diff --git a/build.sh b/build.sh index 2caed6f..05c9341 100644 --- a/build.sh +++ b/build.sh @@ -36,7 +36,7 @@ cp -rf $cpath/web/ui . #国内可替换源加快速度 export GOPROXY=https://goproxy.io go mod tidy -go build -v -o anylink -ldflags "-s -w -X main.CommitId=$(git rev-parse HEAD)" +go build -v -o anylink -trimpath -ldflags "-s -w -X main.CommitId=$(git rev-parse HEAD)" RETVAL $? cd $cpath diff --git a/docker/Dockerfile b/docker/Dockerfile index af5cde3..73aadcd 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -27,7 +27,7 @@ COPY --from=builder_node /web/ui /anylink/ui #TODO 本地打包时使用镜像 RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories RUN apk add gcc musl-dev -RUN cd /anylink;go mod tidy;go build -o anylink -ldflags "-s -w -X main.CommitId=${GitCommitId}" \ +RUN cd /anylink;go mod tidy;go build -o anylink -trimpath -ldflags "-s -w -X main.CommitId=${GitCommitId}" \ && /anylink/anylink tool -v @@ -47,7 +47,7 @@ COPY ./home /app/home #TODO 本地打包时使用镜像 RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories -RUN apk add --no-cache bash iptables \ +RUN apk add --no-cache bash iptables iproute2\ && chmod +x /app/docker_entrypoint.sh \ && ls /app diff --git a/server/handler/link_home.go b/server/handler/link_home.go index 066e6f1..0028bec 100644 --- a/server/handler/link_home.go +++ b/server/handler/link_home.go @@ -14,6 +14,8 @@ func LinkHome(w http.ResponseWriter, r *http.Request) { // hu, _ := httputil.DumpRequest(r, true) // fmt.Println("DumpHome: ", string(hu)) w.Header().Set("Content-Type", "text/html; charset=utf-8") + w.Header().Del("X-Aggregate-Auth") + connection := strings.ToLower(r.Header.Get("Connection")) userAgent := strings.ToLower(r.UserAgent()) if connection == "close" && (strings.Contains(userAgent, "anyconnect") || strings.Contains(userAgent, "openconnect")) { @@ -33,6 +35,8 @@ func LinkHome(w http.ResponseWriter, r *http.Request) { } func LinkOtpQr(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Cross-Origin-Resource-Policy", "cross-origin") + _ = r.ParseForm() idS := r.FormValue("id") jwtToken := r.FormValue("jwt") diff --git a/server/handler/link_tun.go b/server/handler/link_tun.go index 3cfc140..cabbb5c 100644 --- a/server/handler/link_tun.go +++ b/server/handler/link_tun.go @@ -74,11 +74,7 @@ func LinkTun(cSess *sessdata.ConnSession) error { // 通过 ip link show 查看 alias 信息 - cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off", ifce.Name(), cSess.Mtu) - if !base.InContainer { - // 容器默认 iproute 不支持 alias - cmdstr1 += fmt.Sprintf(" alias %s.%s", cSess.Group.Name, cSess.Username) - } + cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off alias %s.%s", ifce.Name(), cSess.Mtu, cSess.Group.Name, cSess.Username) cmdstr2 := fmt.Sprintf("ip addr add dev %s local %s peer %s/32", ifce.Name(), base.Cfg.Ipv4Gateway, cSess.IpAddr) err = execCmd([]string{cmdstr1, cmdstr2}) diff --git a/server/handler/link_vtap.go b/server/handler/link_vtap.go index 7858a00..1096642 100644 --- a/server/handler/link_vtap.go +++ b/server/handler/link_vtap.go @@ -55,11 +55,9 @@ func LinkMacvtap(cSess *sessdata.ConnSession) error { cSess.SetIfName(ifName) cmdstr1 := fmt.Sprintf("ip link add link %s name %s type macvtap mode bridge", base.Cfg.Ipv4Master, ifName) - cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s", ifName, cSess.Mtu, cSess.MacHw) - if !base.InContainer { - // 容器默认 iproute 不支持 alias - cmdstr2 += fmt.Sprintf(" alias %s.%s", cSess.Group.Name, cSess.Username) - } + cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s alias %s.%s", ifName, cSess.Mtu, + cSess.MacHw, cSess.Group.Name, cSess.Username) + err := execCmd([]string{cmdstr1, cmdstr2}) if err != nil { base.Error(err)