mirror of
https://github.com/bjdgyc/anylink.git
synced 2025-09-28 16:15:17 +08:00
Compare commits
50 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
4b78232e1d | ||
|
|
00c5425990 | ||
|
|
b45d5e4cfa | ||
|
|
e8a8773005 | ||
|
|
2ba3625885 | ||
|
|
567f0e8adb | ||
|
|
ad1885798b | ||
|
|
76779de80a | ||
|
|
5b498cbc59 | ||
|
|
cd21ffd7ab | ||
|
|
415f312f40 | ||
|
|
d796a6850a | ||
|
7160c3cab7 | ||
|
|
52329e8a2b | ||
|
|
cbdf730481 | ||
|
|
a5487771da | ||
|
|
ff9b7c7dcc | ||
|
|
262af4ac8e | ||
|
|
71539ad09c | ||
|
|
8232f79b4a | ||
|
|
7c810d409b | ||
|
|
ed4e324e77 | ||
|
|
726ae20f75 | ||
|
|
00bbbf414d | ||
|
|
57e2f45398 | ||
|
|
01ab115956 | ||
|
|
9a47714f3f | ||
|
|
9d926edabb | ||
|
|
7329603c47 | ||
|
|
a7c6791c1e | ||
|
|
96c95bb6cd | ||
|
|
6d3dab6798 | ||
|
|
b313c6fa00 | ||
|
|
75b138a7a8 | ||
|
|
641d6127ba | ||
|
|
2828d1038d | ||
|
|
cb902a6b9b | ||
|
|
1b066ef602 | ||
|
|
5e804a3483 | ||
|
|
6e0c0efa85 | ||
|
8f196cb4e2 | ||
|
|
9182ccfba2 | ||
|
39d89b8c84 | ||
|
|
24e30509e4 | ||
|
|
4f56ea49c3 | ||
|
|
e55b2b6f0a | ||
|
|
15573a6ef3 | ||
|
|
38b8f0b2aa | ||
|
|
8df34428dd | ||
|
|
26483533a9 |
52
README.md
52
README.md
@@ -23,7 +23,8 @@ AnyLink 是一个企业级远程办公 sslvpn 的软件,可以支持多人同
|
||||
AnyLink 基于 [ietf-openconnect](https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-02)
|
||||
协议开发,并且借鉴了 [ocserv](http://ocserv.gitlab.io/www/index.html) 的开发思路,使其可以同时兼容 AnyConnect 客户端。
|
||||
|
||||
AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以通过 Let's Encrypt 和 TrustAsia 申请免费的 SSL 证书。
|
||||
AnyLink 使用 TLS/DTLS 进行数据加密,因此需要 RSA 或 ECC 证书,可以使用私有自签证书,可以通过 Let's Encrypt 和 TrustAsia
|
||||
申请免费的 SSL 证书。
|
||||
|
||||
AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试通过,如需要安装在其他系统,需要服务端支持 tun/tap
|
||||
功能、ip 设置命令、iptables命令。
|
||||
@@ -47,25 +48,26 @@ AnyLink 服务端仅在 CentOS 7、CentOS 8、Ubuntu 18.04、Ubuntu 20.04 测试
|
||||
> 没有编程基础的同学建议直接下载 release 包,从下面的地址下载 anylink-deploy.tar.gz
|
||||
>
|
||||
> https://github.com/bjdgyc/anylink/releases
|
||||
>
|
||||
>
|
||||
> https://gitee.com/bjdgyc/anylink/releases
|
||||
>
|
||||
> 如果不会安装,可以提供有偿远程协助服务(200 CNY)。添加QQ(68492170)联系我
|
||||
>
|
||||
>
|
||||
> 也可以添加QQ群 咨询群内大佬
|
||||
>
|
||||
> 添加QQ群①(已满): 567510628
|
||||
>
|
||||
> 添加QQ群②: 739072205
|
||||
>
|
||||
> 添加QQ群①: 567510628
|
||||
>
|
||||
> <img src="doc/screenshot/qq2.jpg" width="400" />
|
||||
|
||||
|
||||
### 使用问题
|
||||
|
||||
> 对于测试环境,可以使用 vpn.test.vqilu.cn 绑定host进行测试
|
||||
> 对于测试环境,可以直接进行测试,需要客户端取消勾选【阻止不受信任的服务器(Block connections to untrusted servers)】
|
||||
>
|
||||
> 对于线上环境,必须申请安全的https证书(跟nginx使用的证书类型一致),不支持私有证书连接
|
||||
> 对于线上环境,尽量申请安全的https证书(跟nginx使用的pem证书类型一致)
|
||||
>
|
||||
> 群共享文件有相关客户端软件下载,其他版本没有测试过,不保证使用正常
|
||||
>
|
||||
>
|
||||
> 其他问题 [前往查看](doc/question.md)
|
||||
>
|
||||
> 默认管理后台访问地址 https://host:8800 或 https://域名:8800 默认账号密码 admin 123456
|
||||
@@ -125,7 +127,7 @@ sudo ./anylink
|
||||
- [x] 后台管理界面
|
||||
- [x] 访问权限管理
|
||||
- [x] 用户活动审计功能
|
||||
- [x] IP 访问审计功能
|
||||
- [x] IP 访问审计功能(支持多端口、连续端口)
|
||||
- [x] 域名动态拆分隧道(域名路由功能)
|
||||
- [x] radius认证支持
|
||||
- [x] LDAP认证支持
|
||||
@@ -133,6 +135,8 @@ sudo ./anylink
|
||||
- [x] 流量压缩功能
|
||||
- [x] 出口 IP 自动放行
|
||||
- [x] 支持多服务的配置区分
|
||||
- [x] 支持私有自签证书
|
||||
- [x] 支持内网域名解析(指定的域名走内网dns)
|
||||
- [ ] 基于 ipvtap 设备的桥接访问模式
|
||||
|
||||
## Config
|
||||
@@ -185,7 +189,6 @@ sudo ./anylink
|
||||
>
|
||||
> ubuntu: apt-get install iptables iproute2
|
||||
|
||||
|
||||
### link_mode 设置
|
||||
|
||||
> 以下参数必须设置其中之一
|
||||
@@ -257,11 +260,11 @@ https://cloud.tencent.com/document/product/216/62007
|
||||
1. 设置配置文件
|
||||
|
||||
> macvtap 设置相对比较简单,只需要配置相应的参数即可。
|
||||
>
|
||||
>
|
||||
> 网络要求:需要网络支持 ARP 传输,可通过 ARP 宣告普通内网 IP。
|
||||
>
|
||||
>
|
||||
> 网络限制:云环境下不能使用,网卡mac加白环境不能使用,802.1x认证网络不能使用
|
||||
>
|
||||
>
|
||||
> 以下参数可以通过执行 `ip a` 查看
|
||||
|
||||
|
||||
@@ -329,6 +332,7 @@ ipv4_end = "10.1.2.200"
|
||||
- centos: `/usr/lib/systemd/system/`
|
||||
- ubuntu: `/lib/systemd/system/`
|
||||
3. 操作命令:
|
||||
- 加载配置: `systemctl daemon-reload`
|
||||
- 启动: `systemctl start anylink`
|
||||
- 停止: `systemctl stop anylink`
|
||||
- 开机自启: `systemctl enable anylink`
|
||||
@@ -345,11 +349,24 @@ ipv4_end = "10.1.2.200"
|
||||
|
||||
## Docker
|
||||
|
||||
### anylink 镜像地址
|
||||
|
||||
对于国内用户,为提高镜像拉取体验,可以考虑拉取存放于阿里云镜像仓库的镜像,镜像名称及标签如下表所示(
|
||||
具体版本号可以查看 `version` 文件):
|
||||
|
||||
| 支持设备/平台 | DockerHub | 阿里云镜像仓库 |
|
||||
|:-------------:|:---------------------:|:---------------------------------------------------------------:|
|
||||
| x86_64/amd64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest |
|
||||
| x86_64/amd64 | bjdgyc/anylink:0.12.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:0.12.1 |
|
||||
| armv8/aarch64 | bjdgyc/anylink:latest | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest |
|
||||
| armv8/aarch64 | bjdgyc/anylink:0.12.1 | registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-0.12.1 |
|
||||
|
||||
1. 获取镜像
|
||||
```bash
|
||||
# 具体tag可以从docker hub获取
|
||||
# https://hub.docker.com/r/bjdgyc/anylink/tags
|
||||
docker pull bjdgyc/anylink:latest
|
||||
docker pull registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
|
||||
```
|
||||
|
||||
2. 查看命令信息
|
||||
@@ -436,15 +453,14 @@ ipv4_end = "10.1.2.200"
|
||||
- [三方文档-男孩的天职](https://note.youdao.com/s/X4AxyWfL)
|
||||
- [三方文档-issues](https://github.com/bjdgyc/anylink/issues)
|
||||
- [三方文档-思有云](https://www.ioiox.com/archives/128.html)
|
||||
- [三方文档-啵品](https://yangpin.link/archives/1633.html)
|
||||
- [三方文档-杨杨得亿](https://yangpin.link/archives/1897.html) [Windows电脑连接步骤-杨杨得亿](https://yangpin.link/archives/1697.html)
|
||||
|
||||
## Support Client
|
||||
|
||||
- [AnyConnect Secure Client](https://www.cisco.com/) (可通过群文件下载: Windows/macOS/Linux/Android/iOS)
