7x31/anylink
1
0
Fork 0
mirror of https://github.com/bjdgyc/anylink.git synced 2025-09-29 00:19:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: 7x31:v0.11.1
Branches Tags
7x31:main
7x31:v0.13.1 7x31:v0.12.2 7x31:v0.12.1 7x31:v0.11.4 7x31:v0.11.3 7x31:v0.11.2 7x31:v0.11.1 7x31:v0.10.1 7x31:v0.9.4 7x31:v0.9.3 7x31:v0.9.2-beta2 7x31:v0.9.2-beta1 7x31:v0.9.1-beta1 7x31:v0.8.1 7x31:v0.7.4 7x31:v0.7.3 7x31:v0.7.2 7x31:v0.7.1 7x31:v0.6.2 7x31:v0.6.1 7x31:v0.5.1 7x31:v0.4.2 7x31:v0.4.1 7x31:v0.3.3 7x31:v0.3.1 7x31:v0.2.1 7x31:v0.1.8 7x31:v0.1.7 7x31:v0.1.6 7x31:v0.1.0 7x31:v0.0.8 7x31:v0.0.6
...
compare: 7x31:v0.13.1
Branches Tags
7x31:main
7x31:v0.13.1 7x31:v0.12.2 7x31:v0.12.1 7x31:v0.11.4 7x31:v0.11.3 7x31:v0.11.2 7x31:v0.11.1 7x31:v0.10.1 7x31:v0.9.4 7x31:v0.9.3 7x31:v0.9.2-beta2 7x31:v0.9.2-beta1 7x31:v0.9.1-beta1 7x31:v0.8.1 7x31:v0.7.4 7x31:v0.7.3 7x31:v0.7.2 7x31:v0.7.1 7x31:v0.6.2 7x31:v0.6.1 7x31:v0.5.1 7x31:v0.4.2 7x31:v0.4.1 7x31:v0.3.3 7x31:v0.3.1 7x31:v0.2.1 7x31:v0.1.8 7x31:v0.1.7 7x31:v0.1.6 7x31:v0.1.0 7x31:v0.0.8 7x31:v0.0.6

179 Commits
v0.11.1 ... v0.13.1

Author SHA1 Message Date
bjdgyc
abce53e008 docker 添加 telnet 2025-03-10 10:45:11 +08:00
bjdgyc
507feec72f Merge pull request #359 from bjdgyc/dev 
Dev
 2025-03-10 10:26:22 +08:00
bjdgyc
e864585588 Merge pull request #357 from wsczx/dev 
修复邮件发送密码为密文密码的Bug
 2025-03-09 15:34:02 +08:00
wsczx
315e1deadc 修复邮件发送密码为密文密码的Bug 
随机生成的密码打印到日志
邮件通知发送明文密码
清理代码
 2025-03-07 15:38:20 +08:00
bjdgyc
b562686f68 添加 docker 镜像 2025-03-05 17:37:46 +08:00
bjdgyc
64340b2673 添加 docker 镜像 2025-03-05 17:31:16 +08:00
bjdgyc
5e60feeb9b Update README.md 2025-03-04 18:20:53 +08:00
bjdgyc
7da226f8d3 Merge pull request #355 from bjdgyc/dev 
Dev
 2025-03-03 14:06:20 +08:00
bjdgyc
ce8d04484b Merge branch 'main' into dev 2025-03-03 14:06:02 +08:00
bjdgyc
0945276775 修改 readme 2025-03-03 14:02:38 +08:00
bjdgyc
13498fc125 设置 gosysctl 2025-03-03 13:09:34 +08:00
bjdgyc
e9622fa543 设置 gosysctl 2025-03-03 11:56:45 +08:00
bjdgyc
8329e8ec4f 设置 docker 非特权模式 2025-02-27 16:31:17 +08:00
bjdgyc
8e78ef5c94 Merge pull request #354 from bjdgyc/dev 
Dev
 2025-02-27 15:21:45 +08:00
bjdgyc
a77f4cae84 fix 2025-02-27 15:18:34 +08:00
bjdgyc
a0af89d77d 修改版本 2025-02-26 17:58:59 +08:00
bjdgyc
2a1686073e 修改版本 2025-02-26 17:58:22 +08:00
bjdgyc
d5e3e99b48 修复测试文件 2025-02-26 17:50:38 +08:00
bjdgyc
d33eeed180 Merge pull request #353 from wsczx/anotherdev 
修复升级后数据库密码字段字符限制的Bug
 2025-02-26 17:24:01 +08:00
孤鸿
ee27290b82 修复升级后数据库密码字段字符限制的Bug 
修复升级后数据库密码字段字符限制的Bug
 2025-02-14 19:09:18 +08:00
bjdgyc
825a4bc6ca 修改 readme 2024-12-06 11:38:48 +08:00
bjdgyc
39fa986d55 修复 recover 问题 2024-12-03 15:47:29 +08:00
bjdgyc
740fcf64e9 radius 添加 CallingStationID 2024-11-15 16:42:50 +08:00
bjdgyc
4846c80b04 radius 添加 CallingStationID 2024-11-15 16:41:28 +08:00
bjdgyc
bda23283ec radius 添加 CallingStationID 2024-11-15 15:13:24 +08:00
bjdgyc
8a2350eb6e Merge pull request #347 from wsczx/dev 
解决防爆并行问题
 2024-11-14 18:02:22 +08:00
wsczx
fe47b22cf1 解决防爆并行问题 2024-11-13 09:35:07 +08:00
bjdgyc
2b757b65b6 修改 LoginStatus 用 context 传递 2024-11-12 15:11:28 +08:00
bjdgyc
9ef29545bc 添加 auth_alone_otp 开关 2024-11-07 16:32:48 +08:00
bjdgyc
c7d6a76759 升级依赖版本 2024-11-06 17:02:37 +08:00
bjdgyc
6deb007d92 升级依赖版本 2024-11-06 17:00:22 +08:00
bjdgyc
60898ea2f6 优化代码 2024-11-06 16:30:58 +08:00
bjdgyc
0405ed75ab 优化代码 2024-11-06 16:30:05 +08:00
bjdgyc
7d1b4b5e22 优化代码 2024-11-06 16:26:21 +08:00
bjdgyc
7116aaa5a8 优化代码 2024-11-05 18:20:23 +08:00
bjdgyc
6ac4e90901 Merge pull request #345 from wsczx/dev 
防爆增加前端手动解锁的功能
 2024-10-31 17:30:40 +08:00
bjdgyc
874b6914e2 Merge pull request #344 from wsczx/devanother 
增加密码加密存储的功能,老用户不影响,但更新后自动加密存储
 2024-10-31 17:30:27 +08:00
wsczx
9d5b7070d9 修复前端会显示已禁用管理器信息的bug 2024-10-31 11:51:49 +08:00
wsczx
cad74d7fdb 防爆增加前端手动解锁的功能 2024-10-31 10:04:35 +08:00
bjdgyc
152b62ac90 添加 mssql 支持 2024-10-30 16:02:54 +08:00
bjdgyc
5826ebe6eb 添加 advertise_dtls_addr 2024-10-28 18:14:21 +08:00
bjdgyc
436b8e3129 Merge pull request #342 from wsczx/dev 
1.修复防爆策略用户登录成功后没有重置计数的Bug
 2024-10-28 17:57:35 +08:00
wsczx
55d7300033 优化代码,开启OTP防爆 2024-10-28 17:34:01 +08:00
wsczx
dd7d1b0e25 使用已有的加密方案加密密码 2024-10-28 11:53:34 +08:00
wsczx
5f7b11954a 优化代码,为后续手动管理锁定状态做准备 2024-10-27 23:14:51 +08:00
wsczx
ff9d92a693 使用动态盐值加密密码 2024-10-26 21:22:04 +08:00
wsczx
34e555c70c 增加密码加密存储的功能,老用户不影响,但更新后自动加密存储 2024-10-26 18:32:47 +08:00
wsczx
f8685490dc 1.修复防爆策略用户登录成功后没有重置计数的Bug 
2.增加otp防爆
3.添加otp使用说明
4.优化代码
 2024-10-26 09:13:02 +08:00
bjdgyc
fdc755bd98 优化代码 2024-10-25 12:00:45 +08:00
bjdgyc
96fd114c25 优化代码 2024-10-25 10:41:48 +08:00
bjdgyc
bd6ee0b140 优化代码 2024-10-24 18:10:29 +08:00
bjdgyc
772b1118eb 修改docker代码 2024-10-24 11:20:45 +08:00
bjdgyc
49b40b5ee4 恢复代码 2024-10-23 18:18:37 +08:00
bjdgyc
cb9d023a96 恢复代码 2024-10-23 18:13:06 +08:00
bjdgyc
a0569b09f2 优化ip分配 2024-10-23 17:34:03 +08:00
bjdgyc
c0c15815f9 修复问题 2024-10-22 14:14:10 +08:00
bjdgyc
1c5b269aa3 修改 postgres 链接问题 2024-10-22 13:22:45 +08:00
bjdgyc
fe3a10aab9 Merge pull request #339 from wsczx/dev 
增加弹窗输入OTP动态码的功能
 2024-10-08 18:25:09 +08:00
wsczx
4c219a3127 删除CheckUser测试单元的otp验证测试 2024-10-08 00:15:59 +08:00
wsczx
fd383b92f5 修复使用第三方验证方式无法建立连接的Bug 2024-10-07 17:31:21 +08:00
wsczx
11bd9861e5 增加弹窗输入OTP动态码的功能 2024-10-07 17:11:56 +08:00
bjdgyc
57b9e1dc7b Merge pull request #338 from wsczx/dev 
重构防爆逻辑
 2024-10-05 08:27:41 +08:00
wsczx
1c6fc446c9 修复无法自动解锁的Bug 2024-10-04 19:22:23 +08:00
wsczx
c8cb9c163a 增加全局IP白名单功能 2024-10-04 16:02:24 +08:00
wsczx
59748fe395 增加锁定状态记录生命周期配置项,优化清理内存的定时器 2024-10-04 11:55:46 +08:00
wsczx
f195ae2d30 优化代码 2024-10-04 00:17:56 +08:00
wsczx
2fedb281e8 1.重构防爆逻辑,基于IP+UserName锁定(单位时间内,锁定相同IP下的相同用户,其它IP和用户不影响) 
2.增加基于用户的全局锁定
3.增加基于IP的全局锁定
4.用户单位时间内的请求频率限制(暂未开放)
 2024-10-03 23:29:41 +08:00
bjdgyc
175ffd3c3a Merge pull request #337 from wsczx/dev 
增加用户验证防爆功能
 2024-09-30 11:22:37 +08:00
wsczx
9e700830be 修复未启动防爆功能导致无法验证的Bug 2024-09-29 21:09:15 +08:00
wsczx
c5a76ba436 增加用户验证防爆功能 2024-09-29 20:04:20 +08:00
bjdgyc
1e237d9d20 修改docker版本信息 2024-09-10 15:35:53 +08:00
bjdgyc
4b78232e1d 添加支持 radius 的 nasip 2024-09-10 13:12:01 +08:00
bjdgyc
00c5425990 Merge pull request #336 from bjdgyc/dev 
权限 添加拖拽功能
 2024-09-09 17:01:13 +08:00
bjdgyc
b45d5e4cfa 权限 添加拖拽功能 2024-09-09 16:55:13 +08:00
bjdgyc
e8a8773005 权限 添加拖拽功能 2024-09-09 16:52:32 +08:00
bjdgyc
2ba3625885 修复协议展示 2024-09-09 15:11:36 +08:00
bjdgyc
567f0e8adb 修复协议展示 2024-09-06 17:13:38 +08:00
bjdgyc
ad1885798b 添加acl协议支持 2024-09-04 17:00:29 +08:00
bjdgyc
76779de80a 添加acl协议支持 2024-09-04 16:59:16 +08:00
bjdgyc
5b498cbc59 添加acl协议支持 2024-09-04 13:13:31 +08:00
bjdgyc
cd21ffd7ab Merge pull request #335 from bjdgyc/go1.22 
升级go版本  添加acl协议支持
 2024-09-03 17:56:36 +08:00
bjdgyc
415f312f40 升级go版本 添加acl协议支持 2024-09-03 17:55:19 +08:00
bjdgyc
d796a6850a Merge pull request #334 from wsczx/dev 
邮件模板中增加LimitTime过期时间字段
 2024-09-02 10:37:07 +08:00
wsczx
7160c3cab7 邮件模板中增加LimitTime过期时间字段 2024-08-30 19:33:27 +08:00
bjdgyc
52329e8a2b Merge pull request #331 from wsczx/dev 
修复更换自定义首页状态码不生效的Bug
 2024-08-27 15:41:41 +08:00
wsczx
cbdf730481 修复更换自定义首页状态码不生效的Bug 2024-08-23 17:57:32 +08:00
bjdgyc
a5487771da 修复 ipv6 记录显示不全的问题 2024-08-22 16:51:13 +08:00
bjdgyc
ff9b7c7dcc 修复 ipv6 记录显示不全的问题 2024-08-19 15:11:13 +08:00
bjdgyc
262af4ac8e 修改readme 2024-08-16 16:55:13 +08:00
bjdgyc
71539ad09c 添加QQ群 2024-08-14 11:15:36 +08:00
bjdgyc
8232f79b4a 修改文档地址 2024-08-12 11:21:32 +08:00
bjdgyc
7c810d409b 添加 阿里云 镜像地址 2024-07-04 17:12:32 +08:00
bjdgyc
ed4e324e77 添加 阿里云 镜像地址 2024-07-04 17:07:46 +08:00
bjdgyc
726ae20f75 修复数字转换问题 2024-07-04 16:26:05 +08:00
bjdgyc
00bbbf414d 修复在线用户问题 2024-07-04 16:14:27 +08:00
bjdgyc
57e2f45398 修改readme 2024-05-07 14:56:36 +08:00
bjdgyc
01ab115956 Update README.md 2024-04-30 13:14:21 +08:00
bjdgyc
9a47714f3f 修改readme 2024-04-25 15:52:23 +08:00
bjdgyc
9d926edabb 内网域名 2024-04-25 10:18:40 +08:00
bjdgyc
7329603c47 Merge pull request #314 from bjdgyc/dev 
支持分割DNS功能
 2024-04-24 17:56:18 +08:00
bjdgyc
a7c6791c1e 支持分割DNS功能 2024-04-24 17:39:50 +08:00
bjdgyc
96c95bb6cd 更新版本 2024-04-24 15:27:53 +08:00
bjdgyc
6d3dab6798 Client-Bypass 2024-04-23 16:59:52 +08:00
bjdgyc
b313c6fa00 Client-Bypass 2024-04-23 16:59:14 +08:00
bjdgyc
75b138a7a8 Client-Bypass 2024-04-23 16:56:40 +08:00
bjdgyc
641d6127ba 修复acl样式 2024-04-22 17:41:18 +08:00
bjdgyc
2828d1038d Merge pull request #313 from bjdgyc/dev 
修复acl表结构
 2024-04-22 17:04:37 +08:00
bjdgyc
cb902a6b9b 修复acl表结构 2024-04-22 16:47:06 +08:00
bjdgyc
1b066ef602 Merge pull request #312 from bjdgyc/dev 
支持 私有自签证书
 2024-04-22 14:42:06 +08:00
bjdgyc
5e804a3483 支持 私有自签证书 2024-04-22 14:40:03 +08:00
bjdgyc
6e0c0efa85 Merge pull request #310 from imhun/main 
acl支持逗号分隔多端口号配置
 2024-04-11 11:40:39 +08:00
imhun
8f196cb4e2 Merge branch 'main' of https://github.com/imhun/anylink 2024-04-09 11:25:34 +08:00
imhun
9182ccfba2 兼容历史单端口配置 2024-04-09 11:23:13 +08:00
huweishan
39d89b8c84 兼容历史单端口配置 2024-04-09 10:33:30 +08:00
huweishan
24e30509e4 兼容历史单端口配置 2024-04-09 10:29:54 +08:00
huweishan
4f56ea49c3 ports保存为map 
兼容老的配置数据
 2024-04-08 19:34:11 +08:00
huweishan
e55b2b6f0a 支持连续端口 2024-04-08 16:16:45 +08:00
huweishan
15573a6ef3 支持连续端口,比如1234-5678 2024-04-08 16:13:52 +08:00
huweishan
38b8f0b2aa ports初始化 2024-04-08 15:12:47 +08:00
huweishan
8df34428dd acl支持逗号分隔多端口号配置 2024-04-08 14:54:09 +08:00
bjdgyc
26483533a9 修复 关闭otp时,发送邮件附件的问题 2024-03-29 10:04:15 +08:00
bjdgyc
380a8cb3fb 添加文档 2024-03-27 15:11:36 +08:00
bjdgyc
fa5ced4660 Merge pull request #308 from bjdgyc/dev 
Dev
 2024-03-26 16:28:49 +08:00
bjdgyc
bac497475f 全局 开启服务器转发 2024-03-26 11:39:12 +08:00
bjdgyc
f43b413ed4 配置优化 2024-03-25 11:14:00 +08:00
bjdgyc
356e135ea1 配置优化 2024-03-24 17:59:41 +08:00
bjdgyc
e5c6533c9b 修复邮箱图片显示逻辑,兼容 google gmail 2024-03-22 16:45:11 +08:00
bjdgyc
8d92cac37d Merge pull request #306 from bjdgyc/dev 
Dev
 2024-03-21 18:19:52 +08:00
bjdgyc
eb7401f6e5 添加自定义首页 状态码 2024-03-21 18:13:37 +08:00
bjdgyc
8777501391 添加自定义首页 状态码 2024-03-21 18:09:47 +08:00
bjdgyc
2949ea2a89 Merge pull request #305 from bjdgyc/dev 
修复心跳时间
 2024-03-20 14:26:55 +08:00
bjdgyc
11f39d0b78 修复心跳时间 2024-03-20 14:23:56 +08:00
bjdgyc
bdc8e267a3 Merge pull request #304 from bjdgyc/dev 
Dev
 2024-03-19 17:01:03 +08:00
bjdgyc
268e9c4e92 添加 xt_comment 2024-03-19 16:28:38 +08:00
bjdgyc
b3eb128dbd 优化 日志输出 2024-03-19 11:23:03 +08:00
bjdgyc
ce89ea680b 优化 日志输出 2024-03-19 11:22:20 +08:00
bjdgyc
fc3b39e09f 默认关闭 idle_timeout 2024-03-18 17:54:45 +08:00
bjdgyc
09160a6891 默认关闭 idle_timeout 2024-03-18 17:26:09 +08:00
bjdgyc
b059c555cf fix 2024-03-18 13:28:57 +08:00
bjdgyc
8ea158a71e Merge pull request #302 from bjdgyc/dev 
0.11.3代码
 2024-03-16 22:19:40 +08:00
bjdgy
3bb71b84b6 修改 readme 2024-03-16 22:02:52 +08:00
bjdgy
afec9af445 排除出口ip路由(出口ip不加密传输) 2024-03-16 21:42:59 +08:00
bjdgy
eb8d8f4171 添加 profile name(用于区分不同网站的配置) 2024-03-15 22:43:28 +08:00
bjdgy
632080c1d6 添加 profile name(用于区分不同网站的配置) 2024-03-15 22:33:17 +08:00
bjdgyc
cca9e377c5 修改编译脚本 2024-03-15 17:29:13 +08:00
bjdgyc
8455ef6ed4 fix 2024-03-15 10:29:55 +08:00
bjdgyc
ef05b9372a 修改 atomic 引用 2024-03-14 16:51:59 +08:00
bjdgyc
000b041578 修改 atomic 引用 2024-03-14 16:47:25 +08:00
bjdgyc
57a67ee030 fix 2024-03-12 18:25:03 +08:00
bjdgyc
a945c636f4 fix 2024-03-12 18:11:06 +08:00
bjdgyc
edf33ba4ae 修复mac手机版客户端重连的问题 2024-03-12 18:08:05 +08:00
bjdgy
03467e4f06 添加页尾版权 2024-03-10 21:34:43 +08:00
bjdgy
74782e883b Merge remote-tracking branch 'origin/dev' into dev 2024-03-09 08:14:51 +08:00
bjdgy
ace4ef08d9 修复邮件 STARTTLS 协议 2024-03-09 08:13:56 +08:00
bjdgyc
2b24e53c24 Merge pull request #299 from itviewer/dev 
添加 AnyLink 客户端 macOS 类型判断
 2024-03-04 10:54:56 +08:00
XinJun Ma
a4fd1769a5 添加 AnyLink 客户端 macOS 类型判断 2024-03-02 10:07:26 +08:00
bjdgyc
0f8877bafc 修改 readme 2024-03-01 16:43:15 +08:00
bjdgyc
5ee3b3967a 修改 readme 2024-02-29 15:28:22 +08:00
bjdgyc
3c8d0c6d60 iptables 添加注释 2024-02-26 11:40:33 +08:00
bjdgyc
5a331e2125 iptables 添加注释 2024-02-26 11:10:33 +08:00
bjdgyc
a0e84312ba 默认关闭 DTLS 2024-02-26 10:22:13 +08:00
bjdgyc
098f321343 Merge pull request #298 from lanrenwo/add_online_search 
新增在线用户的搜索和一键下线功能
 2024-02-26 10:19:01 +08:00
lanrenwo
096b6f8f08 新增在线用户的搜索和一键下线功能 2024-02-23 21:42:13 +08:00
bjdgyc
0ff6dbcd78 Merge pull request #297 from bjdgyc/dev 
添加otp说明文字
 2024-02-23 16:22:20 +08:00
bjdgyc
a650db816c 添加otp说明文字 2024-02-23 16:07:41 +08:00
bjdgyc
2b8ce3e94a Merge pull request #296 from bjdgyc/dev 
Dev
 2024-02-23 11:02:48 +08:00
bjdgyc
a59e480b61 修复 openconnect 重连问题 2024-02-22 17:15:43 +08:00
bjdgyc
33139a571d fix 2024-02-22 16:42:56 +08:00
bjdgyc
0227c3ee8b fix 2024-02-22 16:40:16 +08:00
bjdgyc
8eac03df03 修改证书名称 2024-02-22 11:39:18 +08:00
bjdgyc
d3d8b2620c fix 2024-02-22 10:36:03 +08:00
bjdgyc
bbb9cfda67 添加 appBuildDate 2024-02-21 18:38:38 +08:00
bjdgyc
ff07c81401 升级 axios 2024-02-21 12:57:52 +08:00
bjdgyc
6514657f2f 升级 axios 2024-02-21 12:51:05 +08:00
bjdgyc
70f3e4302c 修复 alpine:3.19 下 iptables 不生效的问题 2024-02-21 11:30:53 +08:00
bjdgyc
0e6e4e501c 修复 alpine:3.19 下 iptables 不生效的问题 2024-02-20 18:05:23 +08:00
bjdgyc
29a3e4bfb3 默认加白出口ip 2024-02-19 17:11:25 +08:00
bjdgyc
d73816a811 增加日志信息 2024-02-18 17:03:07 +08:00
bjdgyc
43a9d31b82 Update FUNDING.yml 2024-02-05 22:10:41 +08:00
86 changed files with 5718 additions and 3256 deletions
Expand all files Collapse all files

2
.github/FUNDING.yml vendored
View File

@@ -1,6 +1,6 @@
# These are supported funding model platforms # These are supported funding model platforms
github: [ 'bjdgyc' ] # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2] github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
patreon: # Replace with a single Patreon username patreon: # Replace with a single Patreon username
open_collective: # Replace with a single Open Collective username open_collective: # Replace with a single Open Collective username
ko_fi: # Replace with a single Ko-fi username ko_fi: # Replace with a single Ko-fi username

2
.github/workflows/go.yml vendored
View File

@@ -20,7 +20,7 @@ jobs:
- name: Set up Go 1.x - name: Set up Go 1.x
uses: actions/setup-go@v4 uses: actions/setup-go@v4
with: with:
go-version: '1.20' go-version: '1.22'
go-version-file: 'server/go.mod' go-version-file: 'server/go.mod'
cache-dependency-path: 'server/go.sum' cache-dependency-path: 'server/go.sum'

2
.github/workflows/release.yml vendored
View File

@@ -75,7 +75,7 @@ jobs:
build-args: | build-args: |
appVer=${{ env.APP_VER }} appVer=${{ env.APP_VER }}
commitId=${{ env.commitId }} commitId=${{ env.commitId }}
tags: bjdgyc/anylink:latest,bjdgyc/anylink:${{ env.APP_VER }} tags: bjdgyc/anylink:${{ env.APP_VER }},bjdgyc/anylink:latest
#tags: bjdgyc/anylink:${{ env.APP_VER }} #tags: bjdgyc/anylink:${{ env.APP_VER }}
- name: Build deploy binary - name: Build deploy binary

6
.gitignore vendored
View File

@@ -2,8 +2,12 @@
.idea/ .idea/
anylink-deploy anylink-deploy
anylink-deploy.tar.gz anylink-deploy.tar.gz
anylink-deploy-*
anylink anylink
anylink.db anylink.db
dist dist
artifact-dist artifact-dist
anylink_amd64
anylink_arm64

187
README.md
View File

@@ -12,6 +12,10 @@
AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同时在线使用。 AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同时在线使用。
使用 AnyLink你可以随时随地安全的访问你的内部网络。
With AnyLink, you can securely access your internal network anytime and anywhere.
## Repo ## Repo
> github: https://github.com/bjdgyc/anylink > github: https://github.com/bjdgyc/anylink
@@ -23,10 +27,12 @@ AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同
AnyLink 基于 [ietf-openconnect](https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-02) AnyLink 基于 [ietf-openconnect](https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-02)
协议开发,并且借鉴了 [ocserv](http://ocserv.gitlab.io/www/index.html) 的开发思路,使其可以同时兼容 AnyConnect 客户端。 协议开发,并且借鉴了 [ocserv](http://ocserv.gitlab.io/www/index.html) 的开发思路,使其可以同时兼容 AnyConnect 客户端。
AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以通过 Let's Encrypt 和 TrustAsia 申请免费的 SSL 证书。 AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以使用私有自签证书,可以通过 Let's Encrypt 和 TrustAsia
申请免费的 SSL 证书。
AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试通过,如需要安装在其他系统,需要服务端支持 tun/tap AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18、Ubuntu 20、Ubuntu 20、AnolisOS 8 测试通过,如需要安装在其他系统,需要服务端支持
功能、ip 设置命令。 tun/tap
功能、ip 设置命令、iptables命令。
## Screenshot ## Screenshot
@@ -48,46 +54,55 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
> >
> https://github.com/bjdgyc/anylink/releases > https://github.com/bjdgyc/anylink/releases
> >
> 如果不会安装可以提供有偿远程协助服务。添加QQ联系我 68492170 > https://gitee.com/bjdgyc/anylink/releases
>
> 如果不会安装,可以提供有偿远程协助服务(200 CNY)。添加QQ(68492170)联系我
>
> 也可以添加QQ群 咨询群内大佬
>
> 添加QQ群①: 567510628
>
> <img src="doc/screenshot/qq2.jpg" width="400" />
### 使用问题 ### 使用问题
> 对于测试环境,可以使用 vpn.test.vqilu.cn 绑定host进行测试 > 对于测试环境,可以直接进行测试,需要客户端取消勾选【阻止不受信任的服务器(Block connections to untrusted servers)】
> >
> 对于线上环境,必须申请安全的 https 证书,不支持私有证书连接 > 对于线上环境,尽量申请安全的https证书(跟nginx使用的pem证书类型一致)
> >
> 服务端安装 yum install iproute 或者 apt-get install iproute2 > 群共享文件有相关客户端软件下载,其他版本没有测试过,不保证使用正常
>
> 客户端请使用群共享文件的版本,其他版本没有测试过,不保证使用正常
> >
> 其他问题 [前往查看](doc/question.md) > 其他问题 [前往查看](doc/question.md)
> >
> 默认管理后台访问地址 https://host:8800 默认账号密码 admin 123456 > 默认管理后台访问地址 https://host:8800 或 https://域名:8800 默认账号密码 admin 123456
> >
> 首次使用,请在浏览器访问 https://域名:443 浏览器提示安全后,在客户端输入 【域名:443】 即可 > 首次使用,请在浏览器访问 https://域名:443 浏览器提示安全后,在客户端输入 【域名:443】 即可
### 自行编译安装 ### 自行编译安装
> 需要提前安装好 golang >= 1.20 和 nodejs = 16.x 和 yarn >= v1.22.x > 需要提前安装好 docker
```shell ```shell
git clone https://github.com/bjdgyc/anylink.git git clone https://github.com/bjdgyc/anylink.git
# 编译参考软件版本 # docker编译 参考软件版本(不需要安装)
# go 1.20.12 # go 1.20.12
# node v16.20.2 # node v16.20.2
# yarn 1.22.19 # yarn 1.22.19
cd anylink cd anylink
sh build.sh
# 编译前端
bash build_web.sh
# 编译 anylink-deploy 发布文件
bash build.sh
# 注意使用root权限运行 # 注意使用root权限运行
cd anylink-deploy cd anylink-deploy
sudo ./anylink sudo ./anylink
# 默认管理后台访问地址 # 默认管理后台访问地址
# 注意该host为anylink的内网ip,不能跟客户端请求的ip一样
# https://host:8800 # https://host:8800
# 默认账号 密码 # 默认账号 密码
# admin 123456 # admin 123456
@@ -103,10 +118,11 @@ sudo ./anylink
- [x] 兼容 AnyConnect - [x] 兼容 AnyConnect
- [x] 兼容 OpenConnect - [x] 兼容 OpenConnect
- [x] 基于 tun 设备的 nat 访问模式 - [x] 基于 tun 设备的 nat 访问模式
- [x] 基于 tap 设备的桥接访问模式 - [x] 基于 tun 设备的桥接访问模式
- [x] 基于 macvtap 设备的桥接访问模式 - [x] 基于 macvtap 设备的桥接访问模式
- [x] 支持 [proxy protocol v1&v2](http://www.haproxy.org/download/2.2/doc/proxy-protocol.txt) 协议 - [x] 支持 [proxy protocol v1&v2](http://www.haproxy.org/download/2.2/doc/proxy-protocol.txt) 协议
- [x] 用户组支持 - [x] 用户组支持
- [x] 用户组策略支持
- [x] 多用户支持 - [x] 多用户支持
- [x] 用户策略支持 - [x] 用户策略支持
- [x] TOTP 令牌支持 - [x] TOTP 令牌支持
@@ -114,10 +130,19 @@ sudo ./anylink
- [x] 流量速率限制 - [x] 流量速率限制
- [x] 后台管理界面 - [x] 后台管理界面
- [x] 访问权限管理 - [x] 访问权限管理
- [x] IP 访问审计功能 - [x] 用户活动审计功能
- [x] IP 访问审计功能(支持多端口、连续端口)
- [x] 域名动态拆分隧道(域名路由功能) - [x] 域名动态拆分隧道(域名路由功能)
- [x] radius认证支持 - [x] radius认证支持
- [x] LDAP认证支持 - [x] LDAP认证支持
- [x] 空闲链接超时自动断开
- [x] 流量压缩功能
- [x] 出口 IP 自动放行
- [x] 支持多服务的配置区分
- [x] 支持私有自签证书
- [x] 支持内网域名解析(指定的域名走内网dns)
- [x] 增加用户验证防爆功能(IP BAN)
- [x] 支持 docker 非特权模式
- [ ] 基于 ipvtap 设备的桥接访问模式 - [ ] 基于 ipvtap 设备的桥接访问模式
## Config ## Config
@@ -142,11 +167,12 @@ sudo ./anylink
> >
> 数据库表结构自动生成,无需手动导入(请赋予 DDL 权限) > 数据库表结构自动生成,无需手动导入(请赋予 DDL 权限)
| db_type | db_source | | db_type | db_source |
|----------|--------------------------------------------------------| |----------|----------------------------------------------------------------------------------------------------------------------|
| sqlite3 | ./conf/anylink.db | | sqlite3 | ./conf/anylink.db |
| mysql | user:password@tcp(127.0.0.1:3306)/anylink?charset=utf8 | | mysql | user:password@tcp(127.0.0.1:3306)/anylink?charset=utf8<br/>user:password@tcp(127.0.0.1:3306)/anylink?charset=utf8mb4 |
| postgres | user:password@localhost/anylink?sslmode=verify-full | | postgres | postgres://user:password@localhost/anylink?sslmode=verify-full |
| mssql | sqlserver://user:password@localhost?database=anylink&connection+timeout=30 |
> 示例配置文件 > 示例配置文件
> >
@@ -162,6 +188,16 @@ sudo ./anylink
## Setting ## Setting
### 依赖设置
> 服务端依赖安装:
>
> centos: yum install iptables iproute
>
> ubuntu: apt-get install iptables iproute2
### link_mode 设置
> 以下参数必须设置其中之一 > 以下参数必须设置其中之一
网络模式选择,需要配置 `link_mode` 参数,如 `link_mode="tun"`,`link_mode="macvtap"`,`link_mode="tap"(不推荐)` 等参数。 网络模式选择,需要配置 `link_mode` 参数,如 `link_mode="tun"`,`link_mode="macvtap"`,`link_mode="tap"(不推荐)` 等参数。
@@ -171,11 +207,13 @@ sudo ./anylink
IP 层的数据互相转换,性能会有所下降。 如果需要在虚拟机内开启 tap IP 层的数据互相转换,性能会有所下降。 如果需要在虚拟机内开启 tap
模式,请确认虚拟机的网卡开启混杂模式。 模式,请确认虚拟机的网卡开启混杂模式。
### tun 设置 #### tun 设置
1. 开启服务器转发 1. 开启服务器转发
```shell ```shell
# 新版本支持自动设置ip转发
# file: /etc/sysctl.conf # file: /etc/sysctl.conf
net.ipv4.ip_forward = 1 net.ipv4.ip_forward = 1
@@ -224,13 +262,49 @@ https://cloud.tencent.com/document/product/216/62007
3. 使用 AnyConnect 客户端连接即可 3. 使用 AnyConnect 客户端连接即可
### macvtap 设置 #### 桥接设置
1. 设置配置文件 1. 设置配置文件
> macvtap 设置相对比较简单,只需要配置相应的参数即可。 > macvtap 设置相对比较简单,只需要配置相应的参数即可。
>
> 网络要求:需要网络支持 ARP 传输,可通过 ARP 宣告普通内网 IP。
>
> 网络限制云环境下不能使用网卡mac加白环境不能使用802.1x认证网络不能使用
>
> 以下参数可以通过执行 `ip a` 查看 > 以下参数可以通过执行 `ip a` 查看
1.1 arp_proxy
```
# file: /etc/sysctl.conf
net.ipv4.conf.all.proxy_arp = 1
#执行如下命令
sysctl -w net.ipv4.conf.all.proxy_arp=1
配置文件修改:
# 首先关闭nat转发功能
iptables_nat = false
link_mode = "tun"
#内网主网卡名称
ipv4_master = "eth0"
#以下网段需要跟ipv4_master网卡设置成一样
ipv4_cidr = "10.1.2.0/24"
ipv4_gateway = "10.1.2.99"
ipv4_start = "10.1.2.100"
ipv4_end = "10.1.2.200"
```
1.2 macvtap
``` ```
# 命令行执行 master网卡需要打开混杂模式 # 命令行执行 master网卡需要打开混杂模式
@@ -265,6 +339,7 @@ ipv4_end = "10.1.2.200"
- centos: `/usr/lib/systemd/system/` - centos: `/usr/lib/systemd/system/`
- ubuntu: `/lib/systemd/system/` - ubuntu: `/lib/systemd/system/`
3. 操作命令: 3. 操作命令:
- 加载配置: `systemctl daemon-reload`
- 启动: `systemctl start anylink` - 启动: `systemctl start anylink`
- 停止: `systemctl stop anylink` - 停止: `systemctl stop anylink`
- 开机自启: `systemctl enable anylink` - 开机自启: `systemctl enable anylink`
@@ -281,11 +356,33 @@ ipv4_end = "10.1.2.200"
## Docker ## Docker
### anylink 镜像地址
对于国内用户,为提高镜像拉取体验,可以考虑拉取存放于阿里云镜像仓库的镜像,镜像名称及标签如下表所示(
具体版本号可以查看 `version` 文件):
| 支持设备/平台 | DockerHub | 阿里云镜像仓库 |
|:-------------:|:---------------------:|:---------------------------------------------------------------:|
| x86_64/amd64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest |
| x86_64/amd64 | bjdgyc/anylink:0.13.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:0.13.1 |
| armv8/aarch64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest |
| armv8/aarch64 | bjdgyc/anylink:0.13.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-0.13.1 |
### docker 镜像源地址
> docker.1ms.run/bjdgyc/anylink:latest
>
> dockerhub.yydy.link:2023/bjdgyc/anylink:latest
### 操作步骤
1. 获取镜像 1. 获取镜像
```bash ```bash
# 具体tag可以从docker hub获取 # 具体tag可以从docker hub获取
# https://hub.docker.com/r/bjdgyc/anylink/tags # https://hub.docker.com/r/bjdgyc/anylink/tags
docker pull bjdgyc/anylink:latest docker pull bjdgyc/anylink:latest
docker pull registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
``` ```
2. 查看命令信息 2. 查看命令信息
@@ -310,7 +407,17 @@ ipv4_end = "10.1.2.200"
docker run -it --rm bjdgyc/anylink tool -d docker run -it --rm bjdgyc/anylink tool -d
``` ```
6. 启动容器 6. iptables兼容设置
```bash
# 默认 iptables 使用 nf_tables 设置转发规则,如果内核低于 4.19 版本,需要特殊配置
docker run -itd --name anylink --privileged \
-e IPTABLES_LEGACY=on \
-p 443:443 -p 8800:8800 -p 443:443/udp \
--restart=always \
bjdgyc/anylink
```
7. 启动容器
```bash ```bash
# 默认启动 # 默认启动
docker run -itd --name anylink --privileged \ docker run -itd --name anylink --privileged \
@@ -330,7 +437,7 @@ ipv4_end = "10.1.2.200"
docker restart anylink docker restart anylink
``` ```
6. 使用自定义参数启动容器 8. 使用自定义参数启动容器
```bash ```bash
# 参数可以参考 ./anylink tool -d # 参数可以参考 ./anylink tool -d
# 可以使用命令行参数 或者 环境变量 配置 # 可以使用命令行参数 或者 环境变量 配置
@@ -343,7 +450,18 @@ ipv4_end = "10.1.2.200"
--ip_lease=1209600 # IP地址租约时长 --ip_lease=1209600 # IP地址租约时长
``` ```
7. 构建镜像 (非必需) 9. 使用非特权模式启动容器
```bash
# 参数可以参考 ./anylink tool -d
# 可以使用命令行参数 或者 环境变量 配置
docker run -itd --name anylink \
-p 443:443 -p 8800:8800 -p 443:443/udp \
-v /dev/net/tun:/dev/net/tun --cap-add=NET_ADMIN \
--restart=always \
bjdgyc/anylink
```
10. 构建镜像 (非必需)
```bash ```bash
#获取仓库源码 #获取仓库源码
git clone https://github.com/bjdgyc/anylink.git git clone https://github.com/bjdgyc/anylink.git
@@ -357,25 +475,30 @@ ipv4_end = "10.1.2.200"
请前往 [问题地址](doc/question.md) 查看具体信息 请前往 [问题地址](doc/question.md) 查看具体信息
<!--
## Discussion ## Discussion
添加QQ群(1)(已满): 567510628
添加QQ群(2): 739072205
群共享文件有相关软件下载 群共享文件有相关软件下载
<!--
添加微信群: 群共享文件有相关软件下载 添加微信群: 群共享文件有相关软件下载
![contact_me_qr](doc/screenshot/contact_me_qr.png) ![contact_me_qr](doc/screenshot/contact_me_qr.png)
--> -->
## Support Document
- [三方文档-男孩的天职](https://note.youdao.com/s/X4AxyWfL)
- [三方文档-issues](https://github.com/bjdgyc/anylink/issues)
- [三方文档-思有云](https://www.ioiox.com/archives/128.html)
- [三方文档-杨杨得亿](https://yangpin.link/archives/1897.html) [Windows电脑连接步骤-杨杨得亿](https://yangpin.link/archives/1697.html)
## Support Client ## Support Client
- [AnyConnect Secure Client](https://www.cisco.com/) (可通过群文件下载: Windows/macOS/Linux/Android/iOS) - [AnyConnect Secure Client](https://www.cisco.com/) (可通过群文件下载: Windows/macOS/Linux/Android/iOS)
- [OpenConnect](https://gitlab.com/openconnect/openconnect) (Windows/macOS/Linux) - [OpenConnect](https://gitlab.com/openconnect/openconnect) (Windows/macOS/Linux)
- [AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux) - [三方 AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
- 【推荐】三方客户端下载地址(
Windows/macOS/Linux/Android/iOS) [国内地址](https://ocserv.yydy.link:2023)
## Contribution ## Contribution

65
build.sh
View File

@@ -1,65 +1,28 @@
#!/bin/bash #!/bin/bash
set -x
function RETVAL() {
rt=$1
if [ $rt != 0 ]; then
echo $rt
exit 1
fi
}
#当前目录 #当前目录
cpath=$(pwd) cpath=$(pwd)
#ver=`cat server/base/app_ver.go | grep APP_VER | awk '{print $3}' | sed 's/"//g'`
ver=$(cat version) ver=$(cat version)
echo "当前版本 $ver" echo $ver
echo "编译前端项目" #前端编译 仅需要执行一次
cd $cpath/web #bash ./build_web.sh
#国内可替换源加快速度 bash build_docker.sh
#npx browserslist@latest --update-db
yarn install --registry=https://registry.npmmirror.com
yarn run build
RETVAL $?
