4 // indirect
github.com/go-ole/go-ole v1.2.5 // indirect
github.com/goccy/go-json v0.8.1 // indirect
github.com/coreos/go-iptables v0.7.0
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/go-ole/go-ole v1.3.0 // indirect
github.com/goccy/go-json v0.10.2 // indirect
github.com/golang/snappy v0.0.4 // indirect
github.com/gorilla/websocket v1.4.2 // indirect
github.com/gorilla/websocket v1.5.1 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect
github.com/inconshreveable/mousetrap v1.0.0 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/magiconair/properties v1.8.5 // indirect
github.com/magiconair/properties v1.8.7 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
github.com/pelletier/go-toml v1.9.3 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/richardlehane/mscfb v1.0.4 // indirect
github.com/richardlehane/msoleps v1.0.3 // indirect
github.com/robfig/cron/v3 v3.0.1 // indirect
github.com/spf13/afero v1.6.0 // indirect
github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/spf13/afero v1.11.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect
github.com/subosito/gotenv v1.2.0 // indirect
github.com/subosito/gotenv v1.6.0 // indirect
github.com/syndtr/goleveldb v1.0.0 // indirect
github.com/tklauser/go-sysconf v0.3.7 // indirect
github.com/tklauser/numcpus v0.2.3 // indirect
github.com/xuri/efp v0.0.0-20220603152613-6918739fd470 // indirect
github.com/xuri/nfp v0.0.0-20220409054826-5e722a1d9e22 // indirect
golang.org/x/sync v0.1.0 // indirect
golang.org/x/sys v0.7.0 // indirect
github.com/tklauser/go-sysconf v0.3.13 // indirect
github.com/tklauser/numcpus v0.7.0 // indirect
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 // indirect
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 // indirect
golang.org/x/sys v0.16.0 // indirect
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
gopkg.in/ini.v1 v1.66.6 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
xorm.io/builder v0.3.11-0.20220531020008-1bd24a7dc978 // indirect
xorm.io/builder v0.3.13 // indirect
)

1240
server/go.sum
View File

File diff suppressed because it is too large Load Diff

2
server/handler/link_auth.go
View File

@ -157,7 +157,7 @@ func tplRequest(typ int, w io.Writer, data RequestData) {
if data.Banner != "" {
buf := new(bytes.Buffer)
xml.EscapeText(buf, []byte(data.Banner))
_ = xml.EscapeText(buf, []byte(data.Banner))
data.Banner = buf.String()
}

26
server/handler/link_cstp.go
View File

@ -21,10 +21,13 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
}()
var (
err error
n int
dataLen uint16
dead = time.Duration(cSess.CstpDpd+5) * time.Second
err error
n int
dataLen uint16
dead = time.Second * time.Duration(cSess.CstpDpd+5)
idle = time.Second * time.Duration(base.Cfg.IdleTimeout)
checkIdle = base.Cfg.IdleTimeout > 0
lastTime time.Time
)
go cstpWrite(conn, bufRW, cSess)
@ -55,13 +58,24 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
case 0x07: // KEEPALIVE
// do nothing
// base.Debug("recv keepalive", cSess.IpAddr)
// 判断超时时间
if checkIdle {
lastTime = cSess.LastDataTime.Load()
if lastTime.Before(utils.NowSec().Add(-idle)) {
base.Warn("IdleTimeout", cSess.Username, cSess.IpAddr, "lastTime", lastTime)
sessdata.CloseSess(cSess.Sess.Token, dbdata.UserIdleTimeout)
return
}
}
case 0x05: // DISCONNECT
cSess.UserLogoutCode = dbdata.UserLogoutClient
base.Debug("DISCONNECT", cSess.Username, cSess.IpAddr)
sessdata.CloseSess(cSess.Sess.Token, dbdata.UserLogoutClient)
return
case 0x03: // DPD-REQ
// base.Debug("recv DPD-REQ", cSess.IpAddr)
pl.PType = 0x04
pl.Data = pl.Data[:n]
if payloadOutCstp(cSess, pl) {
return
}
@ -98,6 +112,8 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
if payloadIn(cSess, pl) {
return
}
// 只记录返回正确的数据时间
cSess.LastDataTime.Store(utils.NowSec())
}
}
}
@ -153,7 +169,7 @@ func cstpWrite(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessi
binary.BigEndian.PutUint16(pl.Data[4:6], uint16(l))
}
} else {
pl.Data = append(pl.Data[:0], plHeader...)
// pl.Data = append(pl.Data[:0], plHeader...)
// 设置头类型
pl.Data[6] = pl.PType
}