|
||||
- [OpenConnect](https://gitlab.com/openconnect/openconnect) (Windows/macOS/Linux)
|
||||
- [三方 AnyLink Secure Client](https://github.com/tlslink/anylink-client) (Windows/macOS/Linux)
|
||||
- [三方客户端下载地址](https://cisco.yangpin.link) (Windows/macOS/Linux/Android/iOS)
|
||||
|
||||
- 【推荐】三方客户端下载地址(Windows/macOS/Linux/Android/iOS) [国内地址](https://ocserv.yydy.link:2023) [国外地址](https://cisco.yydy.link/#/)
|
||||
|
||||
## Contribution
|
||||
|
||||
|
||||
@@ -18,8 +18,6 @@ docker build -t bjdgyc/anylink:latest --no-cache --progress=plain \
|
||||
echo "docker tag latest $ver"
|
||||
docker tag bjdgyc/anylink:latest bjdgyc/anylink:$ver
|
||||
|
||||
exit 0
|
||||
|
||||
docker tag bjdgyc/anylink:latest registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
|
||||
|
||||
docker push registry.cn-qingdao.aliyuncs.com/bjdgyc/anylink:latest
|
||||
# docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
|
||||
# docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:test-$ver
|
||||
|
||||
@@ -42,9 +42,10 @@ go build -v -o anylink $flags -ldflags "$ldflags"
|
||||
EOF
|
||||
)
|
||||
|
||||
# golang:1.20-alpine3.19
|
||||
#使用 musl-dev 编译
|
||||
docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/amd64 \
|
||||
golang:1.20-alpine3.19 sh -c "$dockercmd"
|
||||
golang:1.22-alpine3.19 sh -c "$dockercmd"
|
||||
|
||||
#arm64编译
|
||||
#docker run -q --rm -v $PWD/server:/app -v $gopath:/go -w /app --platform=linux/arm64 \
|
||||
|
||||
27
deploy_docker_cn.sh
Normal file
27
deploy_docker_cn.sh
Normal file
@@ -0,0 +1,27 @@
|
||||
#!/bin/bash
|
||||
|
||||
ver=$(cat version)
|
||||
echo $ver
|
||||
|
||||
echo "docker tag latest $ver"
|
||||
|
||||
docker pull --platform=linux/amd64 bjdgyc/anylink:$ver
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:latest
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:$ver
|
||||
|
||||
docker rmi bjdgyc/anylink:$ver
|
||||
|
||||
#arm64
|
||||
docker pull --platform=linux/arm64 bjdgyc/anylink:$ver
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-latest
|
||||
|
||||
docker tag bjdgyc/anylink:$ver registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
|
||||
docker push registry.cn-hangzhou.aliyuncs.com/bjdgyc/anylink:arm64v8-$ver
|
||||
|
||||
docker rmi bjdgyc/anylink:$ver
|
||||
@@ -12,38 +12,45 @@
|
||||
>
|
||||
> 需要展示主页的同学,可以在QQ群 直接联系我添加。
|
||||
|
||||
| 昵称 | 主页 / 联系方式 |
|
||||
|-----------|------------------------------|
|
||||
| 代码 oo8 | |
|
||||
| 甘磊 | https://github.com/ganlei333 |
|
||||
| Oo@ | https://github.com/chooop |
|
||||
| 虚极静笃 | |
|
||||
| 请喝可乐 | |
|
||||
| 加油加油 | |
|
||||
| 李建 | |
|
||||
| lanbin | |
|
||||
| 乐在东途 | |
|
||||
| 孤鸿 | |
|
||||
| 刘国华 | |
|
||||
| 改名好无聊 | |
|
||||
| 全能互联网专家 | |
|
||||
| JCM | |
|
||||
| Eh... | |
|
||||
| 沉 | |
|
||||
| 刘国华 | |
|
||||
| 忧郁的豚骨拉面 | |
|
||||
| 张小旋当爹地 | |
|
||||
| 对方正在输入 | |
|
||||
| Ronny | |
|
||||
| 奔跑的少年 | |
|
||||
| ZBW | |
|
||||
| 悲鸣 | |
|
||||
| 谢谢 | |
|
||||
| 云思科技 | |
|
||||
| 哆啦A伟(张佳伟) | |
|
||||
| 人类的悲欢并不相通 | |
|
||||
| 做人要低调 | |
|
||||
| 洛洛 | |
|
||||
| 昵称 | 主页 / 联系方式 |
|
||||
|-------------|------------------------------|
|
||||
| 代码 oo8 | |
|
||||
| 甘磊 | https://github.com/ganlei333 |
|
||||
| Oo@ | https://github.com/chooop |
|
||||
| 虚极静笃 | |
|
||||
| 请喝可乐 | |
|
||||
| 加油加油 | |
|
||||
| 李建 | |
|
||||
| lanbin | |
|
||||
| 乐在东途 | |
|
||||
| 孤鸿 | |
|
||||
| 刘国华 | |
|
||||
| 改名好无聊 | |
|
||||
| 全能互联网专家 | |
|
||||
| JCM | |
|
||||
| Eh... | |
|
||||
| 沉 | |
|
||||
| 刘国华 | |
|
||||
| 忧郁的豚骨拉面 | |
|
||||
| 张小旋当爹地 | |
|
||||
| 对方正在输入 | |
|
||||
| Ronny | |
|
||||
| 奔跑的少年 | |
|
||||
| ZBW | |
|
||||
| 悲鸣 | |
|
||||
| 谢谢 | |
|
||||
| 云思科技 | |
|
||||
| 哆啦A伟(张佳伟) | |
|
||||
| 人类的悲欢并不相通 | |
|
||||
| 做人要低调 | |
|
||||
| 洛洛 | |
|
||||
| Dragon Liao | |
|
||||
| 诸葛御风 | |
|
||||
| 杨杨得亿 | |
|
||||
| Thanataos | |
|
||||
| 憨大叔 | |
|
||||
| 明月 | |
|
||||
| Amis | |
|
||||
|
||||
|
||||
|
||||
|
||||
BIN
doc/screenshot/qq2.jpg
Normal file
BIN
doc/screenshot/qq2.jpg
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 102 KiB |
@@ -13,7 +13,8 @@
|
||||
# 需要先编译出ui文件后 再执行docker编译
|
||||
|
||||
# server
|
||||
FROM golang:1.20-alpine3.19 as builder_golang
|
||||
# golang:1.20-alpine3.19
|
||||
FROM golang:1.22-alpine3.19 as builder_golang
|
||||
|
||||
ARG CN="no"
|
||||
ARG appVer="appVer"
|
||||
|
||||
@@ -9,12 +9,16 @@ if [[ $CN == "yes" ]]; then
|
||||
export GOPROXY=https://goproxy.cn
|
||||
fi
|
||||
|
||||
|
||||
# docker 启动使用 4.19 以上内核
|
||||
apk add --no-cache ca-certificates bash iproute2 tzdata iptables
|
||||
|
||||
# alpine:3.19 兼容老版 iptables
|
||||
apk add --no-cache iptables iptables-legacy
|
||||
apk add --no-cache iptables-legacy
|
||||
rm /sbin/iptables
|
||||
ln -s /sbin/iptables-legacy /sbin/iptables
|
||||
|
||||
apk add --no-cache ca-certificates bash iproute2 tzdata
|
||||
|
||||
chmod +x /app/docker_entrypoint.sh
|
||||
mkdir /app/log
|
||||
|
||||
|
||||
@@ -75,6 +75,10 @@ func GroupDetail(w http.ResponseWriter, r *http.Request) {
|
||||
if len(data.Auth) == 0 {
|
||||
data.Auth["type"] = "local"
|
||||
}
|
||||
// 兼容旧数据
|
||||
if data.SplitDns == nil {
|
||||
data.SplitDns = []dbdata.ValData{}
|
||||
}
|
||||
RespSucess(w, data)
|
||||
}
|
||||
|
||||
|
||||
@@ -180,7 +180,15 @@ func userOtpQr(uid int, b64 bool) (string, error) {
|
||||
|
||||
// 在线用户
|
||||
func UserOnline(w http.ResponseWriter, r *http.Request) {
|
||||
datas := sessdata.OnlineSess()
|
||||
_ = r.ParseForm()
|
||||
search_cate := r.FormValue("search_cate")
|
||||
search_text := r.FormValue("search_text")
|
||||
show_sleeper := r.FormValue("show_sleeper")
|
||||
showSleeper, _ := strconv.ParseBool(show_sleeper)
|
||||
// one_offline := r.FormValue("one_offline")
|
||||
|
||||