echo "编译二进制文件" deploy="anylink-deploy-$ver"
cd $cpath/server docker container rm $deploy
rm -rf ui docker container create --name $deploy bjdgyc/anylink:$ver
cp -rf $cpath/web/ui . rm -rf anylink-deploy anylink-deploy.tar.gz
docker cp -a $deploy:/app ./anylink-deploy
tar zcf ${deploy}.tar.gz anylink-deploy
# -tags osusergo,netgo,sqlite_omit_load_extension
flags="-v -trimpath"
# -extldflags '-static' ./anylink-deploy/anylink -v
ldflags="-s -w -X main.appVer=$ver -X main.commitId=$(git rev-parse HEAD) -X main.date=$(date -Iseconds)"
#国内可替换源加快速度
export GOPROXY=https://goproxy.io
go mod tidy
go build -o anylink $flags -ldflags "$ldflags"
cd $cpath echo "anylink 编译完成,目录: anylink-deploy"
ls -lh anylink-deploy
exit 0
echo "整理部署文件"
deploy="anylink-deploy"
rm -rf $deploy ${deploy}.tar.gz
mkdir $deploy
mkdir $deploy/log
cp -r server/anylink $deploy
cp -r server/bridge-init.sh $deploy
cp -r server/conf $deploy
cp -r systemd $deploy
cp -r LICENSE $deploy
cp -r home $deploy
tar zcvf ${deploy}.tar.gz $deploy
#注意使用root权限运行
#cd anylink-deploy
#sudo ./anylink --conf="conf/server.toml"

17
build_docker.sh
View File

@@ -1,5 +1,7 @@
#!/bin/bash #!/bin/bash
action=$1
ver=$(cat version) ver=$(cat version)
echo $ver echo $ver
@@ -8,11 +10,18 @@ echo $ver
# 生成时间 2024-01-30T21:41:27+08:00 # 生成时间 2024-01-30T21:41:27+08:00
# date -Iseconds # date -Iseconds
docker run -it --rm -v $PWD/web:/app -w /app node:16-alpine \ #bash ./build_web.sh
sh -c "yarn install --registry=https://registry.npmmirror.com && yarn run build"
docker buildx build -t bjdgyc/anylink:latest --progress=plain --build-arg CN="yes" --build-arg appVer=$ver \ # docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 本地不生成镜像
--build-arg commitId=$(git rev-parse HEAD) -f docker/Dockerfile . docker build -t bjdgyc/anylink:latest --no-cache --progress=plain \
--build-arg CN="yes" --build-arg appVer=$ver --build-arg commitId=$(git rev-parse HEAD) \
-f docker/Dockerfile .
echo "docker tag latest $ver" echo "docker tag latest $ver"
docker tag bjdgyc/anylink:latest bjdgyc/anylink:$ver docker tag bjdgyc/anylink:latest bjdgyc/anylink:$ver
if [[ $action == "cntest" ]]; then
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
echo registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
fi

73
build_test.sh Normal file
View File

@@ -0,0 +1,73 @@
#!/bin/bash
#github action release.sh
set -x
function RETVAL() {
rt=$1
if [ $rt != 0 ]; then
echo $rt
exit 1
fi
}
#当前目录
cpath=$(pwd)
ver=$(cat version)
echo $ver
#前端编译 仅需要执行一次
#bash ./build_web.sh
echo "copy二进制文件"
# -tags osusergo,netgo,sqlite_omit_load_extension
flags="-trimpath"
ldflags="-s -w -extldflags '-static' -X main.appVer=$ver -X main.commitId=$(git rev-parse HEAD) -X main.buildDate=$(date --iso-8601=seconds)"
#github action
gopath=/go
dockercmd=$(
cat <<EOF
sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
apk add gcc g++ musl musl-dev tzdata
export GOPROXY=https://goproxy.cn
go mod tidy
echo "build:"
rm anylink
export CGO_ENABLED=1
go build -v -o anylink $flags -ldflags "$ldflags"
./anylink -v
EOF
)
# golang:1.20-alpine3.19
#使用 musl-dev 编译
docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/amd64 \
golang:1.22-alpine3.19 sh -c "$dockercmd"
#arm64编译
#docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/arm64 \
# golang:1.20-alpine3.19 go build -o anylink_arm64 $flags -ldflags "$ldflags"
#exit 0
#cd $cpath
echo "整理部署文件"
rm -rf anylink-deploy anylink-deploy.tar.gz
mkdir anylink-deploy
mkdir anylink-deploy/log
cp -r server/anylink anylink-deploy
cp -r server/conf anylink-deploy
cp -r index_template anylink-deploy
cp -r deploy anylink-deploy
cp -r LICENSE anylink-deploy
tar zcvf anylink-deploy.tar.gz anylink-deploy
#注意使用root权限运行
#cd anylink-deploy
#sudo ./anylink --conf="conf/server.toml"

9
build_web.sh Normal file
View File

@@ -0,0 +1,9 @@
#!/bin/bash
rm -rf web/ui server/ui
docker run -it --rm -v $PWD/web:/app -w /app node:16-alpine \
sh -c "yarn install --registry=https://registry.npmmirror.com && yarn run build"
cp -r web/ui server/ui

1
deploy/docker-compose.yaml
View File

@@ -12,6 +12,7 @@ services:
- 443:443/udp - 443:443/udp
environment: environment:
LINK_LOG_LEVEL: info LINK_LOG_LEVEL: info
#IPTABLES_LEGACY: "on"
command: command:
- --conf=/app/conf/server.toml - --conf=/app/conf/server.toml
#volumes: #volumes:

27
deploy_docker_cn.sh Normal file
View File

@@ -0,0 +1,27 @@
#!/bin/bash
ver=$(cat version)
echo $ver
echo "docker tag latest $ver"
docker pull --platform=linux/amd64 bjdgyc/anylink:$ver
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
docker rmi bjdgyc/anylink:$ver
#arm64
docker pull --platform=linux/arm64 bjdgyc/anylink:$ver
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
docker rmi bjdgyc/anylink:$ver

76
doc/README.md
View File

@@ -12,38 +12,50 @@
> >
> 需要展示主页的同学可以在QQ群 直接联系我添加。 > 需要展示主页的同学可以在QQ群 直接联系我添加。
| 昵称 | 主页 / 联系方式 | | 昵称 | 主页 / 联系方式 |
|-----------|------------------------------| |--------------------|------------------------------|
| 代码 oo8 | | | 代码 oo8 | |
| 甘磊 | https://github.com/ganlei333 | | 甘磊 | https://github.com/ganlei333 |
| Oo@ | https://github.com/chooop | | Oo@ | https://github.com/chooop |
| 虚极静笃 | | | 虚极静笃 | |
| 请喝可乐 | | | 请喝可乐 | |
| 加油加油 | | | 加油加油 | |
| 李建 | | | 李建 | |
| lanbin | | | lanbin | |
| 乐在东途 | | | 乐在东途 | |
| 孤鸿 | | | 孤鸿 | |
| 刘国华 | | | 刘国华 | |
| 改名好无聊 | | | 改名好无聊 | |
| 全能互联网专家 | | | 全能互联网专家 | |
| JCM | | | JCM | |
| Eh... | | | Eh... | |
| 沉 | | | 沉 | |
| 刘国华 | | | 刘国华 | |
| 忧郁的豚骨拉面 | | | 忧郁的豚骨拉面 | |
| 张小旋当爹地 | | | 张小旋当爹地 | |
| 对方正在输入 | | | 对方正在输入 | |
| Ronny | | | Ronny | |
| 奔跑的少年 | | | 奔跑的少年 | |
| ZBW | | | ZBW | |
| 悲鸣 | | | 悲鸣 | |
| 谢谢 | | | 谢谢 | |
| 云思科技 | | | 云思科技 | |
| 哆啦A伟(张佳伟) | | | 哆啦A伟(张佳伟) | |
| 人类的悲欢并不相通 | | | 人类的悲欢并不相通 | |
| 做人要低调 | | | 做人要低调 | |
| 洛洛 | | | 洛洛 | |
| Dragon Liao | |
| 诸葛御风 | |
| 杨杨得亿 | |
| Thanataos | |
| 憨大叔 | |
| 明月 | |
| Amis | |
| Blake | |
| 刘国华 | |
| ZBW | |
| 全能互联网专家 | |
| 广播.会议.音响.无纸化.物联网中控 | |

19
doc/question.md
View File

@@ -10,6 +10,10 @@
> 请使用手机安装 freeotp 然后扫描otp二维码生成的数字即是动态码 > 请使用手机安装 freeotp 然后扫描otp二维码生成的数字即是动态码
### 用户策略问题
> 只要有用户策略,组策略就不生效,相当于覆盖了组策略的配置
### 远程桌面连接 ### 远程桌面连接
> 本软件已经支持远程桌面里面连接anyconnect。 > 本软件已经支持远程桌面里面连接anyconnect。
@@ -113,3 +117,18 @@ anylink: tun模式 tcp传输
> 客户端tls加密协议、隧道header头都会占用一定带宽 > 客户端tls加密协议、隧道header头都会占用一定带宽
### 登录防爆说明
```
1.用户 A 在 IP 1.2.3.4 上尝试登录:
用户 A 在 IP 1.2.3.4 上尝试登录失败 5 次,触发了该 IP 上的用户 A 锁定 5 分钟。
在这 5 分钟内,用户 A 从 IP 1.2.3.4 无法进行新的登录尝试。
2.用户 A 更换 IP 到 1.2.3.5 继续尝试登录:
用户 A 在 IP 1.2.3.5 上继续尝试登录,并且累计失败 20 次,触发了全局用户 A 锁定 5 分钟。
在这 5 分钟内,用户 A 从任何 IP 地址都无法进行新的登录尝试。
3.IP 1.2.3.4 上多个用户尝试登录:
如果从 IP 1.2.3.4 上累计有 40 次失败登录尝试(无论来自多少不同的用户),触发了该 IP 的全局锁定 5 分钟。
在这 5 分钟内,从 IP 1.2.3.4 的所有登录尝试都将被拒绝。
如果在 N 分钟内没有新的失败尝试,失败计数会在 N 分钟后(*_reset_time重置。
```

BIN
doc/screenshot/qq2.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 102 KiB

7
docker/Dockerfile
View File

@@ -13,7 +13,8 @@
# 需要先编译出ui文件后 再执行docker编译 # 需要先编译出ui文件后 再执行docker编译
# server # server
FROM golang:1.20-alpine3.19 as builder_golang # golang:1.20-alpine3.19
FROM golang:1.22-alpine3.19 as builder_golang
ARG CN="no" ARG CN="no"
ARG appVer="appVer" ARG appVer="appVer"
@@ -37,7 +38,9 @@ LABEL maintainer="github.com/bjdgyc"
ARG CN="no" ARG CN="no"
ENV TZ=Asia/Shanghai ENV TZ=Asia/Shanghai
ENV ANYLINK_IN_CONTAINER=true #开关变量 on off
ENV ANYLINK_IN_CONTAINER="on"
ENV IPTABLES_LEGACY="off"
WORKDIR /app WORKDIR /app
COPY docker/init_release.sh /tmp/ COPY docker/init_release.sh /tmp/

10
docker/docker_entrypoint.sh
View File

@@ -1,4 +1,4 @@
#!/bin/sh #!/bin/bash
var1=$1 var1=$1
#set -x #set -x
@@ -19,13 +19,19 @@ case $var1 in
#iptables -nL -t nat #iptables -nL -t nat
# 启动服务 先判断配置文件是否存在 # 启动服务 先判断配置文件是否存在
if [ ! -f /app/conf/profile.xml ]; then if [[ ! -f /app/conf/profile.xml ]]; then
/bin/cp -r /home/conf-bak/* /app/conf/ /bin/cp -r /home/conf-bak/* /app/conf/
echo "After the configuration file is initialized, the container will be forcibly exited. Restart the container." echo "After the configuration file is initialized, the container will be forcibly exited. Restart the container."
echo "配置文件初始化完成后,容器会强制退出,请重新启动容器。" echo "配置文件初始化完成后,容器会强制退出,请重新启动容器。"
exit 1 exit 1
fi fi
# 兼容老版本 iptables
if [[ $IPTABLES_LEGACY == "on" ]]; then
rm /sbin/iptables
ln -s /sbin/iptables-legacy /sbin/iptables
fi
exec /app/anylink "$@" exec /app/anylink "$@"
;; ;;
esac esac

12
docker/init_build.sh
View File

@@ -4,11 +4,12 @@ set -x
#TODO 本地打包时使用镜像 #TODO 本地打包时使用镜像
if [[ $CN == "yes" ]]; then if [[ $CN == "yes" ]]; then
sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories #sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
export GOPROXY=https://goproxy.cn export GOPROXY=https://goproxy.cn
fi fi
apk add build-base tzdata gcc musl-dev upx apk add build-base tzdata gcc g++ musl musl-dev upx
uname -a uname -a
env env
@@ -20,11 +21,10 @@ go mod tidy
echo "start build" echo "start build"
extldflags="-static" ldflags="-s -w -X main.appVer=$appVer -X main.commitId=$commitId -X main.buildDate=$(date -Iseconds) -extldflags \"-static\" "
ldflags="-s -w -X main.appVer=$appVer -X main.commitId=$commitId -X main.buildDate=$(date -Iseconds) \
-extldflags \"$extldflags\" "
CGO_ENABLED=1 go build -o anylink -trimpath -ldflags "$ldflags" export CGO_ENABLED=1
go build -v -o anylink -trimpath -ldflags "$ldflags"
ls -lh /server/ ls -lh /server/

15
docker/init_release.sh
View File

@@ -4,11 +4,22 @@ set -x
#TODO 本地打包时使用镜像 #TODO 本地打包时使用镜像
if [[ $CN == "yes" ]]; then if [[ $CN == "yes" ]]; then
sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories #sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories
export GOPROXY=https://goproxy.cn export GOPROXY=https://goproxy.cn
fi fi
apk add --no-cache bash iptables iproute2 tzdata
# docker 启动使用 4.19 以上内核
apk add --no-cache ca-certificates bash iproute2 tzdata iptables inetutils-telnet
# alpine:3.19 兼容老版本 iptables
apk add --no-cache iptables-legacy
#rm /sbin/iptables
#ln -s /sbin/iptables-legacy /sbin/iptables
chmod +x /app/docker_entrypoint.sh chmod +x /app/docker_entrypoint.sh
mkdir /app/log mkdir /app/log

165
index_template/自定义首页2.html Normal file
View File

@@ -0,0 +1,165 @@
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset=UTF-8">
<title id="pageTitle">客户端下载</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style type="text/css">
body {
background-color: #fff;
background-image: linear-gradient(0deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent),
linear-gradient(90deg, transparent 24%, rgba(207, 207, 207, 0.2) 25%, rgba(207, 207, 207, 0.2) 26%, transparent 27%, transparent 74%, rgba(207, 207, 207, 0.2) 75%, rgba(207, 207, 207, 0.2) 76%, transparent 77%, transparent);
background-size: 50px 50px;
margin: 0;
padding: 0;
display: flex;
justify-content: center;
align-items: center;
height: 100vh;
}
#box {
background-color: #ffffff;
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
position: relative;
padding: 20px;
border-radius: 8px;
max-width: 550px;
width: 100%;
box-sizing: border-box;
}
h2 {
color: #333;
font-weight: 600;
font-size: 28px;
margin: 0 0 20px 0;
}
p {
color: #666;
font-size: 16px;
line-height: 1.6;
margin-top: 20px;
}
.button {
background-color: #ddd;
text-decoration: none;
line-height: 44px;
padding: 9px 42px;
font-weight: 500;
color: #fff;
font-size: 16px;
-webkit-transition: background-color 0.25s ease-out 0s;
-moz-transition: background-color 0.25s ease-out 0s;
transition: background-color 0.25s ease-out 0s;
-moz-border-radius: 4px;
-webkit-border-radius: 4px;
border-radius: 4px;
}
.button:hover {
background-color: #CCC;
color: #444;
}
.button:active {
background-color: #666;
color: #eee;
}
.blue {
background-color: #007BFF;
}
.deep-blue {
background-color: #0056B3;
}
.green {
background-color: #28A745;
}
.grey {
background-color: #6C757D;
}
.black {
background-color: #343A40;
}
.light-blue {
background-color: #17A2B8;
}
.dark-grey {
background-color: #495057;
}
@media (max-width: 768px) {
h2 {
font-size: 24px;
}
p {
font-size: 14px;
}
.button {
padding: 7px 35px;
}
}
</style>
</head>
<body>
<div id="app">
<div id="box">
<h2 id="title">请选择对应平台下载</h2>
<p id="windowsTab">Windows 系统</p>
<a id="linkWindowsX86_64" class="button blue" href="#">Win X86_64</a>
<a id="linkWindowsARM64" class="button deep-blue" href="#">Win ARM64</a>
<p id="mobileTab">移动端</p>
<a id="linkAndroid" class="button green" href="#">Android</a>
<a id="linkIphone" class="button grey" href="#" target="_blank">iPhone</a>
<p id="macOSTab">MacOS 系统</p>
<a id="linkMacos" class="button black" href="#">Mac Intel</a>
<a id="linkMacosARM64" class="button blue" href="#">Mac ARM64</a>
<p id="totpTab">TOTP 移动客户端</p>
<a id="linkTotpAndroid" class="button light-blue" href="#">Android</a>
<a id="linkTotpIphone" class="button dark-grey" href="#" target="_blank">iPhone</a>
</div>
</div>
<script>
const data = {
links: {
windowsX86_64: '/files/anyconnect-win-4.10.05111.msi',
windowsARM64: '/files/anyconnect-win-4.10.05111.msi',
android: '/files/CiscoSecureClientAnyConnect_v5.0.00247.apk',
iphone: 'https://apps.apple.com/cn/app/cisco-anyconnect/id1135064690',
macosIntel: '/files/anyconnect-macos-4.10.05111.dmg',
macosARM64: '/files/anyconnect-macos-4.10.05111.dmg',
totpAndroid: '/files/Authenticator_v5.10_apkpure.com.apk',
totpIphone: 'https://apps.apple.com/cn/app/google-authenticator/id388497605',
}
};
window.onload = function () {
document.getElementById('linkWindowsX86_64').href = data.links.windowsX86_64;
document.getElementById('linkWindowsARM64').href = data.links.windowsARM64;
document.getElementById('linkAndroid').href = data.links.android;
document.getElementById('linkIphone').href = data.links.iphone;
document.getElementById('linkMacos').href = data.links.macosIntel;
document.getElementById('linkMacosARM64').href = data.links.macosARM64;
document.getElementById('linkTotpAndroid').href = data.links.totpAndroid;
document.getElementById('linkTotpIphone').href = data.links.totpIphone;
};
</script>
</body>
</html>

58
release_bak.sh
View File

@@ -1,58 +0,0 @@
#!/bin/bash
#github action release.sh
set -x
function RETVAL() {
rt=$1
if [ $rt != 0 ]; then
echo $rt
exit 1
fi
}
#当前目录
cpath=$(pwd)
echo "copy二进制文件"
cd $cpath/server
# -tags osusergo,netgo,sqlite_omit_load_extension
flags="-trimpath"
ldflags="-s -w -extldflags '-static' -X main.appVer=$ver -X main.commitId=$(git rev-parse HEAD) -X main.date=$(date --iso-8601=seconds)"
#github action
gopath=$(go env GOPATH)
go mod tidy
# alpine3
apk add gcc musl-dev
#使用 musl-dev 编译
docker run -q --rm -v $PWD:/app -v $gopath:/go -w /app --platform=linux/amd64 \
golang:1.20-alpine3.19 go build -o anylink_amd64 $flags -ldflags "$ldflags"
./anylink_amd64 -v
#arm64编译
docker run -q --rm -v $PWD:/app -v $gopath:/go -w /app --platform=linux/arm64 \
golang:1.20-alpine3.19 go build -o anylink_arm64 $flags -ldflags "$ldflags"
./anylink_arm64 -v
exit 0
cd $cpath
echo "整理部署文件"
deploy="anylink-deploy"
rm -rf $deploy ${deploy}.tar.gz
mkdir $deploy
mkdir $deploy/log
cp -r server/anylink $deploy
cp -r server/bridge-init.sh $deploy
cp -r server/conf $deploy
cp -r systemd $deploy
cp -r LICENSE $deploy
cp -r home $deploy
tar zcvf ${deploy}.tar.gz $deploy
#注意使用root权限运行
#cd anylink-deploy
#sudo ./anylink --conf="conf/server.toml"

2
server/.gitignore vendored
View File

@@ -18,4 +18,4 @@ ui/
.idea/ .idea/
anylink anylink
data.db data.db
conf/*.db conf/*.db

1
server/admin/api_base.go
View File

@@ -84,6 +84,7 @@ func authMiddleware(next http.Handler) http.Handler {
w.Header().Set("Access-Control-Allow-Methods", "GET,POST,OPTIONS") w.Header().Set("Access-Control-Allow-Methods", "GET,POST,OPTIONS")
w.Header().Set("Access-Control-Allow-Headers", "*") w.Header().Set("Access-Control-Allow-Headers", "*")
if r.Method == http.MethodOptions { if r.Method == http.MethodOptions {
// w.WriteHeader(http.StatusOK)
// 正式环境不支持 OPTIONS // 正式环境不支持 OPTIONS
w.WriteHeader(http.StatusForbidden) w.WriteHeader(http.StatusForbidden)
return return

4
server/admin/api_group.go
View File

@@ -75,6 +75,10 @@ func GroupDetail(w http.ResponseWriter, r *http.Request) {
if len(data.Auth) == 0 { if len(data.Auth) == 0 {
data.Auth["type"] = "local" data.Auth["type"] = "local"
} }
// 兼容旧数据
if data.SplitDns == nil {
data.SplitDns = []dbdata.ValData{}
}
RespSucess(w, data) RespSucess(w, data)
} }

13
server/admin/api_set.go
View File

@@ -66,12 +66,13 @@ func SetSystem(w http.ResponseWriter, r *http.Request) {
hi, _ := host.Info() hi, _ := host.Info()
l, _ := load.Avg() l, _ := load.Avg()
data["sys"] = map[string]interface{}{ data["sys"] = map[string]interface{}{
"goOs": runtime.GOOS, "goOs": runtime.GOOS,
"goArch": runtime.GOARCH, "goArch": runtime.GOARCH,
"goVersion": runtime.Version(), "goVersion": runtime.Version(),
"goroutine": runtime.NumGoroutine(), "goroutine": runtime.NumGoroutine(),
"appVersion": "v" + base.APP_VER, "appVersion": "v" + base.APP_VER,
"appCommitId": base.CommitId, "appCommitId": base.CommitId,
"appBuildDate": base.BuildDate,
"hostname": hi.Hostname, "hostname": hi.Hostname,
"platform": fmt.Sprintf("%v %v %v", hi.Platform, hi.PlatformFamily, hi.PlatformVersion), "platform": fmt.Sprintf("%v %v %v", hi.Platform, hi.PlatformFamily, hi.PlatformVersion),

1
server/admin/api_uploaduser.go
View File

@@ -110,6 +110,7 @@ func UploadUser(file string) error {
if err := dbdata.AddBatch(user); err != nil { if err := dbdata.AddBatch(user); err != nil {
return fmt.Errorf("请检查第%d行数据是否导入有重复用户", index) return fmt.Errorf("请检查第%d行数据是否导入有重复用户", index)
} }
user.PinCode = row[4]
if user.SendEmail { if user.SendEmail {
if err := userAccountMail(user); err != nil { if err := userAccountMail(user); err != nil {
return err return err

44
server/admin/api_user.go
View File

@@ -15,8 +15,10 @@ import (
"github.com/bjdgyc/anylink/base" "github.com/bjdgyc/anylink/base"
"github.com/bjdgyc/anylink/dbdata" "github.com/bjdgyc/anylink/dbdata"
"github.com/bjdgyc/anylink/pkg/utils"
"github.com/bjdgyc/anylink/sessdata" "github.com/bjdgyc/anylink/sessdata"
"github.com/skip2/go-qrcode" "github.com/skip2/go-qrcode"
mail "github.com/xhit/go-simple-mail/v2"
) )
func UserList(w http.ResponseWriter, r *http.Request) { func UserList(w http.ResponseWriter, r *http.Request) {
@@ -97,11 +99,17 @@ func UserSet(w http.ResponseWriter, r *http.Request) {
return return
} }
if len(data.PinCode) < 6 {
data.PinCode = utils.RandomRunes(8)
base.Info("用户", data.Username, "随机密码为:", data.PinCode)
}
plainpwd := data.PinCode
err = dbdata.SetUser(data) err = dbdata.SetUser(data)
if err != nil { if err != nil {
RespError(w, RespInternalErr, err) RespError(w, RespInternalErr, err)
return return
} }
data.PinCode = plainpwd
// 发送邮件 // 发送邮件
if data.SendEmail { if data.SendEmail {
@@ -179,7 +187,15 @@ func userOtpQr(uid int, b64 bool) (string, error) {
// 在线用户 // 在线用户
func UserOnline(w http.ResponseWriter, r *http.Request) { func UserOnline(w http.ResponseWriter, r *http.Request) {
datas := sessdata.OnlineSess() _ = r.ParseForm()
search_cate := r.FormValue("search_cate")
search_text := r.FormValue("search_text")
show_sleeper := r.FormValue("show_sleeper")
showSleeper, _ := strconv.ParseBool(show_sleeper)
// one_offline := r.FormValue("one_offline")
// datas := sessdata.OnlineSess()
datas := sessdata.GetOnlineSess(search_cate, search_text, showSleeper)
data := map[string]interface{}{ data := map[string]interface{}{
"count": len(datas), "count": len(datas),
@@ -211,8 +227,10 @@ type userAccountMailData struct {
Username string Username string
Nickname string Nickname string
PinCode string PinCode string
LimitTime string
OtpImg string OtpImg string
OtpImgBase64 string OtpImgBase64 string
DisableOtp bool
} }
func userAccountMail(user *dbdata.User) error { func userAccountMail(user *dbdata.User) error {
@@ -264,7 +282,15 @@ func userAccountMail(user *dbdata.User) error {
PinCode: user.PinCode, PinCode: user.PinCode,
OtpImg: fmt.Sprintf("https://%s/otp_qr?id=%d&jwt=%s", setting.LinkAddr, user.Id, tokenString), OtpImg: fmt.Sprintf("https://%s/otp_qr?id=%d&jwt=%s", setting.LinkAddr, user.Id, tokenString),
OtpImgBase64: "data:image/png;base64," + otpData, OtpImgBase64: "data:image/png;base64," + otpData,
DisableOtp: user.DisableOtp,
} }
if user.LimitTime == nil {
data.LimitTime = "无限制"
} else {
data.LimitTime = user.LimitTime.Local().Format("2006-01-02")
}
w := bytes.NewBufferString("") w := bytes.NewBufferString("")
t, _ := template.New("auth_complete").Parse(htmlBody) t, _ := template.New("auth_complete").Parse(htmlBody)
err = t.Execute(w, data) err = t.Execute(w, data)
@@ -272,5 +298,19 @@ func userAccountMail(user *dbdata.User) error {
return err return err
} }
// fmt.Println(w.String()) // fmt.Println(w.String())
return SendMail(base.Cfg.Issuer+"平台通知", user.Email, w.String())
var attach *mail.File
if user.DisableOtp {
attach = nil
} else {
imgData, _ := userOtpQr(user.Id, false)
attach = &mail.File{
MimeType: "image/png",
Name: "userOtpQr.png",
Data: []byte(imgData),
Inline: true,
}
}
return SendMail(base.Cfg.Issuer, user.Email, w.String(), attach)
} }

8
server/admin/common.go
View File

@@ -43,7 +43,7 @@ func GetJwtData(jwtToken string) (map[string]interface{}, error) {
return claims, nil return claims, nil
} }
func SendMail(subject, to, htmlBody string) error { func SendMail(subject, to, htmlBody string, attach *mail.File) error {
dataSmtp := &dbdata.SettingSmtp{} dataSmtp := &dbdata.SettingSmtp{}
err := dbdata.SettingGet(dataSmtp) err := dbdata.SettingGet(dataSmtp)
@@ -73,7 +73,7 @@ func SendMail(subject, to, htmlBody string) error {
// - PLAIN (default) // - PLAIN (default)
// - LOGIN // - LOGIN
// - CRAM-MD5 // - CRAM-MD5
server.Authentication = mail.AuthPlain server.Authentication = mail.AuthAuto
// Variable to keep alive connection // Variable to keep alive connection
server.KeepAlive = false server.KeepAlive = false
@@ -102,6 +102,10 @@ func SendMail(subject, to, htmlBody string) error {
AddTo(to). AddTo(to).
SetSubject(subject) SetSubject(subject)
if attach != nil {
email.Attach(attach)
}
email.SetBody(mail.TextHTML, htmlBody) email.SetBody(mail.TextHTML, htmlBody)
// Call Send and pass the client // Call Send and pass the client

465
server/admin/lockmanager.go Normal file
View File

@@ -0,0 +1,465 @@
package admin
import (
"encoding/json"
"io"
"net"
"net/http"
"strings"
"sync"
"time"
"github.com/bjdgyc/anylink/base"
)
type LockInfo struct {
Description string `json:"description"` // 锁定原因
Username string `json:"username"` // 用户名
IP string `json:"ip"` // IP 地址
State *LockState `json:"state"` // 锁定状态信息
}
type LockState struct {
Locked bool `json:"locked"` // 是否锁定
FailureCount int `json:"attempts"` // 失败次数
LockTime time.Time `json:"lock_time"` // 锁定截止时间
LastAttempt time.Time `json:"lastAttempt"` // 最后一次尝试的时间
}
type IPWhitelists struct {
IP net.IP
CIDR *net.IPNet
}
type LockManager struct {
mu sync.Mutex
// LoginStatus sync.Map // 登录状态
ipLocks map[string]*LockState // 全局IP锁定状态
userLocks map[string]*LockState // 全局用户锁定状态
ipUserLocks map[string]map[string]*LockState // 单用户IP锁定状态
ipWhitelists []IPWhitelists // 全局IP白名单包含IP地址和CIDR范围
cleanupTicker *time.Ticker
}
var lockmanager *LockManager
var once sync.Once
func GetLockManager() *LockManager {
once.Do(func() {
lockmanager = &LockManager{
// LoginStatus: sync.Map{},
ipLocks: make(map[string]*LockState),
userLocks: make(map[string]*LockState),
ipUserLocks: make(map[string]map[string]*LockState),
ipWhitelists: make([]IPWhitelists, 0),
}
})
return lockmanager
}
const defaultGlobalLockStateExpirationTime = 3600
func InitLockManager() {
lm := GetLockManager()
if base.Cfg.AntiBruteForce {
if base.Cfg.GlobalLockStateExpirationTime <= 0 {
base.Cfg.GlobalLockStateExpirationTime = defaultGlobalLockStateExpirationTime
}
lm.StartCleanupTicker()
lm.InitIPWhitelist()
}
}
func GetLocksInfo(w http.ResponseWriter, r *http.Request) {
lm := GetLockManager()
locksInfo := lm.GetLocksInfo()
RespSucess(w, locksInfo)
}
func UnlockUser(w http.ResponseWriter, r *http.Request) {
body, err := io.ReadAll(r.Body)
if err != nil {
RespError(w, RespInternalErr, err)
return
}
lockinfo := LockInfo{}
if err := json.Unmarshal(body, &lockinfo); err != nil {
RespError(w, RespInternalErr, err)
return
}
if lockinfo.State == nil {
RespError(w, RespInternalErr, "未找到锁定用户!")
return
}
lm := GetLockManager()
lm.mu.Lock()
defer lm.mu.Unlock()
// 根据用户名和IP查找锁定状态
var state *LockState
switch {
case lockinfo.IP == "" && lockinfo.Username != "":
state = lm.userLocks[lockinfo.Username] // 全局用户锁定
case lockinfo.Username != "" && lockinfo.IP != "":
if userIPMap, exists := lm.ipUserLocks[lockinfo.Username]; exists {
state = userIPMap[lockinfo.IP] // 单用户 IP 锁定
}
default:
state = lm.ipLocks[lockinfo.IP] // 全局 IP 锁定
}
if state == nil || !state.Locked {
RespError(w, RespInternalErr, "锁定状态未找到或已解锁")
return
}
lm.Unlock(state)
base.Info("解锁成功:", lockinfo.Description, lockinfo.Username, lockinfo.IP)
RespSucess(w, "解锁成功!")