6
server/handler/link_dtls.go
View File

@ -64,6 +64,7 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
case 0x03: // DPD-REQ
// base.Debug("recv DPD-REQ", cSess.IpAddr)
pl.PType = 0x04
pl.Data = pl.Data[:n]
if payloadOutDtls(cSess, dSess, pl) {
return
}
@ -93,6 +94,8 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
if payloadIn(cSess, pl) {
return
}
// 只记录返回正确的数据时间
cSess.LastDataTime.Store(utils.NowSec())
}
}
@ -147,7 +150,8 @@ func dtlsWrite(conn net.Conn, dSess *sessdata.DtlsSession, cSess *sessdata.ConnS
}
} else {
// 设置头类型
pl.Data = append(pl.Data[:0], pl.PType)
// pl.Data = append(pl.Data[:0], pl.PType)
pl.Data[0] = pl.PType
}
n, err := conn.Write(pl.Data)
if err != nil {

4
server/handler/link_home.go
View File

@ -14,6 +14,8 @@ func LinkHome(w http.ResponseWriter, r *http.Request) {
// hu, _ := httputil.DumpRequest(r, true)
// fmt.Println("DumpHome: ", string(hu))
w.Header().Set("Content-Type", "text/html; charset=utf-8")
w.Header().Del("X-Aggregate-Auth")
connection := strings.ToLower(r.Header.Get("Connection"))
userAgent := strings.ToLower(r.UserAgent())
if connection == "close" && (strings.Contains(userAgent, "anyconnect") || strings.Contains(userAgent, "openconnect")) {
@ -33,6 +35,8 @@ func LinkHome(w http.ResponseWriter, r *http.Request) {
}
func LinkOtpQr(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Cross-Origin-Resource-Policy", "cross-origin")
_ = r.ParseForm()
idS := r.FormValue("id")
jwtToken := r.FormValue("jwt")

6
server/handler/link_tun.go
View File

@ -74,11 +74,7 @@ func LinkTun(cSess *sessdata.ConnSession) error {
// 通过 ip link show 查看 alias 信息
cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off", ifce.Name(), cSess.Mtu)
if !base.InContainer {
// 容器默认 iproute 不支持 alias
cmdstr1 += fmt.Sprintf(" alias %s.%s", cSess.Group.Name, cSess.Username)
}
cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off alias %s.%s", ifce.Name(), cSess.Mtu, cSess.Group.Name, cSess.Username)
cmdstr2 := fmt.Sprintf("ip addr add dev %s local %s peer %s/32",
ifce.Name(), base.Cfg.Ipv4Gateway, cSess.IpAddr)
err = execCmd([]string{cmdstr1, cmdstr2})

7
server/handler/link_tunnel.go
View File

@ -136,7 +136,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
}
HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
}
// 不允许的路由
// 不允许的路由 X-Cstp-Remote-Address-Ip4:
for _, v := range cSess.Group.RouteExclude {
HttpAddHeader(w, "X-CSTP-Split-Exclude", v.IpMask)
}
@ -184,10 +184,9 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
hClone := w.Header().Clone()
headers := make([]byte, 0)
buf := bytes.NewBuffer(headers)
buf := &bytes.Buffer{}
_ = hClone.Write(buf)
base.Debug(buf.String())
base.Trace("LinkTunnel Response Header:", buf.String())
hj := w.(http.Hijacker)
conn, bufRW, err := hj.Hijack()

8
server/handler/link_vtap.go
View File

@ -55,11 +55,9 @@ func LinkMacvtap(cSess *sessdata.ConnSession) error {
cSess.SetIfName(ifName)
cmdstr1 := fmt.Sprintf("ip link add link %s name %s type macvtap mode bridge", base.Cfg.Ipv4Master, ifName)
cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s", ifName, cSess.Mtu, cSess.MacHw)
if !base.InContainer {
// 容器默认 iproute 不支持 alias
cmdstr2 += fmt.Sprintf(" alias %s.%s", cSess.Group.Name, cSess.Username)
}
cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s alias %s.%s", ifName, cSess.Mtu,
cSess.MacHw, cSess.Group.Name, cSess.Username)
err := execCmd([]string{cmdstr1, cmdstr2})
if err != nil {
base.Error(err)

6
server/handler/server.go
View File

@ -59,9 +59,9 @@ func startTls() {
Addr: addr,
Handler: initRoute(),
TLSConfig: tlsConfig,
ErrorLog: base.GetBaseLog(),
ReadTimeout: 60 * time.Second,
WriteTimeout: 60 * time.Second,
ErrorLog: base.GetServerLog(),
ReadTimeout: 100 * time.Second,
WriteTimeout: 100 * time.Second,
}
ln, err = net.Listen("tcp", addr)

13
server/main.go
View File

@ -20,14 +20,21 @@ import (
var uiData embed.FS
// 程序版本
var CommitId string
var (
appVer string
commitId string
date string
)
func main() {
base.CommitId = CommitId
admin.UiData = uiData
base.APP_VER = appVer
base.CommitId = commitId
base.Date = date
base.Start()
handler.Start()
signalWatch()
}
@ -35,7 +42,7 @@ func signalWatch() {
base.Info("Server pid: ", os.Getpid())
sigs := make(chan os.Signal, 1)
signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM, syscall.SIGALRM)
signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM, syscall.SIGALRM, syscall.SIGUSR2)
for {
sig := <-sigs
base.Info("Get signal:", sig)