// datas := sessdata.OnlineSess()
|
||||
datas := sessdata.GetOnlineSess(search_cate, search_text, showSleeper)
|
||||
|
||||
data := map[string]interface{}{
|
||||
"count": len(datas),
|
||||
@@ -212,8 +220,10 @@ type userAccountMailData struct {
|
||||
Username string
|
||||
Nickname string
|
||||
PinCode string
|
||||
LimitTime string
|
||||
OtpImg string
|
||||
OtpImgBase64 string
|
||||
DisableOtp bool
|
||||
}
|
||||
|
||||
func userAccountMail(user *dbdata.User) error {
|
||||
@@ -265,7 +275,15 @@ func userAccountMail(user *dbdata.User) error {
|
||||
PinCode: user.PinCode,
|
||||
OtpImg: fmt.Sprintf("https://%s/otp_qr?id=%d&jwt=%s", setting.LinkAddr, user.Id, tokenString),
|
||||
OtpImgBase64: "data:image/png;base64," + otpData,
|
||||
DisableOtp: user.DisableOtp,
|
||||
}
|
||||
|
||||
if user.LimitTime == nil {
|
||||
data.LimitTime = "无限制"
|
||||
} else {
|
||||
data.LimitTime = user.LimitTime.Local().Format("2006-01-02")
|
||||
}
|
||||
|
||||
w := bytes.NewBufferString("")
|
||||
t, _ := template.New("auth_complete").Parse(htmlBody)
|
||||
err = t.Execute(w, data)
|
||||
@@ -273,12 +291,18 @@ func userAccountMail(user *dbdata.User) error {
|
||||
return err
|
||||
}
|
||||
// fmt.Println(w.String())
|
||||
imgData, _ := userOtpQr(user.Id, false)
|
||||
attach := &mail.File{
|
||||
MimeType: "image/png",
|
||||
Name: "userOtpQr.png",
|
||||
Data: []byte(imgData),
|
||||
Inline: true,
|
||||
|
||||
var attach *mail.File
|
||||
if user.DisableOtp {
|
||||
attach = nil
|
||||
} else {
|
||||
imgData, _ := userOtpQr(user.Id, false)
|
||||
attach = &mail.File{
|
||||
MimeType: "image/png",
|
||||
Name: "userOtpQr.png",
|
||||
Data: []byte(imgData),
|
||||
Inline: true,
|
||||
}
|
||||
}
|
||||
|
||||
return SendMail(base.Cfg.Issuer, user.Email, w.String(), attach)
|
||||
|
||||
@@ -111,12 +111,6 @@ func StartAdmin() {
|
||||
selectedCipherSuites = append(selectedCipherSuites, s.ID)
|
||||
}
|
||||
|
||||
if tlscert, _, err := dbdata.ParseCert(); err != nil {
|
||||
base.Fatal("证书加载失败", err)
|
||||
} else {
|
||||
dbdata.LoadCertificate(tlscert)
|
||||
}
|
||||
|
||||
// 设置tls信息
|
||||
tlsConfig := &tls.Config{
|
||||
NextProtos: []string{"http/1.1"},
|
||||
|
||||
@@ -9,6 +9,7 @@
|
||||
<RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
|
||||
<BypassDownloader>true</BypassDownloader>
|
||||
<AutoUpdate UserControllable="false">false</AutoUpdate>
|
||||
<LocalLanAccess UserControllable="true">true</LocalLanAccess>
|
||||
<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
|
||||
<LinuxVPNEstablishment>AllowRemoteUsers</LinuxVPNEstablishment>
|
||||
<CertEnrollmentPin>pinAllowed</CertEnrollmentPin>
|
||||
|
||||
@@ -147,7 +147,7 @@ func addInitData() error {
|
||||
Name: "all",
|
||||
AllowLan: true,
|
||||
ClientDns: []ValData{{Val: "114.114.114.114"}},
|
||||
RouteInclude: []ValData{{Val: All}},
|
||||
RouteInclude: []ValData{{Val: ALL}},
|
||||
Status: 1,
|
||||
}
|
||||
err = SetGroup(&g1)
|
||||
@@ -174,6 +174,9 @@ func CheckErrNotFound(err error) bool {
|
||||
return err == ErrNotFound
|
||||
}
|
||||
|
||||
// base64 图片
|
||||
// 用户动态码(请妥善保存):<br/>
|
||||
// <img src="{{.OtpImgBase64}}"/><br/>
|
||||
const accountMail = `<p>您好:</p>
|
||||
<p> 您的{{.Issuer}}账号已经审核开通。</p>
|
||||
<p>
|
||||
@@ -181,17 +184,19 @@ const accountMail = `<p>您好:</p>
|
||||
用户组: <b>{{.Group}}</b> <br/>
|
||||
用户名: <b>{{.Username}}</b> <br/>
|
||||
用户PIN码: <b>{{.PinCode}}</b> <br/>
|
||||
用户过期时间: <b>{{.LimitTime}}</b> <br/>
|
||||
{{if .DisableOtp}}
|
||||
<!-- nothing -->
|
||||
{{else}}
|
||||
|
||||
<!--
|
||||
用户动态码(3天后失效):<br/>
|
||||
<img src="{{.OtpImg}}"/><br/>
|
||||
|
||||
用户动态码(请妥善保存):<br/>
|
||||
<img src="{{.OtpImgBase64}}"/><br/>
|
||||
|
||||
下面是兼容 gmail 的写法
|
||||
-->
|
||||
用户动态码(请妥善保存):<br/>
|
||||
<img src="cid:userOtpQr.png" alt="userOtpQr" /><br/>
|
||||
|
||||
{{end}}
|
||||
</p>
|
||||
<div>
|
||||
使用说明:
|
||||
|
||||
@@ -5,10 +5,12 @@ import (
|
||||
"fmt"
|
||||
"net"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
"github.com/songgao/water/waterutil"
|
||||
"golang.org/x/text/language"
|
||||
"golang.org/x/text/message"
|
||||
)
|
||||
@@ -16,7 +18,10 @@ import (
|
||||
const (
|
||||
Allow = "allow"
|
||||
Deny = "deny"
|
||||
All = "all"
|
||||
ALL = "all"
|
||||
TCP = "tcp"
|
||||
UDP = "udp"
|
||||
ICMP = "icmp"
|
||||
)
|
||||
|
||||
// 域名分流最大字符2万
|
||||
@@ -24,11 +29,14 @@ const DsMaxLen = 20000
|
||||
|
||||
type GroupLinkAcl struct {
|
||||
// 自上而下匹配 默认 allow * *
|
||||
Action string `json:"action"` // allow、deny
|
||||
Val string `json:"val"`
|
||||
Port uint16 `json:"port"`
|
||||
IpNet *net.IPNet `json:"ip_net"`
|
||||
Note string `json:"note"`
|
||||
Action string `json:"action"` // allow、deny
|
||||
Protocol string `json:"protocol"` // 支持 ALL、TCP、UDP、ICMP 协议
|
||||
IpProto waterutil.IPProtocol `json:"ip_protocol"` // 判断协议使用
|
||||
Val string `json:"val"`
|
||||
Port string `json:"port"` // 兼容单端口历史数据类型uint16
|
||||
Ports map[uint16]int8 `json:"ports"`
|
||||
IpNet *net.IPNet `json:"ip_net"`
|
||||
Note string `json:"note"`
|
||||
}
|
||||
|
||||
type ValData struct {
|
||||
@@ -112,7 +120,7 @@ func SetGroup(g *Group) error {
|
||||
routeInclude := []ValData{}
|
||||
for _, v := range g.RouteInclude {
|
||||
if v.Val != "" {
|
||||
if v.Val == All {
|
||||
if v.Val == ALL {
|
||||
routeInclude = append(routeInclude, v)
|
||||
continue
|
||||
}
|
||||
@@ -161,14 +169,74 @@ func SetGroup(g *Group) error {
|
||||
return errors.New("GroupLinkAcl 错误" + err.Error())
|
||||
}
|
||||
v.IpNet = ipNet
|
||||
linkAcl = append(linkAcl, v)
|
||||
|
||||
// 设置协议数据
|
||||
switch v.Protocol {
|
||||
case TCP:
|
||||
v.IpProto = waterutil.TCP
|
||||
case UDP:
|
||||
v.IpProto = waterutil.UDP