}
func (lm *LockManager) GetLocksInfo() []LockInfo {
var locksInfo []LockInfo
lm.mu.Lock()
defer lm.mu.Unlock()
for ip, state := range lm.ipLocks {
if base.Cfg.MaxGlobalIPBanCount > 0 && state.Locked {
info := LockInfo{
Description: "全局IP锁定",
Username: "",
IP: ip,
State: &LockState{
Locked: state.Locked,
FailureCount: state.FailureCount,
LockTime: state.LockTime,
LastAttempt: state.LastAttempt,
},
}
locksInfo = append(locksInfo, info)
}
}
for username, state := range lm.userLocks {
if base.Cfg.MaxGlobalUserBanCount > 0 && state.Locked {
info := LockInfo{
Description: "全局用户锁定",
Username: username,
IP: "",
State: &LockState{
Locked: state.Locked,
FailureCount: state.FailureCount,
LockTime: state.LockTime,
LastAttempt: state.LastAttempt,
},
}
locksInfo = append(locksInfo, info)
}
}
for username, ipStates := range lm.ipUserLocks {
for ip, state := range ipStates {
if base.Cfg.MaxBanCount > 0 && state.Locked {
info := LockInfo{
Description: "单用户IP锁定",
Username: username,
IP: ip,
State: &LockState{
Locked: state.Locked,
FailureCount: state.FailureCount,
LockTime: state.LockTime,
LastAttempt: state.LastAttempt,
},
}
locksInfo = append(locksInfo, info)
}
}
}
return locksInfo
}
// 初始化IP白名单
func (lm *LockManager) InitIPWhitelist() {
ipWhitelist := strings.Split(base.Cfg.IPWhitelist, ",")
for _, ipWhitelist := range ipWhitelist {
ipWhitelist = strings.TrimSpace(ipWhitelist)
if ipWhitelist == "" {
continue
}
_, ipNet, err := net.ParseCIDR(ipWhitelist)
if err == nil {
lm.ipWhitelists = append(lm.ipWhitelists, IPWhitelists{CIDR: ipNet})
continue
}
ip := net.ParseIP(ipWhitelist)
if ip != nil {
lm.ipWhitelists = append(lm.ipWhitelists, IPWhitelists{IP: ip})
continue
}
}
}
// 检查 IP 是否在白名单中
func (lm *LockManager) IsWhitelisted(ip string) bool {
clientIP := net.ParseIP(ip)
if clientIP == nil {
return false
}
for _, ipWhitelist := range lm.ipWhitelists {
if ipWhitelist.CIDR != nil && ipWhitelist.CIDR.Contains(clientIP) {
return true
}
if ipWhitelist.IP != nil && ipWhitelist.IP.Equal(clientIP) {
return true
}
}
return false
}
func (lm *LockManager) StartCleanupTicker() {
lm.cleanupTicker = time.NewTicker(1 * time.Minute)
go func() {
for range lm.cleanupTicker.C {
lm.CleanupExpiredLocks()
}
}()
}
// 定期清理过期的锁定
func (lm *LockManager) CleanupExpiredLocks() {
now := time.Now()
lm.mu.Lock()
defer lm.mu.Unlock()
for ip, state := range lm.ipLocks {
if !lm.CheckLockState(state, now, base.Cfg.GlobalIPBanResetTime) ||
now.Sub(state.LastAttempt) > time.Duration(base.Cfg.GlobalLockStateExpirationTime)*time.Second {
delete(lm.ipLocks, ip)
}
}
for user, state := range lm.userLocks {
if !lm.CheckLockState(state, now, base.Cfg.GlobalUserBanResetTime) ||
now.Sub(state.LastAttempt) > time.Duration(base.Cfg.GlobalLockStateExpirationTime)*time.Second {
delete(lm.userLocks, user)
}
}
for user, ipMap := range lm.ipUserLocks {
for ip, state := range ipMap {
if !lm.CheckLockState(state, now, base.Cfg.BanResetTime) ||
now.Sub(state.LastAttempt) > time.Duration(base.Cfg.GlobalLockStateExpirationTime)*time.Second {
delete(ipMap, ip)
if len(ipMap) == 0 {
delete(lm.ipUserLocks, user)
}
}
}
}
}
// 检查全局 IP 锁定
func (lm *LockManager) CheckGlobalIPLock(ip string, now time.Time) bool {
lm.mu.Lock()
defer lm.mu.Unlock()
state, exists := lm.ipLocks[ip]
if !exists {
return false
}
return lm.CheckLockState(state, now, base.Cfg.GlobalIPBanResetTime)
}
// 检查全局用户锁定
func (lm *LockManager) CheckGlobalUserLock(username string, now time.Time) bool {
// 我也不知道为什么cisco anyconnect每次连接会先传一个空用户请求····
if username == "" {
return false
}
lm.mu.Lock()
defer lm.mu.Unlock()
state, exists := lm.userLocks[username]
if !exists {
return false
}
return lm.CheckLockState(state, now, base.Cfg.GlobalUserBanResetTime)
}
// 检查单个用户的 IP 锁定
func (lm *LockManager) CheckUserIPLock(username, ip string, now time.Time) bool {
// 我也不知道为什么cisco anyconnect每次连接会先传一个空用户请求····
if username == "" {
return false
}
lm.mu.Lock()
defer lm.mu.Unlock()
userIPMap, userExists := lm.ipUserLocks[username]
if !userExists {
return false
}
state, ipExists := userIPMap[ip]
if !ipExists {
return false
}
return lm.CheckLockState(state, now, base.Cfg.BanResetTime)
}
// 更新全局 IP 锁定状态
func (lm *LockManager) UpdateGlobalIPLock(ip string, now time.Time, success bool) {
lm.mu.Lock()
defer lm.mu.Unlock()
state, exists := lm.ipLocks[ip]
if !exists {
state = &LockState{}
lm.ipLocks[ip] = state
}
lm.UpdateLockState(state, now, success, base.Cfg.MaxGlobalIPBanCount, base.Cfg.GlobalIPLockTime)
}
// 更新全局用户锁定状态
func (lm *LockManager) UpdateGlobalUserLock(username string, now time.Time, success bool) {
// 我也不知道为什么cisco anyconnect每次连接会先传一个空用户请求····
if username == "" {
return
}
lm.mu.Lock()
defer lm.mu.Unlock()
state, exists := lm.userLocks[username]
if !exists {
state = &LockState{}
lm.userLocks[username] = state
}
lm.UpdateLockState(state, now, success, base.Cfg.MaxGlobalUserBanCount, base.Cfg.GlobalUserLockTime)
}
// 更新单个用户的 IP 锁定状态
func (lm *LockManager) UpdateUserIPLock(username, ip string, now time.Time, success bool) {
// 我也不知道为什么cisco anyconnect每次连接会先传一个空用户请求····
if username == "" {
return
}
lm.mu.Lock()
defer lm.mu.Unlock()
userIPMap, userExists := lm.ipUserLocks[username]
if !userExists {
userIPMap = make(map[string]*LockState)
lm.ipUserLocks[username] = userIPMap
}
state, ipExists := userIPMap[ip]
if !ipExists {
state = &LockState{}
userIPMap[ip] = state
}
lm.UpdateLockState(state, now, success, base.Cfg.MaxBanCount, base.Cfg.LockTime)
}
// 更新锁定状态
func (lm *LockManager) UpdateLockState(state *LockState, now time.Time, success bool, maxBanCount, lockTime int) {
if success {
lm.Unlock(state) // 成功登录后解锁
} else {
state.FailureCount++
if state.FailureCount >= maxBanCount {
state.LockTime = now.Add(time.Duration(lockTime) * time.Second)
state.Locked = true // 超过阈值时锁定
}
}
state.LastAttempt = now
}
// 检查锁定状态
func (lm *LockManager) CheckLockState(state *LockState, now time.Time, resetTime int) bool {
if state == nil || state.LastAttempt.IsZero() {
return false
}
// 如果超过锁定时间,重置锁定状态
if !state.LockTime.IsZero() && now.After(state.LockTime) {
lm.Unlock(state) // 锁定期过后解锁
return false
}
// 如果超过窗口时间,重置失败计数
if now.Sub(state.LastAttempt) > time.Duration(resetTime)*time.Second {
state.FailureCount = 0
return false
}
return state.Locked
}
// 解锁
func (lm *LockManager) Unlock(state *LockState) {
state.FailureCount = 0
state.LockTime = time.Time{}
state.Locked = false
}
// 检查锁定状态
func (lm *LockManager) CheckLocked(username, ipaddr string) bool {
if !base.Cfg.AntiBruteForce {
return true
}
ip, _, err := net.SplitHostPort(ipaddr) // 提取纯 IP 地址,去掉端口号
if err != nil {
base.Error("检查锁定状态失败,提取IP地址错误:", ipaddr)
return true
}
now := time.Now()
// 检查IP是否在白名单中
if lm.IsWhitelisted(ip) {
return true
}
// 检查全局 IP 锁定
if base.Cfg.MaxGlobalIPBanCount > 0 && lm.CheckGlobalIPLock(ip, now) {
base.Warn("IP", ip, "is globally locked. Try again later.")
return false
}
// 检查全局用户锁定
if base.Cfg.MaxGlobalUserBanCount > 0 && lm.CheckGlobalUserLock(username, now) {
base.Warn("User", username, "is globally locked. Try again later.")
return false
}
// 检查单个用户的 IP 锁定
if base.Cfg.MaxBanCount > 0 && lm.CheckUserIPLock(username, ip, now) {
base.Warn("IP", ip, "is locked for user", username, "Try again later.")
return false
}
return true
}
// 更新用户登录状态
func (lm *LockManager) UpdateLoginStatus(username, ipaddr string, loginStatus bool) {
ip, _, err := net.SplitHostPort(ipaddr) // 提取纯 IP 地址,去掉端口号
if err != nil {
base.Error("更新登录状态失败,提取IP地址错误:", ipaddr)
return
}
now := time.Now()
// 更新用户登录状态
lm.UpdateGlobalIPLock(ip, now, loginStatus)
lm.UpdateGlobalUserLock(username, now, loginStatus)
lm.UpdateUserIPLock(username, ip, now, loginStatus)
}

8
server/admin/server.go
View File

@@ -87,6 +87,8 @@ func StartAdmin() {
r.HandleFunc("/group/auth_login", GroupAuthLogin) r.HandleFunc("/group/auth_login", GroupAuthLogin)
r.HandleFunc("/statsinfo/list", StatsInfoList) r.HandleFunc("/statsinfo/list", StatsInfoList)
r.HandleFunc("/locksinfo/list", GetLocksInfo)
r.HandleFunc("/locksinfo/unlok", UnlockUser)
// pprof // pprof
if base.Cfg.Pprof { if base.Cfg.Pprof {
@@ -111,12 +113,6 @@ func StartAdmin() {
selectedCipherSuites = append(selectedCipherSuites, s.ID) selectedCipherSuites = append(selectedCipherSuites, s.ID)
} }
if tlscert, _, err := dbdata.ParseCert(); err != nil {
base.Fatal("证书加载失败", err)
} else {
dbdata.LoadCertificate(tlscert)
}
// 设置tls信息 // 设置tls信息
tlsConfig := &tls.Config{ tlsConfig := &tls.Config{
NextProtos: []string{"http/1.1"}, NextProtos: []string{"http/1.1"},

78
server/base/cfg.go
View File

@@ -5,6 +5,9 @@ import (
"os" "os"
"path/filepath" "path/filepath"
"reflect" "reflect"
"strings"
"github.com/bjdgyc/anylink/pkg/utils"
) )
const ( const (
@@ -31,27 +34,29 @@ var (
type ServerConfig struct { type ServerConfig struct {
// LinkAddr string `json:"link_addr"` // LinkAddr string `json:"link_addr"`
Conf string `json:"conf"` Conf string `json:"conf"`
Profile string `json:"profile"` Profile string `json:"profile"`
ServerAddr string `json:"server_addr"` ProfileName string `json:"profile_name"`
ServerDTLSAddr string `json:"server_dtls_addr"` ServerAddr string `json:"server_addr"`
ServerDTLS bool `json:"server_dtls"` ServerDTLS bool `json:"server_dtls"`
AdminAddr string `json:"admin_addr"` ServerDTLSAddr string `json:"server_dtls_addr"`
ProxyProtocol bool `json:"proxy_protocol"` AdvertiseDTLSAddr string `json:"advertise_dtls_addr"`
DbType string `json:"db_type"` AdminAddr string `json:"admin_addr"`
DbSource string `json:"db_source"` ProxyProtocol bool `json:"proxy_protocol"`
CertFile string `json:"cert_file"` DbType string `json:"db_type"`
CertKey string `json:"cert_key"` DbSource string `json:"db_source"`
FilesPath string `json:"files_path"` CertFile string `json:"cert_file"`
LogPath string `json:"log_path"` CertKey string `json:"cert_key"`
LogLevel string `json:"log_level"` FilesPath string `json:"files_path"`
HttpServerLog bool `json:"http_server_log"` LogPath string `json:"log_path"`
Pprof bool `json:"pprof"` LogLevel string `json:"log_level"`
Issuer string `json:"issuer"` HttpServerLog bool `json:"http_server_log"`
AdminUser string `json:"admin_user"` Pprof bool `json:"pprof"`
AdminPass string `json:"admin_pass"` Issuer string `json:"issuer"`
AdminOtp string `json:"admin_otp"` AdminUser string `json:"admin_user"`
JwtSecret string `json:"jwt_secret"` AdminPass string `json:"admin_pass"`
AdminOtp string `json:"admin_otp"`
JwtSecret string `json:"jwt_secret"`
LinkMode string `json:"link_mode"` // tun tap macvtap ipvtap LinkMode string `json:"link_mode"` // tun tap macvtap ipvtap
Ipv4Master string `json:"ipv4_master"` // eth0 Ipv4Master string `json:"ipv4_master"` // eth0
@@ -81,7 +86,27 @@ type ServerConfig struct {
Compression bool `json:"compression"` // bool Compression bool `json:"compression"` // bool
NoCompressLimit int `json:"no_compress_limit"` // int NoCompressLimit int `json:"no_compress_limit"` // int
DisplayError bool `json:"display_error"` DisplayError bool `json:"display_error"`
ExcludeExportIp bool `json:"exclude_export_ip"`
AuthAloneOtp bool `json:"auth_alone_otp"`
EncryptionPassword bool `json:"encryption_password"`
AntiBruteForce bool `json:"anti_brute_force"`
IPWhitelist string `json:"ip_whitelist"`
MaxBanCount int `json:"max_ban_score"`
BanResetTime int `json:"ban_reset_time"`
LockTime int `json:"lock_time"`
MaxGlobalUserBanCount int `json:"max_global_user_ban_count"`
GlobalUserBanResetTime int `json:"global_user_ban_reset_time"`
GlobalUserLockTime int `json:"global_user_lock_time"`
MaxGlobalIPBanCount int `json:"max_global_ip_ban_count"`
GlobalIPBanResetTime int `json:"global_ip_ban_reset_time"`
GlobalIPLockTime int `json:"global_ip_lock_time"`
GlobalLockStateExpirationTime int `json:"global_lock_state_expiration_time"`
} }
func initServerCfg() { func initServerCfg() {
@@ -104,6 +129,15 @@ func initServerCfg() {
if Cfg.JwtSecret == defaultJwt { if Cfg.JwtSecret == defaultJwt {
fmt.Fprintln(os.Stderr, "=== 使用默认的jwt_secret有安全风险请设置新的jwt_secret ===") fmt.Fprintln(os.Stderr, "=== 使用默认的jwt_secret有安全风险请设置新的jwt_secret ===")
// 安全问题,自动生成新的密钥
jwtSecret, _ := utils.RandSecret(40, 60)
jwtSecret = strings.Trim(jwtSecret, "=")
Cfg.JwtSecret = jwtSecret
}
if Cfg.AdvertiseDTLSAddr == "" {
Cfg.AdvertiseDTLSAddr = Cfg.ServerDTLSAddr
} }
fmt.Printf("ServerCfg: %+v \n", Cfg) fmt.Printf("ServerCfg: %+v \n", Cfg)

38
server/base/config.go
View File

@@ -22,9 +22,11 @@ type config struct {
var configs = []config{ var configs = []config{
{Typ: cfgStr, Name: "conf", Usage: "config file", ValStr: "./conf/server.toml", Short: "c"}, {Typ: cfgStr, Name: "conf", Usage: "config file", ValStr: "./conf/server.toml", Short: "c"},
{Typ: cfgStr, Name: "profile", Usage: "profile.xml file", ValStr: "./conf/profile.xml"}, {Typ: cfgStr, Name: "profile", Usage: "profile.xml file", ValStr: "./conf/profile.xml"},
{Typ: cfgStr, Name: "profile_name", Usage: "profile name(用于区分不同服务端的配置)", ValStr: "anylink"},
{Typ: cfgStr, Name: "server_addr", Usage: "TCP服务监听地址(任意端口)", ValStr: ":443"}, {Typ: cfgStr, Name: "server_addr", Usage: "TCP服务监听地址(任意端口)", ValStr: ":443"},
{Typ: cfgBool, Name: "server_dtls", Usage: "开启DTLS", ValBool: true}, {Typ: cfgBool, Name: "server_dtls", Usage: "开启DTLS", ValBool: false},
{Typ: cfgStr, Name: "server_dtls_addr", Usage: "DTLS监听地址(任意端口)", ValStr: ":443"}, {Typ: cfgStr, Name: "server_dtls_addr", Usage: "DTLS监听地址(任意端口)", ValStr: ":443"},
{Typ: cfgStr, Name: "advertise_dtls_addr", Usage: "DTLS对外映射端口(为空则与server_dtls_addr相同)", ValStr: ""},
{Typ: cfgStr, Name: "admin_addr", Usage: "后台服务监听地址", ValStr: ":8800"}, {Typ: cfgStr, Name: "admin_addr", Usage: "后台服务监听地址", ValStr: ":8800"},
{Typ: cfgBool, Name: "proxy_protocol", Usage: "TCP代理协议", ValBool: false}, {Typ: cfgBool, Name: "proxy_protocol", Usage: "TCP代理协议", ValBool: false},
{Typ: cfgStr, Name: "db_type", Usage: "数据库类型 [sqlite3 mysql postgres]", ValStr: "sqlite3"}, {Typ: cfgStr, Name: "db_type", Usage: "数据库类型 [sqlite3 mysql postgres]", ValStr: "sqlite3"},
@@ -35,7 +37,7 @@ var configs = []config{
{Typ: cfgStr, Name: "log_path", Usage: "日志文件路径,默认标准输出", ValStr: ""}, {Typ: cfgStr, Name: "log_path", Usage: "日志文件路径,默认标准输出", ValStr: ""},
{Typ: cfgStr, Name: "log_level", Usage: "日志等级 [debug info warn error]", ValStr: "debug"}, {Typ: cfgStr, Name: "log_level", Usage: "日志等级 [debug info warn error]", ValStr: "debug"},
{Typ: cfgBool, Name: "http_server_log", Usage: "开启go标准库http.Server的日志", ValBool: false}, {Typ: cfgBool, Name: "http_server_log", Usage: "开启go标准库http.Server的日志", ValBool: false},
{Typ: cfgBool, Name: "pprof", Usage: "开启pprof", ValBool: false}, {Typ: cfgBool, Name: "pprof", Usage: "开启pprof", ValBool: true},
{Typ: cfgStr, Name: "issuer", Usage: "系统名称", ValStr: "XX公司VPN"}, {Typ: cfgStr, Name: "issuer", Usage: "系统名称", ValStr: "XX公司VPN"},
{Typ: cfgStr, Name: "admin_user", Usage: "管理用户名", ValStr: "admin"}, {Typ: cfgStr, Name: "admin_user", Usage: "管理用户名", ValStr: "admin"},
{Typ: cfgStr, Name: "admin_pass", Usage: "管理用户密码", ValStr: defaultPwd}, {Typ: cfgStr, Name: "admin_pass", Usage: "管理用户密码", ValStr: defaultPwd},
@@ -48,17 +50,17 @@ var configs = []config{
{Typ: cfgStr, Name: "ipv4_start", Usage: "IPV4开始地址", ValStr: "192.168.90.100"}, {Typ: cfgStr, Name: "ipv4_start", Usage: "IPV4开始地址", ValStr: "192.168.90.100"},
{Typ: cfgStr, Name: "ipv4_end", Usage: "IPV4结束", ValStr: "192.168.90.200"}, {Typ: cfgStr, Name: "ipv4_end", Usage: "IPV4结束", ValStr: "192.168.90.200"},
{Typ: cfgStr, Name: "default_group", Usage: "默认用户组", ValStr: "one"}, {Typ: cfgStr, Name: "default_group", Usage: "默认用户组", ValStr: "one"},
{Typ: cfgStr, Name: "default_domain", Usage: "要发布的默认域", ValStr: ""}, {Typ: cfgStr, Name: "default_domain", Usage: "客户端dns的默认搜索域", ValStr: ""},
{Typ: cfgInt, Name: "ip_lease", Usage: "IP租期(秒)", ValInt: 86400}, {Typ: cfgInt, Name: "ip_lease", Usage: "IP租期(秒)", ValInt: 86400},
{Typ: cfgInt, Name: "max_client", Usage: "最大用户连接", ValInt: 200}, {Typ: cfgInt, Name: "max_client", Usage: "最大用户连接", ValInt: 200},
{Typ: cfgInt, Name: "max_user_client", Usage: "最大单用户连接", ValInt: 3}, {Typ: cfgInt, Name: "max_user_client", Usage: "最大单用户连接", ValInt: 3},
{Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 5}, {Typ: cfgInt, Name: "cstp_keepalive", Usage: "keepalive时间(秒)", ValInt: 3},
{Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 12}, {Typ: cfgInt, Name: "cstp_dpd", Usage: "死链接检测时间(秒)", ValInt: 20},
{Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 10}, {Typ: cfgInt, Name: "mobile_keepalive", Usage: "移动端keepalive接检测时间(秒)", ValInt: 4},
{Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 22}, {Typ: cfgInt, Name: "mobile_dpd", Usage: "移动端死链接检测时间(秒)", ValInt: 60},
{Typ: cfgInt, Name: "mtu", Usage: "最大传输单元MTU", ValInt: 1460}, {Typ: cfgInt, Name: "mtu", Usage: "最大传输单元MTU", ValInt: 1460},
{Typ: cfgInt, Name: "idle_timeout", Usage: "空闲链接超时时间(秒)-超时后断开链接0关闭此功能", ValInt: 7200}, {Typ: cfgInt, Name: "idle_timeout", Usage: "空闲链接超时时间(秒)-超时后断开链接0关闭此功能", ValInt: 0},
{Typ: cfgInt, Name: "session_timeout", Usage: "session过期时间(秒)-用于断线重连0永不过期", ValInt: 3600}, {Typ: cfgInt, Name: "session_timeout", Usage: "session过期时间(秒)-用于断线重连0永不过期", ValInt: 3600},
// {Typ: cfgInt, Name: "auth_timeout", Usage: "auth_timeout", ValInt: 0}, // {Typ: cfgInt, Name: "auth_timeout", Usage: "auth_timeout", ValInt: 0},
{Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),-1关闭", ValInt: 600}, {Typ: cfgInt, Name: "audit_interval", Usage: "审计去重间隔(秒),-1关闭", ValInt: 600},
@@ -69,6 +71,26 @@ var configs = []config{
{Typ: cfgInt, Name: "no_compress_limit", Usage: "低于及等于多少字节不压缩", ValInt: 256}, {Typ: cfgInt, Name: "no_compress_limit", Usage: "低于及等于多少字节不压缩", ValInt: 256},
{Typ: cfgBool, Name: "display_error", Usage: "客户端显示详细错误信息(线上环境慎开启)", ValBool: false}, {Typ: cfgBool, Name: "display_error", Usage: "客户端显示详细错误信息(线上环境慎开启)", ValBool: false},
{Typ: cfgBool, Name: "exclude_export_ip", Usage: "排除出口ip路由(出口ip不加密传输)", ValBool: true},
{Typ: cfgBool, Name: "auth_alone_otp", Usage: "登录单独验证OTP窗口", ValBool: false},
{Typ: cfgBool, Name: "encryption_password", Usage: "用户密码是否加密保存", ValBool: false},
{Typ: cfgBool, Name: "anti_brute_force", Usage: "是否开启防爆功能", ValBool: true},
{Typ: cfgStr, Name: "ip_whitelist", Usage: "全局IP白名单,多个用逗号分隔支持单IP和CIDR范围", ValStr: "192.168.90.1,172.16.0.0/24"},
{Typ: cfgInt, Name: "max_ban_score", Usage: "单位时间内最大尝试次数0为关闭该功能", ValInt: 5},
{Typ: cfgInt, Name: "ban_reset_time", Usage: "设置单位时间(秒),超过则重置计数", ValInt: 10},
{Typ: cfgInt, Name: "lock_time", Usage: "超过最大尝试次数后的锁定时长(秒)", ValInt: 300},
{Typ: cfgInt, Name: "max_global_user_ban_count", Usage: "全局用户单位时间内最大尝试次数0为关闭该功能", ValInt: 20},
{Typ: cfgInt, Name: "global_user_ban_reset_time", Usage: "全局用户设置单位时间(秒)", ValInt: 600},
{Typ: cfgInt, Name: "global_user_lock_time", Usage: "全局用户锁定时间(秒)", ValInt: 300},
{Typ: cfgInt, Name: "max_global_ip_ban_count", Usage: "全局IP单位时间内最大尝试次数0为关闭该功能", ValInt: 40},
{Typ: cfgInt, Name: "global_ip_ban_reset_time", Usage: "全局IP设置单位时间(秒)", ValInt: 1200},
{Typ: cfgInt, Name: "global_ip_lock_time", Usage: "全局IP锁定时间(秒)", ValInt: 300},
{Typ: cfgInt, Name: "global_lock_state_expiration_time", Usage: "全局锁定状态的保存生命周期(秒),超过则删除记录", ValInt: 3600},
} }
var envs = map[string]string{} var envs = map[string]string{}

11
server/base/mod.go
View File

@@ -22,7 +22,7 @@ var (
func initMod() { func initMod() {
container := os.Getenv(inContainerKey) container := os.Getenv(inContainerKey)
if container == "true" { if container == "on" {
InContainer = true InContainer = true
} }
log.Println("InContainer", InContainer) log.Println("InContainer", InContainer)
@@ -58,10 +58,9 @@ func CheckModOrLoad(mod string) {
// 文件存在 // 文件存在
return return
} }
err = fmt.Errorf("[error] Linux tunFile is null %s", tunPath) // err = fmt.Errorf("[error] Linux tunFile is null %s", tunPath)
log.Println(err) // log.Println(err)
return // return
// panic(err)
} }
if InContainer { if InContainer {
@@ -76,7 +75,7 @@ func CheckModOrLoad(mod string) {
cmd := exec.Command("sh", "-c", cmdstr) cmd := exec.Command("sh", "-c", cmdstr)
b, err := cmd.CombinedOutput() b, err := cmd.CombinedOutput()
if err != nil { if err != nil {
log.Println(string(b)) log.Println(mod, string(b))
panic(err) panic(err)
} }
} }

20
server/build_test.sh
View File

@@ -1,20 +0,0 @@
#!/bin/sh
# docker run -it --rm -v $PWD:/app -v /go:/go -w /app --platform=linux/arm64 golang:alpine3.19 sh build_test.sh
set -x
sed -i 's/dl-cdn.alpinelinux.org/mirrors.tuna.tsinghua.edu.cn/g' /etc/apk/repositories
export GOPROXY=https://goproxy.cn
apk add build-base tzdata gcc musl-dev upx
#go build -o anylink
go build -o anylink -ldflags "-s -w -extldflags '-static'"
go env
uname -a
./anylink -v

1
server/conf/profile.xml
View File

@@ -9,6 +9,7 @@
<RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols> <RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
<BypassDownloader>true</BypassDownloader> <BypassDownloader>true</BypassDownloader>
<AutoUpdate UserControllable="false">false</AutoUpdate> <AutoUpdate UserControllable="false">false</AutoUpdate>
<LocalLanAccess UserControllable="true">true</LocalLanAccess>
<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment> <WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
<LinuxVPNEstablishment>AllowRemoteUsers</LinuxVPNEstablishment> <LinuxVPNEstablishment>AllowRemoteUsers</LinuxVPNEstablishment>
<CertEnrollmentPin>pinAllowed</CertEnrollmentPin> <CertEnrollmentPin>pinAllowed</CertEnrollmentPin>

77
server/conf/server-sample.toml
View File

@@ -7,15 +7,24 @@
db_type = "sqlite3" db_type = "sqlite3"
db_source = "./conf/anylink.db" db_source = "./conf/anylink.db"
#证书文件 使用跟nginx一样的证书即可 #证书文件 使用跟nginx一样的证书即可
cert_file = "./conf/vpn_cert.crt" cert_file = "./conf/vpn_cert.pem"
cert_key = "./conf/vpn_cert.key" cert_key = "./conf/vpn_cert.key"
files_path = "./conf/files" files_path = "./conf/files"
profile = "./conf/profile.xml" profile = "./conf/profile.xml"
#日志目录,为空写入标准输出 #profile name(用于区分不同服务端的配置)
#客户端存放位置
#Windows 10
#%ProgramData%Cisco\Cisco AnyConnect Secure Mobility Client\Profile
#Mac Os X
#/opt/cisco/anyconnect/profile
#Linux
#/opt/cisco/anyconnect/profile
profile_name = "anylink"
#日志目录,默认为空写入标准输出
#log_path = "./log" #log_path = "./log"
log_path = "" log_path = ""
log_level = "debug" log_level = "debug"
pprof = false pprof = true
#系统名称 #系统名称
issuer = "XX公司VPN" issuer = "XX公司VPN"
@@ -32,9 +41,11 @@ jwt_secret = "abcdef.0123456789.abcdef"
#TCP服务监听地址(任意端口) #TCP服务监听地址(任意端口)
server_addr = ":443" server_addr = ":443"
#开启 DTLS #开启 DTLS
server_dtls = true server_dtls = false
#UDP监听地址(任意端口) #UDP监听地址(任意端口)
server_dtls_addr = ":443" server_dtls_addr = ":443"
#DTLS对外映射端口(为空则与server_dtls_addr相同)
advertise_dtls_addr = ""
#后台服务监听地址 #后台服务监听地址
admin_addr = ":8800" admin_addr = ":8800"
#开启tcp proxy protocol协议 #开启tcp proxy protocol协议
@@ -44,6 +55,7 @@ proxy_protocol = false
link_mode = "tun" link_mode = "tun"
#客户端分配的ip地址池 #客户端分配的ip地址池
#docker环境一般默认 eth0其他情况根据实际网卡信息填写
ipv4_master = "eth0" ipv4_master = "eth0"
ipv4_cidr = "192.168.90.0/24" ipv4_cidr = "192.168.90.0/24"
ipv4_gateway = "192.168.90.1" ipv4_gateway = "192.168.90.1"
@@ -61,23 +73,29 @@ ip_lease = 86400
default_group = "one" default_group = "one"
#客户端失效检测时间(秒) dpd > keepalive #客户端失效检测时间(秒) dpd > keepalive
cstp_keepalive = 5 cstp_keepalive = 3
cstp_dpd = 12 cstp_dpd = 20
mobile_keepalive = 10 mobile_keepalive = 4
mobile_dpd = 22 mobile_dpd = 60
# 根据实际情况修改
#cstp_keepalive = 20
#cstp_dpd = 30
#mobile_keepalive = 40
#mobile_dpd = 60
#设置最大传输单元 #设置最大传输单元
mtu = 1460 mtu = 1460
# 要发布的默认域 # 客户端dns的默认搜索
default_domain = "example.com" default_domain = "example.com"
#default_domain = "example.com abc.example.com" #default_domain = "example.com abc.example.com"
#空闲链接超时时间(秒)-超时后断开链接0关闭此功能 #空闲链接超时时间(秒)-超时后断开链接0关闭此功能
idle_timeout = 7200 idle_timeout = 0
#session过期时间用于断线重连0永不过期 #session过期时间用于断线重连0永不过期
session_timeout = 3600 session_timeout = 3600
auth_timeout = 0 #auth_timeout = 0
audit_interval = 600 audit_interval = 600
show_sql = false show_sql = false
@@ -93,4 +111,41 @@ no_compress_limit = 256
#客户端显示详细错误信息(线上环境慎开启) #客户端显示详细错误信息(线上环境慎开启)
display_error = false display_error = false
#排除出口ip路由(出口ip不加密传输)
exclude_export_ip = true
#登录单独验证OTP窗口
auth_alone_otp = false
#加密保存用户密码
encryption_password = false
#防爆破全局开关
anti_brute_force = true
#全局IP白名单,多个用逗号分隔支持单IP和CIDR范围
ip_whitelist = "192.168.90.1,172.16.0.0/24"
#锁定时间最好不要超过单位时间
#单位时间内最大尝试次数0为关闭该功能
max_ban_score = 5
#设置单位时间(秒),超过则重置计数
ban_reset_time = 600
#超过最大尝试次数后的锁定时长(秒)
lock_time = 300
#全局用户单位时间内最大尝试次数,0为关闭该功能
max_global_user_ban_count = 20
#全局用户设置单位时间(秒)
global_user_ban_reset_time = 600
#全局用户锁定时间(秒)
global_user_lock_time = 300
#全局IP单位时间内最大尝试次数0为关闭该功能
max_global_ip_ban_count = 40
#全局IP设置单位时间(秒)
global_ip_ban_reset_time = 1200
#全局IP锁定时间(秒)
global_ip_lock_time = 300
#全局锁定状态的保存生命周期(秒),超过则删除记录
global_lock_state_expiration_time = 3600

16
server/conf/server.toml
View File

@@ -7,9 +7,12 @@
db_type = "sqlite3" db_type = "sqlite3"
db_source = "./conf/anylink.db" db_source = "./conf/anylink.db"
#证书文件 #证书文件
cert_file = "./conf/vpn_cert.crt" cert_file = "./conf/vpn_cert.pem"
cert_key = "./conf/vpn_cert.key" cert_key = "./conf/vpn_cert.key"
files_path = "./conf/files" files_path = "./conf/files"
#日志目录,默认为空写入标准输出
#log_path = "./log"
log_level = "debug" log_level = "debug"
#系统名称 #系统名称
@@ -26,15 +29,21 @@ jwt_secret = "abcdef.0123456789.abcdef"
#TCP服务监听地址(任意端口) #TCP服务监听地址(任意端口)
server_addr = ":443" server_addr = ":443"
#开启 DTLS #开启 DTLS
server_dtls = true server_dtls = false
#UDP监听地址(任意端口) #UDP监听地址(任意端口)
server_dtls_addr = ":443" server_dtls_addr = ":443"
#后台服务监听地址 #后台服务监听地址
admin_addr = ":8800" admin_addr = ":8800"
#最大客户端数量
max_client = 200
#单个用户同时在线数量
max_user_client = 3
#虚拟网络类型[tun macvtap] #虚拟网络类型[tun macvtap]
link_mode = "tun" link_mode = "tun"
#客户端分配的ip地址池 #客户端分配的ip地址池
#docker环境一般默认 eth0其他情况根据实际网卡信息填写
ipv4_master = "eth0" ipv4_master = "eth0"
ipv4_cidr = "192.168.90.0/24" ipv4_cidr = "192.168.90.0/24"
ipv4_gateway = "192.168.90.1" ipv4_gateway = "192.168.90.1"
@@ -44,8 +53,5 @@ ipv4_end = "192.168.90.200"
#是否自动添加nat #是否自动添加nat
iptables_nat = true iptables_nat = true
#客户端显示详细错误信息(线上环境慎开启) #客户端显示详细错误信息(线上环境慎开启)
display_error = true display_error = true

0
server/conf/vpn_cert.crt → server/conf/vpn_cert.pem
View File

9
server/dbdata/cert.go
View File

@@ -400,12 +400,3 @@ func buildNameToCertificate(cert *tls.Certificate) {
nameToCertificate[san] = cert nameToCertificate[san] = cert
} }
} }
// func Scrypt(passwd string) string {
// salt := []byte{0xc8, 0x28, 0xf2, 0x58, 0xa7, 0x6a, 0xad, 0x7b}
// hashPasswd, err := scrypt.Key([]byte(passwd), salt, 1<<15, 8, 1, 32)
// if err != nil {
// return err.Error()
// }
// return base64.StdEncoding.EncodeToString(hashPasswd)
// }

43
server/dbdata/db.go
View File

@@ -1,9 +1,11 @@
package dbdata package dbdata
import ( import (
"net/http"
"time" "time"
"github.com/bjdgyc/anylink/base" "github.com/bjdgyc/anylink/base"
_ "github.com/denisenkom/go-mssqldb"
_ "github.com/go-sql-driver/mysql" _ "github.com/go-sql-driver/mysql"
_ "github.com/lib/pq" _ "github.com/lib/pq"
_ "github.com/mattn/go-sqlite3" _ "github.com/mattn/go-sqlite3"
@@ -21,13 +23,14 @@ func GetXdb() *xorm.Engine {
func initDb() { func initDb() {
var err error var err error
xdb, err = xorm.NewEngine(base.Cfg.DbType, base.Cfg.DbSource) xdb, err = xorm.NewEngine(base.Cfg.DbType, base.Cfg.DbSource)
// 初始化xorm时区
xdb.DatabaseTZ = time.Local
xdb.TZLocation = time.Local
if err != nil { if err != nil {
base.Fatal(err) base.Fatal(err)
} }
// 初始化xorm时区
xdb.DatabaseTZ = time.Local
xdb.TZLocation = time.Local
if base.Cfg.ShowSQL { if base.Cfg.ShowSQL {
xdb.ShowSQL(true) xdb.ShowSQL(true)
} }
@@ -121,6 +124,7 @@ func addInitData() error {
other := &SettingOther{ other := &SettingOther{
LinkAddr: "vpn.xx.com", LinkAddr: "vpn.xx.com",
Banner: "您已接入公司网络,请按照公司规定使用。\n请勿进行非工作下载及视频行为", Banner: "您已接入公司网络,请按照公司规定使用。\n请勿进行非工作下载及视频行为",
Homecode: http.StatusOK,
Homeindex: "AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同时在线使用。", Homeindex: "AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同时在线使用。",
AccountMail: accountMail, AccountMail: accountMail,
} }
@@ -142,10 +146,10 @@ func addInitData() error {
} }
g1 := Group{ g1 := Group{
Name: "ops", Name: "all",
AllowLan: true, AllowLan: true,
ClientDns: []ValData{{Val: "114.114.114.114"}}, ClientDns: []ValData{{Val: "114.114.114.114"}},
RouteInclude: []ValData{{Val: All}}, RouteInclude: []ValData{{Val: ALL}},
Status: 1, Status: 1,
} }
err = SetGroup(&g1) err = SetGroup(&g1)
@@ -153,6 +157,18 @@ func addInitData() error {
return err return err
} }
g2 := Group{
Name: "ops",
AllowLan: true,
ClientDns: []ValData{{Val: "114.114.114.114"}},
RouteInclude: []ValData{{Val: "10.0.0.0/8"}},
Status: 1,
}
err = SetGroup(&g2)
if err != nil {
return err
}
return nil return nil
} }
@@ -160,6 +176,9 @@ func CheckErrNotFound(err error) bool {
return err == ErrNotFound return err == ErrNotFound
} }
// base64 图片
// 用户动态码(请妥善保存):<br/>
// <img src="{{.OtpImgBase64}}"/><br/>
const accountMail = `<p>您好:</p> const accountMail = `<p>您好:</p>
<p>&nbsp;&nbsp;您的{{.Issuer}}账号已经审核开通。</p> <p>&nbsp;&nbsp;您的{{.Issuer}}账号已经审核开通。</p>
<p> <p>
@@ -167,19 +186,27 @@ const accountMail = `<p>您好:</p>
用户组: <b>{{.Group}}</b> <br/> 用户组: <b>{{.Group}}</b> <br/>
用户名: <b>{{.Username}}</b> <br/> 用户名: <b>{{.Username}}</b> <br/>
用户PIN码: <b>{{.PinCode}}</b> <br/> 用户PIN码: <b>{{.PinCode}}</b> <br/>
用户过期时间: <b>{{.LimitTime}}</b> <br/>
{{if .DisableOtp}}
<!-- nothing -->
{{else}}
<!-- <!--
用户动态码(3天后失效):<br/> 用户动态码(3天后失效):<br/>
<img src="{{.OtpImg}}"/> <img src="{{.OtpImg}}"/><br/>
--> -->
用户动态码(请妥善保存):<br/> 用户动态码(请妥善保存):<br/>
<img src="{{.OtpImgBase64}}"/> <img src="cid:userOtpQr.png" alt="userOtpQr" /><br/>
{{end}}
</p> </p>
<div> <div>
使用说明: 使用说明:
<ul> <ul>
<li>请使用OTP软件扫描动态码二维码</li> <li>请使用OTP软件扫描动态码二维码</li>
<li>然后使用anyconnect客户端进行登陆</li> <li>然后使用anyconnect客户端进行登陆</li>
<li>登陆密码为 PIN码+动态码】</li> <li>登陆密码为 PIN 码</li>
<li>OTP密码为扫码后生成的动态码</li>
</ul> </ul>
</div> </div>
<p> <p>

110
server/dbdata/group.go
View File

@@ -5,10 +5,12 @@ import (
"fmt" "fmt"
"net" "net"
"regexp" "regexp"
"strconv"
"strings" "strings"
"time" "time"
"github.com/bjdgyc/anylink/base" "github.com/bjdgyc/anylink/base"
"github.com/songgao/water/waterutil"
"golang.org/x/text/language" "golang.org/x/text/language"
"golang.org/x/text/message" "golang.org/x/text/message"
) )
@@ -16,7 +18,10 @@ import (
const ( const (
Allow = "allow" Allow = "allow"
Deny = "deny" Deny = "deny"
All = "all" ALL = "all"
