diff --git a/server/handler/link_tunnel.go b/server/handler/link_tunnel.go index bd02d1e..f35c74b 100644 --- a/server/handler/link_tunnel.go +++ b/server/handler/link_tunnel.go @@ -22,14 +22,6 @@ func init() { hn, _ = os.Hostname() } -func Http_SetHeader(w http.ResponseWriter, key string, value string) { - w.Header()[key] = []string{value} -} - -func Http_AddHeader(w http.ResponseWriter, key string, value string) { - w.Header()[key] = append(w.Header()[key], value) -} - func LinkTunnel(w http.ResponseWriter, r *http.Request) { // TODO 调试信息输出 // hd, _ := httputil.DumpRequest(r, true) @@ -59,7 +51,6 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) { // 客户端信息 cstpMtu := r.Header.Get("X-CSTP-MTU") - cstpBaseMtu := r.Header.Get("X-CSTP-Base-MTU") masterSecret := r.Header.Get("X-DTLS-Master-Secret") localIp := r.Header.Get("X-Cstp-Local-Address-Ip4") mobile := r.Header.Get("X-Cstp-License") @@ -88,71 +79,68 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) { base.Debug(cSess.IpAddr, cSess.MacHw, sess.Username, mobile) // 返回客户端数据 - Http_SetHeader(w, "Server", fmt.Sprintf("%s %s", base.APP_NAME, base.APP_VER)) - Http_SetHeader(w, "X-CSTP-Version", "1") - Http_SetHeader(w, "X-CSTP-Server-Name", fmt.Sprintf("%s %s", base.APP_NAME, base.APP_VER)) - Http_SetHeader(w, "X-CSTP-Protocol", "Copyright (c) 2004 Cisco Systems, Inc.") - Http_SetHeader(w, "X-CSTP-Address", cSess.IpAddr.String()) // 分配的ip地址 - Http_SetHeader(w, "X-CSTP-Netmask", sessdata.IpPool.Ipv4Mask.String()) // 子网掩码 - Http_SetHeader(w, "X-CSTP-Hostname", hn) // 机器名称 - //Http_SetHeader(w, "X-CSTP-Default-Domain", cSess.LocalIp) - Http_SetHeader(w, "X-CSTP-Base-MTU", cstpBaseMtu) + w.Header().Set("Server", fmt.Sprintf("%s %s", base.APP_NAME, base.APP_VER)) + w.Header().Set("X-CSTP-Version", "1") + w.Header().Set("X-CSTP-Protocol", "Copyright (c) 2004 Cisco Systems, Inc.") + w.Header().Set("X-CSTP-Address", cSess.IpAddr.String()) // 分配的ip地址 + w.Header().Set("X-CSTP-Netmask", sessdata.IpPool.Ipv4Mask.String()) // 子网掩码 + w.Header().Set("X-CSTP-Hostname", hn) // 机器名称 // 允许本地LAN访问vpn网络,必须放在路由的第一个 if cSess.Group.AllowLan { - Http_SetHeader(w, "X-CSTP-Split-Exclude", "0.0.0.0/255.255.255.255") + w.Header().Set("X-CSTP-Split-Exclude", "0.0.0.0/255.255.255.255") } // dns地址 for _, v := range cSess.Group.ClientDns { - Http_AddHeader(w, "X-CSTP-DNS", v.Val) + w.Header().Add("X-CSTP-DNS", v.Val) } // 允许的路由 for _, v := range cSess.Group.RouteInclude { if v.Val == "all" { continue } - Http_AddHeader(w, "X-CSTP-Split-Include", v.IpMask) + w.Header().Add("X-CSTP-Split-Include", v.IpMask) } // 不允许的路由 for _, v := range cSess.Group.RouteExclude { - Http_AddHeader(w, "X-CSTP-Split-Exclude", v.IpMask) + w.Header().Add("X-CSTP-Split-Exclude", v.IpMask) } - Http_SetHeader(w, "X-CSTP-Lease-Duration", fmt.Sprintf("%d", base.Cfg.IpLease)) // ip地址租期 - Http_SetHeader(w, "X-CSTP-Session-Timeout", "none") - Http_SetHeader(w, "X-CSTP-Session-Timeout-Alert-Interval", "60") - Http_SetHeader(w, "X-CSTP-Session-Timeout-Remaining", "none") - Http_SetHeader(w, "X-CSTP-Idle-Timeout", "18000") - Http_SetHeader(w, "X-CSTP-Disconnected-Timeout", "18000") - Http_SetHeader(w, "X-CSTP-Keep", "true") - Http_SetHeader(w, "X-CSTP-Tunnel-All-DNS", "false") + w.Header().Set("X-CSTP-Lease-Duration", fmt.Sprintf("%d", base.Cfg.IpLease)) // ip地址租期 + w.Header().Set("X-CSTP-Session-Timeout", "none") + w.Header().Set("X-CSTP-Session-Timeout-Alert-Interval", "60") + w.Header().Set("X-CSTP-Session-Timeout-Remaining", "none") + w.Header().Set("X-CSTP-Idle-Timeout", "18000") + w.Header().Set("X-CSTP-Disconnected-Timeout", "18000") + w.Header().Set("X-CSTP-Keep", "true") + w.Header().Set("X-CSTP-Tunnel-All-DNS", "false") - Http_SetHeader(w, "X-CSTP-Rekey-Time", "172800") - Http_SetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel") + w.Header().Set("X-CSTP-Rekey-Time", "172800") + w.Header().Set("X-CSTP-Rekey-Method", "new-tunnel") - Http_SetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd)) - Http_SetHeader(w, "X-CSTP-Keepalive", fmt.Sprintf("%d", cstpKeepalive)) - // Http_SetHeader(w, "X-CSTP-Banner", banner.Banner) - Http_SetHeader(w, "X-CSTP-MSIE-Proxy-Lockdown", "true") - Http_SetHeader(w, "X-CSTP-Smartcard-Removal-Disconnect", "true") + w.Header().Set("X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd)) + w.Header().Set("X-CSTP-Keepalive", fmt.Sprintf("%d", cstpKeepalive)) + // w.Header().Set("X-CSTP-Banner", banner.Banner) + w.Header().Set("X-CSTP-MSIE-Proxy-Lockdown", "true") + w.Header().Set("X-CSTP-Smartcard-Removal-Disconnect", "true") - Http_SetHeader(w, "X-CSTP-MTU", fmt.Sprintf("%d", cSess.Mtu)) // 1399 - Http_SetHeader(w, "X-DTLS-MTU", fmt.Sprintf("%d", cSess.Mtu)) + w.Header().Set("X-CSTP-MTU", fmt.Sprintf("%d", cSess.Mtu)) // 1399 + w.Header().Set("X-DTLS-MTU", fmt.Sprintf("%d", cSess.Mtu)) - Http_SetHeader(w, "X-DTLS-Session-ID", sess.DtlsSid) - Http_SetHeader(w, "X-DTLS-Port", dtlsPort) - Http_SetHeader(w, "X-DTLS-DPD", fmt.Sprintf("%d", cstpDpd)) - Http_SetHeader(w, "X-DTLS-Keepalive", fmt.Sprintf("%d", cstpKeepalive)) - Http_SetHeader(w, "X-DTLS-Rekey-Time", "5400") - Http_SetHeader(w, "X-DTLS12-CipherSuite", "ECDHE-ECDSA-AES128-GCM-SHA256") + w.Header().Set("X-DTLS-Session-ID", sess.DtlsSid) + w.Header().Set("X-DTLS-Port", dtlsPort) + w.Header().Set("X-DTLS-DPD", fmt.Sprintf("%d", cstpDpd)) + w.Header().Set("X-DTLS-Keepalive", fmt.Sprintf("%d", cstpKeepalive)) + w.Header().Set("X-DTLS-Rekey-Time", "5400") + w.Header().Set("X-DTLS12-CipherSuite", "ECDHE-ECDSA-AES128-GCM-SHA256") - Http_SetHeader(w, "X-CSTP-License", "accept") - Http_SetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false") - Http_SetHeader(w, "X-CSTP-Quarantine", "false") - Http_SetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false") - Http_SetHeader(w, "X-CSTP-Client-Bypass-Protocol", "false") - Http_SetHeader(w, "X-CSTP-TCP-Keepalive", "false") - // Http_SetHeader(w, "X-CSTP-Post-Auth-XML", ``) + w.Header().Set("X-CSTP-License", "accept") + w.Header().Set("X-CSTP-Routing-Filtering-Ignore", "false") + w.Header().Set("X-CSTP-Quarantine", "false") + w.Header().Set("X-CSTP-Disable-Always-On-VPN", "false") + w.Header().Set("X-CSTP-Client-Bypass-Protocol", "false") + w.Header().Set("X-CSTP-TCP-Keepalive", "false") + // w.Header().Set("X-CSTP-Post-Auth-XML", ``) w.WriteHeader(http.StatusOK) hClone := w.Header().Clone()