|
||||
case ICMP:
|
||||
v.IpProto = waterutil.ICMP
|
||||
default:
|
||||
// 其他类型都是 all
|
||||
v.Protocol = ALL
|
||||
}
|
||||
|
||||
portsStr := v.Port
|
||||
v.Port = strings.TrimSpace(portsStr)
|
||||
// switch vp := v.Port.(type) {
|
||||
// case float64:
|
||||
// portsStr = strconv.Itoa(int(vp))
|
||||
// case string:
|
||||
// portsStr = vp
|
||||
// }
|
||||
|
||||
if regexp.MustCompile(`^\d{1,5}(-\d{1,5})?(,\d{1,5}(-\d{1,5})?)*$`).MatchString(portsStr) {
|
||||
ports := map[uint16]int8{}
|
||||
for _, p := range strings.Split(portsStr, ",") {
|
||||
if p == "" {
|
||||
continue
|
||||
}
|
||||
if regexp.MustCompile(`^\d{1,5}-\d{1,5}$`).MatchString(p) {
|
||||
rp := strings.Split(p, "-")
|
||||
// portfrom, err := strconv.Atoi(rp[0])
|
||||
portfrom, err := strconv.ParseUint(rp[0], 10, 16)
|
||||
if err != nil {
|
||||
return errors.New("端口:" + rp[0] + " 格式错误, " + err.Error())
|
||||
}
|
||||
// portto, err := strconv.Atoi(rp[1])
|
||||
portto, err := strconv.ParseUint(rp[1], 10, 16)
|
||||
if err != nil {
|
||||
return errors.New("端口:" + rp[1] + " 格式错误, " + err.Error())
|
||||
}
|
||||
for i := portfrom; i <= portto; i++ {
|
||||
ports[uint16(i)] = 1
|
||||
}
|
||||
|
||||
} else {
|
||||
port, err := strconv.ParseUint(p, 10, 16)
|
||||
if err != nil {
|
||||
return errors.New("端口:" + p + " 格式错误, " + err.Error())
|
||||
}
|
||||
ports[uint16(port)] = 1
|
||||
}
|
||||
}
|
||||
v.Ports = ports
|
||||
linkAcl = append(linkAcl, v)
|
||||
} else {
|
||||
return errors.New("端口: " + portsStr + " 格式错误,请用逗号分隔的端口,比如: 22,80,443 连续端口用-,比如:1234-5678")
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
g.LinkAcl = linkAcl
|
||||
|
||||
// DNS 判断
|
||||
clientDns := []ValData{}
|
||||
for _, v := range g.ClientDns {
|
||||
v.Val = strings.TrimSpace(v.Val)
|
||||
if v.Val != "" {
|
||||
ip := net.ParseIP(v.Val)
|
||||
if ip.String() != v.Val {
|
||||
@@ -183,6 +251,20 @@ func SetGroup(g *Group) error {
|
||||
return errors.New("默认路由,必须设置一个DNS")
|
||||
}
|
||||
g.ClientDns = clientDns
|
||||
|
||||
splitDns := []ValData{}
|
||||
for _, v := range g.SplitDns {
|
||||
v.Val = strings.TrimSpace(v.Val)
|
||||
if v.Val != "" {
|
||||
ValidateDomainName(v.Val)
|
||||
if !ValidateDomainName(v.Val) {
|
||||
return errors.New("域名 错误")
|
||||
}
|
||||
splitDns = append(splitDns, v)
|
||||
}
|
||||
}
|
||||
g.SplitDns = splitDns
|
||||
|
||||
// 域名拆分隧道,不能同时填写
|
||||
g.DsIncludeDomains = strings.TrimSpace(g.DsIncludeDomains)
|
||||
g.DsExcludeDomains = strings.TrimSpace(g.DsExcludeDomains)
|
||||
@@ -238,6 +320,15 @@ func SetGroup(g *Group) error {
|
||||
return err
|
||||
}
|
||||
|
||||
func ContainsInPorts(ports map[uint16]int8, port uint16) bool {
|
||||
_, ok := ports[port]
|
||||
if ok {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
func GroupAuthLogin(name, pwd string, authData map[string]interface{}) error {
|
||||
g := &Group{Auth: authData}
|
||||
authType := g.Auth["type"].(string)
|
||||
|
||||
@@ -27,7 +27,7 @@ func SetPolicy(p *Policy) error {
|
||||
routeInclude := []ValData{}
|
||||
for _, v := range p.RouteInclude {
|
||||
if v.Val != "" {
|
||||
if v.Val == All {
|
||||
if v.Val == ALL {
|
||||
routeInclude = append(routeInclude, v)
|
||||
continue
|
||||
}
|
||||
|
||||
@@ -11,6 +11,7 @@ type Group struct {
|
||||
Note string `json:"note" xorm:"varchar(255)"`
|
||||
AllowLan bool `json:"allow_lan" xorm:"Bool"`
|
||||
ClientDns []ValData `json:"client_dns" xorm:"Text"`
|
||||
SplitDns []ValData `json:"split_dns" xorm:"Text"`
|
||||
RouteInclude []ValData `json:"route_include" xorm:"Text"`
|
||||
RouteExclude []ValData `json:"route_exclude" xorm:"Text"`
|
||||
DsExcludeDomains string `json:"ds_exclude_domains" xorm:"Text"`
|
||||
@@ -45,7 +46,7 @@ type UserActLog struct {
|
||||
Username string `json:"username" xorm:"varchar(60)"`
|
||||
GroupName string `json:"group_name" xorm:"varchar(60)"`
|
||||
IpAddr string `json:"ip_addr" xorm:"varchar(32)"`
|
||||
RemoteAddr string `json:"remote_addr" xorm:"varchar(32)"`
|
||||
RemoteAddr string `json:"remote_addr" xorm:"varchar(42)"`
|
||||
Os uint8 `json:"os" xorm:"not null default 0 Int"`
|
||||
Client uint8 `json:"client" xorm:"not null default 0 Int"`
|
||||
Version string `json:"version" xorm:"varchar(15)"`
|
||||
@@ -66,12 +67,12 @@ type Setting struct {
|
||||
type AccessAudit struct {
|
||||
Id int `json:"id" xorm:"pk autoincr not null"`
|
||||
Username string `json:"username" xorm:"varchar(60) not null"`
|
||||
Protocol uint8 `json:"protocol" xorm:"not null"`
|
||||
Protocol uint8 `json:"protocol" xorm:"Int not null"`
|
||||
Src string `json:"src" xorm:"varchar(60) not null"`
|
||||
SrcPort uint16 `json:"src_port" xorm:"not null"`
|
||||
SrcPort uint16 `json:"src_port" xorm:"Int not null"`
|
||||
Dst string `json:"dst" xorm:"varchar(60) not null"`
|
||||
DstPort uint16 `json:"dst_port" xorm:"not null"`
|
||||
AccessProto uint8 `json:"access_proto" xorm:"default 0"` // 访问协议
|
||||
DstPort uint16 `json:"dst_port" xorm:"Int not null"`
|
||||
AccessProto uint8 `json:"access_proto" xorm:"Int default 0"` // 访问协议
|
||||
Info string `json:"info" xorm:"varchar(255) not null default ''"` // 详情
|
||||
CreatedAt time.Time `json:"created_at" xorm:"DateTime"`
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package dbdata
|
||||
|
||||
import (
|
||||
"net"
|
||||
"net/url"
|
||||
"regexp"
|
||||
"strings"
|
||||
@@ -78,7 +79,8 @@ func (ua *UserActLogProcess) Add(u UserActLog, userAgent string) {
|
||||
u.Os = os_idx
|
||||
u.Client = client_idx
|
||||
u.Version = ver
|
||||
u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
|
||||
// u.RemoteAddr = strings.Split(u.RemoteAddr, ":")[0]
|
||||
u.RemoteAddr, _, _ = net.SplitHostPort(u.RemoteAddr)
|
||||