TCP = "tcp"
UDP = "udp"
ICMP = "icmp"
) )
// 域名分流最大字符2万 // 域名分流最大字符2万
@@ -24,11 +29,14 @@ const DsMaxLen = 20000
type GroupLinkAcl struct { type GroupLinkAcl struct {
// 自上而下匹配 默认 allow * * // 自上而下匹配 默认 allow * *
Action string `json:"action"` // allow、deny Action string `json:"action"` // allow、deny
Val string `json:"val"` Protocol string `json:"protocol"` // 支持 ALL、TCP、UDP、ICMP 协议
Port uint16 `json:"port"` IpProto waterutil.IPProtocol `json:"ip_protocol"` // 判断协议使用
IpNet *net.IPNet `json:"ip_net"` Val string `json:"val"`
Note string `json:"note"` Port string `json:"port"` // 兼容单端口历史数据类型uint16
Ports map[uint16]int8 `json:"ports"`
IpNet *net.IPNet `json:"ip_net"`
Note string `json:"note"`
} }
type ValData struct { type ValData struct {
@@ -112,7 +120,7 @@ func SetGroup(g *Group) error {
routeInclude := []ValData{} routeInclude := []ValData{}
for _, v := range g.RouteInclude { for _, v := range g.RouteInclude {
if v.Val != "" { if v.Val != "" {
if v.Val == All { if v.Val == ALL {
routeInclude = append(routeInclude, v) routeInclude = append(routeInclude, v)
continue continue
} }
@@ -161,14 +169,74 @@ func SetGroup(g *Group) error {
return errors.New("GroupLinkAcl 错误" + err.Error()) return errors.New("GroupLinkAcl 错误" + err.Error())
} }
v.IpNet = ipNet v.IpNet = ipNet
linkAcl = append(linkAcl, v)
// 设置协议数据
switch v.Protocol {
case TCP:
v.IpProto = waterutil.TCP
case UDP:
v.IpProto = waterutil.UDP
case ICMP:
v.IpProto = waterutil.ICMP
default:
// 其他类型都是 all
v.Protocol = ALL
}
portsStr := v.Port
v.Port = strings.TrimSpace(portsStr)
// switch vp := v.Port.(type) {
// case float64:
// portsStr = strconv.Itoa(int(vp))
// case string:
// portsStr = vp
// }
if regexp.MustCompile(`^\d{1,5}(-\d{1,5})?(,\d{1,5}(-\d{1,5})?)*$`).MatchString(portsStr) {
ports := map[uint16]int8{}
for _, p := range strings.Split(portsStr, ",") {
if p == "" {
continue
}
if regexp.MustCompile(`^\d{1,5}-\d{1,5}$`).MatchString(p) {
rp := strings.Split(p, "-")
// portfrom, err := strconv.Atoi(rp[0])
portfrom, err := strconv.ParseUint(rp[0], 10, 16)
if err != nil {
return errors.New("端口:" + rp[0] + " 格式错误, " + err.Error())
}
// portto, err := strconv.Atoi(rp[1])
portto, err := strconv.ParseUint(rp[1], 10, 16)
if err != nil {
return errors.New("端口:" + rp[1] + " 格式错误, " + err.Error())
}
for i := portfrom; i <= portto; i++ {
ports[uint16(i)] = 1
}
} else {
port, err := strconv.ParseUint(p, 10, 16)
if err != nil {
return errors.New("端口:" + p + " 格式错误, " + err.Error())
}
ports[uint16(port)] = 1
}
}
v.Ports = ports
linkAcl = append(linkAcl, v)
} else {
return errors.New("端口: " + portsStr + " 格式错误,请用逗号分隔的端口,比如: 22,80,443 连续端口用-,比如:1234-5678")
}
} }
} }
g.LinkAcl = linkAcl g.LinkAcl = linkAcl
// DNS 判断 // DNS 判断
clientDns := []ValData{} clientDns := []ValData{}
for _, v := range g.ClientDns { for _, v := range g.ClientDns {
v.Val = strings.TrimSpace(v.Val)
if v.Val != "" { if v.Val != "" {
ip := net.ParseIP(v.Val) ip := net.ParseIP(v.Val)
if ip.String() != v.Val { if ip.String() != v.Val {
@@ -183,6 +251,20 @@ func SetGroup(g *Group) error {
return errors.New("默认路由必须设置一个DNS") return errors.New("默认路由必须设置一个DNS")
} }
g.ClientDns = clientDns g.ClientDns = clientDns
splitDns := []ValData{}
for _, v := range g.SplitDns {
v.Val = strings.TrimSpace(v.Val)
if v.Val != "" {
ValidateDomainName(v.Val)
if !ValidateDomainName(v.Val) {
return errors.New("域名 错误")
}
splitDns = append(splitDns, v)
}
}
g.SplitDns = splitDns
// 域名拆分隧道,不能同时填写 // 域名拆分隧道,不能同时填写
g.DsIncludeDomains = strings.TrimSpace(g.DsIncludeDomains) g.DsIncludeDomains = strings.TrimSpace(g.DsIncludeDomains)
g.DsExcludeDomains = strings.TrimSpace(g.DsExcludeDomains) g.DsExcludeDomains = strings.TrimSpace(g.DsExcludeDomains)
@@ -238,6 +320,15 @@ func SetGroup(g *Group) error {
return err return err
} }
func ContainsInPorts(ports map[uint16]int8, port uint16) bool {
_, ok := ports[port]
if ok {
return true
} else {
return false
}
}
func GroupAuthLogin(name, pwd string, authData map[string]interface{}) error { func GroupAuthLogin(name, pwd string, authData map[string]interface{}) error {
g := &Group{Auth: authData} g := &Group{Auth: authData}
authType := g.Auth["type"].(string) authType := g.Auth["type"].(string)
@@ -249,7 +340,8 @@ func GroupAuthLogin(name, pwd string, authData map[string]interface{}) error {
if err != nil { if err != nil {
return err return err
} }
err = auth.checkUser(name, pwd, g) ext := map[string]interface{}{}
err = auth.checkUser(name, pwd, g, ext)
return err return err
} }

2
server/dbdata/policy.go
View File

@@ -27,7 +27,7 @@ func SetPolicy(p *Policy) error {
routeInclude := []ValData{} routeInclude := []ValData{}
for _, v := range p.RouteInclude { for _, v := range p.RouteInclude {
if v.Val != "" { if v.Val != "" {
if v.Val == All { if v.Val == ALL {
routeInclude = append(routeInclude, v) routeInclude = append(routeInclude, v)
continue continue
} }

1
server/dbdata/setting.go
View File

@@ -29,6 +29,7 @@ type SettingAuditLog struct {
type SettingOther struct { type SettingOther struct {
LinkAddr string `json:"link_addr"` LinkAddr string `json:"link_addr"`
Banner string `json:"banner"` Banner string `json:"banner"`
Homecode int `json:"homecode"`
Homeindex string `json:"homeindex"` Homeindex string `json:"homeindex"`
AccountMail string `json:"account_mail"` AccountMail string `json:"account_mail"`
} }

13
server/dbdata/tables.go
View File

@@ -11,6 +11,7 @@ type Group struct {
Note string `json:"note" xorm:"varchar(255)"` Note string `json:"note" xorm:"varchar(255)"`
AllowLan bool `json:"allow_lan" xorm:"Bool"` AllowLan bool `json:"allow_lan" xorm:"Bool"`
ClientDns []ValData `json:"client_dns" xorm:"Text"` ClientDns []ValData `json:"client_dns" xorm:"Text"`
SplitDns []ValData `json:"split_dns" xorm:"Text"`
RouteInclude []ValData `json:"route_include" xorm:"Text"` RouteInclude []ValData `json:"route_include" xorm:"Text"`
RouteExclude []ValData `json:"route_exclude" xorm:"Text"` RouteExclude []ValData `json:"route_exclude" xorm:"Text"`
DsExcludeDomains string `json:"ds_exclude_domains" xorm:"Text"` DsExcludeDomains string `json:"ds_exclude_domains" xorm:"Text"`
@@ -29,7 +30,7 @@ type User struct {
Nickname string `json:"nickname" xorm:"varchar(255)"` Nickname string `json:"nickname" xorm:"varchar(255)"`
Email string `json:"email" xorm:"varchar(255)"` Email string `json:"email" xorm:"varchar(255)"`
// Password string `json:"password"` // Password string `json:"password"`
PinCode string `json:"pin_code" xorm:"varchar(32)"` PinCode string `json:"pin_code" xorm:"varchar(64)"`
LimitTime *time.Time `json:"limittime,omitempty" xorm:"Datetime limittime"` // 值为null时前端不显示 LimitTime *time.Time `json:"limittime,omitempty" xorm:"Datetime limittime"` // 值为null时前端不显示
OtpSecret string `json:"otp_secret" xorm:"varchar(255)"` OtpSecret string `json:"otp_secret" xorm:"varchar(255)"`
DisableOtp bool `json:"disable_otp" xorm:"Bool"` // 禁用otp DisableOtp bool `json:"disable_otp" xorm:"Bool"` // 禁用otp
@@ -45,7 +46,7 @@ type UserActLog struct {
Username string `json:"username" xorm:"varchar(60)"` Username string `json:"username" xorm:"varchar(60)"`
GroupName string `json:"group_name" xorm:"varchar(60)"` GroupName string `json:"group_name" xorm:"varchar(60)"`
IpAddr string `json:"ip_addr" xorm:"varchar(32)"` IpAddr string `json:"ip_addr" xorm:"varchar(32)"`
RemoteAddr string `json:"remote_addr" xorm:"varchar(32)"` RemoteAddr string `json:"remote_addr" xorm:"varchar(42)"`
Os uint8 `json:"os" xorm:"not null default 0 Int"` Os uint8 `json:"os" xorm:"not null default 0 Int"`
Client uint8 `json:"client" xorm:"not null default 0 Int"` Client uint8 `json:"client" xorm:"not null default 0 Int"`
Version string `json:"version" xorm:"varchar(15)"` Version string `json:"version" xorm:"varchar(15)"`
@@ -66,12 +67,12 @@ type Setting struct {
type AccessAudit struct { type AccessAudit struct {
Id int `json:"id" xorm:"pk autoincr not null"` Id int `json:"id" xorm:"pk autoincr not null"`
Username string `json:"username" xorm:"varchar(60) not null"` Username string `json:"username" xorm:"varchar(60) not null"`
Protocol uint8 `json:"protocol" xorm:"not null"` Protocol uint8 `json:"protocol" xorm:"Int not null"`
Src string `json:"src" xorm:"varchar(60) not null"` Src string `json:"src" xorm:"varchar(60) not null"`
SrcPort uint16 `json:"src_port" xorm:"not null"` SrcPort uint16 `json:"src_port" xorm:"Int not null"`
Dst string `json:"dst" xorm:"varchar(60) not null"` Dst string `json:"dst" xorm:"varchar(60) not null"`
DstPort uint16 `json:"dst_port" xorm:"not null"` DstPort uint16 `json:"dst_port" xorm:"Int not null"`
AccessProto uint8 `json:"access_proto" xorm:"default 0"` // 访问协议 AccessProto uint8 `json:"access_proto" xorm:"Int default 0"` // 访问协议
Info string `json:"info" xorm:"varchar(255) not null default ''"` // 详情 Info string `json:"info" xorm:"varchar(255) not null default ''"` // 详情
CreatedAt time.Time `json:"created_at" xorm:"DateTime"` CreatedAt time.Time `json:"created_at" xorm:"DateTime"`
} }

60
server/dbdata/user.go
View File

@@ -6,6 +6,7 @@ import (
"sync" "sync"
"time" "time"
"github.com/bjdgyc/anylink/base"
"github.com/bjdgyc/anylink/pkg/utils" "github.com/bjdgyc/anylink/pkg/utils"
"github.com/xlzd/gotp" "github.com/xlzd/gotp"
) )
@@ -67,7 +68,9 @@ func SetUser(v *User) error {
} }
// 验证用户登录信息 // 验证用户登录信息
func CheckUser(name, pwd, group string) error { func CheckUser(name, pwd, group string, ext map[string]interface{}) error {
base.Trace("CheckUser", name, pwd, group, ext)
// 获取登入的group数据 // 获取登入的group数据
groupData := &Group{} groupData := &Group{}
err := One("Name", group, groupData) err := One("Name", group, groupData)
@@ -81,7 +84,7 @@ func CheckUser(name, pwd, group string) error {
authType := groupData.Auth["type"].(string) authType := groupData.Auth["type"].(string)
// 本地认证方式 // 本地认证方式
if authType == "local" { if authType == "local" {
return checkLocalUser(name, pwd, group) return checkLocalUser(name, pwd, group, ext)
} }
// 其它认证方式, 支持自定义 // 其它认证方式, 支持自定义
_, ok := authRegistry[authType] _, ok := authRegistry[authType]
@@ -89,11 +92,11 @@ func CheckUser(name, pwd, group string) error {
return fmt.Errorf("%s %s", "未知的认证方式: ", authType) return fmt.Errorf("%s %s", "未知的认证方式: ", authType)
} }
auth := makeInstance(authType).(IUserAuth) auth := makeInstance(authType).(IUserAuth)
return auth.checkUser(name, pwd, groupData) return auth.checkUser(name, pwd, groupData, ext)
} }
// 验证本地用户登录信息 // 验证本地用户登录信息
func checkLocalUser(name, pwd, group string) error { func checkLocalUser(name, pwd, group string, ext map[string]interface{}) error {
// TODO 严重问题 // TODO 严重问题
// return nil // return nil
@@ -115,18 +118,29 @@ func checkLocalUser(name, pwd, group string) error {
if !utils.InArrStr(v.Groups, group) { if !utils.InArrStr(v.Groups, group) {
return fmt.Errorf("%s %s", name, "用户组错误") return fmt.Errorf("%s %s", name, "用户组错误")
} }
// 判断otp信息
pinCode := pwd pinCode := pwd
if !v.DisableOtp { if !base.Cfg.AuthAloneOtp {
pinCode = pwd[:pl-6] // 判断otp信息
otp := pwd[pl-6:] if !v.DisableOtp {
if !checkOtp(name, otp, v.OtpSecret) { pinCode = pwd[:pl-6]
return fmt.Errorf("%s %s", name, "动态码错误") otp := pwd[pl-6:]
if !CheckOtp(name, otp, v.OtpSecret) {
return fmt.Errorf("%s %s", name, "动态码错误")
}
} }
} }
// 判断用户密码 // 判断用户密码
if pinCode != v.PinCode { // 兼容明文密码
if len(v.PinCode) != 60 {
if pinCode != v.PinCode {
return fmt.Errorf("%s %s", name, "密码错误")
}
return nil
}
// 密文密码
if !utils.PasswordVerify(pinCode, v.PinCode) {
return fmt.Errorf("%s %s", name, "密码错误") return fmt.Errorf("%s %s", name, "密码错误")
} }
@@ -171,7 +185,7 @@ func init() {
} }
// 判断令牌信息 // 判断令牌信息
func checkOtp(name, otp, secret string) bool { func CheckOtp(name, otp, secret string) bool {
key := fmt.Sprintf("%s:%s", name, otp) key := fmt.Sprintf("%s:%s", name, otp)
userOtpMux.Lock() userOtpMux.Lock()
@@ -190,3 +204,25 @@ func checkOtp(name, otp, secret string) bool {
return verify return verify
} }
// 插入数据库前加密密码
func (u *User) BeforeInsert() {
if base.Cfg.EncryptionPassword {
hashedPassword, err := utils.PasswordHash(u.PinCode)
if err != nil {
base.Error(err)
}
u.PinCode = hashedPassword
}
}
// 更新数据库前加密密码
func (u *User) BeforeUpdate() {
if len(u.PinCode) != 60 && base.Cfg.EncryptionPassword {
hashedPassword, err := utils.PasswordHash(u.PinCode)
if err != nil {
base.Error(err)
}
u.PinCode = hashedPassword
}
}

48
server/dbdata/user_act_log.go
View File

@@ -1,6 +1,7 @@
package dbdata package dbdata
import ( import (
"net"
"net/url" "net/url"
"regexp" "regexp"
"strings" "strings"
@@ -12,17 +13,19 @@ import (
) )
const ( const (
UserAuthFail = 0 // 认证失败 UserAuthFail = 0 // 认证失败
UserAuthSuccess = 1 // 认证成功 UserAuthSuccess = 1 // 认证成功
UserConnected = 2 // 连线成功 UserConnected = 2 // 连线成功
UserLogout = 3 // 用户登出 UserLogout = 3 // 用户登出
UserLogoutLose = 0 // 用户掉线 UserLogoutLose = 0 // 用户掉线
UserLogoutBanner = 1 // 用户banner弹窗取消 UserLogoutBanner = 1 // 用户banner弹窗取消
UserLogoutClient = 2 // 用户主动登出 UserLogoutClient = 2 // 用户主动登出
UserLogoutTimeout = 3 // 用户超时登出 UserLogoutTimeout = 3 // 用户超时登出
UserLogoutAdmin = 4 // 账号被管理员踢下线 UserLogoutAdmin = 4 // 账号被管理员踢下线
UserLogoutExpire = 5 // 账号过期被踢下线 UserLogoutExpire = 5 // 账号过期被踢下线
UserIdleTimeout = 6 // 用户空闲链接超时 UserIdleTimeout = 6 // 用户空闲链接超时
UserLogoutOneAdmin = 7 // 账号被管理员一键下线
) )
type UserActLogProcess struct { type UserActLogProcess struct {
@@ -57,13 +60,14 @@ var (
3: "AnyLink", 3: "AnyLink",
}, },
InfoOps: []string{ // 信息 InfoOps: []string{ // 信息
UserLogoutLose: "用户掉线", UserLogoutLose: "用户掉线",
UserLogoutBanner: "用户取消弹窗/客户端发起的logout", UserLogoutBanner: "用户取消弹窗/客户端发起的logout",
UserLogoutClient: "用户/客户端主动断开", UserLogoutClient: "用户/客户端主动断开",
UserLogoutTimeout: "Session过期被踢下线", UserLogoutTimeout: "Session过期被踢下线",
UserLogoutAdmin: "账号被管理员踢下线", UserLogoutAdmin: "账号被管理员踢下线",
UserLogoutExpire: "账号过期被踢下线", UserLogoutExpire: "账号过期被踢下线",
UserIdleTimeout: "用户空闲链接超时", UserIdleTimeout: "用户空闲链接超时",
UserLogoutOneAdmin: "账号被管理员一键下线",
}, },
} }
) )
@@ -75,7 +79,8 @@ func (ua *UserActLogProcess) Add(u UserActLog, userAgent string) {
u.Os = os_idx u.Os = os_idx
u.Client = client_idx u.Client = client_idx
u.Version = ver u.Version = ver
u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0] // u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
u.RemoteAddr, _, _ = net.SplitHostPort(u.RemoteAddr)
// remove extra characters // remove extra characters
infoSlice := strings.Split(u.Info, " ") infoSlice := strings.Split(u.Info, " ")
infoLen := len(infoSlice) infoLen := len(infoSlice)
@@ -126,6 +131,9 @@ func (ua *UserActLogProcess) GetStatusOpsWithTag() interface{} {
} }
func (ua *UserActLogProcess) GetInfoOpsById(id uint8) string { func (ua *UserActLogProcess) GetInfoOpsById(id uint8) string {
if int(id) >= len(ua.InfoOps) {
return "未知的信息类型"
}
return ua.InfoOps[id] return ua.InfoOps[id]
} }
@@ -139,7 +147,7 @@ func (ua *UserActLogProcess) ParseUserAgent(userAgent string) (os_idx, client_id
os_idx = 0 os_idx = 0
if strings.Contains(userAgent, "windows") { if strings.Contains(userAgent, "windows") {
os_idx = 1 os_idx = 1
} else if strings.Contains(userAgent, "mac os") || strings.Contains(userAgent, "darwin_i386") { } else if strings.Contains(userAgent, "mac os") || strings.Contains(userAgent, "darwin_i386") || strings.Contains(userAgent, "darwin_amd64") || strings.Contains(userAgent, "darwin_arm64") {
os_idx = 2 os_idx = 2
} else if strings.Contains(userAgent, "darwin_arm") || strings.Contains(userAgent, "apple") { } else if strings.Contains(userAgent, "darwin_arm") || strings.Contains(userAgent, "apple") {
os_idx = 5 os_idx = 5

27
server/dbdata/user_test.go
View File

@@ -3,11 +3,12 @@ package dbdata
import ( import (
"testing" "testing"
"github.com/bjdgyc/anylink/base"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/xlzd/gotp"
) )
func TestCheckUser(t *testing.T) { func TestCheckUser(t *testing.T) {
base.Test()
ast := assert.New(t) ast := assert.New(t)
preIpData() preIpData()
@@ -25,20 +26,24 @@ func TestCheckUser(t *testing.T) {
ast.Equal(g.RouteInclude[0].IpMask, "192.168.1.0/255.255.255.0") ast.Equal(g.RouteInclude[0].IpMask, "192.168.1.0/255.255.255.0")
// 添加一个用户 // 添加一个用户
u := User{Username: "aaa", Groups: []string{group}, Status: 1} pincode := "a123456"
u := User{Username: "aaa", PinCode: pincode, Groups: []string{group}, Status: 1}
err = SetUser(&u) err = SetUser(&u)
ast.Nil(err) ast.Nil(err)
// 验证 PinCode + OtpSecret // 验证 PinCode + OtpSecret
totp := gotp.NewDefaultTOTP(u.OtpSecret) // totp := gotp.NewDefaultTOTP(u.OtpSecret)
secret := totp.Now() // secret := totp.Now()
err = CheckUser("aaa", u.PinCode+secret, group) // err = CheckUser("aaa", u.PinCode+secret, group)
ast.Nil(err) // ast.Nil(err)
// 单独验证密码 // 单独验证密码
u.DisableOtp = true u.DisableOtp = true
_ = SetUser(&u) _ = SetUser(&u)
err = CheckUser("aaa", u.PinCode, group) ext := map[string]any{
"mac_addr": "",
}
err = CheckUser("aaa", pincode, group, ext)
ast.Nil(err) ast.Nil(err)
// 添加一个radius组 // 添加一个radius组
@@ -53,9 +58,9 @@ func TestCheckUser(t *testing.T) {
g2 := Group{Name: group2, Status: 1, ClientDns: dns, RouteInclude: route, Auth: authData} g2 := Group{Name: group2, Status: 1, ClientDns: dns, RouteInclude: route, Auth: authData}
err = SetGroup(&g2) err = SetGroup(&g2)
ast.Nil(err) ast.Nil(err)
err = CheckUser("aaa", "bbbbbbb", group2) err = CheckUser("aaa", "bbbbbbb", group2, ext)
if ast.NotNil(err) { if ast.NotNil(err) {
ast.Equal("aaa Radius服务器连接异常, 请检测服务器和端口", err.Error()) ast.Contains(err.Error(), "aaa Radius服务器连接异常")
} }
// 添加用户策略 // 添加用户策略
dns2 := []ValData{{Val: "8.8.8.8"}} dns2 := []ValData{{Val: "8.8.8.8"}}
@@ -63,7 +68,7 @@ func TestCheckUser(t *testing.T) {
p1 := Policy{Username: "aaa", Status: 1, ClientDns: dns2, RouteInclude: route2} p1 := Policy{Username: "aaa", Status: 1, ClientDns: dns2, RouteInclude: route2}
err = SetPolicy(&p1) err = SetPolicy(&p1)
ast.Nil(err) ast.Nil(err)
err = CheckUser("aaa", u.PinCode, group) err = CheckUser("aaa", pincode, group, ext)
ast.Nil(err) ast.Nil(err)
// 添加一个ldap组 // 添加一个ldap组
group3 := "group3" group3 := "group3"
@@ -83,7 +88,7 @@ func TestCheckUser(t *testing.T) {
g3 := Group{Name: group3, Status: 1, ClientDns: dns, RouteInclude: route, Auth: authData} g3 := Group{Name: group3, Status: 1, ClientDns: dns, RouteInclude: route, Auth: authData}
err = SetGroup(&g3) err = SetGroup(&g3)
ast.Nil(err) ast.Nil(err)
err = CheckUser("aaa", "bbbbbbb", group3) err = CheckUser("aaa", "bbbbbbb", group3, ext)
if ast.NotNil(err) { if ast.NotNil(err) {
ast.Equal("aaa LDAP服务器连接异常, 请检测服务器和端口", err.Error()) ast.Equal("aaa LDAP服务器连接异常, 请检测服务器和端口", err.Error())
} }

2
server/dbdata/userauth.go
View File

@@ -9,7 +9,7 @@ var authRegistry = make(map[string]reflect.Type)
type IUserAuth interface { type IUserAuth interface {
checkData(authData map[string]interface{}) error checkData(authData map[string]interface{}) error
checkUser(name, pwd string, g *Group) error checkUser(name, pwd string, g *Group, ext map[string]interface{}) error
} }
func makeInstance(name string) interface{} { func makeInstance(name string) interface{} {

2
server/dbdata/userauth_ldap.go
View File

@@ -61,7 +61,7 @@ func (auth AuthLdap) checkData(authData map[string]interface{}) error {
return nil return nil
} }
func (auth AuthLdap) checkUser(name, pwd string, g *Group) error { func (auth AuthLdap) checkUser(name, pwd string, g *Group, ext map[string]interface{}) error {
pl := len(pwd) pl := len(pwd)
if name == "" || pl < 1 { if name == "" || pl < 1 {
return fmt.Errorf("%s %s", name, "密码错误") return fmt.Errorf("%s %s", name, "密码错误")

34
server/dbdata/userauth_radius.go
View File

@@ -5,9 +5,11 @@ import (
"encoding/json" "encoding/json"
"errors" "errors"
"fmt" "fmt"
"net"
"reflect" "reflect"
"time" "time"
"github.com/bjdgyc/anylink/base"
"layeh.com/radius" "layeh.com/radius"
"layeh.com/radius/rfc2865" "layeh.com/radius/rfc2865"
) )
@@ -15,6 +17,7 @@ import (
type AuthRadius struct { type AuthRadius struct {
Addr string `json:"addr"` Addr string `json:"addr"`
Secret string `json:"secret"` Secret string `json:"secret"`
Nasip string `json:"nasip"`
} }
func init() { func init() {
@@ -38,7 +41,7 @@ func (auth AuthRadius) checkData(authData map[string]interface{}) error {
return nil return nil
} }
func (auth AuthRadius) checkUser(name, pwd string, g *Group) error { func (auth AuthRadius) checkUser(name, pwd string, g *Group, ext map[string]interface{}) error {
pl := len(pwd) pl := len(pwd)
if name == "" || pl < 1 { if name == "" || pl < 1 {
return fmt.Errorf("%s %s", name, "密码错误") return fmt.Errorf("%s %s", name, "密码错误")
@@ -57,16 +60,39 @@ func (auth AuthRadius) checkUser(name, pwd string, g *Group) error {
} }
// radius认证时设置超时3秒 // radius认证时设置超时3秒
packet := radius.New(radius.CodeAccessRequest, []byte(auth.Secret)) packet := radius.New(radius.CodeAccessRequest, []byte(auth.Secret))
rfc2865.UserName_SetString(packet, name) err = rfc2865.UserName_SetString(packet, name)
rfc2865.UserPassword_SetString(packet, pwd) if err != nil {
return fmt.Errorf("%s %s", name, "Radius set name 出现错误")
}
err = rfc2865.UserPassword_SetString(packet, pwd)
if err != nil {
return fmt.Errorf("%s %s", name, "Radius set pwd 出现错误")
}
if auth.Nasip != "" {
nasip := net.ParseIP(auth.Nasip)
err = rfc2865.NASIPAddress_Set(packet, nasip)
if err != nil {
return fmt.Errorf("%s %s", name, "Radius set nasip 出现错误")
}
}
macAddr := ext["mac_addr"].(string)
base.Trace("AuthRadius", ext, macAddr)
if macAddr != "" {
err = rfc2865.CallingStationID_AddString(packet, macAddr)
if err != nil {
return fmt.Errorf("%s %s", name, "Radius set CallingStationID 出现错误")
}
}
ctx, done := context.WithTimeout(context.Background(), 3*time.Second) ctx, done := context.WithTimeout(context.Background(), 3*time.Second)
defer done() defer done()
response, err := radius.Exchange(ctx, packet, auth.Addr) response, err := radius.Exchange(ctx, packet, auth.Addr)
if err != nil { if err != nil {
return fmt.Errorf("%s %s", name, "Radius服务器连接异常, 请检测服务器和端口") return fmt.Errorf("%s %s %s", name, "Radius服务器连接异常, 请检测服务器和端口", err)
} }
if response.Code != radius.CodeAccessAccept { if response.Code != radius.CodeAccessAccept {
return fmt.Errorf("%s %s", name, "Radius用户名或密码错误") return fmt.Errorf("%s %s", name, "Radius用户名或密码错误")
} }
return nil return nil
} }

103
server/go.mod
View File

@@ -1,84 +1,95 @@
module github.com/bjdgyc/anylink module github.com/bjdgyc/anylink
go 1.20 go 1.22.0
toolchain go1.22.12
require ( require (
github.com/arl/statsviz v0.6.0 github.com/arl/statsviz v0.6.0
github.com/deckarep/golang-set v1.8.0 github.com/deckarep/golang-set v1.8.0
github.com/go-acme/lego/v4 v4.14.2 github.com/denisenkom/go-mssqldb v0.12.3
github.com/go-acme/lego/v4 v4.19.2
github.com/go-co-op/gocron v1.37.0 github.com/go-co-op/gocron v1.37.0
github.com/go-ldap/ldap v3.0.3+incompatible github.com/go-ldap/ldap v3.0.3+incompatible
github.com/go-sql-driver/mysql v1.7.1 github.com/go-sql-driver/mysql v1.8.1
github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1
github.com/golang-jwt/jwt/v4 v4.5.0 github.com/golang-jwt/jwt/v4 v4.5.1
github.com/google/gopacket v1.1.19 github.com/google/gopacket v1.1.19
github.com/gorilla/handlers v1.5.2 github.com/gorilla/handlers v1.5.2
github.com/gorilla/mux v1.8.1 github.com/gorilla/mux v1.8.1
github.com/ivpusic/grpool v1.0.0 github.com/ivpusic/grpool v1.0.0
github.com/lanrenwo/lzsgo v0.0.2 github.com/lanrenwo/lzsgo v0.0.2
github.com/lib/pq v1.10.9 github.com/lib/pq v1.10.9
github.com/mattn/go-sqlite3 v1.14.19 github.com/lorenzosaino/go-sysctl v0.3.1
github.com/mattn/go-sqlite3 v1.14.24
github.com/orcaman/concurrent-map v1.0.0 github.com/orcaman/concurrent-map v1.0.0
github.com/pion/dtls/v2 v2.2.9 github.com/pion/dtls/v2 v2.2.12
github.com/pion/logging v0.2.2 github.com/pion/logging v0.2.2
github.com/pires/go-proxyproto v0.7.0 github.com/pires/go-proxyproto v0.8.0
github.com/shirou/gopsutil v3.21.11+incompatible github.com/shirou/gopsutil v3.21.11+incompatible
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
github.com/songgao/packets v0.0.0-20160404182456-549a10cd4091 github.com/songgao/packets v0.0.0-20160404182456-549a10cd4091
github.com/songgao/water v0.0.0-20200317203138-2b4b6d7c09d8 github.com/songgao/water v0.0.0-20200317203138-2b4b6d7c09d8
github.com/spf13/cast v1.6.0 github.com/spf13/cast v1.7.0
github.com/spf13/cobra v1.8.0 github.com/spf13/cobra v1.8.1
github.com/spf13/viper v1.18.2 github.com/spf13/viper v1.19.0
github.com/stretchr/testify v1.8.4 github.com/stretchr/testify v1.10.0
github.com/xhit/go-simple-mail/v2 v2.16.0 github.com/xhit/go-simple-mail/v2 v2.16.0
github.com/xlzd/gotp v0.1.0 github.com/xlzd/gotp v0.1.0
github.com/xuri/excelize/v2 v2.8.0 github.com/xuri/excelize/v2 v2.9.0
go.uber.org/atomic v1.11.0 golang.org/x/crypto v0.32.0
golang.org/x/crypto v0.18.0 golang.org/x/net v0.33.0
golang.org/x/net v0.20.0 golang.org/x/text v0.21.0
golang.org/x/text v0.14.0 golang.org/x/time v0.7.0
golang.org/x/time v0.5.0
layeh.com/radius v0.0.0-20231213012653-1006025d24f8 layeh.com/radius v0.0.0-20231213012653-1006025d24f8
xorm.io/xorm v1.3.7 xorm.io/xorm v1.3.9
) )
require ( require (
github.com/aliyun/alibaba-cloud-sdk-go v1.62.664 // indirect filippo.io/edwards25519 v1.1.0 // indirect
github.com/cenkalti/backoff/v4 v4.2.1 // indirect github.com/BurntSushi/toml v1.4.0 // indirect
github.com/cloudflare/cloudflare-go v0.86.0 // indirect github.com/aliyun/alibaba-cloud-sdk-go v1.63.48 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/cloudflare/cloudflare-go v0.109.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-jose/go-jose/v3 v3.0.1 // indirect github.com/go-jose/go-jose/v4 v4.0.5 // indirect
github.com/go-test/deep v1.1.0 // indirect github.com/go-test/deep v1.1.0 // indirect
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
github.com/golang-sql/sqlexp v0.1.0 // indirect
github.com/google/go-querystring v1.1.0 // indirect github.com/google/go-querystring v1.1.0 // indirect
github.com/google/uuid v1.5.0 // indirect github.com/google/uuid v1.6.0 // indirect
github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect
github.com/miekg/dns v1.1.58 // indirect github.com/miekg/dns v1.1.62 // indirect
github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b // indirect
github.com/pelletier/go-toml/v2 v2.1.1 // indirect github.com/pelletier/go-toml/v2 v2.2.3 // indirect
github.com/pion/transport/v2 v2.2.4 // indirect github.com/pion/transport/v2 v2.2.10 // indirect
github.com/sagikazarmark/locafero v0.4.0 // indirect github.com/pion/transport/v3 v3.0.7 // indirect
github.com/sagikazarmark/locafero v0.6.0 // indirect
github.com/sagikazarmark/slog-shim v0.1.0 // indirect github.com/sagikazarmark/slog-shim v0.1.0 // indirect
github.com/sourcegraph/conc v0.3.0 // indirect github.com/sourcegraph/conc v0.3.0 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.846 // indirect github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1036 // indirect
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.846 // indirect github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1036 // indirect
github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92 // indirect github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92 // indirect
github.com/yusufpapurcu/wmi v1.2.3 // indirect github.com/yusufpapurcu/wmi v1.2.4 // indirect
go.uber.org/atomic v1.11.0 // indirect
go.uber.org/multierr v1.11.0 // indirect go.uber.org/multierr v1.11.0 // indirect
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a // indirect golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c // indirect
golang.org/x/mod v0.14.0 // indirect golang.org/x/exp/typeparams v0.0.0-20220613132600-b0d781184e0d // indirect
golang.org/x/tools v0.17.0 // indirect golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 // indirect
golang.org/x/mod v0.21.0 // indirect
golang.org/x/sync v0.10.0 // indirect
golang.org/x/tools v0.26.0 // indirect
honnef.co/go/tools v0.3.2 // indirect
) )
require ( require (
github.com/coreos/go-iptables v0.7.0 github.com/coreos/go-iptables v0.8.0
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/fsnotify/fsnotify v1.8.0 // indirect
github.com/go-ole/go-ole v1.3.0 // indirect github.com/go-ole/go-ole v1.3.0 // indirect
github.com/goccy/go-json v0.10.2 // indirect github.com/goccy/go-json v0.10.3 // indirect
github.com/golang/snappy v0.0.4 // indirect github.com/golang/snappy v0.0.4 // indirect
github.com/gorilla/websocket v1.5.1 // indirect github.com/gorilla/websocket v1.5.3 // indirect
github.com/hashicorp/hcl v1.0.0 // indirect github.com/hashicorp/hcl v1.0.0 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect github.com/json-iterator/go v1.1.12 // indirect
@@ -89,17 +100,17 @@ require (
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
github.com/richardlehane/mscfb v1.0.4 // indirect github.com/richardlehane/mscfb v1.0.4 // indirect
github.com/richardlehane/msoleps v1.0.3 // indirect github.com/richardlehane/msoleps v1.0.4 // indirect
github.com/robfig/cron/v3 v3.0.1 // indirect github.com/robfig/cron/v3 v3.0.1 // indirect
github.com/spf13/afero v1.11.0 // indirect github.com/spf13/afero v1.11.0 // indirect
github.com/spf13/pflag v1.0.5 // indirect github.com/spf13/pflag v1.0.5 // indirect
github.com/subosito/gotenv v1.6.0 // indirect github.com/subosito/gotenv v1.6.0 // indirect
github.com/syndtr/goleveldb v1.0.0 // indirect github.com/syndtr/goleveldb v1.0.0 // indirect
github.com/tklauser/go-sysconf v0.3.13 // indirect github.com/tklauser/go-sysconf v0.3.14 // indirect
github.com/tklauser/numcpus v0.7.0 // indirect github.com/tklauser/numcpus v0.9.0 // indirect
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 // indirect github.com/xuri/efp v0.0.0-20240408161823-9ad904a10d6d // indirect
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 // indirect github.com/xuri/nfp v0.0.0-20240318013403-ab9948c2c4a7 // indirect
golang.org/x/sys v0.16.0 // indirect golang.org/x/sys v0.29.0 // indirect
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect

254
server/go.sum
View File

@@ -1,20 +1,27 @@
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s= gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s=
gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:EXuID2Zs0pAQhH8yz+DNjUbjppKQzKFAn28TMYPB6IU= gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:EXuID2Zs0pAQhH8yz+DNjUbjppKQzKFAn28TMYPB6IU=