9
server/sessdata/ip_pool.go
View File

@ -89,10 +89,13 @@ func initIpPool() {
// }
// AcquireIp 获取动态ip
func AcquireIp(username, macAddr string, uniqueMac bool) net.IP {
base.Trace("AcquireIp:", username, macAddr, uniqueMac)
func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
base.Trace("AcquireIp start:", username, macAddr, uniqueMac)
ipPoolMux.Lock()
defer ipPoolMux.Unlock()
defer func() {
ipPoolMux.Unlock()
base.Trace("AcquireIp end:", username, macAddr, uniqueMac, newIp)
}()
var (
err error

2
server/sessdata/session.go
View File

@ -49,6 +49,7 @@ type ConnSession struct {
BandwidthDownAll atomic2.Uint64 // 使用下行带宽总量
closeOnce sync.Once
CloseChan chan struct{}
LastDataTime atomic2.Time // 最后数据传输时间
PayloadIn chan *Payload
PayloadOutCstp chan *Payload // Cstp的数据
PayloadOutDtls chan *Payload // Dtls的数据
@ -219,6 +220,7 @@ func (s *Session) NewConn() *ConnSession {
PayloadOutDtls: make(chan *Payload, 64),
dSess: &atomic.Value{},
}
cSess.LastDataTime.Store(time.Now())
dSess := &DtlsSession{
isActive: -1,

1
version Normal file
View File

@ -0,0 +1 @@
0.10.3

69
web/src/pages/user/List.vue
View File

@ -13,23 +13,26 @@
<el-form-item>
<el-dropdown size="small" placement="bottom">
<el-upload
class="uploaduser"
action="uploaduser"
accept=".xlsx, .xls"
:http-request="upLoadUser"
:limit="1"
:show-file-list="false">
<el-button size="small" icon="el-icon-upload2" type="primary">批量添加</el-button>
class="uploaduser"
action="uploaduser"
accept=".xlsx, .xls"
:http-request="upLoadUser"
:limit="1"
:show-file-list="false">
<el-button size="small" icon="el-icon-upload2" type="primary">批量添加</el-button>
</el-upload>
<el-dropdown-menu slot="dropdown">
<el-dropdown-item>
<el-link style="font-size:12px;" type="success" href="批量添加用户模版.xlsx"><i class="el-icon-download"></i>下载模版</el-link>
</el-dropdown-item>
</el-dropdown-menu>
<el-dropdown-menu slot="dropdown">
<el-dropdown-item>
<el-link style="font-size:12px;" type="success" href="批量添加用户模版.xlsx"><i
class="el-icon-download"></i>下载模版
</el-link>
</el-dropdown-item>
</el-dropdown-menu>
</el-dropdown>
</el-form-item>
<el-form-item label="用户名:">
<el-input size="small" v-model="searchData" placeholder="请输入内容" @keydown.enter.native="searchEnterFun"></el-input>
<el-form-item label="用户名或姓名或邮箱:">
<el-input size="small" v-model="searchData" placeholder="请输入内容"
@keydown.enter.native="searchEnterFun"></el-input>
</el-form-item>
<el-form-item>
@ -105,7 +108,7 @@
<template slot-scope="scope">
<el-tag v-if="scope.row.status === 1" type="success">可用</el-tag>
<el-tag v-if="scope.row.status === 0" type="danger">停用</el-tag>
<el-tag v-if="scope.row.status === 2" >过期</el-tag>
<el-tag v-if="scope.row.status === 2">过期</el-tag>
</template>
</el-table-column>
@ -202,16 +205,16 @@
<el-form-item label="过期时间" prop="limittime">
<el-date-picker
v-model="ruleForm.limittime"
type="date"
size="small"
align="center"
style="width:130px"
:picker-options="pickerOptions"
placeholder="选择日期">
v-model="ruleForm.limittime"
type="date"
size="small"
align="center"
style="width:130px"
:picker-options="pickerOptions"
placeholder="选择日期">
</el-date-picker>
</el-form-item>
<el-form-item label="禁用OTP" prop="disable_otp">
<el-switch
v-model="ruleForm.disable_otp">
@ -278,7 +281,7 @@ export default {
count: 10,
pickerOptions: {
disabledDate(time) {
return time.getTime() < Date.now();
return time.getTime() < Date.now();
}
},
searchData: '',
@ -324,7 +327,7 @@ export default {
const formData = new FormData();
formData.append("file", item.file);
axios.post('/user/uploaduser', formData, {
headers: {
headers: {
'Content-Type': 'multipart/form-data'
}
}).then(resp => {
@ -456,15 +459,15 @@ export default {
this.$refs[formName].resetFields();
},
searchEnterFun(e) {
var keyCode = window.event ? e.keyCode : e.which;
if (keyCode == 13) {
this.handleSearch()
}
},
var keyCode = window.event ? e.keyCode : e.which;
if (keyCode == 13) {
this.handleSearch()
}
},
reset() {
this.searchData = "";
this.handleSearch();
},
this.searchData = "";
this.handleSearch();
},
},
}
</script>