// remove extra characters
|
||||
infoSlice := strings.Split(u.Info, " ")
|
||||
infoLen := len(infoSlice)
|
||||
|
||||
@@ -5,6 +5,7 @@ import (
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"net"
|
||||
"reflect"
|
||||
"time"
|
||||
|
||||
@@ -15,6 +16,7 @@ import (
|
||||
type AuthRadius struct {
|
||||
Addr string `json:"addr"`
|
||||
Secret string `json:"secret"`
|
||||
Nasip string `json:"nasip"`
|
||||
}
|
||||
|
||||
func init() {
|
||||
@@ -57,8 +59,22 @@ func (auth AuthRadius) checkUser(name, pwd string, g *Group) error {
|
||||
}
|
||||
// radius认证时,设置超时3秒
|
||||
packet := radius.New(radius.CodeAccessRequest, []byte(auth.Secret))
|
||||
rfc2865.UserName_SetString(packet, name)
|
||||
rfc2865.UserPassword_SetString(packet, pwd)
|
||||
err = rfc2865.UserName_SetString(packet, name)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set name 出现错误")
|
||||
}
|
||||
err = rfc2865.UserPassword_SetString(packet, pwd)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set pwd 出现错误")
|
||||
}
|
||||
if auth.Nasip != "" {
|
||||
nasip := net.ParseIP(auth.Nasip)
|
||||
err = rfc2865.NASIPAddress_Set(packet, nasip)
|
||||
if err != nil {
|
||||
return fmt.Errorf("%s %s", name, "Radius set nasip 出现错误")
|
||||
}
|
||||
}
|
||||
|
||||
ctx, done := context.WithTimeout(context.Background(), 3*time.Second)
|
||||
defer done()
|
||||
response, err := radius.Exchange(ctx, packet, auth.Addr)
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
module github.com/bjdgyc/anylink
|
||||
|
||||
go 1.20
|
||||
go 1.22
|
||||
|
||||
require (
|
||||
github.com/arl/statsviz v0.6.0
|
||||
@@ -33,9 +33,9 @@ require (
|
||||
github.com/xhit/go-simple-mail/v2 v2.16.0
|
||||
github.com/xlzd/gotp v0.1.0
|
||||
github.com/xuri/excelize/v2 v2.8.1
|
||||
golang.org/x/crypto v0.21.0
|
||||
golang.org/x/net v0.22.0
|
||||
golang.org/x/text v0.14.0
|
||||
golang.org/x/crypto v0.26.0
|
||||
golang.org/x/net v0.25.0
|
||||
golang.org/x/text v0.17.0
|
||||
golang.org/x/time v0.5.0
|
||||
layeh.com/radius v0.0.0-20231213012653-1006025d24f8
|
||||
xorm.io/xorm v1.3.8
|
||||
@@ -68,8 +68,9 @@ require (
|
||||
go.uber.org/atomic v1.11.0 // indirect
|
||||
go.uber.org/multierr v1.11.0 // indirect
|
||||
golang.org/x/exp v0.0.0-20240222234643-814bf88cf225 // indirect
|
||||
golang.org/x/mod v0.16.0 // indirect
|
||||
golang.org/x/tools v0.19.0 // indirect
|
||||
golang.org/x/mod v0.17.0 // indirect
|
||||
golang.org/x/sync v0.8.0 // indirect
|
||||
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
|
||||
)
|
||||
|
||||
require (
|
||||
@@ -100,7 +101,7 @@ require (
|
||||
github.com/tklauser/numcpus v0.7.0 // indirect
|
||||
github.com/xuri/efp v0.0.0-20231025114914-d1ff6096ae53 // indirect
|
||||
github.com/xuri/nfp v0.0.0-20230919160717-d98342af3f05 // indirect
|
||||
golang.org/x/sys v0.18.0 // indirect
|
||||
golang.org/x/sys v0.23.0 // indirect
|
||||
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d // indirect
|
||||
gopkg.in/ini.v1 v1.67.0 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
|
||||
@@ -25,11 +25,14 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8Yc
|
||||
github.com/deckarep/golang-set v1.8.0 h1:sk9/l/KqpunDwP7pSjUg0keiOOLEnOBHzykLrsPppp4=
|
||||
github.com/deckarep/golang-set v1.8.0/go.mod h1:5nI87KwE7wgsBU1F4GKAw2Qod7p5kyS383rP6+o6qqo=
|
||||
github.com/dustin/go-humanize v1.0.0 h1:VSnTsYCnlFHaM2/igO1h6X3HA71jcobQuxemgkq4zYo=
|
||||
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
|
||||
github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=
|
||||
github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg=
|
||||
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
|
||||
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
|
||||
github.com/fogleman/gg v1.2.1-0.20190220221249-0403632d5b90/go.mod h1:R/bRT+9gY/C5z7JzPU0zXsXHKM4/ayA+zqcVNZzPa1k=
|
||||
github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
|
||||
github.com/frankban/quicktest v1.14.6/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0=
|
||||
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
|
||||
github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
|
||||
github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
|
||||
@@ -63,8 +66,9 @@ github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
|
||||
github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
|
||||
github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
|
||||
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
|
||||
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
|
||||
github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
|
||||
github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU=
|
||||
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
|
||||
@@ -83,6 +87,7 @@ github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9n
|
||||
github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48=
|
||||
github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
|
||||
github.com/hashicorp/go-hclog v1.5.0 h1:bI2ocEMgcVlz55Oj1xZNBsVi900c7II+fWDyV9o+13c=
|
||||
github.com/hashicorp/go-hclog v1.5.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M=
|
||||
github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
|
||||
github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
|
||||
@@ -103,10 +108,12 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
|
||||
github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
|
||||
github.com/jung-kurt/gofpdf v1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
|
||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
|
||||
github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
|
||||
github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