github.com/Azure/azure-sdk-for-go/sdk/azcore v0.19.0/go.mod h1:h6H6c8enJmmocHUbLiiGY6sx7f9i+X3m1CHdd5c6Rdw=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v0.11.0/go.mod h1:HcM1YX14R7CJcghJGOYCgdezslRSVzqwLf/q+4Y2r/0=
github.com/Azure/azure-sdk-for-go/sdk/internal v0.7.0/go.mod h1:yqy467j36fJxcRV2TzfVZ1pCb5vxm4BtZPUdYWe/Xo8=
github.com/BurntSushi/toml v1.4.0 h1:kuoIxZQy2WRRk1pttg9asf+WVv6tWQuBNVmK8+nqPr0=
github.com/BurntSushi/toml v1.4.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo= github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXYg9BVp4O+o5f6V/ehm6Oo=
github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
github.com/aliyun/alibaba-cloud-sdk-go v1.62.664 h1:6cNj+hrRbQiMDV5PLO7iYY2GfMtjRhuqsM9t1+UhJok= github.com/aliyun/alibaba-cloud-sdk-go v1.63.48 h1:f57dtSI1BJfF5FO7JJ7ljMh79Ae64nbbDfUOey5PBa0=
github.com/aliyun/alibaba-cloud-sdk-go v1.62.664/go.mod h1:CJJYa1ZMxjlN/NbXEwmejEnBkhi0DV+Yb3B2lxf+74o= github.com/aliyun/alibaba-cloud-sdk-go v1.63.48/go.mod h1:SOSDHfe1kX91v3W5QiBsWSLqeLxImobbMX1mxrFHsVQ=
github.com/arl/statsviz v0.6.0 h1:jbW1QJkEYQkufd//4NDYRSNBpwJNrdzPahF7ZmoGdyE= github.com/arl/statsviz v0.6.0 h1:jbW1QJkEYQkufd//4NDYRSNBpwJNrdzPahF7ZmoGdyE=
github.com/arl/statsviz v0.6.0/go.mod h1:0toboo+YGSUXDaS4g1D5TVS4dXs7S7YYT5J/qnW2h8s= github.com/arl/statsviz v0.6.0/go.mod h1:0toboo+YGSUXDaS4g1D5TVS4dXs7S7YYT5J/qnW2h8s=
github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/cloudflare/cloudflare-go v0.86.0 h1:jEKN5VHNYNYtfDL2lUFLTRo+nOVNPFxpXTstVx0rqHI= github.com/cloudflare/cloudflare-go v0.109.0 h1:Wjp+RfJD1lidIFUlrTBqUQnCBrUnmVsLxgzWYiURueg=
github.com/cloudflare/cloudflare-go v0.86.0/go.mod h1:wYW/5UP02TUfBToa/yKbQHV+r6h1NnJ1Je7XjuGM4Jw= github.com/cloudflare/cloudflare-go v0.109.0/go.mod h1:m492eNahT/9MsN7Ppnoge8AaI7QhVFtEgVm3I9HJFeU=
github.com/coreos/go-iptables v0.7.0 h1:XWM3V+MPRr5/q51NuWSgU0fqMad64Zyxs8ZUoMsamr8= github.com/coreos/go-iptables v0.8.0 h1:MPc2P89IhuVpLI7ETL/2tx3XZ61VeICZjYqDEgNsPRc=
github.com/coreos/go-iptables v0.7.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= github.com/coreos/go-iptables v0.8.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q=
github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -22,67 +29,70 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsPppp4= github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsPppp4=
github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo= github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo=
github.com/denisenkom/go-mssqldb v0.12.3 h1:pBSGx9Tq67pBOTLmxNuirNTeB8Vjmf886Kx+8Y+8shw=
github.com/denisenkom/go-mssqldb v0.12.3/go.mod h1:k0mtMFOnU+AihqFxPMiF05rtiDrorD1Vrm1KEz5hxDo=
github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo= github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k= github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8= github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M=
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
github.com/go-acme/lego/v4 v4.14.2 h1:/D/jqRgLi8Cbk33sLGtu2pX2jEg3bGJWHyV8kFuUHGM= github.com/go-acme/lego/v4 v4.19.2 h1:Y8hrmMvWETdqzzkRly7m98xtPJJivWFsgWi8fcvZo+Y=
github.com/go-acme/lego/v4 v4.14.2/go.mod h1:kBXxbeTg0x9AgaOYjPSwIeJy3Y33zTz+tMD16O4MO6c= github.com/go-acme/lego/v4 v4.19.2/go.mod h1:wtDe3dDkmV4/oI2nydpNXSJpvV10J9RCyZ6MbYxNtlQ=
github.com/go-co-op/gocron v1.37.0 h1:ZYDJGtQ4OMhTLKOKMIch+/CY70Brbb1dGdooLEhh7b0= github.com/go-co-op/gocron v1.37.0 h1:ZYDJGtQ4OMhTLKOKMIch+/CY70Brbb1dGdooLEhh7b0=
github.com/go-co-op/gocron v1.37.0/go.mod h1:3L/n6BkO7ABj+TrfSVXLRzsP26zmikL4ISkLQ0O8iNY= github.com/go-co-op/gocron v1.37.0/go.mod h1:3L/n6BkO7ABj+TrfSVXLRzsP26zmikL4ISkLQ0O8iNY=
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= github.com/go-jose/go-jose/v4 v4.0.5 h1:M6T8+mKZl/+fNNuFHvGIzDz7BTLQPIounk/b9dw3AaE=
github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-jose/go-jose/v4 v4.0.5/go.mod h1:s3P1lRrkT8igV8D9OjyL4WRyHvjB6a4JSllnOrmmBOA=
github.com/go-ldap/ldap v3.0.3+incompatible h1:HTeSZO8hWMS1Rgb2Ziku6b8a7qRIZZMHjsvuZyatzwk= github.com/go-ldap/ldap v3.0.3+incompatible h1:HTeSZO8hWMS1Rgb2Ziku6b8a7qRIZZMHjsvuZyatzwk=
github.com/go-ldap/ldap v3.0.3+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc= github.com/go-ldap/ldap v3.0.3+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc=
github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-ole/go-ole v1.2.6/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0=
github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE= github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE=
github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78= github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78=
github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg= github.com/go-test/deep v1.1.0 h1:WOcxcdHcvdgThNXjw0t76K42FXTU7HpNQWHpA2HHNlg=
github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE= github.com/go-test/deep v1.1.0/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a h1:RYfmiM0zluBJOiPDJseKLEN4BapJ42uSi9SZBQ2YyiA= github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1 h1:FWNFq4fM1wPfcK40yHE5UO3RUdSNPaBC+j3PokzA6OQ=
github.com/gocarina/gocsv v0.0.0-20231116093920-b87c2d0e983a/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI= github.com/gocarina/gocsv v0.0.0-20240520201108-78e41c74b4b1/go.mod h1:5YoVOkjYAQumqlV356Hj3xeYh4BdZuLE0/nRkf2NKkI=
github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= github.com/goccy/go-json v0.10.3 h1:KZ5WoDbxAIgm2HNbYckL0se1fHD6rz5j4ywS6ebzDqA=
github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= github.com/goccy/go-json v0.10.3/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A= github.com/goji/httpauth v0.0.0-20160601135302-2da839ab0f4d/go.mod h1:nnjvkQ9ptGaCkuDUx6wNykzzlUixGxvkme+H/lnzb+A=
github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0= github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 h1:au07oEsX2xN0ktxqI+Sida1w446QrXBRJ0nee3SNZlA=
github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
github.com/golang-sql/sqlexp v0.1.0 h1:ZCD6MBpcuOVfGVqsEmY5/4FtYiKz6tSyUv9LPEDei6A=
github.com/golang-sql/sqlexp v0.1.0/go.mod h1:J4ad9Vo8ZCWQ2GMrC4UCQy1JpCbwU9m3EOqtpKwwwHI=
github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM= github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8= github.com/google/gopacket v1.1.19 h1:ves8RnFZPGiFnTS0uPQStjwru6uO6h+nlr9j6fL7kF8=
github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo= github.com/google/gopacket v1.1.19/go.mod h1:iJ8V8n6KS+z2U1A8pUwu8bW5SyEMkXJB8Yo/Vo+TKTo=
github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE= github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE=
github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w= github.com/gorilla/handlers v1.5.2/go.mod h1:dX+xVpaxdSw+q0Qek8SSsl3dfMk3jNddUkMzo0GtH0w=
github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ=
github.com/gorilla/websocket v1.5.1 h1:gmztn0JnHVt9JZquRuzLw3g4wouNVzKL15iLr/zn/QY= github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
github.com/gorilla/websocket v1.5.1/go.mod h1:x3kM2JMyaluk02fnUJpQuwD2dCS5NDG2ZHL0uE0tcaY= github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ=
github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
@@ -91,20 +101,20 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/ivpusic/grpool v1.0.0 h1:+FCiCo3GhfsvzfXuJWnpJUNb/VaqyYVgG8C+qvh07Rc= github.com/ivpusic/grpool v1.0.0 h1:+FCiCo3GhfsvzfXuJWnpJUNb/VaqyYVgG8C+qvh07Rc=
github.com/ivpusic/grpool v1.0.0/go.mod h1:WPmiAI5ExAn06vg+0JzyPzXMQutJmpb7TrBtyLJkOHQ= github.com/ivpusic/grpool v1.0.0/go.mod h1:WPmiAI5ExAn06vg+0JzyPzXMQutJmpb7TrBtyLJkOHQ=
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
github.com/json-iterator/go v1.1.5/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes= github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs= github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
@@ -113,22 +123,24 @@ github.com/lanrenwo/lzsgo v0.0.2 h1:FA30LAaJFYLoaM17b+H32gA+5H+abjoomNLSA9HCbrI=
github.com/lanrenwo/lzsgo v0.0.2/go.mod h1:oxDZy2vgi6VBGIdvL80ayRMtIyXV+TbjavVuINXZY2k= github.com/lanrenwo/lzsgo v0.0.2/go.mod h1:oxDZy2vgi6VBGIdvL80ayRMtIyXV+TbjavVuINXZY2k=
github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
github.com/lorenzosaino/go-sysctl v0.3.1 h1:3phX80tdITw2fJjZlwbXQnDWs4S30beNcMbw0cn0HtY=
github.com/lorenzosaino/go-sysctl v0.3.1/go.mod h1:5grcsBRpspKknNS1qzt1eIeRDLrhpKZAtz8Fcuvs1Rc=
github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
github.com/mattn/go-sqlite3 v1.14.19 h1:fhGleo2h1p8tVChob4I9HpmVFIAkKGpiukdrgQbWfGI= github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBWDRM=
github.com/mattn/go-sqlite3 v1.14.19/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= github.com/miekg/dns v1.1.62 h1:cN8OuEF1/x5Rq6Np+h1epln8OiyPWV+lROx9LxcGgIQ=
github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= github.com/miekg/dns v1.1.62/go.mod h1:mvDlcItzm+br7MToIKqkglaGhlFMHJ9DTNNWONWXbNQ=
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8=
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 h1:RWengNIwukTxcDr9M+97sNutRR1RKhG96O6jWumTTnw=
github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
@@ -141,17 +153,20 @@ github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b h1:Ff
github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b/go.mod h1:AC62GU6hc0BrNm+9RK9VSiwa/EUe1bkIeFORAMcHvJU= github.com/opentracing/opentracing-go v1.2.1-0.20220228012449-10b1cf09e00b/go.mod h1:AC62GU6hc0BrNm+9RK9VSiwa/EUe1bkIeFORAMcHvJU=
github.com/orcaman/concurrent-map v1.0.0 h1:I/2A2XPCb4IuQWcQhBhSwGfiuybl/J0ev9HDbW65HOY= github.com/orcaman/concurrent-map v1.0.0 h1:I/2A2XPCb4IuQWcQhBhSwGfiuybl/J0ev9HDbW65HOY=
github.com/orcaman/concurrent-map v1.0.0/go.mod h1:Lu3tH6HLW3feq74c2GC+jIMS/K2CFcDWnWD9XkenwhI= github.com/orcaman/concurrent-map v1.0.0/go.mod h1:Lu3tH6HLW3feq74c2GC+jIMS/K2CFcDWnWD9XkenwhI=
github.com/pelletier/go-toml/v2 v2.1.1 h1:LWAJwfNvjQZCFIDKWYQaM62NcYeYViCmWIwmOStowAI= github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M=
github.com/pelletier/go-toml/v2 v2.1.1/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/pelletier/go-toml/v2 v2.2.3/go.mod h1:MfCQTFTvCcUyyvvwm1+G6H/jORL20Xlb6rzQu9GuUkc=
github.com/pion/dtls/v2 v2.2.9 h1:K+D/aVf9/REahQvqk6G5JavdrD8W1PWDKC11UlwN7ts= github.com/pion/dtls/v2 v2.2.12 h1:KP7H5/c1EiVAAKUmXyCzPiQe5+bCJrpOeKg/L05dunk=
github.com/pion/dtls/v2 v2.2.9/go.mod h1:8WiMkebSHFD0T+dIU+UeBaoV7kDhOW5oDCzZ7WZ/F9s= github.com/pion/dtls/v2 v2.2.12/go.mod h1:d9SYc9fch0CqK90mRk1dC7AkzzpwJj6u2GU3u+9pqFE=
github.com/pion/logging v0.2.2 h1:M9+AIj/+pxNsDfAT64+MAVgJO0rsyLnoJKCqf//DoeY= github.com/pion/logging v0.2.2 h1:M9+AIj/+pxNsDfAT64+MAVgJO0rsyLnoJKCqf//DoeY=
github.com/pion/logging v0.2.2/go.mod h1:k0/tDVsRCX2Mb2ZEmTqNa7CWsQPc+YYCB7Q+5pahoms= github.com/pion/logging v0.2.2/go.mod h1:k0/tDVsRCX2Mb2ZEmTqNa7CWsQPc+YYCB7Q+5pahoms=
github.com/pion/transport/v2 v2.2.1/go.mod h1:cXXWavvCnFF6McHTft3DWS9iic2Mftcz1Aq29pGcU5g=
github.com/pion/transport/v2 v2.2.4 h1:41JJK6DZQYSeVLxILA2+F4ZkKb4Xd/tFJZRFZQ9QAlo=
github.com/pion/transport/v2 v2.2.4/go.mod h1:q2U/tf9FEfnSBGSW6w5Qp5PFWRLRj3NjLhCCgpRK4p0= github.com/pion/transport/v2 v2.2.4/go.mod h1:q2U/tf9FEfnSBGSW6w5Qp5PFWRLRj3NjLhCCgpRK4p0=
github.com/pires/go-proxyproto v0.7.0 h1:IukmRewDQFWC7kfnb66CSomk2q/seBuilHBYFwyq0Hs= github.com/pion/transport/v2 v2.2.10 h1:ucLBLE8nuxiHfvkFKnkDQRYWYfp8ejf4YBOPfaQpw6Q=
github.com/pires/go-proxyproto v0.7.0/go.mod h1:Vz/1JPY/OACxWGQNIRY2BeyDmpoaWmEP40O9LbuiFR4= github.com/pion/transport/v2 v2.2.10/go.mod h1:sq1kSLWs+cHW9E+2fJP95QudkzbK7wscs8yYgQToO5E=
github.com/pion/transport/v3 v3.0.7 h1:iRbMH05BzSNwhILHoBoAPxoB9xQgOaJk+591KC9P1o0=
github.com/pion/transport/v3 v3.0.7/go.mod h1:YleKiTZ4vqNxVwh77Z0zytYi7rXHl7j6uPLGhhz9rwo=
github.com/pires/go-proxyproto v0.8.0 h1:5unRmEAPbHXHuLjDg01CxJWf91cw3lKHc/0xzKpXEe0=
github.com/pires/go-proxyproto v0.8.0/go.mod h1:iknsfgnH8EkjrMeMyvfKByp9TiBZCKZM0jx2xmKqnVY=
github.com/pkg/browser v0.0.0-20180916011732-0a3d74bf9ce4/go.mod h1:4OwLy04Bl9Ef3GJJCoec+30X3LQs/0/m4HFRt/2LUSA=
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -159,19 +174,21 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk= github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk=
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM= github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM=
github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk= github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk=
github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg= github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
github.com/richardlehane/msoleps v1.0.3 h1:aznSZzrwYRl3rLKRT3gUk9am7T/mLNSnJINvN0AQoVM= github.com/richardlehane/msoleps v1.0.4 h1:WuESlvhX3gH2IHcd8UqyCuFY5yiq/GR/yqaSM/9/g00=
github.com/richardlehane/msoleps v1.0.3/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg= github.com/richardlehane/msoleps v1.0.4/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs= github.com/robfig/cron/v3 v3.0.1 h1:WdRxkvbJztn8LMz/QEvLN5sBU+xKpSqwwUO1Pjr4qDs=
github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro= github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzGIFLtro=
github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o= github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ= github.com/sagikazarmark/locafero v0.6.0 h1:ON7AQg37yzcRPU69mt7gwhFEBwxI6P9T4Qu3N51bwOk=
github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4= github.com/sagikazarmark/locafero v0.6.0/go.mod h1:77OmuIc6VTraTXKXIs/uvUxKGUXjE1GbemJYHqdNjX0=
github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE= github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE=
github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ= github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI= github.com/shirou/gopsutil v3.21.11+incompatible h1:+1+c1VGhc88SSonWP6foOcLhvnKlUeu/erjjvaPEYiI=
@@ -186,39 +203,37 @@ github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9yS
github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0= github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= github.com/spf13/cast v1.7.0 h1:ntdiHjuueXFgm5nzDRdOS4yfT43P5Fnud6DH50rz/7w=
github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= github.com/spf13/cast v1.7.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
github.com/spf13/cobra v1.8.0 h1:7aJaZx1B85qltLMc546zn58BxxfZdR/W22ej9CFoEf0= github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
github.com/spf13/cobra v1.8.0/go.mod h1:WXLWApfZ71AjXPya3WOlMsY9yMs7YeiHhFVlvLyhcho= github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ= github.com/spf13/viper v1.19.0 h1:RWq5SEjt8o25SROyN3z2OrDB9l7RPd3lwTWU8EcEdcI=
github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk= github.com/spf13/viper v1.19.0/go.mod h1:GQUN9bilAbhU/jgc1bKs99f/suXKeUMct8Adx5+Ntkg=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8= github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU= github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE= github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ= github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.846 h1:5/fC1P4bzGmlHWmzgRgZ/pybS3er4dxpqa/yquF+YOQ= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1036 h1:B3GO+IBOrjrq8sN5bT9e8GMHWguHkyyGdNEos6cp5cE=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.846/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1036/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.846 h1:X3gwCrnd5FeCnk0cqIm7lfK5684zYrwRhhzlzHcjMVk= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1036 h1:lpDbM5GqLY67hGkndcRfledZf14sJaY+LOcHp5I4BkQ=
github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.846/go.mod h1:jHNnw3sqFpKGHLTewQ9x4pjiaB6Rn91RXKLWuFE9Bgg= github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.1036/go.mod h1:WuuxNlel804BVTQYrE9qauuiu2462Va04PlIr8/FVJY=
github.com/tklauser/go-sysconf v0.3.13 h1:GBUpcahXSpR2xN01jhkNAbTLRk2Yzgggk8IM08lq3r4= github.com/tklauser/go-sysconf v0.3.14 h1:g5vzr9iPFFz24v2KZXs/pvpvh8/V9Fw6vQK5ZZb78yU=
github.com/tklauser/go-sysconf v0.3.13/go.mod h1:zwleP4Q4OehZHGn4CYZDipCgg9usW5IJePewFCGVEa0= github.com/tklauser/go-sysconf v0.3.14/go.mod h1:1ym4lWMLUOhuBOPGtRcJm7tEGX4SCYNEEEtghGG/8uY=
github.com/tklauser/numcpus v0.7.0 h1:yjuerZP127QG9m5Zh/mSO4wqurYil27tHrqwRoRjpr4= github.com/tklauser/numcpus v0.9.0 h1:lmyCHtANi8aRUgkckBgoDk1nHCux3n2cgkJLXdQGPDo=
github.com/tklauser/numcpus v0.7.0/go.mod h1:bb6dMVcj8A42tSE7i32fsIUCbQNllK5iDguyOZRUzAY= github.com/tklauser/numcpus v0.9.0/go.mod h1:SN6Nq1O3VychhC1npsWostA+oW+VOQTxZrS604NSRyI=
github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208/go.mod h1:BzWtXXrXzZUvMacR0oF/fbDDgUPO8L36tDMmRAf14ns= github.com/toorop/go-dkim v0.0.0-20201103131630-e1cd1a0a5208/go.mod h1:BzWtXXrXzZUvMacR0oF/fbDDgUPO8L36tDMmRAf14ns=
github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92 h1:flbMkdl6HxQkLs6DDhH1UkcnFpNBOu70391STjMS0O4= github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92 h1:flbMkdl6HxQkLs6DDhH1UkcnFpNBOu70391STjMS0O4=
github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92/go.mod h1:BzWtXXrXzZUvMacR0oF/fbDDgUPO8L36tDMmRAf14ns= github.com/toorop/go-dkim v0.0.0-20240103092955-90b7d1423f92/go.mod h1:BzWtXXrXzZUvMacR0oF/fbDDgUPO8L36tDMmRAf14ns=
@@ -226,21 +241,20 @@ github.com/uber/jaeger-client-go v2.30.0+incompatible h1:D6wyKGCecFaSRUpo8lCVbaO
github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk= github.com/uber/jaeger-client-go v2.30.0+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk=
github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg= github.com/uber/jaeger-lib v2.4.1+incompatible h1:td4jdvLcExb4cBISKIpHuGoVXh+dVKhn2Um6rjCsSsg=
github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U= github.com/uber/jaeger-lib v2.4.1+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U=
github.com/wlynxg/anet v0.0.3/go.mod h1:eay5PRQr7fIVAMbTbchTnO9gG65Hg/uYGdc7mguHxoA=
github.com/xhit/go-simple-mail/v2 v2.16.0 h1:ouGy/Ww4kuaqu2E2UrDw7SvLaziWTB60ICLkIkNVccA= github.com/xhit/go-simple-mail/v2 v2.16.0 h1:ouGy/Ww4kuaqu2E2UrDw7SvLaziWTB60ICLkIkNVccA=
github.com/xhit/go-simple-mail/v2 v2.16.0/go.mod h1:b7P5ygho6SYE+VIqpxA6QkYfv4teeyG4MKqB3utRu98= github.com/xhit/go-simple-mail/v2 v2.16.0/go.mod h1:b7P5ygho6SYE+VIqpxA6QkYfv4teeyG4MKqB3utRu98=
github.com/xlzd/gotp v0.1.0 h1:37blvlKCh38s+fkem+fFh7sMnceltoIEBYTVXyoa5Po= github.com/xlzd/gotp v0.1.0 h1:37blvlKCh38s+fkem+fFh7sMnceltoIEBYTVXyoa5Po=
github.com/xlzd/gotp v0.1.0/go.mod h1:ndLJ3JKzi3xLmUProq4LLxCuECL93dG9WASNLpHz8qg= github.com/xlzd/gotp v0.1.0/go.mod h1:ndLJ3JKzi3xLmUProq4LLxCuECL93dG9WASNLpHz8qg=
github.com/xuri/efp v0.0.0-20230802181842-ad255f2331ca/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI= github.com/xuri/efp v0.0.0-20240408161823-9ad904a10d6d h1:llb0neMWDQe87IzJLS4Ci7psK/lVsjIS2otl+1WyRyY=
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 h1:Chd9DkqERQQuHpXjR/HSV1jLZA6uaoiwwH3vSuF3IW0= github.com/xuri/efp v0.0.0-20240408161823-9ad904a10d6d/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI=
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53/go.mod h1:ybY/Jr0T0GTCnYjKqmdwxyxn2BQf2RcQIIvex5QldPI= github.com/xuri/excelize/v2 v2.9.0 h1:1tgOaEq92IOEumR1/JfYS/eR0KHOCsRv/rYXXh6YJQE=
github.com/xuri/excelize/v2 v2.8.0 h1:Vd4Qy809fupgp1v7X+nCS/MioeQmYVVzi495UCTqB7U= github.com/xuri/excelize/v2 v2.9.0/go.mod h1:uqey4QBZ9gdMeWApPLdhm9x+9o2lq4iVmjiLfBS5hdE=
github.com/xuri/excelize/v2 v2.8.0/go.mod h1:6iA2edBTKxKbZAa7X5bDhcCg51xdOn1Ar5sfoXRGrQg= github.com/xuri/nfp v0.0.0-20240318013403-ab9948c2c4a7 h1:hPVCafDV85blFTabnqKgNhDCkJX25eik94Si9cTER4A=
github.com/xuri/nfp v0.0.0-20230819163627-dc951e3ffe1a/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ= github.com/xuri/nfp v0.0.0-20240318013403-ab9948c2c4a7/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 h1:qhbILQo1K3mphbwKh1vNm4oGezE1eF9fQWmNiIpSfI4=
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05/go.mod h1:WwHg+CVyzlv/TX9xqBFXEZAuxOPxn2k1GNHwG41IIUQ=
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
github.com/yusufpapurcu/wmi v1.2.3 h1:E1ctvB7uKFMOJw3fdOW32DwGE9I7t++CRUEMKvFoFiw= github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=
github.com/yusufpapurcu/wmi v1.2.3/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= github.com/yusufpapurcu/wmi v1.2.4/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0=
go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/atomic v1.9.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE= go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0= go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
@@ -248,85 +262,96 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg= golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY=
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a h1:Q8/wZp0KX97QFTc2ywcOE0YRjZPVIx+MXInMzdvQqcA= golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c h1:7dEasQXItcW1xKJ2+gg5VOiBnqWrJc+rq0DPKyvvdbY=
golang.org/x/exp v0.0.0-20240119083558-1b970713d09a/go.mod h1:idGWGoKP1toJGkd5/ig9ZLuPcZBC3ewk7SzmH0uou08= golang.org/x/exp v0.0.0-20241009180824-f66d83c29e7c/go.mod h1:NQtJDoLvd6faHhE7m4T/1IY708gDefGGjR/iUW8yQQ8=
golang.org/x/exp/typeparams v0.0.0-20220613132600-b0d781184e0d h1:+W8Qf4iJtMGKkyAygcKohjxTk4JPsL9DpzApJ22m5Ic=
golang.org/x/exp/typeparams v0.0.0-20220613132600-b0d781184e0d/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs= golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86hEcLt0YII63i6oz57MZXIpbrjZUs=
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
golang.org/x/image v0.11.0 h1:ds2RoQvBvYTiJkwpSFDwCcDFNX7DqjL2WsUgTNk0Ooo= golang.org/x/image v0.18.0 h1:jGzIakQa/ZXI1I0Fxvaa9W7yP25TqT6cHIHn+6CqvSQ=
golang.org/x/image v0.11.0/go.mod h1:bglhjqbqVuEb9e9+eNR45Jfu7D+T4Qan+NhQk8Ck2P8= golang.org/x/image v0.18.0/go.mod h1:4yyo5vMFQjVjUcVk4jEQcU9MGy/rulF5WvUILseCM2E=
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug=
golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= golang.org/x/mod v0.21.0 h1:vvrHzRwRfVKSiLrG+d4FMl/Qi4ukBCE6kZlTUkDYRT0=
golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.21.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210610132358-84b48f89b13b/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ=
golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -335,8 +360,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ=
golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= golang.org/x/tools v0.26.0/go.mod h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -355,7 +380,6 @@ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EV
gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
gopkg.in/ini.v1 v1.66.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
@@ -363,24 +387,38 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
honnef.co/go/tools v0.3.2 h1:ytYb4rOqyp1TSa2EPvNVwtPQJctSELKaMyLfqNP4+34=
honnef.co/go/tools v0.3.2/go.mod h1:jzwdWgg7Jdq75wlfblQxO4neNaFFSvgc1tD5Wv8U0Yw=
layeh.com/radius v0.0.0-20231213012653-1006025d24f8 h1:orYXpi6BJZdvgytfHH4ybOe4wHnLbbS71Cmd8mWdZjs= layeh.com/radius v0.0.0-20231213012653-1006025d24f8 h1:orYXpi6BJZdvgytfHH4ybOe4wHnLbbS71Cmd8mWdZjs=
layeh.com/radius v0.0.0-20231213012653-1006025d24f8/go.mod h1:QRf+8aRqXc019kHkpcs/CTgyWXFzf+bxlsyuo2nAl1o= layeh.com/radius v0.0.0-20231213012653-1006025d24f8/go.mod h1:QRf+8aRqXc019kHkpcs/CTgyWXFzf+bxlsyuo2nAl1o=
lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI= lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI=
lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw= modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw=
modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0=
modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw= modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw=
modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY=
modernc.org/libc v1.22.2 h1:4U7v51GyhlWqQmwCHj28Rdq2Yzwk55ovjFrdPjs8Hb0= modernc.org/libc v1.22.2 h1:4U7v51GyhlWqQmwCHj28Rdq2Yzwk55ovjFrdPjs8Hb0=
modernc.org/libc v1.22.2/go.mod h1:uvQavJ1pZ0hIoC/jfqNoMLURIMhKzINIWypNM17puug=
modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ= modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ=
modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
modernc.org/memory v1.4.0 h1:crykUfNSnMAXaOJnnxcSzbUGMqkLWjklJKkBK2nwZwk= modernc.org/memory v1.4.0 h1:crykUfNSnMAXaOJnnxcSzbUGMqkLWjklJKkBK2nwZwk=
modernc.org/memory v1.4.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4= modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
modernc.org/sqlite v1.20.4 h1:J8+m2trkN+KKoE7jglyHYYYiaq5xmz2HoHJIiBlRzbE= modernc.org/sqlite v1.20.4 h1:J8+m2trkN+KKoE7jglyHYYYiaq5xmz2HoHJIiBlRzbE=
modernc.org/sqlite v1.20.4/go.mod h1:zKcGyrICaxNTMEHSr1HQ2GUraP0j+845GYw37+EyT6A=
modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY= modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY=
modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
modernc.org/token v1.0.1 h1:A3qvTqOwexpfZZeyI0FeGPDlSWX5pjZu9hF4lU+EKWg= modernc.org/token v1.0.1 h1:A3qvTqOwexpfZZeyI0FeGPDlSWX5pjZu9hF4lU+EKWg=
modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
xorm.io/builder v0.3.13 h1:a3jmiVVL19psGeXx8GIurTp7p0IIgqeDmwhcR6BAOAo= xorm.io/builder v0.3.13 h1:a3jmiVVL19psGeXx8GIurTp7p0IIgqeDmwhcR6BAOAo=
xorm.io/builder v0.3.13/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE= xorm.io/builder v0.3.13/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
xorm.io/xorm v1.3.7 h1:mLceAGu0b87r9pD4qXyxGHxifOXIIrAdVcA6k95/osw= xorm.io/xorm v1.3.9 h1:TUovzS0ko+IQ1XnNLfs5dqK1cJl1H5uHpWbWqAQ04nU=
xorm.io/xorm v1.3.7/go.mod h1:LsCCffeeYp63ssk0pKumP6l96WZcHix7ChpurcLNuMw= xorm.io/xorm v1.3.9/go.mod h1:LsCCffeeYp63ssk0pKumP6l96WZcHix7ChpurcLNuMw=

4
server/handler/dtls.go
View File

@@ -32,8 +32,10 @@ func startDtls() {
logf := logging.NewDefaultLoggerFactory() logf := logging.NewDefaultLoggerFactory()
logf.Writer = base.GetBaseLw() logf.Writer = base.GetBaseLw()
// logf.DefaultLogLevel = logging.LogLevelTrace
logf.DefaultLogLevel = logging.LogLevelInfo logf.DefaultLogLevel = logging.LogLevelInfo
if base.GetLogLevel() == base.LogLevelTrace {
// logf.DefaultLogLevel = logging.LogLevelTrace
}
// https://github.com/pion/dtls/pull/369 // https://github.com/pion/dtls/pull/369
sessStore := &sessionStore{} sessStore := &sessionStore{}

137
server/handler/link_auth.go
View File

@@ -2,11 +2,9 @@ package handler
import ( import (
"bytes" "bytes"
"crypto/md5"
"encoding/xml" "encoding/xml"
"fmt" "fmt"
"io" "io"
"net"
"net/http" "net/http"
"net/http/httputil" "net/http/httputil"
"strings" "strings"
@@ -17,7 +15,10 @@ import (
"github.com/bjdgyc/anylink/sessdata" "github.com/bjdgyc/anylink/sessdata"
) )
var profileHash = "" var (
profileHash = ""
certHash = ""
)
func LinkAuth(w http.ResponseWriter, r *http.Request) { func LinkAuth(w http.ResponseWriter, r *http.Request) {
// TODO 调试信息输出 // TODO 调试信息输出
@@ -43,13 +44,17 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
} }
defer r.Body.Close() defer r.Body.Close()
cr := ClientRequest{} cr := &ClientRequest{
RemoteAddr: r.RemoteAddr,
UserAgent: userAgent,
}
err = xml.Unmarshal(body, &cr) err = xml.Unmarshal(body, &cr)
if err != nil { if err != nil {
base.Error(err)
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
return return
} }
// fmt.Printf("%+v \n", cr) base.Trace(fmt.Sprintf("%+v \n", cr))
// setCommonHeader(w) // setCommonHeader(w)
if cr.Type == "logout" { if cr.Type == "logout" {
// 退出删除session信息 // 退出删除session信息
@@ -72,8 +77,15 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
return return
} }
// 锁定状态判断
if !lockManager.CheckLocked(cr.Auth.Username, r.RemoteAddr) {
w.WriteHeader(http.StatusTooManyRequests)
return
}
// 用户活动日志 // 用户活动日志
ua := dbdata.UserActLog{ ua := &dbdata.UserActLog{
Username: cr.Auth.Username, Username: cr.Auth.Username,
GroupName: cr.GroupSelect, GroupName: cr.GroupSelect,
RemoteAddr: r.RemoteAddr, RemoteAddr: r.RemoteAddr,
@@ -81,13 +93,21 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
DeviceType: cr.DeviceId.DeviceType, DeviceType: cr.DeviceId.DeviceType,
PlatformVersion: cr.DeviceId.PlatformVersion, PlatformVersion: cr.DeviceId.PlatformVersion,
} }
sessionData := &AuthSession{
ClientRequest: cr,
UserActLog: ua,
}
// TODO 用户密码校验 // TODO 用户密码校验
err = dbdata.CheckUser(cr.Auth.Username, cr.Auth.Password, cr.GroupSelect) ext := map[string]interface{}{"mac_addr": cr.MacAddressList.MacAddress}
err = dbdata.CheckUser(cr.Auth.Username, cr.Auth.Password, cr.GroupSelect, ext)
if err != nil { if err != nil {
base.Warn(err) lockManager.UpdateLoginStatus(cr.Auth.Username, r.RemoteAddr, false) // 记录登录失败状态
base.Warn(err, r.RemoteAddr)
ua.Info = err.Error() ua.Info = err.Error()
ua.Status = dbdata.UserAuthFail ua.Status = dbdata.UserAuthFail
dbdata.UserActLogIns.Add(ua, userAgent) dbdata.UserActLogIns.Add(*ua, userAgent)
w.WriteHeader(http.StatusOK) w.WriteHeader(http.StatusOK)
data := RequestData{Group: cr.GroupSelect, Groups: dbdata.GetGroupNamesNormal(), Error: "用户名或密码错误"} data := RequestData{Group: cr.GroupSelect, Groups: dbdata.GetGroupNamesNormal(), Error: "用户名或密码错误"}
@@ -97,72 +117,63 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
tplRequest(tpl_request, w, data) tplRequest(tpl_request, w, data)
return return
} }
dbdata.UserActLogIns.Add(ua, userAgent) dbdata.UserActLogIns.Add(*ua, userAgent)
// if !ok {
// w.WriteHeader(http.StatusOK)
// data := RequestData{Group: cr.GroupSelect, Groups: base.Cfg.UserGroups, Error: "请先激活用户"}
// tplRequest(tpl_request, w, data)
// return
// }
// 创建新的session信息 v := &dbdata.User{}
sess := sessdata.NewSession("") err = dbdata.One("Username", cr.Auth.Username, v)
sess.Username = cr.Auth.Username
sess.Group = cr.GroupSelect
oriMac := cr.MacAddressList.MacAddress
sess.UniqueIdGlobal = cr.DeviceId.UniqueIdGlobal
sess.UserAgent = userAgent
sess.DeviceType = ua.DeviceType
sess.PlatformVersion = ua.PlatformVersion
sess.RemoteAddr = r.RemoteAddr
// 获取客户端mac地址
sess.UniqueMac = true
macHw, err := net.ParseMAC(oriMac)
if err != nil { if err != nil {
var sum [16]byte base.Info("正在使用第三方认证方式登录")
if sess.UniqueIdGlobal != "" { CreateSession(w, r, sessionData)
sum = md5.Sum([]byte(sess.UniqueIdGlobal)) return
} else {
sum = md5.Sum([]byte(sess.Token))
sess.UniqueMac = false
}
macHw = sum[0:5] // 5个byte
macHw = append([]byte{0x02}, macHw...)
sess.MacAddr = macHw.String()
} }
sess.MacHw = macHw // 用户otp验证
// 统一macAddr的格式 if base.Cfg.AuthAloneOtp && !v.DisableOtp {
sess.MacAddr = macHw.String() lockManager.UpdateLoginStatus(cr.Auth.Username, r.RemoteAddr, true) // 重置OTP验证计数
other := &dbdata.SettingOther{} sessionID, err := GenerateSessionID()
_ = dbdata.SettingGet(other) if err != nil {
rd := RequestData{SessionId: sess.Sid, SessionToken: sess.Sid + "@" + sess.Token, base.Error("Failed to generate session ID: ", err)
Banner: other.Banner, ProfileHash: profileHash} http.Error(w, "Failed to generate session ID", http.StatusInternalServerError)
w.WriteHeader(http.StatusOK) return
tplRequest(tpl_complete, w, rd) }
base.Debug("login", cr.Auth.Username, userAgent)
sessionData.ClientRequest.Auth.OtpSecret = v.OtpSecret
SessStore.SaveAuthSession(sessionID, sessionData)
SetCookie(w, "auth-session-id", sessionID, 0)
data := RequestData{}
w.WriteHeader(http.StatusOK)
tplRequest(tpl_otp, w, data)
return
}
CreateSession(w, r, sessionData)
} }
const ( const (
tpl_request = iota tpl_request = iota
tpl_complete tpl_complete
tpl_otp
) )
func tplRequest(typ int, w io.Writer, data RequestData) { func tplRequest(typ int, w io.Writer, data RequestData) {
if typ == tpl_request { switch typ {
case tpl_request:
t, _ := template.New("auth_request").Parse(auth_request) t, _ := template.New("auth_request").Parse(auth_request)
_ = t.Execute(w, data) _ = t.Execute(w, data)
return case tpl_complete:
if data.Banner != "" {
buf := new(bytes.Buffer)
_ = xml.EscapeText(buf, []byte(data.Banner))
data.Banner = buf.String()
}
t, _ := template.New("auth_complete").Parse(auth_complete)
_ = t.Execute(w, data)
case tpl_otp:
t, _ := template.New("auth_otp").Parse(auth_otp)
_ = t.Execute(w, data)
} }
if data.Banner != "" {
buf := new(bytes.Buffer)
_ = xml.EscapeText(buf, []byte(data.Banner))
data.Banner = buf.String()
}
t, _ := template.New("auth_complete").Parse(auth_complete)
_ = t.Execute(w, data)
} }
// 设置输出信息 // 设置输出信息
@@ -175,7 +186,9 @@ type RequestData struct {
SessionId string SessionId string
SessionToken string SessionToken string
Banner string Banner string
ProfileName string
ProfileHash string ProfileHash string
CertHash string
} }
var auth_request = `<?xml version="1.0" encoding="UTF-8"?> var auth_request = `<?xml version="1.0" encoding="UTF-8"?>
@@ -221,13 +234,13 @@ var auth_complete = `<?xml version="1.0" encoding="UTF-8"?>
</capabilities> </capabilities>
<config client="vpn" type="private"> <config client="vpn" type="private">
<vpn-base-config> <vpn-base-config>
<server-cert-hash>240B97A685B2BFA66AD699B90AAC49EA66495D69</server-cert-hash> <server-cert-hash>{{.CertHash}}</server-cert-hash>
</vpn-base-config> </vpn-base-config>
<opaque is-for="vpn-client"></opaque> <opaque is-for="vpn-client"></opaque>
<vpn-profile-manifest> <vpn-profile-manifest>
<vpn rev="1.0"> <vpn rev="1.0">
<file type="profile" service-type="user"> <file type="profile" service-type="user">
<uri>/profile.xml</uri> <uri>/profile_{{.ProfileName}}.xml</uri>
<hash type="sha1">{{.ProfileHash}}</hash> <hash type="sha1">{{.ProfileHash}}</hash>
</file> </file>
</vpn> </vpn>

242
server/handler/link_auth_otp.go Normal file
View File

@@ -0,0 +1,242 @@
package handler
import (
"crypto/md5"
"encoding/xml"
"fmt"
"io"
"net"
"net/http"
"sync"
"github.com/bjdgyc/anylink/admin"
"github.com/bjdgyc/anylink/base"
"github.com/bjdgyc/anylink/dbdata"
"github.com/bjdgyc/anylink/pkg/utils"
"github.com/bjdgyc/anylink/sessdata"
)
var SessStore = NewSessionStore()
var lockManager = admin.GetLockManager()
// const maxOtpErrCount = 3
type AuthSession struct {
ClientRequest *ClientRequest
UserActLog *dbdata.UserActLog
// OtpErrCount atomic.Uint32 // otp错误次数
}
// 存储临时会话信息
type SessionStore struct {
session map[string]*AuthSession
mu sync.Mutex
}
func NewSessionStore() *SessionStore {
return &SessionStore{
session: make(map[string]*AuthSession),
}
}
func (s *SessionStore) SaveAuthSession(sessionID string, session *AuthSession) {
s.mu.Lock()
defer s.mu.Unlock()
s.session[sessionID] = session
}
func (s *SessionStore) GetAuthSession(sessionID string) (*AuthSession, error) {
s.mu.Lock()
defer s.mu.Unlock()
session, exists := s.session[sessionID]
if !exists {
return nil, fmt.Errorf("auth session not found")
}
return session, nil
}
func (s *SessionStore) DeleteAuthSession(sessionID string) {
s.mu.Lock()
defer s.mu.Unlock()
delete(s.session, sessionID)
}
// func (a *AuthSession) AddOtpErrCount(i int) int {
// newI := a.OtpErrCount.Add(uint32(i))
// return int(newI)
// }
func GenerateSessionID() (string, error) {
sessionID := utils.RandomRunes(32)
if sessionID == "" {
return "", fmt.Errorf("failed to generate session ID")
}
return sessionID, nil
}
func SetCookie(w http.ResponseWriter, name, value string, maxAge int) {
cookie := &http.Cookie{
Name: name,
Value: value,
MaxAge: maxAge,
Path: "/",
HttpOnly: true,
Secure: true,
SameSite: http.SameSiteLaxMode,
}
http.SetCookie(w, cookie)
}
func GetCookie(r *http.Request, name string) (string, error) {
cookie, err := r.Cookie(name)
if err != nil {
return "", fmt.Errorf("failed to get cookie: %v", err)
}
return cookie.Value, nil
}
func DeleteCookie(w http.ResponseWriter, name string) {
cookie := &http.Cookie{
Name: name,
Value: "",
MaxAge: -1,
Path: "/",
HttpOnly: true,
Secure: true,
SameSite: http.SameSiteStrictMode,
}
http.SetCookie(w, cookie)
}
func CreateSession(w http.ResponseWriter, r *http.Request, authSession *AuthSession) {
cr := authSession.ClientRequest
ua := authSession.UserActLog
lockManager.UpdateLoginStatus(cr.Auth.Username, r.RemoteAddr, true) // 更新登录成功状态
sess := sessdata.NewSession("")
sess.Username = cr.Auth.Username
sess.Group = cr.GroupSelect
oriMac := cr.MacAddressList.MacAddress
sess.UniqueIdGlobal = cr.DeviceId.UniqueIdGlobal
sess.UserAgent = cr.UserAgent
sess.DeviceType = ua.DeviceType
sess.PlatformVersion = ua.PlatformVersion
sess.RemoteAddr = cr.RemoteAddr
// 获取客户端mac地址
sess.UniqueMac = true
macHw, err := net.ParseMAC(oriMac)
if err != nil {
var sum [16]byte
if sess.UniqueIdGlobal != "" {
sum = md5.Sum([]byte(sess.UniqueIdGlobal))
} else {
sum = md5.Sum([]byte(sess.Token))
sess.UniqueMac = false
}
macHw = sum[0:5] // 5个byte
macHw = append([]byte{0x02}, macHw...)
sess.MacAddr = macHw.String()
}
sess.MacHw = macHw
// 统一macAddr的格式
sess.MacAddr = macHw.String()
other := &dbdata.SettingOther{}
dbdata.SettingGet(other)
rd := RequestData{
SessionId: sess.Sid,
SessionToken: sess.Sid + "@" + sess.Token,
Banner: other.Banner,
ProfileName: base.Cfg.ProfileName,
ProfileHash: profileHash,
CertHash: certHash,
}
w.WriteHeader(http.StatusOK)
tplRequest(tpl_complete, w, rd)
base.Info("login", cr.Auth.Username, cr.UserAgent)
}
func LinkAuth_otp(w http.ResponseWriter, r *http.Request) {
sessionID, err := GetCookie(r, "auth-session-id")
if err != nil {
http.Error(w, "Invalid session, please login again", http.StatusUnauthorized)
return
}
sessionData, err := SessStore.GetAuthSession(sessionID)
if err != nil {
http.Error(w, "Invalid session, please login again", http.StatusUnauthorized)
return
}
body, err := io.ReadAll(r.Body)
if err != nil {
base.Error(err)
SessStore.DeleteAuthSession(sessionID)
w.WriteHeader(http.StatusBadRequest)
return
}
defer r.Body.Close()
cr := ClientRequest{}
err = xml.Unmarshal(body, &cr)
if err != nil {
base.Error(err)
SessStore.DeleteAuthSession(sessionID)
w.WriteHeader(http.StatusBadRequest)
return
}
ua := sessionData.UserActLog
username := sessionData.ClientRequest.Auth.Username
otpSecret := sessionData.ClientRequest.Auth.OtpSecret
otp := cr.Auth.SecondaryPassword
// 锁定状态判断
if !lockManager.CheckLocked(username, r.RemoteAddr) {
w.WriteHeader(http.StatusTooManyRequests)
SessStore.DeleteAuthSession(sessionID)
return
}
// 动态码错误
if !dbdata.CheckOtp(username, otp, otpSecret) {
lockManager.UpdateLoginStatus(username, r.RemoteAddr, false) // 记录登录失败状态
base.Warn("OTP 动态码错误", username, r.RemoteAddr)
ua.Info = "OTP 动态码错误"
ua.Status = dbdata.UserAuthFail
dbdata.UserActLogIns.Add(*ua, sessionData.ClientRequest.UserAgent)
w.WriteHeader(http.StatusOK)
data := RequestData{Error: "请求错误"}
if base.Cfg.DisplayError {
data.Error = "OTP 动态码错误"
}
tplRequest(tpl_otp, w, data)
return
}
CreateSession(w, r, sessionData)
// 删除临时会话信息
SessStore.DeleteAuthSession(sessionID)
// DeleteCookie(w, "auth-session-id")
}
var auth_otp = `<?xml version="1.0" encoding="UTF-8"?>
<config-auth client="vpn" type="auth-request" aggregate-auth-version="2">
<auth id="otp-verification">
<title>OTP 动态码验证</title>
<message>请输入您的 OTP 动态码</message>
{{if .Error}}
<error id="otp-verification" param1="{{.Error}}" param2="">验证失败: %s</error>
{{end}}
<form method="post" action="/otp-verification">
<input type="password" name="secondary_password" label="OTPCode:"/>
</form>
</auth>
</config-auth>`

8
server/handler/link_base.go
View File

@@ -2,8 +2,9 @@ package handler
import ( import (
"encoding/xml" "encoding/xml"
"log"
"os/exec" "os/exec"
"github.com/bjdgyc/anylink/base"
) )
const BufferSize = 2048 const BufferSize = 2048
@@ -16,6 +17,8 @@ type ClientRequest struct {
Version string `xml:"version"` // 客户端版本号 Version string `xml:"version"` // 客户端版本号
GroupAccess string `xml:"group-access"` // 请求的地址 GroupAccess string `xml:"group-access"` // 请求的地址
GroupSelect string `xml:"group-select"` // 选择的组名 GroupSelect string `xml:"group-select"` // 选择的组名
RemoteAddr string `xml:"remote_addr"`
UserAgent string `xml:"user_agent"`
SessionId string `xml:"session-id"` SessionId string `xml:"session-id"`
SessionToken string `xml:"session-token"` SessionToken string `xml:"session-token"`
Auth auth `xml:"auth"` Auth auth `xml:"auth"`
@@ -26,6 +29,7 @@ type ClientRequest struct {
type auth struct { type auth struct {
Username string `xml:"username"` Username string `xml:"username"`
Password string `xml:"password"` Password string `xml:"password"`
OtpSecret string `xml:"otp_secret"`
SecondaryPassword string `xml:"secondary_password"` SecondaryPassword string `xml:"secondary_password"`
} }
@@ -46,7 +50,7 @@ func execCmd(cmdStrs []string) error {
cmd := exec.Command("sh", "-c", cmdStr) cmd := exec.Command("sh", "-c", cmdStr)
b, err := cmd.CombinedOutput() b, err := cmd.CombinedOutput()
if err != nil { if err != nil {
log.Println(string(b)) base.Error(cmdStr, string(b))
return err return err
} }
} }

28
server/handler/link_cstp.go
View File

@@ -25,9 +25,9 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
n int n int
dataLen uint16 dataLen uint16
dead = time.Second * time.Duration(cSess.CstpDpd+5) dead = time.Second * time.Duration(cSess.CstpDpd+5)
idle = time.Second * time.Duration(base.Cfg.IdleTimeout) idle = int64(base.Cfg.IdleTimeout)
checkIdle = base.Cfg.IdleTimeout > 0 checkIdle = base.Cfg.IdleTimeout > 0
lastTime time.Time lastTime int64
) )
go cstpWrite(conn, bufRW, cSess) go cstpWrite(conn, bufRW, cSess)
@@ -37,14 +37,14 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
// 设置超时限制 // 设置超时限制
err = conn.SetReadDeadline(utils.NowSec().Add(dead)) err = conn.SetReadDeadline(utils.NowSec().Add(dead))
if err != nil { if err != nil {
base.Error("SetDeadline: ", cSess.Username, err) base.Error("SetDeadline: ", cSess.Username, cSess.IpAddr, err)
return return
} }
// hdata := make([]byte, BufferSize) // hdata := make([]byte, BufferSize)
pl := getPayload() pl := getPayload()
n, err = bufRW.Read(pl.Data) n, err = bufRW.Read(pl.Data)
if err != nil { if err != nil {
base.Error("read hdata: ", cSess.Username, err) base.Warn("read hdata: ", cSess.Username, cSess.IpAddr, err)
return return
} }
@@ -57,30 +57,30 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
switch pl.Data[6] { switch pl.Data[6] {
case 0x07: // KEEPALIVE case 0x07: // KEEPALIVE
// do nothing // do nothing
// base.Debug("recv keepalive", cSess.IpAddr) base.Trace("recv LinkCstp Keepalive", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
// 判断超时时间 // 判断超时时间
if checkIdle { if checkIdle {
lastTime = cSess.LastDataTime.Load() lastTime = cSess.LastDataTime.Load()
if lastTime.Before(utils.NowSec().Add(-idle)) { if lastTime < (utils.NowSec().Unix() - idle) {
base.Warn("IdleTimeout", cSess.Username, cSess.IpAddr, "lastTime", lastTime) base.Warn("IdleTimeout", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), "lastTime", lastTime)
sessdata.CloseSess(cSess.Sess.Token, dbdata.UserIdleTimeout) sessdata.CloseSess(cSess.Sess.Token, dbdata.UserIdleTimeout)
return return
} }
} }
case 0x05: // DISCONNECT case 0x05: // DISCONNECT
cSess.UserLogoutCode = dbdata.UserLogoutClient cSess.UserLogoutCode = dbdata.UserLogoutClient
base.Debug("DISCONNECT", cSess.Username, cSess.IpAddr) base.Info("DISCONNECT", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), n, string(pl.Data[9:n]))
sessdata.CloseSess(cSess.Sess.Token, dbdata.UserLogoutClient) sessdata.CloseSess(cSess.Sess.Token, dbdata.UserLogoutClient)
return return
case 0x03: // DPD-REQ case 0x03: // DPD-REQ
// base.Debug("recv DPD-REQ", cSess.IpAddr) base.Trace("recv LinkCstp DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), n, pl.Data[:n])
pl.PType = 0x04 pl.PType = 0x04
pl.Data = pl.Data[:n] // pl.Data = pl.Data[:n]
if payloadOutCstp(cSess, pl) { if payloadOutCstp(cSess, pl) {
return return
} }
case 0x04: case 0x04:
// log.Println("recv DPD-RESP") base.Trace("recv LinkCstp DPD-RESP", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
case 0x08: // decompress case 0x08: // decompress
if cSess.CstpPickCmp == nil { if cSess.CstpPickCmp == nil {
continue continue
@@ -113,7 +113,7 @@ func LinkCstp(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessio
return return
} }
// 只记录返回正确的数据时间 // 只记录返回正确的数据时间
cSess.LastDataTime.Store(utils.NowSec()) cSess.LastDataTime.Store(utils.NowSec().Unix())
} }
} }
} }
@@ -169,14 +169,14 @@ func cstpWrite(conn net.Conn, bufRW *bufio.ReadWriter, cSess *sessdata.ConnSessi
binary.BigEndian.PutUint16(pl.Data[4:6], uint16(l)) binary.BigEndian.PutUint16(pl.Data[4:6], uint16(l))
} }
} else { } else {
// pl.Data = append(pl.Data[:0], plHeader...) pl.Data = append(pl.Data[:0], plHeader...)
// 设置头类型 // 设置头类型
pl.Data[6] = pl.PType pl.Data[6] = pl.PType
} }
n, err = conn.Write(pl.Data) n, err = conn.Write(pl.Data)
if err != nil { if err != nil {
base.Error("write err", cSess.Username, err) base.Warn("write err", cSess.Username, cSess.IpAddr, err)
return return
} }

24
server/handler/link_dtls.go
View File

@@ -36,14 +36,14 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
for { for {
err = conn.SetReadDeadline(utils.NowSec().Add(dead)) err = conn.SetReadDeadline(utils.NowSec().Add(dead))
if err != nil { if err != nil {
base.Error("SetDeadline: ", cSess.Username, err) base.Error("SetDeadline: ", cSess.Username, cSess.IpAddr, err)
return return
} }
pl := getPayload() pl := getPayload()
n, err = conn.Read(pl.Data) n, err = conn.Read(pl.Data)
if err != nil { if err != nil {
base.Error("read hdata: ", cSess.Username, err) base.Warn("read hdata: ", cSess.Username, cSess.IpAddr, err)
return return
} }
@@ -56,20 +56,21 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
switch pl.Data[0] { switch pl.Data[0] {
case 0x07: // KEEPALIVE case 0x07: // KEEPALIVE
// do nothing // do nothing
// base.Debug("recv keepalive", cSess.IpAddr) base.Trace("recv LinkDtls Keepalive", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
case 0x05: // DISCONNECT case 0x05: // DISCONNECT
cSess.UserLogoutCode = dbdata.UserLogoutClient cSess.UserLogoutCode = dbdata.UserLogoutClient
base.Debug("DISCONNECT DTLS", cSess.Username, cSess.IpAddr) base.Info("DISCONNECT DTLS", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
return return
case 0x03: // DPD-REQ case 0x03: // DPD-REQ
// base.Debug("recv DPD-REQ", cSess.IpAddr) base.Trace("recv LinkDtls DPD-REQ", cSess.Username, cSess.IpAddr, conn.RemoteAddr(), n)
pl.PType = 0x04 pl.PType = 0x04
// 从零开始 可以直接赋值
pl.Data = pl.Data[:n] pl.Data = pl.Data[:n]
if payloadOutDtls(cSess, dSess, pl) { if payloadOutDtls(cSess, dSess, pl) {
return return
} }
case 0x04: case 0x04:
// base.Debug("recv DPD-RESP", cSess.IpAddr) base.Trace("recv LinkDtls DPD-RESP", cSess.Username, cSess.IpAddr, conn.RemoteAddr())
case 0x08: // decompress case 0x08: // decompress
if cSess.DtlsPickCmp == nil { if cSess.DtlsPickCmp == nil {
continue continue
@@ -95,7 +96,7 @@ func LinkDtls(conn net.Conn, cSess *sessdata.ConnSession) {
return return
} }
// 只记录返回正确的数据时间 // 只记录返回正确的数据时间
cSess.LastDataTime.Store(utils.NowSec()) cSess.LastDataTime.Store(utils.NowSec().Unix())
} }
} }
@@ -150,12 +151,15 @@ func dtlsWrite(conn net.Conn, dSess *sessdata.DtlsSession, cSess *sessdata.ConnS
} }
} else { } else {
// 设置头类型 // 设置头类型
// pl.Data = append(pl.Data[:0], pl.PType) if pl.PType == 0x04 {
pl.Data[0] = pl.PType pl.Data[0] = pl.PType
} else {
pl.Data = append(pl.Data[:0], pl.PType)
}
} }
n, err := conn.Write(pl.Data) n, err := conn.Write(pl.Data)
if err != nil { if err != nil {
base.Error("write err", cSess.Username, err) base.Warn("write err", cSess.Username, cSess.IpAddr, err)
return return
} }

12
server/handler/link_home.go
View File

@@ -27,10 +27,16 @@ func LinkHome(w http.ResponseWriter, r *http.Request) {
if err := dbdata.SettingGet(index); err != nil { if err := dbdata.SettingGet(index); err != nil {
return return
} }
w.WriteHeader(http.StatusOK)
if index.Homeindex == "" { if index.Homecode != http.StatusOK {
index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件,可以支持多人同时在线使用。" w.WriteHeader(index.Homecode)
return
} }
w.WriteHeader(http.StatusOK)
// if index.Homeindex == "" {
// index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件,可以支持多人同时在线使用。"
// }
fmt.Fprintln(w, index.Homeindex) fmt.Fprintln(w, index.Homeindex)
} }

9
server/handler/link_tap.go
View File

@@ -10,6 +10,7 @@ import (
"github.com/bjdgyc/anylink/sessdata" "github.com/bjdgyc/anylink/sessdata"
"github.com/google/gopacket" "github.com/google/gopacket"
"github.com/google/gopacket/layers" "github.com/google/gopacket/layers"
gosysctl "github.com/lorenzosaino/go-sysctl"
"github.com/songgao/packets/ethernet" "github.com/songgao/packets/ethernet"
"github.com/songgao/water" "github.com/songgao/water"
"github.com/songgao/water/waterutil" "github.com/songgao/water/waterutil"
@@ -88,8 +89,12 @@ func LinkTap(cSess *sessdata.ConnSession) error {
return err return err
} }
cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifce.Name()) // cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifce.Name())
execCmd([]string{cmdstr3}) // execCmd([]string{cmdstr3})
err = gosysctl.Set(fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6", ifce.Name()), "1")
if err != nil {
base.Warn(err)
}
go allTapRead(ifce, cSess) go allTapRead(ifce, cSess)
go allTapWrite(ifce, cSess) go allTapWrite(ifce, cSess)

53
server/handler/link_tun.go
View File

@@ -4,12 +4,17 @@ import (
"fmt" "fmt"
"github.com/bjdgyc/anylink/base" "github.com/bjdgyc/anylink/base"
"github.com/bjdgyc/anylink/pkg/utils"
"github.com/bjdgyc/anylink/sessdata" "github.com/bjdgyc/anylink/sessdata"
"github.com/coreos/go-iptables/iptables" "github.com/coreos/go-iptables/iptables"
gosysctl "github.com/lorenzosaino/go-sysctl"
"github.com/songgao/water" "github.com/songgao/water"
) )
func checkTun() { func checkTun() {
// 测试ip命令
base.CheckModOrLoad("tun")
// 测试tun // 测试tun
cfg := water.Config{ cfg := water.Config{
DeviceType: water.TUN, DeviceType: water.TUN,
@@ -21,18 +26,16 @@ func checkTun() {
} }
defer ifce.Close() defer ifce.Close()
// 测试ip命令
base.CheckModOrLoad("tun")
cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %s multicast off", ifce.Name(), "1399") cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %s multicast off", ifce.Name(), "1399")
err = execCmd([]string{cmdstr1}) err = execCmd([]string{cmdstr1})
if err != nil { if err != nil {
base.Fatal("testTun err: ", err) base.Fatal("testTun err: ", err)
} }
// 开启服务器转发 // 开启服务器转发
if err := execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"}); err != nil { // err = execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
base.Fatal(err) // if err != nil {
} // base.Fatal(err)
// }
if base.Cfg.IptablesNat { if base.Cfg.IptablesNat {
// 添加NAT转发规则 // 添加NAT转发规则
ipt, err := iptables.New() ipt, err := iptables.New()
@@ -44,15 +47,29 @@ func checkTun() {
// 修复 rockyos nat 不生效 // 修复 rockyos nat 不生效
base.CheckModOrLoad("iptable_filter") base.CheckModOrLoad("iptable_filter")
base.CheckModOrLoad("iptable_nat") base.CheckModOrLoad("iptable_nat")
// base.CheckModOrLoad("xt_comment")
natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-j", "MASQUERADE"} // 添加注释
forwardRule := []string{"-j", "ACCEPT"} natRule := []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-m", "comment",
if natExists, _ := ipt.Exists("nat", "POSTROUTING", natRule...); !natExists { "--comment", "AnyLink", "-j", "MASQUERADE"}
ipt.Insert("nat", "POSTROUTING", 1, natRule...) if base.InContainer {
natRule = []string{"-s", base.Cfg.Ipv4CIDR, "-o", base.Cfg.Ipv4Master, "-j", "MASQUERADE"}
} }
if forwardExists, _ := ipt.Exists("filter", "FORWARD", forwardRule...); !forwardExists { err = ipt.InsertUnique("nat", "POSTROUTING", 1, natRule...)
ipt.Insert("filter", "FORWARD", 1, forwardRule...) if err != nil {
base.Error(err)
} }
// 添加注释
forwardRule := []string{"-m", "comment", "--comment", "AnyLink", "-j", "ACCEPT"}
if base.InContainer {
forwardRule = []string{"-j", "ACCEPT"}
}
err = ipt.InsertUnique("filter", "FORWARD", 1, forwardRule...)