|
||||
github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
|
||||
github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=
|
||||
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
|
||||
github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
|
||||
@@ -118,7 +125,9 @@ github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
|
||||
github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
|
||||
github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
|
||||
github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
|
||||
github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
|
||||
github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
|
||||
github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
|
||||
github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
|
||||
github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
|
||||
github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4=
|
||||
@@ -160,6 +169,7 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
|
||||
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0 h1:OdAsTTz6OkFY5QxjkYwrChwuRruF69c169dPK26NUlk=
|
||||
github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
|
||||
github.com/richardlehane/mscfb v1.0.4 h1:WULscsljNPConisD5hR0+OyZjwK46Pfyr6mPu5ZawpM=
|
||||
github.com/richardlehane/mscfb v1.0.4/go.mod h1:YzVpcZg9czvAuhk9T+a3avCpcFPMUWm7gK3DypaEsUk=
|
||||
github.com/richardlehane/msoleps v1.0.1/go.mod h1:BWev5JBpU9Ko2WAgmZEuiz4/u3ZYTKbjLycmwiWUfWg=
|
||||
@@ -170,6 +180,7 @@ github.com/robfig/cron/v3 v3.0.1/go.mod h1:eQICP3HwyT7UooqI/z+Ov+PtYAWygg1TEWWzG
|
||||
github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
|
||||
github.com/rogpeppe/go-internal v1.8.1/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
|
||||
github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M=
|
||||
github.com/rogpeppe/go-internal v1.11.0/go.mod h1:ddIwULY96R17DhadqLgMfk9H9tvdUzkipdSkR5nkCZA=
|
||||
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||
github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
|
||||
github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
|
||||
@@ -251,8 +262,8 @@ golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98y
|
||||
golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
|
||||
golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
|
||||
golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
|
||||
golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
|
||||
golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
|
||||
golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
|
||||
golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
|
||||
golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
@@ -264,14 +275,15 @@ golang.org/x/image v0.0.0-20180708004352-c73c2afc3b81/go.mod h1:ux5Hcp/YLpHSI86h
|
||||
golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js=
|
||||
golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0=
|
||||
golang.org/x/image v0.14.0 h1:tNgSxAFe3jC4uYqvZdTr84SZoM1KfwdC9SKIFrLjFn4=
|
||||
golang.org/x/image v0.14.0/go.mod h1:HUYqC05R2ZcZ3ejNQsIHQDQiwWM4JBqmm6MKANTp4LE=
|
||||
golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
|
||||
golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o=
|
||||
golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
|
||||
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
|
||||
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
|
||||
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
|
||||
golang.org/x/mod v0.16.0 h1:QX4fJ0Rr5cPQCF7O9lh9Se4pmwfwskqZfq5moyldzic=
|
||||
golang.org/x/mod v0.16.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||
golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA=
|
||||
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
|
||||
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
|
||||
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
|
||||
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
|
||||
@@ -281,13 +293,14 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
|
||||
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
|
||||
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
|
||||
golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
|
||||
golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
|
||||
golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
|
||||
golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
|
||||
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
|
||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
|
||||
golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
|
||||
golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
|
||||
golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
|
||||
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
|
||||
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
@@ -304,8 +317,8 @@ golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
|
||||
golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
|
||||
golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
|
||||
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
|
||||
golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
|
||||
@@ -321,8 +334,9 @@ golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
|
||||
golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||
golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||
golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
|
||||
golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
|
||||
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
|
||||
golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
|
||||
golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
|
||||
golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
|
||||
golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
|
||||
golang.org/x/tools v0.0.0-20180525024113-a5b4c53f6e8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
|
||||
@@ -333,8 +347,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
|
||||
golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
|
||||
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
|
||||
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
|
||||
golang.org/x/tools v0.19.0 h1:tfGCXNR1OsFG+sVdLAitlpjAvD/I6dHDKnYrpEZUHkw=
|
||||
golang.org/x/tools v0.19.0/go.mod h1:qoJWxmGSIBmAeriMx19ogtrEPrGtDbPK634QFIcLAhc=
|
||||
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d h1:vU5i/LfpvrRCpgM/VPfJLg5KjxD3E+hfT1SH+d9zLwg=
|
||||
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
|
||||
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
|
||||
@@ -361,6 +375,7 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD
|
||||
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.0/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
@@ -368,15 +383,25 @@ gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
layeh.com/radius v0.0.0-20231213012653-1006025d24f8 h1:orYXpi6BJZdvgytfHH4ybOe4wHnLbbS71Cmd8mWdZjs=
|
||||
layeh.com/radius v0.0.0-20231213012653-1006025d24f8/go.mod h1:QRf+8aRqXc019kHkpcs/CTgyWXFzf+bxlsyuo2nAl1o=
|
||||
lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI=
|
||||
lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
|
||||
modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw=
|
||||
modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0=
|
||||
modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw=
|
||||
modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY=
|
||||
modernc.org/libc v1.22.2 h1:4U7v51GyhlWqQmwCHj28Rdq2Yzwk55ovjFrdPjs8Hb0=
|
||||
modernc.org/libc v1.22.2/go.mod h1:uvQavJ1pZ0hIoC/jfqNoMLURIMhKzINIWypNM17puug=
|
||||
modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ=
|
||||
modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
|
||||
modernc.org/memory v1.4.0 h1:crykUfNSnMAXaOJnnxcSzbUGMqkLWjklJKkBK2nwZwk=
|
||||
modernc.org/memory v1.4.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
|
||||
modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
|
||||
modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
|
||||
modernc.org/sqlite v1.20.4 h1:J8+m2trkN+KKoE7jglyHYYYiaq5xmz2HoHJIiBlRzbE=
|
||||
modernc.org/sqlite v1.20.4/go.mod h1:zKcGyrICaxNTMEHSr1HQ2GUraP0j+845GYw37+EyT6A=
|
||||
modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY=
|
||||
modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
|
||||
modernc.org/token v1.0.1 h1:A3qvTqOwexpfZZeyI0FeGPDlSWX5pjZu9hF4lU+EKWg=
|
||||
modernc.org/token v1.0.1/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
|
||||
rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
|
||||
xorm.io/builder v0.3.13 h1:a3jmiVVL19psGeXx8GIurTp7p0IIgqeDmwhcR6BAOAo=
|
||||
xorm.io/builder v0.3.13/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
|
||||
|
||||
@@ -17,7 +17,10 @@ import (
|
||||
"github.com/bjdgyc/anylink/sessdata"
|
||||
)
|
||||
|
||||
var profileHash = ""
|
||||
var (
|
||||
profileHash = ""
|
||||
certHash = ""
|
||||
)
|
||||
|
||||
func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
// TODO 调试信息输出
|
||||
@@ -85,7 +88,7 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
// TODO 用户密码校验
|
||||
err = dbdata.CheckUser(cr.Auth.Username, cr.Auth.Password, cr.GroupSelect)
|
||||
if err != nil {
|
||||
base.Warn(err)
|
||||
base.Warn(err, r.RemoteAddr)
|
||||
ua.Info = err.Error()
|
||||
ua.Status = dbdata.UserAuthFail
|
||||
dbdata.UserActLogIns.Add(ua, userAgent)
|
||||
@@ -138,7 +141,7 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) {
|
||||
other := &dbdata.SettingOther{}
|
||||
_ = dbdata.SettingGet(other)
|
||||
rd := RequestData{SessionId: sess.Sid, SessionToken: sess.Sid + "@" + sess.Token,
|
||||
Banner: other.Banner, ProfileName: base.Cfg.ProfileName, ProfileHash: profileHash}
|
||||
Banner: other.Banner, ProfileName: base.Cfg.ProfileName, ProfileHash: profileHash, CertHash: certHash}
|
||||
w.WriteHeader(http.StatusOK)
|
||||
tplRequest(tpl_complete, w, rd)
|
||||
base.Info("login", cr.Auth.Username, userAgent)
|
||||
@@ -178,6 +181,7 @@ type RequestData struct {
|
||||
Banner string
|
||||
ProfileName string
|
||||
ProfileHash string
|
||||
CertHash string
|
||||
}
|
||||
|
||||
var auth_request = `<?xml version="1.0" encoding="UTF-8"?>
|
||||
@@ -223,7 +227,7 @@ var auth_complete = `<?xml version="1.0" encoding="UTF-8"?>
|
||||
</capabilities>
|
||||
<config client="vpn" type="private">
|
||||
<vpn-base-config>
|
||||
<server-cert-hash>240B97A685B2BFA66AD699B90AAC49EA66495D69</server-cert-hash>
|
||||
<server-cert-hash>{{.CertHash}}</server-cert-hash>
|
||||
</vpn-base-config>
|
||||
<opaque is-for="vpn-client"></opaque>
|
||||
<vpn-profile-manifest>
|
||||
|
||||
@@ -28,11 +28,11 @@ func LinkHome(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
if index.Homecode > 0 {
|
||||
if index.Homecode != http.StatusOK {
|
||||
w.WriteHeader(index.Homecode)
|
||||
} else {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
return
|
||||
}
|
||||
w.WriteHeader(http.StatusOK)
|
||||
|
||||
// if index.Homeindex == "" {
|
||||
// index.Homeindex = "AnyLink 是一个企业级远程办公 SSL VPN 软件,可以支持多人同时在线使用。"
|
||||
|
||||
@@ -86,7 +86,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
cSess.CstpDpd = cstpDpd
|
||||
|
||||
dtlsPort := "4433"
|
||||
dtlsPort := "443"
|
||||
if strings.Contains(base.Cfg.ServerDTLSAddr, ":") {
|
||||
ss := strings.Split(base.Cfg.ServerDTLSAddr, ":")
|
||||