if err != nil {
base.Error(err)
}
base.Info(ipt.List("nat", "POSTROUTING")) base.Info(ipt.List("nat", "POSTROUTING"))
base.Info(ipt.List("filter", "FORWARD")) base.Info(ipt.List("filter", "FORWARD"))
} }
@@ -73,8 +90,8 @@ func LinkTun(cSess *sessdata.ConnSession) error {
cSess.SetIfName(ifce.Name()) cSess.SetIfName(ifce.Name())
// 通过 ip link show 查看 alias 信息 // 通过 ip link show 查看 alias 信息
alias := utils.ParseName(cSess.Group.Name + "." + cSess.Username)
cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off alias %s.%s", ifce.Name(), cSess.Mtu, cSess.Group.Name, cSess.Username) cmdstr1 := fmt.Sprintf("ip link set dev %s up mtu %d multicast off alias %s", ifce.Name(), cSess.Mtu, alias)
cmdstr2 := fmt.Sprintf("ip addr add dev %s local %s peer %s/32", cmdstr2 := fmt.Sprintf("ip addr add dev %s local %s peer %s/32",
ifce.Name(), base.Cfg.Ipv4Gateway, cSess.IpAddr) ifce.Name(), base.Cfg.Ipv4Gateway, cSess.IpAddr)
err = execCmd([]string{cmdstr1, cmdstr2}) err = execCmd([]string{cmdstr1, cmdstr2})
@@ -84,8 +101,12 @@ func LinkTun(cSess *sessdata.ConnSession) error {
return err return err
} }
cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifce.Name()) // cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifce.Name())
execCmd([]string{cmdstr3}) // execCmd([]string{cmdstr3})
err = gosysctl.Set(fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6", ifce.Name()), "1")
if err != nil {
base.Warn(err)
}
go tunRead(ifce, cSess) go tunRead(ifce, cSess)
go tunWrite(ifce, cSess) go tunWrite(ifce, cSess)

55
server/handler/link_tunnel.go
View File

@@ -43,13 +43,13 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
// 判断session-token的值 // 判断session-token的值
cookie, err := r.Cookie("webvpn") cookie, err := r.Cookie("webvpn")
if err != nil || cookie.Value == "" { if err != nil || cookie.Value == "" {
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusUnauthorized)
return return
} }
sess := sessdata.SToken2Sess(cookie.Value) sess := sessdata.SToken2Sess(cookie.Value)
if sess == nil { if sess == nil {
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusUnauthorized)
return return
} }
@@ -57,7 +57,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
cSess := sess.NewConn() cSess := sess.NewConn()
if cSess == nil { if cSess == nil {
log.Println(err) log.Println(err)
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusUnauthorized)
return return
} }
@@ -66,6 +66,8 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
cstpBaseMtu := r.Header.Get("X-CSTP-Base-MTU") cstpBaseMtu := r.Header.Get("X-CSTP-Base-MTU")
masterSecret := r.Header.Get("X-DTLS-Master-Secret") masterSecret := r.Header.Get("X-DTLS-Master-Secret")
localIp := r.Header.Get("X-Cstp-Local-Address-Ip4") localIp := r.Header.Get("X-Cstp-Local-Address-Ip4")
// 出口ip
exportIp4 := r.Header.Get("X-Cstp-Remote-Address-Ip4")
mobile := r.Header.Get("X-Cstp-License") mobile := r.Header.Get("X-Cstp-License")
cSess.SetMtu(cstpMtu) cSess.SetMtu(cstpMtu)
@@ -84,26 +86,18 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
} }
cSess.CstpDpd = cstpDpd cSess.CstpDpd = cstpDpd
dtlsPort := "4433" dtlsPort := "443"
if strings.Contains(base.Cfg.ServerDTLSAddr, ":") { if strings.Contains(base.Cfg.AdvertiseDTLSAddr, ":") {
ss := strings.Split(base.Cfg.ServerDTLSAddr, ":") ss := strings.Split(base.Cfg.AdvertiseDTLSAddr, ":")
dtlsPort = ss[1] dtlsPort = ss[1]
} }
base.Debug(cSess.IpAddr, cSess.MacHw, sess.Username, mobile) base.Info(sess.Username, cSess.IpAddr, cSess.MacHw, cSess.Client, mobile)
// 检测密码套件 // 检测密码套件
dtlsCiphersuite := checkDtls12Ciphersuite(r.Header.Get("X-Dtls12-Ciphersuite")) dtlsCiphersuite := checkDtls12Ciphersuite(r.Header.Get("X-Dtls12-Ciphersuite"))
base.Trace("dtlsCiphersuite", dtlsCiphersuite) base.Trace("dtlsCiphersuite", dtlsCiphersuite)
// 压缩
if cmpName, ok := cSess.SetPickCmp("cstp", r.Header.Get("X-Cstp-Accept-Encoding")); ok {
HttpSetHeader(w, "X-CSTP-Content-Encoding", cmpName)
}
if cmpName, ok := cSess.SetPickCmp("dtls", r.Header.Get("X-Dtls-Accept-Encoding")); ok {
HttpSetHeader(w, "X-DTLS-Content-Encoding", cmpName)
}
// 返回客户端数据 // 返回客户端数据
HttpSetHeader(w, "Server", fmt.Sprintf("%s %s", base.APP_NAME, base.APP_VER)) HttpSetHeader(w, "Server", fmt.Sprintf("%s %s", base.APP_NAME, base.APP_VER))
HttpSetHeader(w, "X-CSTP-Version", "1") HttpSetHeader(w, "X-CSTP-Version", "1")
@@ -113,11 +107,19 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
HttpSetHeader(w, "X-CSTP-Netmask", sessdata.IpPool.Ipv4Mask.String()) // 子网掩码 HttpSetHeader(w, "X-CSTP-Netmask", sessdata.IpPool.Ipv4Mask.String()) // 子网掩码
HttpSetHeader(w, "X-CSTP-Hostname", hn) // 机器名称 HttpSetHeader(w, "X-CSTP-Hostname", hn) // 机器名称
HttpSetHeader(w, "X-CSTP-Base-MTU", cstpBaseMtu) HttpSetHeader(w, "X-CSTP-Base-MTU", cstpBaseMtu)
// 要发布的默认域 // 客户端dns的默认搜索
if base.Cfg.DefaultDomain != "" { if base.Cfg.DefaultDomain != "" {
HttpSetHeader(w, "X-CSTP-Default-Domain", base.Cfg.DefaultDomain) HttpSetHeader(w, "X-CSTP-Default-Domain", base.Cfg.DefaultDomain)
} }
// 压缩
if cmpName, ok := cSess.SetPickCmp("cstp", r.Header.Get("X-Cstp-Accept-Encoding")); ok {
HttpSetHeader(w, "X-CSTP-Content-Encoding", cmpName)
}
if cmpName, ok := cSess.SetPickCmp("dtls", r.Header.Get("X-Dtls-Accept-Encoding")); ok {
HttpSetHeader(w, "X-DTLS-Content-Encoding", cmpName)
}
// 设置用户策略 // 设置用户策略
SetUserPolicy(cSess.Username, cSess.Group) SetUserPolicy(cSess.Username, cSess.Group)
@@ -129,17 +131,26 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
for _, v := range cSess.Group.ClientDns { for _, v := range cSess.Group.ClientDns {
HttpAddHeader(w, "X-CSTP-DNS", v.Val) HttpAddHeader(w, "X-CSTP-DNS", v.Val)
} }
// 分割dns
for _, v := range cSess.Group.SplitDns {
HttpAddHeader(w, "X-CSTP-Split-DNS", v.Val)
}
// 允许的路由 // 允许的路由
for _, v := range cSess.Group.RouteInclude { for _, v := range cSess.Group.RouteInclude {
if v.Val == dbdata.All { if strings.ToLower(v.Val) == dbdata.ALL {
continue continue
} }
HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask) HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
} }
// 不允许的路由 X-Cstp-Remote-Address-Ip4: // 不允许的路由
for _, v := range cSess.Group.RouteExclude { for _, v := range cSess.Group.RouteExclude {
HttpAddHeader(w, "X-CSTP-Split-Exclude", v.IpMask) HttpAddHeader(w, "X-CSTP-Split-Exclude", v.IpMask)
} }
// 排除出口ip路由(出口ip不加密传输)
if base.Cfg.ExcludeExportIp && exportIp4 != "" {
HttpAddHeader(w, "X-CSTP-Split-Exclude", exportIp4+"/255.255.255.255")
}
HttpSetHeader(w, "X-CSTP-Lease-Duration", "1209600") // ip地址租期 HttpSetHeader(w, "X-CSTP-Lease-Duration", "1209600") // ip地址租期
HttpSetHeader(w, "X-CSTP-Session-Timeout", "none") HttpSetHeader(w, "X-CSTP-Session-Timeout", "none")
@@ -150,9 +161,9 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
HttpSetHeader(w, "X-CSTP-Keep", "true") HttpSetHeader(w, "X-CSTP-Keep", "true")
HttpSetHeader(w, "X-CSTP-Tunnel-All-DNS", "false") HttpSetHeader(w, "X-CSTP-Tunnel-All-DNS", "false")
HttpSetHeader(w, "X-CSTP-Rekey-Time", "43200") // 172800 HttpSetHeader(w, "X-CSTP-Rekey-Time", "86400") // 172800
HttpSetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel") HttpSetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel")
HttpSetHeader(w, "X-DTLS-Rekey-Time", "43200") HttpSetHeader(w, "X-DTLS-Rekey-Time", "86400")
HttpSetHeader(w, "X-DTLS-Rekey-Method", "new-tunnel") HttpSetHeader(w, "X-DTLS-Rekey-Method", "new-tunnel")
HttpSetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd)) HttpSetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd))
@@ -174,7 +185,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
HttpSetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false") HttpSetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false")
HttpSetHeader(w, "X-CSTP-Quarantine", "false") HttpSetHeader(w, "X-CSTP-Quarantine", "false")
HttpSetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false") HttpSetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false")
HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "false") HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "true")
HttpSetHeader(w, "X-CSTP-TCP-Keepalive", "false") HttpSetHeader(w, "X-CSTP-TCP-Keepalive", "false")
// 设置域名拆分隧道(移动端不支持) // 设置域名拆分隧道(移动端不支持)
if mobile != "mobile" { if mobile != "mobile" {
@@ -186,7 +197,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
hClone := w.Header().Clone() hClone := w.Header().Clone()
buf := &bytes.Buffer{} buf := &bytes.Buffer{}
_ = hClone.Write(buf) _ = hClone.Write(buf)
base.Trace("LinkTunnel Response Header:", buf.String()) base.Debug("LinkTunnel Response Header:", buf.String())
hj := w.(http.Hijacker) hj := w.(http.Hijacker)
conn, bufRW, err := hj.Hijack() conn, bufRW, err := hj.Hijack()

18
server/handler/link_vtap.go
View File

@@ -11,6 +11,7 @@ import (
"github.com/bjdgyc/anylink/base" "github.com/bjdgyc/anylink/base"
"github.com/bjdgyc/anylink/pkg/utils" "github.com/bjdgyc/anylink/pkg/utils"
"github.com/bjdgyc/anylink/sessdata" "github.com/bjdgyc/anylink/sessdata"
gosysctl "github.com/lorenzosaino/go-sysctl"
) )
// link vtap // link vtap
@@ -28,12 +29,13 @@ func (v *Vtap) Close() error {
} }
func checkMacvtap() { func checkMacvtap() {
// 加载 macvtap
base.CheckModOrLoad("macvtap")
_setGateway() _setGateway()
_checkTapIp(base.Cfg.Ipv4Master) _checkTapIp(base.Cfg.Ipv4Master)
ifName := "anylinkMacvtap" ifName := "anylinkMacvtap"
// 加载 macvtap
base.CheckModOrLoad("macvtap")
// 开启主网卡混杂模式 // 开启主网卡混杂模式
cmdstr1 := fmt.Sprintf("ip link set dev %s promisc on", base.Cfg.Ipv4Master) cmdstr1 := fmt.Sprintf("ip link set dev %s promisc on", base.Cfg.Ipv4Master)
@@ -55,16 +57,20 @@ func LinkMacvtap(cSess *sessdata.ConnSession) error {
cSess.SetIfName(ifName) cSess.SetIfName(ifName)
cmdstr1 := fmt.Sprintf("ip link add link %s name %s type macvtap mode bridge", base.Cfg.Ipv4Master, ifName) cmdstr1 := fmt.Sprintf("ip link add link %s name %s type macvtap mode bridge", base.Cfg.Ipv4Master, ifName)
cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s alias %s.%s", ifName, cSess.Mtu, alias := utils.ParseName(cSess.Group.Name + "." + cSess.Username)
cSess.MacHw, cSess.Group.Name, cSess.Username) cmdstr2 := fmt.Sprintf("ip link set dev %s up mtu %d address %s alias %s", ifName, cSess.Mtu, cSess.MacHw, alias)
err := execCmd([]string{cmdstr1, cmdstr2}) err := execCmd([]string{cmdstr1, cmdstr2})
if err != nil { if err != nil {
base.Error(err) base.Error(err)
return err return err
} }
cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifName) // cmdstr3 := fmt.Sprintf("sysctl -w net.ipv6.conf.%s.disable_ipv6=1", ifName)
execCmd([]string{cmdstr3}) // execCmd([]string{cmdstr3})
err = gosysctl.Set(fmt.Sprintf("net.ipv6.conf.%s.disable_ipv6", ifName), "1")
if err != nil {
base.Warn(err)
}
return createVtap(cSess, ifName) return createVtap(cSess, ifName)
} }

43
server/handler/payload.go
View File

@@ -86,14 +86,41 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool {
} }
for _, v := range group.LinkAcl { for _, v := range group.LinkAcl {
// 循环判断ip和端口 // 放行允许ip的ping
if v.IpNet.Contains(ipDst) { // if v.Ports == nil || len(v.Ports) == 0 {
// 放行允许ip的ping // //单端口历史数据兼容
if v.Port == ipPort || v.Port == 0 || ipProto == waterutil.ICMP { // port := uint16(v.Port.(float64))
if v.Action == dbdata.Allow { // if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
return true // if v.Action == dbdata.Allow {
} else { // return true
return false // } else {
// return false
// }
// }
// } else {
// 先判断协议
// 兼容旧数据 v.Protocol == ""
if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto {
// 循环判断ip和端口
if v.IpNet.Contains(ipDst) {
// icmp 不判断端口
if ipProto == waterutil.ICMP {
if v.Action == dbdata.Allow {
return true
} else {
return false
}
}
if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) {
if v.Action == dbdata.Allow {
// log.Println(dbdata.Allow, v.Ports)
return true
} else {
// log.Println(dbdata.Deny, v.Ports)
return false
}
} }
} }
} }

3
server/handler/payload_access_audit.go
View File

@@ -106,6 +106,9 @@ func logAudit(userName string, pl *sessdata.Payload) {
if err := recover(); err != nil { if err := recover(); err != nil {
base.Error("logAudit is panic: ", err, "\n", string(debug.Stack()), "\n", pl.Data) base.Error("logAudit is panic: ", err, "\n", string(debug.Stack()), "\n", pl.Data)
} }
}()
defer func() {
putPayload(pl) putPayload(pl)
}() }()

28
server/handler/server.go
View File

@@ -1,12 +1,16 @@
package handler package handler
import ( import (
"crypto/sha1"
"crypto/tls" "crypto/tls"
"encoding/hex"
"fmt" "fmt"
"io" "io"
"net" "net"
"net/http" "net/http"
"net/http/httputil"
"os" "os"
"strings"
"time" "time"
"github.com/bjdgyc/anylink/base" "github.com/bjdgyc/anylink/base"
@@ -35,6 +39,19 @@ func startTls() {
// certs[0], err = tls.LoadX509KeyPair(certFile, keyFile) // certs[0], err = tls.LoadX509KeyPair(certFile, keyFile)
// } // }
tlscert, _, err := dbdata.ParseCert()
if err != nil {
base.Fatal("证书加载失败", err)
}
dbdata.LoadCertificate(tlscert)
// 计算证书hash值
s1 := sha1.New()
s1.Write(tlscert.Certificate[0])
h2s := hex.EncodeToString(s1.Sum(nil))
certHash = strings.ToUpper(h2s)
base.Info("certHash", certHash)
// 修复 CVE-2016-2183 // 修复 CVE-2016-2183
// https://segmentfault.com/a/1190000038486901 // https://segmentfault.com/a/1190000038486901
// nmap -sV --script ssl-enum-ciphers -p 443 www.example.com // nmap -sV --script ssl-enum-ciphers -p 443 www.example.com
@@ -95,9 +112,12 @@ func initRoute() http.Handler {
r.HandleFunc("/", LinkHome).Methods(http.MethodGet) r.HandleFunc("/", LinkHome).Methods(http.MethodGet)
r.HandleFunc("/", LinkAuth).Methods(http.MethodPost) r.HandleFunc("/", LinkAuth).Methods(http.MethodPost)
// r.Handle("/", antiBruteForce(http.HandlerFunc(LinkAuth))).Methods(http.MethodPost)
r.HandleFunc("/CSCOSSLC/tunnel", LinkTunnel).Methods(http.MethodConnect) r.HandleFunc("/CSCOSSLC/tunnel", LinkTunnel).Methods(http.MethodConnect)
r.HandleFunc("/otp_qr", LinkOtpQr).Methods(http.MethodGet) r.HandleFunc("/otp_qr", LinkOtpQr).Methods(http.MethodGet)
r.HandleFunc("/profile.xml", func(w http.ResponseWriter, r *http.Request) { r.HandleFunc("/otp-verification", LinkAuth_otp).Methods(http.MethodPost)
// r.Handle("/otp-verification", antiBruteForce(http.HandlerFunc(LinkAuth_otp))).Methods(http.MethodPost)
r.HandleFunc(fmt.Sprintf("/profile_%s.xml", base.Cfg.ProfileName), func(w http.ResponseWriter, r *http.Request) {
b, _ := os.ReadFile(base.Cfg.Profile) b, _ := os.ReadFile(base.Cfg.Profile)
w.Write(b) w.Write(b)
}).Methods(http.MethodGet) }).Methods(http.MethodGet)
@@ -116,8 +136,10 @@ func initRoute() http.Handler {
func notFound(w http.ResponseWriter, r *http.Request) { func notFound(w http.ResponseWriter, r *http.Request) {
// fmt.Println(r.RemoteAddr) // fmt.Println(r.RemoteAddr)
// hu, _ := httputil.DumpRequest(r, true) if base.GetLogLevel() == base.LogLevelTrace {
// fmt.Println("NotFound: ", string(hu)) hd, _ := httputil.DumpRequest(r, true)
base.Trace("NotFound: ", r.RemoteAddr, string(hd))
}
w.WriteHeader(http.StatusNotFound) w.WriteHeader(http.StatusNotFound)
fmt.Fprintln(w, "404 page not found") fmt.Fprintln(w, "404 page not found")

17
server/handler/start.go
View File

@@ -3,6 +3,7 @@ package handler
import ( import (
"crypto/sha1" "crypto/sha1"
"encoding/hex" "encoding/hex"
"log"
"os" "os"
"github.com/bjdgyc/anylink/admin" "github.com/bjdgyc/anylink/admin"
@@ -10,6 +11,7 @@ import (
"github.com/bjdgyc/anylink/cron" "github.com/bjdgyc/anylink/cron"
"github.com/bjdgyc/anylink/dbdata" "github.com/bjdgyc/anylink/dbdata"
"github.com/bjdgyc/anylink/sessdata" "github.com/bjdgyc/anylink/sessdata"
gosysctl "github.com/lorenzosaino/go-sysctl"
) )
func Start() { func Start() {
@@ -17,6 +19,21 @@ func Start() {
sessdata.Start() sessdata.Start()
cron.Start() cron.Start()
admin.InitLockManager() // 初始化防爆破定时器和IP白名单
// 开启服务器转发
err := gosysctl.Set("net.ipv4.ip_forward", "1")
if err != nil {
base.Warn(err)
}
val, err := gosysctl.Get("net.ipv4.ip_forward")
if val != "1" {
log.Fatal("Please exec 'sysctl -w net.ipv4.ip_forward=1' ")
}
// os.Exit(0)
// execCmd([]string{"sysctl -w net.ipv4.ip_forward=1"})
switch base.Cfg.LinkMode { switch base.Cfg.LinkMode {
case base.LinkModeTUN: case base.LinkModeTUN:
checkTun() checkTun()

4
server/pkg/utils/password_hash.go
View File

@@ -14,6 +14,10 @@ func PasswordHash(password string) (string, error) {
} }
func PasswordVerify(password, hash string) bool { func PasswordVerify(password, hash string) bool {
// 保留老用户明文验证
if len(hash) != 60 {
return password == hash
}
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil return err == nil
} }

25
server/pkg/utils/util.go
View File

@@ -1,8 +1,12 @@
package utils package utils
import ( import (
crand "crypto/rand"
"encoding/hex"
"fmt" "fmt"
"log"
"math/rand" "math/rand"
"strings"
"sync/atomic" "sync/atomic"
"time" "time"
) )
@@ -82,12 +86,29 @@ func HumanByte(bf interface{}) string {
func RandomRunes(length int) string { func RandomRunes(length int) string {
letterRunes := []rune("abcdefghijklmnpqrstuvwxy1234567890") letterRunes := []rune("abcdefghijklmnpqrstuvwxy1234567890")
bytes := make([]rune, length) bytes := make([]rune, length)
for i := range bytes { for i := range bytes {
bytes[i] = letterRunes[rand.Intn(len(letterRunes))] bytes[i] = letterRunes[rand.Intn(len(letterRunes))]
} }
return string(bytes) return string(bytes)
} }
func RandomHex(length int) string {
b := make([]byte, length)
_, err := crand.Read(b)
if err != nil {
log.Println(err)
return ""
}
return hex.EncodeToString(b)
}
func ParseName(name string) string {
name = strings.ReplaceAll(name, " ", "-")
name = strings.ReplaceAll(name, "'", "-")
name = strings.ReplaceAll(name, "\"", "-")
name = strings.ReplaceAll(name, ";", "-")
return name
}

149
server/sessdata/ip_pool.go
View File

@@ -13,11 +13,9 @@ import (
var ( var (
IpPool = &ipPoolConfig{} IpPool = &ipPoolConfig{}
ipActive = map[string]bool{} ipActive = map[string]bool{}
// ipKeep and ipLease ipAddr => type // ipKeep and ipLease ipAddr => macAddr
// ipLease = map[string]bool{} // ipKeep = map[string]string{}
ipPoolMux sync.Mutex ipPoolMux sync.Mutex
// 记录循环点
loopCurIp uint32
) )
type ipPoolConfig struct { type ipPoolConfig struct {
@@ -73,21 +71,27 @@ func initIpPool() {
// func getIpLease() { // func getIpLease() {
// xdb := dbdata.GetXdb() // xdb := dbdata.GetXdb()
// keepIpMaps := []dbdata.IpMap{} // keepIpMaps := []dbdata.IpMap{}
// sNow := time.Now().Add(-1 * time.Duration(base.Cfg.IpLease) * time.Second) // // sNow := time.Now().Add(-1 * time.Duration(base.Cfg.IpLease) * time.Second)
// err := xdb.Cols("ip_addr").Where("keep=?", true). // err := xdb.Cols("ip_addr", "mac_addr").Where("keep=?", true).Find(&keepIpMaps)
// Or("unique_mac=? and last_login>?", true, sNow).Find(&keepIpMaps)
// if err != nil { // if err != nil {
// base.Error(err) // base.Error(err)
// } // }
// // fmt.Println(keepIpMaps) // log.Println(keepIpMaps)
// ipPoolMux.Lock() // ipPoolMux.Lock()
// ipLease = map[string]bool{} // ipKeep = map[string]string{}
// for _, v := range keepIpMaps { // for _, v := range keepIpMaps {
// ipLease[v.IpAddr] = true // ipKeep[v.IpAddr] = v.MacAddr
// } // }
// ipPoolMux.Unlock() // ipPoolMux.Unlock()
// } // }
func ipInPool(ip net.IP) bool {
if utils.Ip2long(ip) >= IpPool.IpLongMin && utils.Ip2long(ip) <= IpPool.IpLongMax {
return true
}
return false
}
// AcquireIp 获取动态ip // AcquireIp 获取动态ip
func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) { func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
base.Trace("AcquireIp start:", username, macAddr, uniqueMac) base.Trace("AcquireIp start:", username, macAddr, uniqueMac)
@@ -95,6 +99,7 @@ func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
defer func() { defer func() {
ipPoolMux.Unlock() ipPoolMux.Unlock()
base.Trace("AcquireIp end:", username, macAddr, uniqueMac, newIp) base.Trace("AcquireIp end:", username, macAddr, uniqueMac, newIp)
base.Info("AcquireIp ip:", username, macAddr, uniqueMac, newIp)
}() }()
var ( var (
@@ -102,6 +107,7 @@ func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
tNow = time.Now() tNow = time.Now()
) )
// 获取到客户端 macAddr 的情况
if uniqueMac { if uniqueMac {
// 判断是否已经分配过 // 判断是否已经分配过
mi := &dbdata.IpMap{} mi := &dbdata.IpMap{}
@@ -124,9 +130,9 @@ func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
_, ok := ipActive[ipStr] _, ok := ipActive[ipStr]
// 检测原有ip是否在新的ip池内 // 检测原有ip是否在新的ip池内
// IpPool.Ipv4IPNet.Contains(ip) && // IpPool.Ipv4IPNet.Contains(ip) &&
if !ok && // ip符合规范
utils.Ip2long(ip) >= IpPool.IpLongMin && // 检测原有ip是否在新的ip池内
utils.Ip2long(ip) <= IpPool.IpLongMax { if !ok && ipInPool(ip) {
mi.Username = username mi.Username = username
mi.LastLogin = tNow mi.LastLogin = tNow
mi.UniqueMac = uniqueMac mi.UniqueMac = uniqueMac
@@ -135,61 +141,81 @@ func AcquireIp(username, macAddr string, uniqueMac bool) (newIp net.IP) {
ipActive[ipStr] = true ipActive[ipStr] = true
return ip return ip
} }
// 删除当前macAddr
mi = &dbdata.IpMap{MacAddr: macAddr}
_ = dbdata.Del(mi)
} else { // ip保留
// 没有获取到mac的情况 if mi.Keep {
ipMaps := []dbdata.IpMap{} base.Error(username, macAddr, ipStr, "保留ip不匹配CIDR")
err = dbdata.FindWhere(&ipMaps, 50, 1, "username=? and unique_mac=?", username, false)
if err != nil {
// 没有查询到数据
if dbdata.CheckErrNotFound(err) {
return loopIp(username, macAddr, uniqueMac)
}
// 查询报错
base.Error(err)
return nil return nil
} }
// 遍历mac记录 // 删除当前macAddr
for _, mi := range ipMaps { mi = &dbdata.IpMap{MacAddr: macAddr}
ipStr := mi.IpAddr _ = dbdata.Del(mi)
ip := net.ParseIP(ipStr) return loopIp(username, macAddr, uniqueMac)
}
// 跳过活跃连接 // 没有获取到mac的情况
if _, ok := ipActive[ipStr]; ok { ipMaps := []dbdata.IpMap{}
continue err = dbdata.FindWhere(&ipMaps, 30, 1, "username=?", username)
} if err != nil {
// 跳过保留ip // 没有查询到数据
if mi.Keep { if dbdata.CheckErrNotFound(err) {
continue return loopIp(username, macAddr, uniqueMac)
} }
// 没有mac的 不需要验证租期 // 查询报错
// mi.LastLogin.Before(leaseTime) && base.Error(err)
if utils.Ip2long(ip) >= IpPool.IpLongMin && return nil
utils.Ip2long(ip) <= IpPool.IpLongMax { }
mi.LastLogin = tNow
mi.MacAddr = macAddr // 遍历mac记录
mi.UniqueMac = uniqueMac for _, mi := range ipMaps {
// 回写db数据 ipStr := mi.IpAddr
_ = dbdata.Set(mi) ip := net.ParseIP(ipStr)
ipActive[ipStr] = true
return ip // 跳过活跃连接
} if _, ok := ipActive[ipStr]; ok {
continue
}
// 跳过保留ip
if mi.Keep {
continue
}
if mi.UniqueMac {
continue
}
// 没有mac的 不需要验证租期
// mi.LastLogin.Before(leaseTime) &&
if ipInPool(ip) {
mi.Username = username
mi.LastLogin = tNow
mi.MacAddr = macAddr
mi.UniqueMac = uniqueMac
// 回写db数据
_ = dbdata.Set(mi)
ipActive[ipStr] = true
return ip
} }
} }
return loopIp(username, macAddr, uniqueMac) return loopIp(username, macAddr, uniqueMac)
} }
var (
// 记录循环点
loopCurIp uint32
loopFarIp *dbdata.IpMap
)
func loopIp(username, macAddr string, uniqueMac bool) net.IP { func loopIp(username, macAddr string, uniqueMac bool) net.IP {
var ( var (
i uint32 i uint32
ip net.IP ip net.IP
) )
// 重新赋值
loopFarIp = &dbdata.IpMap{LastLogin: time.Now()}
i, ip = loopLong(loopCurIp, IpPool.IpLongMax, username, macAddr, uniqueMac) i, ip = loopLong(loopCurIp, IpPool.IpLongMax, username, macAddr, uniqueMac)
if ip != nil { if ip != nil {
loopCurIp = i loopCurIp = i
@@ -202,6 +228,22 @@ func loopIp(username, macAddr string, uniqueMac bool) net.IP {
return ip return ip
} }
// ip分配完,从头开始
loopCurIp = IpPool.IpLongMin
if loopFarIp.Id > 0 {
// 使用最早登陆的 ip
ipStr := loopFarIp.IpAddr
ip = net.ParseIP(ipStr)
mi := &dbdata.IpMap{IpAddr: ipStr, MacAddr: macAddr, UniqueMac: uniqueMac, Username: username, LastLogin: time.Now()}
// 回写db数据
_ = dbdata.Set(mi)
ipActive[ipStr] = true
return ip
}
// 全都在线,没有数据可用
base.Warn("no ip available, please see ip_map table row", username, macAddr) base.Warn("no ip available, please see ip_map table row", username, macAddr)
return nil return nil
} }
@@ -247,6 +289,7 @@ func loopLong(start, end uint32, username, macAddr string, uniqueMac bool) (uint
// 判断租期 // 判断租期
if mi.LastLogin.Before(leaseTime) { if mi.LastLogin.Before(leaseTime) {
// 存在记录,说明已经超过租期,可以直接使用 // 存在记录,说明已经超过租期,可以直接使用
mi.Username = username
mi.LastLogin = tNow mi.LastLogin = tNow
mi.MacAddr = macAddr mi.MacAddr = macAddr
mi.UniqueMac = uniqueMac mi.UniqueMac = uniqueMac
@@ -255,6 +298,10 @@ func loopLong(start, end uint32, username, macAddr string, uniqueMac bool) (uint
ipActive[ipStr] = true ipActive[ipStr] = true
return i, ip return i, ip
} }
// 其他情况判断最早登陆
if mi.LastLogin.Before(loopFarIp.LastLogin) {
loopFarIp = mi
}
} }
return 0, nil return 0, nil

113
server/sessdata/online.go
View File

@@ -4,27 +4,29 @@ import (
"bytes" "bytes"
"net" "net"
"sort" "sort"
"strings"
"time" "time"
"github.com/bjdgyc/anylink/pkg/utils" "github.com/bjdgyc/anylink/pkg/utils"
) )
type Online struct { type Online struct {
Token string `json:"token"` Token string `json:"token"`
Username string `json:"username"` Username string `json:"username"`
Group string `json:"group"` Group string `json:"group"`
MacAddr string `json:"mac_addr"` MacAddr string `json:"mac_addr"`
UniqueMac bool `json:"unique_mac"` UniqueMac bool `json:"unique_mac"`
Ip net.IP `json:"ip"` Ip net.IP `json:"ip"`
RemoteAddr string `json:"remote_addr"` RemoteAddr string `json:"remote_addr"`
TunName string `json:"tun_name"` TransportProtocol string `json:"transport_protocol"`
Mtu int `json:"mtu"` TunName string `json:"tun_name"`
Client string `json:"client"` Mtu int `json:"mtu"`
BandwidthUp string `json:"bandwidth_up"` Client string `json:"client"`
BandwidthDown string `json:"bandwidth_down"` BandwidthUp string `json:"bandwidth_up"`
BandwidthUpAll string `json:"bandwidth_up_all"` BandwidthDown string `json:"bandwidth_down"`
BandwidthDownAll string `json:"bandwidth_down_all"` BandwidthUpAll string `json:"bandwidth_up_all"`
LastLogin time.Time `json:"last_login"` BandwidthDownAll string `json:"bandwidth_down_all"`
LastLogin time.Time `json:"last_login"`
} }
type Onlines []Online type Onlines []Online
@@ -42,33 +44,80 @@ func (o Onlines) Swap(i, j int) {
} }
func OnlineSess() []Online { func OnlineSess() []Online {
return GetOnlineSess("", "", false)
}
/**
* @Description: GetOnlineSess
* @param search_cate 分类用户名、登录组、MAC地址、IP地址、远端地址
* @param search_text 关键字,模糊搜索
* @param show_sleeper 是否显示休眠用户
* @return []Online
*/
func GetOnlineSess(search_cate string, search_text string, show_sleeper bool) []Online {
var datas Onlines var datas Onlines
if strings.TrimSpace(search_text) == "" {
search_cate = ""
}
sessMux.Lock() sessMux.Lock()
defer sessMux.Unlock()
for _, v := range sessions { for _, v := range sessions {
v.mux.Lock() v.mux.Lock()
if v.IsActive { cSess := v.CSess
if cSess == nil {
cSess = &ConnSession{}
}
// 选择需要比较的字符串
var compareText string
switch search_cate {
case "username":
compareText = v.Username
case "group":
compareText = v.Group
case "mac_addr":
compareText = v.MacAddr
case "ip":
if cSess != nil {
compareText = cSess.IpAddr.String()
}
case "remote_addr":
if cSess != nil {
compareText = cSess.RemoteAddr
}
}
if search_cate != "" && !strings.Contains(compareText, search_text) {
v.mux.Unlock()
continue
}
if show_sleeper || v.IsActive {
transportProtocol := "TCP"
dSess := cSess.GetDtlsSession()
if dSess != nil {
transportProtocol = "UDP"
}
val := Online{ val := Online{
Token: v.Token, Token: v.Token,
Ip: v.CSess.IpAddr, Ip: cSess.IpAddr,
Username: v.Username, Username: v.Username,
Group: v.Group, Group: v.Group,
MacAddr: v.MacAddr, MacAddr: v.MacAddr,
UniqueMac: v.UniqueMac, UniqueMac: v.UniqueMac,
RemoteAddr: v.CSess.RemoteAddr, RemoteAddr: cSess.RemoteAddr,
TunName: v.CSess.IfName, TransportProtocol: transportProtocol,
Mtu: v.CSess.Mtu, TunName: cSess.IfName,
Client: v.CSess.Client, Mtu: cSess.Mtu,
BandwidthUp: utils.HumanByte(v.CSess.BandwidthUpPeriod.Load()) + "/s", Client: cSess.Client,
BandwidthDown: utils.HumanByte(v.CSess.BandwidthDownPeriod.Load()) + "/s", BandwidthUp: utils.HumanByte(cSess.BandwidthUpPeriod.Load()) + "/s",
BandwidthUpAll: utils.HumanByte(v.CSess.BandwidthUpAll.Load()), BandwidthDown: utils.HumanByte(cSess.BandwidthDownPeriod.Load()) + "/s",
BandwidthDownAll: utils.HumanByte(v.CSess.BandwidthDownAll.Load()), BandwidthUpAll: utils.HumanByte(cSess.BandwidthUpAll.Load()),
LastLogin: v.LastLogin, BandwidthDownAll: utils.HumanByte(cSess.BandwidthDownAll.Load()),
LastLogin: v.LastLogin,
} }
datas = append(datas, val) datas = append(datas, val)
} }
v.mux.Unlock() v.mux.Unlock()
} }
sessMux.Unlock()
sort.Sort(&datas) sort.Sort(&datas)
return datas return datas
} }

46
server/sessdata/session.go
View File

@@ -2,7 +2,6 @@ package sessdata
import ( import (
"fmt" "fmt"
"math/rand"
"net" "net"
"strconv" "strconv"
"strings" "strings"
@@ -12,8 +11,8 @@ import (
"github.com/bjdgyc/anylink/base" "github.com/bjdgyc/anylink/base"
"github.com/bjdgyc/anylink/dbdata" "github.com/bjdgyc/anylink/dbdata"
"github.com/bjdgyc/anylink/pkg/utils"
mapset "github.com/deckarep/golang-set" mapset "github.com/deckarep/golang-set"
atomic2 "go.uber.org/atomic"
) )
var ( var (
@@ -41,15 +40,15 @@ type ConnSession struct {
CstpDpd int CstpDpd int
Group *dbdata.Group Group *dbdata.Group
Limit *LimitRater Limit *LimitRater
BandwidthUp atomic2.Uint32 // 使用上行带宽 Byte BandwidthUp atomic.Uint32 // 使用上行带宽 Byte
BandwidthDown atomic2.Uint32 // 使用下行带宽 Byte BandwidthDown atomic.Uint32 // 使用下行带宽 Byte
BandwidthUpPeriod atomic2.Uint32 // 前一周期的总量 BandwidthUpPeriod atomic.Uint32 // 前一周期的总量
BandwidthDownPeriod atomic2.Uint32 BandwidthDownPeriod atomic.Uint32
BandwidthUpAll atomic2.Uint64 // 使用上行带宽总量 BandwidthUpAll atomic.Uint64 // 使用上行带宽总量
BandwidthDownAll atomic2.Uint64 // 使用下行带宽总量 BandwidthDownAll atomic.Uint64 // 使用下行带宽总量
closeOnce sync.Once closeOnce sync.Once
CloseChan chan struct{} CloseChan chan struct{}
LastDataTime atomic2.Time // 最后数据传输时间 LastDataTime atomic.Int64 // 最后数据传输时间
PayloadIn chan *Payload PayloadIn chan *Payload
PayloadOutCstp chan *Payload // Cstp的数据 PayloadOutCstp chan *Payload // Cstp的数据
PayloadOutDtls chan *Payload // Dtls的数据 PayloadOutDtls chan *Payload // Dtls的数据
@@ -92,10 +91,6 @@ type Session struct {
CSess *ConnSession CSess *ConnSession
} }
func init() {
rand.Seed(time.Now().UnixNano())
}
func checkSession() { func checkSession() {
// 检测过期的session // 检测过期的session
go func() { go func() {
@@ -145,28 +140,16 @@ func CloseUserLimittimeSession() {
} }
} }
func GenToken() string {
// 生成32位的 token
bToken := make([]byte, 32)
rand.Read(bToken)
return fmt.Sprintf("%x", bToken)
}
func NewSession(token string) *Session { func NewSession(token string) *Session {
if token == "" { if token == "" {
btoken := make([]byte, 32) token = utils.RandomHex(32)
rand.Read(btoken)
token = fmt.Sprintf("%x", btoken)
} }
// 生成 dtlsn session_id // 生成 dtlsn session_id
dtlsid := make([]byte, 32)
rand.Read(dtlsid)
sess := &Session{ sess := &Session{
Sid: fmt.Sprintf("%d", time.Now().Unix()), Sid: fmt.Sprintf("%d", time.Now().Unix()),
Token: token, Token: token,
DtlsSid: fmt.Sprintf("%x", dtlsid), DtlsSid: utils.RandomHex(32),
LastLogin: time.Now(), LastLogin: time.Now(),
} }
@@ -220,7 +203,7 @@ func (s *Session) NewConn() *ConnSession {
PayloadOutDtls: make(chan *Payload, 64), PayloadOutDtls: make(chan *Payload, 64),
dSess: &atomic.Value{}, dSess: &atomic.Value{},
} }
cSess.LastDataTime.Store(time.Now()) cSess.LastDataTime.Store(time.Now().Unix())
dSess := &DtlsSession{ dSess := &DtlsSession{
isActive: -1, isActive: -1,
@@ -464,7 +447,7 @@ func CloseSess(token string, code ...uint8) {
sess.CSess.Close() sess.CSess.Close()
return return
} }
AddUserActLogBySess(sess) AddUserActLogBySess(sess, code...)
} }
func CloseCSess(token string) { func CloseCSess(token string) {
@@ -501,7 +484,7 @@ func AddUserActLog(cs *ConnSession) {
dbdata.UserActLogIns.Add(ua, cs.UserAgent) dbdata.UserActLogIns.Add(ua, cs.UserAgent)
} }
func AddUserActLogBySess(sess *Session) { func AddUserActLogBySess(sess *Session, code ...uint8) {
ua := dbdata.UserActLog{ ua := dbdata.UserActLog{
Username: sess.Username, Username: sess.Username,
GroupName: sess.Group, GroupName: sess.Group,
@@ -512,5 +495,8 @@ func AddUserActLogBySess(sess *Session) {
Status: dbdata.UserLogout, Status: dbdata.UserLogout,
} }
ua.Info = dbdata.UserActLogIns.GetInfoOpsById(dbdata.UserLogoutBanner) ua.Info = dbdata.UserActLogIns.GetInfoOpsById(dbdata.UserLogoutBanner)
if len(code) > 0 {
ua.Info = dbdata.UserActLogIns.GetInfoOpsById(code[0])
}
dbdata.UserActLogIns.Add(ua, sess.UserAgent) dbdata.UserActLogIns.Add(ua, sess.UserAgent)
} }

2
version
View File

@@ -1 +1 @@
0.11.1 0.13.1

3
web/package.json
View File

@@ -15,7 +15,8 @@
"qs": "^6.11.1", "qs": "^6.11.1",
"vue": "^2.6.11", "vue": "^2.6.11",
"vue-count-to": "^1.0.13", "vue-count-to": "^1.0.13",
"vue-router": "^3.5.2" "vue-router": "^3.5.2",
"vuedraggable": "^2.24.3"
}, },
"devDependencies": { "devDependencies": {
"@vue/cli-plugin-babel": "~4.5.0", "@vue/cli-plugin-babel": "~4.5.0",

25
web/src/layout/Layout.vue
View File

@@ -18,6 +18,14 @@
<!--子组件上报route信息--> <!--子组件上报route信息-->
<router-view :route_path.sync="route_path" :route_name.sync="route_name"></router-view> <router-view :route_path.sync="route_path" :route_name.sync="route_name"></router-view>
</el-main> </el-main>
<el-footer>
<div>
<el-button size="mini" @click="goUrl('https://gitee.com/bjdgyc/anylink')">
Powered by AnyLink
</el-button>
企业级远程办公系统 AGPL-3.0 2020-present
</div>
</el-footer>
</el-container> </el-container>
</el-container> </el-container>
</template> </template>
@@ -36,6 +44,11 @@ export default {
route_name: ['首页'], route_name: ['首页'],
} }
}, },
methods: {
goUrl(url) {
window.open(url, "_blank")
},
},
watch: { watch: {
route_path: function (val) { route_path: function (val) {
// var w = document.getElementById('layout-menu').clientWidth; // var w = document.getElementById('layout-menu').clientWidth;
@@ -60,4 +73,16 @@ export default {
box-shadow: 0 1px 3px 0 rgba(0, 0, 0, .12), 0 0 3px 0 rgba(0, 0, 0, .04); box-shadow: 0 1px 3px 0 rgba(0, 0, 0, .12), 0 0 3px 0 rgba(0, 0, 0, .04);
} }
.el-footer {
display: flex;
align-items: center;
justify-content: center;
text-align: center;
font-size: 12px;
line-height: 12px;
margin: 0 12px;
color: rgb(134, 144, 156);
}
</style> </style>

15
web/src/layout/LayoutAside.vue
View File

@@ -7,17 +7,9 @@
<!--<div class="layout-aside" :style="aside_style">--> <!--<div class="layout-aside" :style="aside_style">-->
<el-menu :collapse="!is_active" <el-menu :collapse="!is_active" :default-active="route_path" :style="is_active ? 'width:200px' : ''" router
:default-active="route_path" class="layout-menu" :collapse-transition="false" background-color="#545c64" text-color="#fff"
:style="is_active?'width:200px':''" active-text-color="#ffd04b">
router
class="layout-menu"
:collapse-transition="false"
background-color="#545c64"
text-color="#fff"
active-text-color="#ffd04b"
>
<el-menu-item index="/admin/home"> <el-menu-item index="/admin/home">
<i class="el-icon-s-home"></i> <i class="el-icon-s-home"></i>
<span slot="title">首页</span> <span slot="title">首页</span>
@@ -44,6 +36,7 @@
<el-menu-item index="/admin/user/list">用户列表</el-menu-item> <el-menu-item index="/admin/user/list">用户列表</el-menu-item>
<el-menu-item index="/admin/user/policy">用户策略</el-menu-item> <el-menu-item index="/admin/user/policy">用户策略</el-menu-item>
<el-menu-item index="/admin/user/online">在线用户</el-menu-item> <el-menu-item index="/admin/user/online">在线用户</el-menu-item>
<el-menu-item index="/admin/user/lockmanager">锁定管理</el-menu-item>
<el-menu-item index="/admin/user/ip_map">IP映射</el-menu-item> <el-menu-item index="/admin/user/ip_map">IP映射</el-menu-item>
</el-submenu> </el-submenu>

894
web/src/pages/group/List.vue
View File

File diff suppressed because it is too large Load Diff

365
web/src/pages/set/Other.vue
View File

@@ -3,11 +3,11 @@
<el-tabs v-model="activeName" @tab-click="handleClick"> <el-tabs v-model="activeName" @tab-click="handleClick">
<el-tab-pane label="邮件配置" name="dataSmtp"> <el-tab-pane label="邮件配置" name="dataSmtp">
<el-form <el-form
:model="dataSmtp" :model="dataSmtp"
ref="dataSmtp" ref="dataSmtp"
:rules="rules" :rules="rules"
label-width="100px" label-width="100px"
class="tab-one" class="tab-one"
> >
<el-form-item label="服务器地址" prop="host"> <el-form-item label="服务器地址" prop="host">
<el-input v-model="dataSmtp.host"></el-input> <el-input v-model="dataSmtp.host"></el-input>
@@ -20,9 +20,9 @@
</el-form-item> </el-form-item>
<el-form-item label="密码" prop="password"> <el-form-item label="密码" prop="password">
<el-input <el-input
type="password" type="password"
v-model="dataSmtp.password" v-model="dataSmtp.password"
placeholder="密码为空则不修改" placeholder="密码为空则不修改"
></el-input> ></el-input>
</el-form-item> </el-form-item>
<el-form-item label="加密类型" prop="encryption"> <el-form-item label="加密类型" prop="encryption">
@@ -37,7 +37,8 @@
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-button type="primary" @click="submitForm('dataSmtp')" <el-button type="primary" @click="submitForm('dataSmtp')"
>保存</el-button >保存
</el-button
> >
<el-button @click="resetForm('dataSmtp')">重置</el-button> <el-button @click="resetForm('dataSmtp')">重置</el-button>
</el-form-item> </el-form-item>
@@ -46,19 +47,19 @@
<el-tab-pane label="审计日志" name="dataAuditLog"> <el-tab-pane label="审计日志" name="dataAuditLog">
<el-form <el-form
:model="dataAuditLog" :model="dataAuditLog"
ref="dataAuditLog" ref="dataAuditLog"
:rules="rules" :rules="rules"
label-width="100px" label-width="100px"
class="tab-one" class="tab-one"
> >
<el-form-item label="审计去重间隔" prop="audit_interval"> <el-form-item label="审计去重间隔" prop="audit_interval">
<el-input-number <el-input-number
v-model="dataAuditLog.audit_interval" v-model="dataAuditLog.audit_interval"
:min="-1" :min="-1"
size="small" size="small"
label="秒" label="秒"
:disabled="true" :disabled="true"
></el-input-number> ></el-input-number>
<p class="input_tip"> <p class="input_tip">
@@ -68,11 +69,11 @@
</el-form-item> </el-form-item>
<el-form-item label="存储时长" prop="life_day"> <el-form-item label="存储时长" prop="life_day">
<el-input-number <el-input-number
v-model="dataAuditLog.life_day" v-model="dataAuditLog.life_day"
:min="0" :min="0"
:max="365" :max="365"
size="small" size="small"
label="天数" label="天数"
></el-input-number> ></el-input-number>
<p class="input_tip"> <p class="input_tip">
@@ -82,22 +83,23 @@
</el-form-item> </el-form-item>
<el-form-item label="清理时间" prop="clear_time"> <el-form-item label="清理时间" prop="clear_time">
<el-time-select <el-time-select
v-model="dataAuditLog.clear_time" v-model="dataAuditLog.clear_time"
:picker-options="{ :picker-options="{
start: '00:00', start: '00:00',
step: '01:00', step: '01:00',
end: '23:00', end: '23:00',
}" }"
editable="false," :editable="false"
size="small" size="small"
placeholder="请选择" placeholder="请选择"
style="width: 130px" style="width: 130px"
> >
</el-time-select> </el-time-select>
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-button type="primary" @click="submitForm('dataAuditLog')" <el-button type="primary" @click="submitForm('dataAuditLog')"
>保存</el-button >保存
</el-button
> >
<el-button @click="resetForm('dataAuditLog')">重置</el-button> <el-button @click="resetForm('dataAuditLog')">重置</el-button>
</el-form-item> </el-form-item>
@@ -105,33 +107,34 @@
</el-tab-pane> </el-tab-pane>
<el-tab-pane label="证书设置" name="datacertManage"> <el-tab-pane label="证书设置" name="datacertManage">
<el-tabs <el-tabs
tab-position="left" tab-position="left"
v-model="datacertManage" v-model="datacertManage"
@tab-click="handleClick" @tab-click="handleClick"
> >
<el-tab-pane label="自定义证书" name="customCert"> <el-tab-pane label="自定义证书" name="customCert">
<el-form <el-form
ref="customCert" ref="customCert"
:model="customCert" :model="customCert"
label-width="100px" label-width="100px"
size="small" size="small"
class="tab-one" class="tab-one"
> >
<el-form-item> <el-form-item>
<el-upload <el-upload
class="uploadCert" class="uploadCert"
:before-upload="beforeCertUpload" :before-upload="beforeCertUpload"
:action="certUpload" :action="certUpload"
:limit="1" :limit="1"
> >
<el-button size="mini" icon="el-icon-plus" slot="trigger" <el-button size="mini" icon="el-icon-plus" slot="trigger"
>证书文件</el-button >证书文件
</el-button
> >
<el-tooltip <el-tooltip
class="item" class="item"
effect="dark" effect="dark"
content="请上传 .pem 格式的 cert 文件" content="请上传 .pem 格式的 cert 文件"
placement="top" placement="top"
> >
<i class="el-icon-info"></i> <i class="el-icon-info"></i>
</el-tooltip> </el-tooltip>
@@ -139,19 +142,20 @@
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-upload <el-upload
class="uploadCert" class="uploadCert"
:before-upload="beforeKeyUpload" :before-upload="beforeKeyUpload"
:action="certUpload" :action="certUpload"
:limit="1" :limit="1"
> >
<el-button size="mini" icon="el-icon-plus" slot="trigger" <el-button size="mini" icon="el-icon-plus" slot="trigger"
>私钥文件</el-button >私钥文件
</el-button
> >
<el-tooltip <el-tooltip
class="item" class="item"
effect="dark" effect="dark"
content="请上传 .pem 格式的 key 文件" content="请上传 .pem 格式的 key 文件"
placement="top" placement="top"
> >
<i class="el-icon-info"></i> <i class="el-icon-info"></i>
</el-tooltip> </el-tooltip>
@@ -159,23 +163,24 @@
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-button <el-button
size="small" size="small"
icon="el-icon-upload" icon="el-icon-upload"
type="primary" type="primary"
@click="submitForm('customCert')" @click="submitForm('customCert')"
>上传</el-button >上传
</el-button
> >
</el-form-item> </el-form-item>
</el-form> </el-form>
</el-tab-pane> </el-tab-pane>
<el-tab-pane label="Let's Encrypt证书" name="letsCert"> <el-tab-pane label="Let's Encrypt证书" name="letsCert">
<el-form <el-form
:model="letsCert" :model="letsCert"
ref="letsCert" ref="letsCert"
:rules="rules" :rules="rules"
label-width="120px" label-width="120px"
size="small" size="small"
class="tab-one" class="tab-one"
> >
<el-form-item label="域名" prop="domain"> <el-form-item label="域名" prop="domain">
<el-input v-model="letsCert.domain"></el-input> <el-input v-model="letsCert.domain"></el-input>
@@ -191,30 +196,31 @@
</el-radio-group> </el-radio-group>
</el-form-item> </el-form-item>
<el-form-item <el-form-item
v-for="component in dnsProvider[letsCert.name]" v-for="component in dnsProvider[letsCert.name]"
:key="component.prop" :key="component.prop"
:label="component.label" :label="component.label"
:rules="component.rules" :rules="component.rules"
> >
<component <component
:is="component.component" :is="component.component"
:type="component.type" :type="component.type"
v-model="letsCert[letsCert.name][component.prop]" v-model="letsCert[letsCert.name][component.prop]"
></component> ></component>
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-switch <el-switch
style="display: block" style="display: block"
v-model="letsCert.renew" v-model="letsCert.renew"
active-color="#13ce66" active-color="#13ce66"
inactive-color="#ff4949" inactive-color="#ff4949"
inactive-text="自动续期" inactive-text="自动续期"
> >
</el-switch> </el-switch>
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-button type="primary" @click="submitForm('letsCert')" <el-button type="primary" @click="submitForm('letsCert')"
>申请</el-button >申请
</el-button
> >
<el-button @click="resetForm('letsCert')">重置</el-button> <el-button @click="resetForm('letsCert')">重置</el-button>
</el-form-item> </el-form-item>
@@ -224,11 +230,11 @@
</el-tab-pane> </el-tab-pane>
<el-tab-pane label="其他设置" name="dataOther"> <el-tab-pane label="其他设置" name="dataOther">
<el-form <el-form
:model="dataOther" :model="dataOther"
ref="dataOther" ref="dataOther"
:rules="rules" :rules="rules"
label-width="100px" label-width="130px"
class="tab-one" class="tab-one"
> >
<el-form-item label="vpn对外地址" prop="link_addr"> <el-form-item label="vpn对外地址" prop="link_addr">
<el-input placeholder="请输入内容" v-model="dataOther.link_addr"> <el-input placeholder="请输入内容" v-model="dataOther.link_addr">
@@ -237,49 +243,58 @@
<el-form-item label="Banner信息" prop="banner"> <el-form-item label="Banner信息" prop="banner">
<el-input <el-input
type="textarea" type="textarea"
:rows="5" :rows="5"
placeholder="请输入内容" placeholder="请输入内容"
v-model="dataOther.banner" v-model="dataOther.banner"
> >
</el-input> </el-input>
</el-form-item> </el-form-item>
<el-form-item label="自定义首页状态码" prop="homecode">
<el-input-number
v-model="dataOther.homecode"
:min="0"
:max="1000"
></el-input-number>
</el-form-item>
<el-form-item label="自定义首页" prop="homeindex"> <el-form-item label="自定义首页" prop="homeindex">
<el-input <el-input
type="textarea" type="textarea"
:rows="10" :rows="10"
placeholder="请输入内容" placeholder="请输入内容"
v-model="dataOther.homeindex" v-model="dataOther.homeindex"
> >
</el-input> </el-input>
<el-tooltip content="自定义内容可以参考 home 目录下的文件" placement="top"> <el-tooltip content="自定义内容可以参考 index_template 目录下的文件" placement="top">
<i class="el-icon-question"></i> <i class="el-icon-question"></i>
</el-tooltip> </el-tooltip>
</el-form-item> </el-form-item>
<el-form-item label="账户开通邮件" prop="account_mail"> <el-form-item label="账户开通邮件模板" prop="account_mail">
<el-input <el-input
type="textarea" type="textarea"
:rows="10" :rows="10"
placeholder="请输入内容" placeholder="请输入内容"
v-model="dataOther.account_mail" v-model="dataOther.account_mail"
> >
</el-input> </el-input>
</el-form-item> </el-form-item>
<el-form-item label="邮件展示"> <el-form-item label="邮件展示">
<iframe <iframe
width="500px" width="500px"
height="300px" height="300px"
:srcdoc="dataOther.account_mail" :srcdoc="dataOther.account_mail"
> >
</iframe> </iframe>
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-button type="primary" @click="submitForm('dataOther')" <el-button type="primary" @click="submitForm('dataOther')"
>保存</el-button >保存
</el-button
> >
<el-button @click="resetForm('dataOther')">重置</el-button> <el-button @click="resetForm('dataOther')">重置</el-button>
</el-form-item> </el-form-item>
@@ -324,19 +339,19 @@ export default {
authToken: "", authToken: "",
}, },
}, },
customCert: { cert: "", key: "" }, customCert: {cert: "", key: ""},
dataOther: {}, dataOther: {},
rules: { rules: {
host: { required: true, message: "请输入服务器地址", trigger: "blur" }, host: {required: true, message: "请输入服务器地址", trigger: "blur"},
port: [ port: [
{ required: true, message: "请输入服务器端口", trigger: "blur" }, {required: true, message: "请输入服务器端口", trigger: "blur"},
{ {
type: "number", type: "number",
message: "请输入正确的服务器端口", message: "请输入正确的服务器端口",
trigger: ["blur", "change"], trigger: ["blur", "change"],
}, },
], ],
issuer: { required: true, message: "请输入系统名称", trigger: "blur" }, issuer: {required: true, message: "请输入系统名称", trigger: "blur"},
domain: { domain: {
required: true, required: true,
message: "请输入需要申请证书的域名", message: "请输入需要申请证书的域名",
@@ -347,7 +362,7 @@ export default {
message: "请输入申请证书的邮箱地址", message: "请输入申请证书的邮箱地址",
trigger: "blur", trigger: "blur",
}, },
name: { required: true, message: "请选择域名服务商", trigger: "blur" }, name: {required: true, message: "请选择域名服务商", trigger: "blur"},
}, },
certUpload: "/set/other/customcert", certUpload: "/set/other/customcert",
dnsProvider: { dnsProvider: {
@@ -449,71 +464,71 @@ export default {
}, },
getSmtp() { getSmtp() {
axios axios
.get("/set/other/smtp") .get("/set/other/smtp")
.then((resp) => { .then((resp) => {
let rdata = resp.data; let rdata = resp.data;
console.log(rdata); console.log(rdata);
if (rdata.code !== 0) { if (rdata.code !== 0) {
this.$message.error(rdata.msg); this.$message.error(rdata.msg);
return; return;
} }
this.dataSmtp = rdata.data; this.dataSmtp = rdata.data;
}) })
.catch((error) => { .catch((error) => {
this.$message.error("哦,请求出错"); this.$message.error("哦,请求出错");
console.log(error); console.log(error);
}); });
}, },
getAuditLog() { getAuditLog() {
axios axios
.get("/set/other/audit_log") .get("/set/other/audit_log")
.then((resp) => { .then((resp) => {
let rdata = resp.data; let rdata = resp.data;
console.log(rdata); console.log(rdata);
if (rdata.code !== 0) { if (rdata.code !== 0) {
this.$message.error(rdata.msg); this.$message.error(rdata.msg);
return; return;
} }
this.dataAuditLog = rdata.data; this.dataAuditLog = rdata.data;
}) })
.catch((error) => { .catch((error) => {
this.$message.error("哦,请求出错"); this.$message.error("哦,请求出错");
console.log(error); console.log(error);
}); });
}, },
getletsCert() { getletsCert() {
axios axios
.get("/set/other/getcertset") .get("/set/other/getcertset")
.then((resp) => { .then((resp) => {
let rdata = resp.data; let rdata = resp.data;
console.log(rdata); console.log(rdata);
if (rdata.code !== 0) { if (rdata.code !== 0) {
this.$message.error(rdata.msg); this.$message.error(rdata.msg);
return; return;
} }
this.letsCert = Object.assign({}, this.letsCert, rdata.data); this.letsCert = Object.assign({}, this.letsCert, rdata.data);
}) })
.catch((error) => { .catch((error) => {
this.$message.error("哦,请求出错"); this.$message.error("哦,请求出错");
console.log(error); console.log(error);
}); });
}, },
getOther() { getOther() {
axios axios
.get("/set/other") .get("/set/other")
.then((resp) => { .then((resp) => {
let rdata = resp.data; let rdata = resp.data;
console.log(rdata); console.log(rdata);
if (rdata.code !== 0) { if (rdata.code !== 0) {
this.$message.error(rdata.msg); this.$message.error(rdata.msg);
return; return;
} }
this.dataOther = rdata.data; this.dataOther = rdata.data;
}) })
.catch((error) => { .catch((error) => {
this.$message.error("哦,请求出错"); this.$message.error("哦,请求出错");
console.log(error); console.log(error);
}); });
}, },
submitForm(formName) { submitForm(formName) {
this.$refs[formName].validate((valid) => { this.$refs[formName].validate((valid) => {
@@ -535,16 +550,16 @@ export default {
break; break;
case "dataAuditLog": case "dataAuditLog":
axios axios
.post("/set/other/audit_log/edit", this.dataAuditLog) .post("/set/other/audit_log/edit", this.dataAuditLog)
.then((resp) => { .then((resp) => {
var rdata = resp.data; var rdata = resp.data;
console.log(rdata); console.log(rdata);
if (rdata.code === 0) { if (rdata.code === 0) {
this.$message.success(rdata.msg); this.$message.success(rdata.msg);
} else { } else {
this.$message.error(rdata.msg); this.$message.error(rdata.msg);
} }
}); });
break; break;
case "letsCert": case "letsCert":
var loading = this.$loading({ var loading = this.$loading({

1
web/src/pages/set/System.vue
View File

@@ -50,6 +50,7 @@
</div> </div>
<Cell left="软件版本" :right="system.sys.appVersion" divider/> <Cell left="软件版本" :right="system.sys.appVersion" divider/>
<Cell left="软件CommitId" :right="system.sys.appCommitId" divider/> <Cell left="软件CommitId" :right="system.sys.appCommitId" divider/>
<Cell left="软件BuildDate" :right="system.sys.appBuildDate" divider/>
<Cell left="GO系统" :right="system.sys.goOs" divider/> <Cell left="GO系统" :right="system.sys.goOs" divider/>
<Cell left="GoArch" :right="system.sys.goArch" divider/> <Cell left="GoArch" :right="system.sys.goArch" divider/>
<Cell left="GO版本" :right="system.sys.goVersion" divider/> <Cell left="GO版本" :right="system.sys.goVersion" divider/>

1
web/src/pages/user/IpMap.vue
View File

@@ -48,6 +48,7 @@
label="唯一MAC"> label="唯一MAC">
<template slot-scope="scope"> <template slot-scope="scope">
<el-tag v-if="scope.row.unique_mac" type="success"></el-tag> <el-tag v-if="scope.row.unique_mac" type="success"></el-tag>
<el-tag v-else type="info"></el-tag>
</template> </template>
</el-table-column> </el-table-column>

165
web/src/pages/user/List.vue
View File

@@ -3,22 +3,13 @@
<el-card> <el-card>
<el-form :inline="true"> <el-form :inline="true">
<el-form-item> <el-form-item>
<el-button <el-button size="small" type="primary" icon="el-icon-plus" @click="handleEdit('')">添加
size="small"
type="primary"
icon="el-icon-plus"
@click="handleEdit('')">添加
</el-button> </el-button>
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-dropdown size="small" placement="bottom"> <el-dropdown size="small" placement="bottom">
<el-upload <el-upload class="uploaduser" action="uploaduser" accept=".xlsx, .xls" :http-request="upLoadUser" :limit="1"
class="uploaduser" :show-file-list="false">
action="uploaduser"
accept=".xlsx, .xls"
:http-request="upLoadUser"
:limit="1"
:show-file-list="false">
<el-button size="small" icon="el-icon-upload2" type="primary">批量添加</el-button> <el-button size="small" icon="el-icon-upload2" type="primary">批量添加</el-button>
</el-upload> </el-upload>
<el-dropdown-menu slot="dropdown"> <el-dropdown-menu slot="dropdown">
@@ -32,79 +23,45 @@
</el-form-item> </el-form-item>
<el-form-item label="用户名或姓名或邮箱:"> <el-form-item label="用户名或姓名或邮箱:">
<el-input size="small" v-model="searchData" placeholder="请输入内容" <el-input size="small" v-model="searchData" placeholder="请输入内容"
@keydown.enter.native="searchEnterFun"></el-input> @keydown.enter.native="searchEnterFun"></el-input>
</el-form-item> </el-form-item>
<el-form-item> <el-form-item>
<el-button <el-button size="small" type="primary" icon="el-icon-search" @click="handleSearch()">搜索
size="small"
type="primary"
icon="el-icon-search"
@click="handleSearch()">搜索
</el-button> </el-button>
<el-button <el-button size="small" icon="el-icon-refresh" @click="reset">重置搜索
size="small"
icon="el-icon-refresh"
@click="reset">重置搜索
</el-button> </el-button>
</el-form-item> </el-form-item>
</el-form> </el-form>
<el-table <el-table ref="multipleTable" :data="tableData" border>
ref="multipleTable"
:data="tableData"
border>
<el-table-column <el-table-column sortable="true" prop="id" label="ID" width="60">
sortable="true"
prop="id"
label="ID"
width="60">
</el-table-column> </el-table-column>
<el-table-column <el-table-column prop="username" label="用户名" width="150">
prop="username"
label="用户名"
width="150">
</el-table-column> </el-table-column>
<el-table-column <el-table-column prop="nickname" label="姓名" width="100">
prop="nickname"
label="姓名"
width="100">
</el-table-column> </el-table-column>
<el-table-column <el-table-column prop="email" label="邮箱">
prop="email"
label="邮箱">
</el-table-column> </el-table-column>
<el-table-column <el-table-column prop="otp_secret" label="OTP密钥" width="110">
prop="otp_secret"
label="OTP密钥"
width="110">
<template slot-scope="scope"> <template slot-scope="scope">
<el-button <el-button v-if="!scope.row.disable_otp" type="text" icon="el-icon-view" @click="getOtpImg(scope.row)">
v-if="!scope.row.disable_otp"
type="text"
icon="el-icon-view"
@click="getOtpImg(scope.row)">
{{ scope.row.otp_secret.substring(0, 6) }} {{ scope.row.otp_secret.substring(0, 6) }}
</el-button> </el-button>
</template> </template>
</el-table-column> </el-table-column>
<el-table-column <el-table-column prop="groups" label="用户组">
prop="groups"
label="用户组">
<template slot-scope="scope"> <template slot-scope="scope">
<el-row v-for="item in scope.row.groups" :key="item">{{ item }}</el-row> <el-row v-for="item in scope.row.groups" :key="item">{{ item }}</el-row>
</template> </template>
</el-table-column> </el-table-column>
<el-table-column <el-table-column prop="status" label="状态" width="70">
prop="status"
label="状态"
width="70">
<template slot-scope="scope"> <template slot-scope="scope">
<el-tag v-if="scope.row.status === 1" type="success">可用</el-tag> <el-tag v-if="scope.row.status === 1" type="success">可用</el-tag>
<el-tag v-if="scope.row.status === 0" type="danger">停用</el-tag> <el-tag v-if="scope.row.status === 0" type="danger">停用</el-tag>
@@ -112,20 +69,12 @@
</template> </template>
</el-table-column> </el-table-column>
<el-table-column <el-table-column prop="updated_at" label="更新时间" :formatter="tableDateFormat">
prop="updated_at"
label="更新时间"
:formatter="tableDateFormat">
</el-table-column> </el-table-column>
<el-table-column <el-table-column label="操作" width="210">
label="操作"
width="210">
<template slot-scope="scope"> <template slot-scope="scope">
<el-button <el-button size="mini" type="primary" @click="handleEdit(scope.row)">编辑
size="mini"
type="primary"
@click="handleEdit(scope.row)">编辑
</el-button> </el-button>
<!-- <el-popconfirm <!-- <el-popconfirm
@@ -139,14 +88,8 @@
</el-button> </el-button>
</el-popconfirm>--> </el-popconfirm>-->
<el-popconfirm <el-popconfirm class="m-left-10" @confirm="handleDel(scope.row)" title="确定要删除用户吗?">
class="m-left-10" <el-button slot="reference" size="mini" type="danger">删除
@confirm="handleDel(scope.row)"
title="确定要删除用户吗?">
<el-button
slot="reference"
size="mini"
type="danger">删除
</el-button> </el-button>
</el-popconfirm> </el-popconfirm>
@@ -156,34 +99,20 @@
<div class="sh-20"></div> <div class="sh-20"></div>
<el-pagination <el-pagination background layout="prev, pager, next" :pager-count="11" @current-change="pageChange"
background :current-page="page" :total="count">
layout="prev, pager, next"
:pager-count="11"
@current-change="pageChange"
:current-page="page"
:total="count">
</el-pagination> </el-pagination>
</el-card> </el-card>
<el-dialog <el-dialog title="OTP密钥" :visible.sync="otpImgData.visible" width="350px" center>
title="OTP密钥"
:visible.sync="otpImgData.visible"
width="350px"
center>
<div style="text-align: center">{{ otpImgData.username }} : {{ otpImgData.nickname }}</div> <div style="text-align: center">{{ otpImgData.username }} : {{ otpImgData.nickname }}</div>
<img :src="otpImgData.base64Img" alt="otp-img"/> <img :src="otpImgData.base64Img" alt="otp-img" />
</el-dialog> </el-dialog>
<!--新增修改弹出框--> <!--新增修改弹出框-->
<el-dialog <el-dialog :close-on-click-modal="false" title="用户" :visible="user_edit_dialog" @close="disVisible" width="650px"
:close-on-click-modal="false" center>
title="用户"
:visible="user_edit_dialog"
@close="disVisible"
width="650px"
center>
<el-form :model="ruleForm" :rules="rules" ref="ruleForm" label-width="100px" class="ruleForm"> <el-form :model="ruleForm" :rules="rules" ref="ruleForm" label-width="100px" class="ruleForm">
<el-form-item label="用户ID" prop="id"> <el-form-item label="用户ID" prop="id">
@@ -204,20 +133,13 @@
</el-form-item> </el-form-item>
<el-form-item label="过期时间" prop="limittime"> <el-form-item label="过期时间" prop="limittime">
<el-date-picker <el-date-picker v-model="ruleForm.limittime" type="date" size="small" align="center" style="width:130px"
v-model="ruleForm.limittime" :picker-options="pickerOptions" placeholder="选择日期">
type="date"
size="small"
align="center"
style="width:130px"
:picker-options="pickerOptions"
placeholder="选择日期">
</el-date-picker> </el-date-picker>
</el-form-item> </el-form-item>
<el-form-item label="禁用OTP" prop="disable_otp"> <el-form-item label="禁用OTP" prop="disable_otp">
<el-switch <el-switch v-model="ruleForm.disable_otp" active-text="开启OTP后用户密码为PIN码,OTP密码为扫码后生成的动态码">
v-model="ruleForm.disable_otp">
</el-switch> </el-switch>
</el-form-item> </el-form-item>
@@ -232,8 +154,7 @@
</el-form-item> </el-form-item>
<el-form-item label="发送邮件" prop="send_email"> <el-form-item label="发送邮件" prop="send_email">
<el-switch <el-switch v-model="ruleForm.send_email">
v-model="ruleForm.send_email">
</el-switch> </el-switch>
</el-form-item> </el-form-item>
@@ -285,7 +206,7 @@ export default {
} }
}, },
searchData: '', searchData: '',
otpImgData: {visible: false, username: '', nickname: '', base64Img: ''}, otpImgData: { visible: false, username: '', nickname: '', base64Img: '' },
ruleForm: { ruleForm: {
send_email: true, send_email: true,
status: 1, status: 1,
@@ -293,30 +214,30 @@ export default {
}, },
rules: { rules: {
username: [ username: [
{required: true, message: '请输入用户名', trigger: 'blur'}, { required: true, message: '请输入用户名', trigger: 'blur' },
{max: 50, message: '长度小于 50 个字符', trigger: 'blur'} { max: 50, message: '长度小于 50 个字符', trigger: 'blur' }
], ],
nickname: [ nickname: [
{required: true, message: '请输入用户姓名', trigger: 'blur'} { required: true, message: '请输入用户姓名', trigger: 'blur' }
], ],
email: [ email: [
{required: true, message: '请输入用户邮箱', trigger: 'blur'}, { required: true, message: '请输入用户邮箱', trigger: 'blur' },
{type: 'email', message: '请输入正确的邮箱地址', trigger: ['blur', 'change']} { type: 'email', message: '请输入正确的邮箱地址', trigger: ['blur', 'change'] }
], ],
password: [ password: [
{min: 6, message: '长度大于 6 个字符', trigger: 'blur'} { min: 6, message: '长度大于 6 个字符', trigger: 'blur' }
], ],
pin_code: [ pin_code: [
{min: 6, message: 'PIN码大于 6 个字符', trigger: 'blur'} { min: 6, message: 'PIN码大于 6 个字符', trigger: 'blur' }
], ],
date1: [ date1: [
{type: 'date', required: true, message: '请选择日期', trigger: 'change'} { type: 'date', required: true, message: '请选择日期', trigger: 'change' }
], ],
groups: [ groups: [
{type: 'array', required: true, message: '请至少选择一个组', trigger: 'change'} { type: 'array', required: true, message: '请至少选择一个组', trigger: 'change' }
], ],
status: [ status: [
{required: true} { required: true }
], ],
}, },
} }
@@ -472,6 +393,4 @@ export default {
} }
</script> </script>
<style scoped> <style scoped></style>
</style>

109
web/src/pages/user/LockManager.vue Normal file
View File

@@ -0,0 +1,109 @@
<template>
<div id="lock-manager">
<el-card>
<div slot="header">
<el-button type="primary" @click="getLocks">刷新信息</el-button>
</div>
<el-table :data="locksInfo" style="width: 100%" border>
<el-table-column type="index" label="序号" width="60"></el-table-column>
<el-table-column prop="description" label="描述"></el-table-column>
<el-table-column prop="username" label="用户名"></el-table-column>
<el-table-column prop="ip" label="IP地址"></el-table-column>
<el-table-column prop="state.locked" label="状态" width="100">
<template slot-scope="scope">
<el-tag :type="scope.row.state.locked ? 'danger' : 'success'">
{{ scope.row.state.locked ? '已锁定' : '未锁定' }}
</el-tag>
</template>
</el-table-column>
<el-table-column prop="state.attempts" label="失败次数"></el-table-column>
<el-table-column prop="state.lock_time" label="锁定截止时间">
<template slot-scope="scope">
{{ formatDate(scope.row.state.lock_time) }}
</template>
</el-table-column>
<el-table-column prop="state.lastAttempt" label="最后尝试时间">
<template slot-scope="scope">
{{ formatDate(scope.row.state.lastAttempt) }}
</template>
</el-table-column>
<el-table-column label="操作">
<template slot-scope="scope">
<div class="button">
<el-button size="small" type="danger" @click="unlock(scope.row)">
解锁
</el-button>
</div>
</template>
</el-table-column>
</el-table>
</el-card>
</div>
</template>
<script>
import axios from 'axios';
export default {
name: 'LockManager',
data() {
return {
locksInfo: []
};
},
methods: {
getLocks() {
axios.get('/locksinfo/list')
.then(response => {
this.locksInfo = response.data.data;
})
.catch(error => {
console.error('Failed to get locks info:', error);
this.$message.error('无法获取锁信息,请稍后再试。');
});
},
unlock(lock) {
const lockInfo = {
state: { locked: false },
username: lock.username,
ip: lock.ip,
description: lock.description
};
axios.post('/locksinfo/unlok', lockInfo)
.then(() => {
this.$message.success('解锁成功!');
this.getLocks();
})
.catch(error => {
console.error('Failed to unlock:', error);
this.$message.error('解锁失败,请稍后再试。');
});
},
formatDate(dateString) {
if (!dateString) return '';
const date = new Date(dateString);
return new Intl.DateTimeFormat('zh-CN', {
year: 'numeric',
month: '2-digit',
day: '2-digit',
hour: '2-digit',
minute: '2-digit',
second: '2-digit',
hour12: false
}).format(date);
}
},
created() {
this.getLocks();
}
};
</script>
<style scoped>
.button {
display: flex;
justify-content: center;
align-items: center;
}
</style>

130
web/src/pages/user/Online.vue
View File

@@ -1,6 +1,59 @@
<template> <template>
<div> <div>
<el-card> <el-card>
<el-form :inline="true">
<el-form-item>
<el-select
v-model="searchCate"
style="width: 86px;"
@change="handleSearch">
<el-option
label="用户名"
value="username">
</el-option>
<el-option
label="登录组"
value="group">
</el-option>
<el-option
label="MAC地址"
value="mac_addr">
</el-option>
<el-option
label="IP地址"
value="ip">
</el-option>
<el-option
label="远端地址"
value="remote_addr">
</el-option>
</el-select>
</el-form-item>
<el-form-item>
<el-input
v-model="searchText"
placeholder="请输入搜索内容"
@input="handleSearch">
</el-input>
</el-form-item>
<el-form-item>
显示休眠用户
<el-switch
v-model="showSleeper"
@change="handleSearch">
</el-switch>
</el-form-item>
<el-form-item>
<el-button
class="extra-small-button"
type="danger"
size="mini"
:loading="loadingOneOffline"
@click="handleOneOffline">
一键下线
</el-button>
</el-form>
<el-table <el-table
ref="multipleTable" ref="multipleTable"
:data="tableData" :data="tableData"
@@ -20,19 +73,20 @@
<el-table-column <el-table-column
prop="group" prop="group"
label="登组"> label="登组">
</el-table-column> </el-table-column>
<el-table-column <el-table-column
prop="mac_addr" prop="mac_addr"
label="MAC地址"> label="MAC地址">
</el-table-column> </el-table-column>
<el-table-column <el-table-column
prop="unique_mac" prop="unique_mac"
label="唯一MAC"> label="唯一MAC">
<template slot-scope="scope"> <template slot-scope="scope">
<el-tag v-if="scope.row.unique_mac" type="success"></el-tag> <el-tag v-if="scope.row.unique_mac" type="success"></el-tag>
<el-tag v-else type="info"></el-tag>
</template> </template>
</el-table-column> </el-table-column>
@@ -46,7 +100,10 @@
prop="remote_addr" prop="remote_addr"
label="远端地址"> label="远端地址">
</el-table-column> </el-table-column>
<el-table-column
prop="transport_protocol"
label="传输协议">
</el-table-column>
<el-table-column <el-table-column
prop="tun_name" prop="tun_name"
label="虚拟网卡"> label="虚拟网卡">
@@ -67,7 +124,6 @@
</el-table-column> </el-table-column>
<el-table-column <el-table-column
prop="status"
label="实时 上行/下行" label="实时 上行/下行"
width="220"> width="220">
<template slot-scope="scope"> <template slot-scope="scope">
@@ -77,7 +133,6 @@
</el-table-column> </el-table-column>
<el-table-column <el-table-column
prop="status"
label="总量 上行/下行" label="总量 上行/下行"
width="200"> width="200">
<template slot-scope="scope"> <template slot-scope="scope">
@@ -88,7 +143,7 @@
<el-table-column <el-table-column
prop="last_login" prop="last_login"
label="登时间" label="登时间"
:formatter="tableDateFormat"> :formatter="tableDateFormat">
</el-table-column> </el-table-column>
@@ -99,6 +154,7 @@
<el-button <el-button
size="mini" size="mini"
type="primary" type="primary"
v-if="scope.row.remote_addr !== ''"
@click="handleReline(scope.row)">重连 @click="handleReline(scope.row)">重连
</el-button> </el-button>
@@ -123,6 +179,7 @@
<script> <script>
import axios from "axios"; import axios from "axios";
import { MessageBox } from 'element-ui';
export default { export default {
name: "Online", name: "Online",
@@ -147,6 +204,10 @@ export default {
data() { data() {
return { return {
tableData: [], tableData: [],
searchCate: 'username',
searchText: '',
showSleeper: false,
loadingOneOffline: false,
} }
}, },
methods: { methods: {
@@ -185,8 +246,43 @@ export default {
handleEdit(a, row) { handleEdit(a, row) {
console.log(a, row) console.log(a, row)
}, },
handleOneOffline() {
if (this.tableData === null || this.tableData.length === 0) {
this.$message.error('错误:当前在线用户表为空,无法执行一键下线操作!');
return;
}
MessageBox.confirm('当前搜索条件下的所有用户将会“下线”,你确定执行吗?', '危险', {
confirmButtonText: '确定',
cancelButtonText: '取消',
type: 'danger'
}).then(() => {
try {
this.loadingOneOffline = true;
this.getData();
this.$message.success('操作成功');
this.loadingOneOffline = false;
// 清空当前表格
this.tableData = [];
} catch (error) {
this.loadingOneOffline = false;
this.$message.error('操作失败');
}
});
},
handleSearch() {
this.getData();
},
getData() { getData() {
axios.get('/user/online').then(resp => { axios.get('/user/online',
{
params: {
search_cate: this.searchCate,
search_text: this.searchText,
show_sleeper: this.showSleeper,
one_offline: this.loadingOneOffline
}
}
).then(resp => {
var data = resp.data.data var data = resp.data.data
console.log(data); console.log(data);
this.tableData = data.datas; this.tableData = data.datas;
@@ -201,5 +297,23 @@ export default {
</script> </script>
<style scoped> <style scoped>
/deep/ .el-form .el-form-item__label,
/deep/ .el-form .el-form-item__content,
/deep/ .el-form .el-input,
/deep/ .el-form .el-select,
/deep/ .el-form .el-button,
/deep/ .el-form .el-select-dropdown__item {
font-size: 11px;
}
.el-select-dropdown .el-select-dropdown__item {
font-size: 11px;
padding: 0 10px;
}
/deep/ .el-input__inner{
height: 30px;
padding: 0 10px;
}
.extra-small-button {
padding: 5px 10px;
}
</style> </style>

2
web/src/plugins/request.js
View File

@@ -7,7 +7,7 @@ axios.defaults.headers.post['Content-Type'] = 'application/x-www-form-urlencoded
if (process.env.NODE_ENV !== 'production') { if (process.env.NODE_ENV !== 'production') {
// 开发环境 // 开发环境
axios.defaults.baseURL = 'http://172.23.83.233:8800'; axios.defaults.baseURL = 'https://192.168.8.24:8800';
} }
function request(vm) { function request(vm) {

29
web/src/plugins/router.js
View File

@@ -1,35 +1,36 @@
import Vue from "vue"; import Vue from "vue";
import VueRouter from "vue-router"; import VueRouter from "vue-router";
import {getToken} from "./token"; import { getToken } from "./token";
Vue.use(VueRouter) Vue.use(VueRouter)
const routes = [ const routes = [
{path: '/login', component: () => import('@/pages/Login')}, { path: '/login', component: () => import('@/pages/Login') },
{ {
path: '/admin', path: '/admin',
component: () => import('@/layout/Layout'), component: () => import('@/layout/Layout'),
redirect: '/admin/home', redirect: '/admin/home',
children: [ children: [
{path: 'home', component: () => import('@/pages/Home')}, { path: 'home', component: () => import('@/pages/Home') },
{path: 'set/system', component: () => import('@/pages/set/System')}, { path: 'set/system', component: () => import('@/pages/set/System') },
{path: 'set/soft', component: () => import('@/pages/set/Soft')}, { path: 'set/soft', component: () => import('@/pages/set/Soft') },
{path: 'set/other', component: () => import('@/pages/set/Other')}, { path: 'set/other', component: () => import('@/pages/set/Other') },
{path: 'set/audit', component: () => import('@/pages/set/Audit')}, { path: 'set/audit', component: () => import('@/pages/set/Audit') },
{path: 'user/list', component: () => import('@/pages/user/List')}, { path: 'user/list', component: () => import('@/pages/user/List') },
{path: 'user/policy', component: () => import('@/pages/user/Policy')}, { path: 'user/policy', component: () => import('@/pages/user/Policy') },
{path: 'user/online', component: () => import('@/pages/user/Online')}, { path: 'user/online', component: () => import('@/pages/user/Online') },
{path: 'user/ip_map', component: () => import('@/pages/user/IpMap')}, { path: 'user/ip_map', component: () => import('@/pages/user/IpMap') },
{ path: 'user/lockmanager', component: () => import('@/pages/user/LockManager') },
{path: 'group/list', component: () => import('@/pages/group/List')}, { path: 'group/list', component: () => import('@/pages/group/List') },
], ],
}, },
{path: '*', redirect: '/admin/home'}, { path: '*', redirect: '/admin/home' },
] ]
// 3. 创建 router 实例,然后传 `routes` 配置 // 3. 创建 router 实例,然后传 `routes` 配置
@@ -64,7 +65,7 @@ router.beforeEach((to, from, next) => {
} }
if (to.path === "/login") { if (to.path === "/login") {
next({path: '/admin/home'}); next({ path: '/admin/home' });
return; return;
} }

3963
web/yarn.lock
View File

File diff suppressed because it is too large Load Diff

4
yarn.lock
View File

@@ -1,4 +0,0 @@
# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY.
# yarn lockfile v1