dtlsPort = ss[1]
|
||||
@@ -131,9 +131,14 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
for _, v := range cSess.Group.ClientDns {
|
||||
HttpAddHeader(w, "X-CSTP-DNS", v.Val)
|
||||
}
|
||||
// 分割dns
|
||||
for _, v := range cSess.Group.SplitDns {
|
||||
HttpAddHeader(w, "X-CSTP-Split-DNS", v.Val)
|
||||
}
|
||||
|
||||
// 允许的路由
|
||||
for _, v := range cSess.Group.RouteInclude {
|
||||
if strings.ToLower(v.Val) == dbdata.All {
|
||||
if strings.ToLower(v.Val) == dbdata.ALL {
|
||||
continue
|
||||
}
|
||||
HttpAddHeader(w, "X-CSTP-Split-Include", v.IpMask)
|
||||
@@ -156,9 +161,9 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
HttpSetHeader(w, "X-CSTP-Keep", "true")
|
||||
HttpSetHeader(w, "X-CSTP-Tunnel-All-DNS", "false")
|
||||
|
||||
HttpSetHeader(w, "X-CSTP-Rekey-Time", "43200") // 172800
|
||||
HttpSetHeader(w, "X-CSTP-Rekey-Time", "86400") // 172800
|
||||
HttpSetHeader(w, "X-CSTP-Rekey-Method", "new-tunnel")
|
||||
HttpSetHeader(w, "X-DTLS-Rekey-Time", "43200")
|
||||
HttpSetHeader(w, "X-DTLS-Rekey-Time", "86400")
|
||||
HttpSetHeader(w, "X-DTLS-Rekey-Method", "new-tunnel")
|
||||
|
||||
HttpSetHeader(w, "X-CSTP-DPD", fmt.Sprintf("%d", cstpDpd))
|
||||
@@ -180,7 +185,7 @@ func LinkTunnel(w http.ResponseWriter, r *http.Request) {
|
||||
HttpSetHeader(w, "X-CSTP-Routing-Filtering-Ignore", "false")
|
||||
HttpSetHeader(w, "X-CSTP-Quarantine", "false")
|
||||
HttpSetHeader(w, "X-CSTP-Disable-Always-On-VPN", "false")
|
||||
HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "false")
|
||||
HttpSetHeader(w, "X-CSTP-Client-Bypass-Protocol", "true")
|
||||
HttpSetHeader(w, "X-CSTP-TCP-Keepalive", "false")
|
||||
// 设置域名拆分隧道(移动端不支持)
|
||||
if mobile != "mobile" {
|
||||
|
||||
@@ -86,14 +86,41 @@ func checkLinkAcl(group *dbdata.Group, pl *sessdata.Payload) bool {
|
||||
}
|
||||
|
||||
for _, v := range group.LinkAcl {
|
||||
// 循环判断ip和端口
|
||||
if v.IpNet.Contains(ipDst) {
|
||||
// 放行允许ip的ping
|
||||
if v.Port == ipPort || v.Port == 0 || ipProto == waterutil.ICMP {
|
||||
if v.Action == dbdata.Allow {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
// 放行允许ip的ping
|
||||
// if v.Ports == nil || len(v.Ports) == 0 {
|
||||
// //单端口历史数据兼容
|
||||
// port := uint16(v.Port.(float64))
|
||||
// if port == ipPort || port == 0 || ipProto == waterutil.ICMP {
|
||||
// if v.Action == dbdata.Allow {
|
||||
// return true
|
||||
// } else {
|
||||
// return false
|
||||
// }
|
||||
// }
|
||||
// } else {
|
||||
|
||||
// 先判断协议
|
||||
// 兼容旧数据 v.Protocol == ""
|
||||
if v.Protocol == "" || v.Protocol == dbdata.ALL || v.IpProto == ipProto {
|
||||
// 循环判断ip和端口
|
||||
if v.IpNet.Contains(ipDst) {
|
||||
// icmp 不判断端口
|
||||
if ipProto == waterutil.ICMP {
|
||||
if v.Action == dbdata.Allow {
|
||||
return true
|
||||
} else {
|
||||
return false
|
||||
}
|
||||
}
|
||||
|
||||
if dbdata.ContainsInPorts(v.Ports, ipPort) || dbdata.ContainsInPorts(v.Ports, 0) {
|
||||
if v.Action == dbdata.Allow {
|
||||
// log.Println(dbdata.Allow, v.Ports)
|
||||
return true
|
||||
} else {
|
||||
// log.Println(dbdata.Deny, v.Ports)
|
||||
return false
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,13 +1,16 @@
|
||||
package handler
|
||||
|
||||
import (
|
||||
"crypto/sha1"
|
||||
"crypto/tls"
|
||||
"encoding/hex"
|
||||
"fmt"
|
||||
"io"
|
||||
"net"
|
||||
"net/http"
|
||||
"net/http/httputil"
|
||||
"os"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/bjdgyc/anylink/base"
|
||||
@@ -36,6 +39,19 @@ func startTls() {
|
||||
// certs[0], err = tls.LoadX509KeyPair(certFile, keyFile)
|
||||
// }
|
||||
|
||||
tlscert, _, err := dbdata.ParseCert()
|
||||
if err != nil {
|
||||
base.Fatal("证书加载失败", err)
|
||||
}
|
||||
dbdata.LoadCertificate(tlscert)
|
||||
|
||||
// 计算证书hash值
|
||||
s1 := sha1.New()
|
||||
s1.Write(tlscert.Certificate[0])
|
||||
h2s := hex.EncodeToString(s1.Sum(nil))
|
||||
certHash = strings.ToUpper(h2s)
|
||||
base.Info("certHash", certHash)
|
||||
|
||||
// 修复 CVE-2016-2183
|
||||
// https://segmentfault.com/a/1190000038486901
|
||||
// nmap -sV --script ssl-enum-ciphers -p 443 www.example.com
|
||||
|
||||
@@ -15,7 +15,8 @@
|
||||
"qs": "^6.11.1",
|
||||
"vue": "^2.6.11",
|
||||
"vue-count-to": "^1.0.13",
|
||||
"vue-router": "^3.5.2"
|
||||
"vue-router": "^3.5.2",
|
||||
"vuedraggable": "^2.24.3"
|
||||
},
|
||||
"devDependencies": {
|
||||
"@vue/cli-plugin-babel": "~4.5.0",
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -7793,6 +7793,11 @@ sort-keys@^1.0.0:
|
||||
dependencies:
|
||||
is-plain-obj "^1.0.0"
|
||||
|
||||
sortablejs@1.10.2:
|
||||
version "1.10.2"
|
||||
resolved "https://registry.yarnpkg.com/sortablejs/-/sortablejs-1.10.2.tgz#6e40364d913f98b85a14f6678f92b5c1221f5290"
|
||||
integrity sha512-YkPGufevysvfwn5rfdlGyrGjt7/CRHwvRPogD/lC+TnvcN29jDpCifKP+rBqf+LRldfXSTh+0CGLcSg0VIxq3A==
|
||||
|
||||
source-list-map@^2.0.0:
|
||||
version "2.0.1"
|
||||
resolved "https://registry.yarnpkg.com/source-list-map/-/source-list-map-2.0.1.tgz#3993bd873bfc48479cca9ea3a547835c7c154b34"
|
||||
@@ -8775,6 +8780,13 @@ vue@^2.6.11:
|
||||
"@vue/compiler-sfc" "2.7.16"
|
||||
csstype "^3.1.0"
|
||||
|
||||
vuedraggable@^2.24.3:
|
||||
version "2.24.3"
|
||||
resolved "https://registry.yarnpkg.com/vuedraggable/-/vuedraggable-2.24.3.tgz#43c93849b746a24ce503e123d5b259c701ba0d19"
|
||||
integrity sha512-6/HDXi92GzB+Hcs9fC6PAAozK1RLt1ewPTLjK0anTYguXLAeySDmcnqE8IC0xa7shvSzRjQXq3/+dsZ7ETGF3g==
|
||||
dependencies:
|
||||
sortablejs "1.10.2"
|
||||
|
||||
watchpack-chokidar2@^2.0.1:
|
||||
version "2.0.1"
|
||||
resolved "https://registry.yarnpkg.com/watchpack-chokidar2/-/watchpack-chokidar2-2.0.1.tgz#38500072ee6ece66f3769936950ea1771be1c957"
|
||||
|
||||
Reference in New Issue
Block a user