update v0.7.4 for anylink
This commit is contained in:
parent
7ec38db0ef
commit
91da95b99f
|
@ -1,14 +1,14 @@
|
|||
# web
|
||||
FROM node:lts-alpine as builder_node
|
||||
ENV VERSION 0.7.3
|
||||
ENV VERSION 0.7.4
|
||||
WORKDIR /web
|
||||
COPY ./web /web
|
||||
RUN npm install --registry=https://registry.npm.taobao.org \
|
||||
&& npm run build \
|
||||
RUN yarn install \
|
||||
&& yarn run build \
|
||||
&& ls /web/ui
|
||||
|
||||
# server
|
||||
FROM golang:1.16-alpine as builder_golang
|
||||
FROM golang:1.17-alpine as builder_golang
|
||||
#TODO 本地打包时使用镜像
|
||||
ENV GOPROXY=https://goproxy.io
|
||||
ENV GOOS=linux
|
||||
|
|
|
@ -8,6 +8,7 @@ Docker [stilleshan/anylink](https://hub.docker.com/r/stilleshan/anylink)
|
|||
基于 [bjdgyc/anylink](https://github.com/bjdgyc/anylink) 项目的 docker 镜像.
|
||||
|
||||
## 更新
|
||||
- **2022-04-07** 更新`0.7.4`版 docker 镜像.
|
||||
- **2022-02-16** 更新`0.7.3`版 docker 镜像.
|
||||
- **2021-12-31** 更新`0.7.2`版 docker 镜像.
|
||||
- **2021-12-29** 更新`0.7.1`版 docker 镜像.
|
||||
|
|
|
@ -16,9 +16,13 @@ echo "编译前端项目"
|
|||
cd $cpath/web
|
||||
#国内可替换源加快速度
|
||||
#npx browserslist@latest --update-db
|
||||
npm install --registry=https://registry.npm.taobao.org
|
||||
#npm install --registry=https://registry.npm.taobao.org
|
||||
#npm install
|
||||
npm run build
|
||||
#npm run build
|
||||
|
||||
yarn install
|
||||
yarn run build
|
||||
|
||||
RETVAL $?
|
||||
|
||||
echo "编译二进制文件"
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
package admin
|
||||
|
||||
import (
|
||||
"crypto/tls"
|
||||
"embed"
|
||||
"net/http"
|
||||
"net/http/pprof"
|
||||
|
@ -69,7 +70,25 @@ func StartAdmin() {
|
|||
}
|
||||
|
||||
base.Info("Listen admin", base.Cfg.AdminAddr)
|
||||
err := http.ListenAndServeTLS(base.Cfg.AdminAddr, base.Cfg.CertFile, base.Cfg.CertKey, r)
|
||||
|
||||
// 修复 CVE-2016-2183
|
||||
cipherSuites := tls.CipherSuites()
|
||||
selectedCipherSuites := make([]uint16, 0, len(cipherSuites))
|
||||
for _, s := range cipherSuites {
|
||||
selectedCipherSuites = append(selectedCipherSuites, s.ID)
|
||||
}
|
||||
// 设置tls信息
|
||||
tlsConfig := &tls.Config{
|
||||
NextProtos: []string{"http/1.1"},
|
||||
MinVersion: tls.VersionTLS12,
|
||||
CipherSuites: selectedCipherSuites,
|
||||
}
|
||||
srv := &http.Server{
|
||||
Addr: base.Cfg.AdminAddr,
|
||||
Handler: r,
|
||||
TLSConfig: tlsConfig,
|
||||
}
|
||||
err := srv.ListenAndServeTLS(base.Cfg.CertFile, base.Cfg.CertKey)
|
||||
if err != nil {
|
||||
base.Fatal(err)
|
||||
}
|
||||
|
|
|
@ -2,6 +2,6 @@ package base
|
|||
|
||||
const (
|
||||
APP_NAME = "AnyLink"
|
||||
// 修复前端bug
|
||||
APP_VER = "0.7.3"
|
||||
// 修复 CVE-2016-2183
|
||||
APP_VER = "0.7.4"
|
||||
)
|
||||
|
|
|
@ -111,7 +111,7 @@ func addInitData() error {
|
|||
Name: "ops",
|
||||
AllowLan: true,
|
||||
ClientDns: []ValData{{Val: "114.114.114.114"}},
|
||||
RouteInclude: []ValData{{Val: "10.0.0.0/8"}},
|
||||
RouteInclude: []ValData{{Val: All}},
|
||||
}
|
||||
err = SetGroup(&g1)
|
||||
if err != nil {
|
||||
|
|
|
@ -19,11 +19,8 @@ func startTls() {
|
|||
var (
|
||||
err error
|
||||
|
||||
addr = base.Cfg.ServerAddr
|
||||
certFile = base.Cfg.CertFile
|
||||
keyFile = base.Cfg.CertKey
|
||||
certs = make([]tls.Certificate, 1)
|
||||
ln net.Listener
|
||||
addr = base.Cfg.ServerAddr
|
||||
ln net.Listener
|
||||
)
|
||||
|
||||
// 判断证书文件
|
||||
|
@ -36,16 +33,20 @@ func startTls() {
|
|||
// certs[0], err = tls.LoadX509KeyPair(certFile, keyFile)
|
||||
// }
|
||||
|
||||
certs[0], err = tls.LoadX509KeyPair(certFile, keyFile)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
// 修复 CVE-2016-2183
|
||||
// https://segmentfault.com/a/1190000038486901
|
||||
// nmap -sV --script ssl-enum-ciphers -p 443 www.example.com
|
||||
cipherSuites := tls.CipherSuites()
|
||||
selectedCipherSuites := make([]uint16, 0, len(cipherSuites))
|
||||
for _, s := range cipherSuites {
|
||||
selectedCipherSuites = append(selectedCipherSuites, s.ID)
|
||||
}
|
||||
|
||||
// 设置tls信息
|
||||
tlsConfig := &tls.Config{
|
||||
NextProtos: []string{"http/1.1"},
|
||||
MinVersion: tls.VersionTLS12,
|
||||
Certificates: certs,
|
||||
CipherSuites: selectedCipherSuites,
|
||||
// InsecureSkipVerify: true,
|
||||
}
|
||||
srv := &http.Server{
|
||||
|
@ -66,7 +67,7 @@ func startTls() {
|
|||
}
|
||||
|
||||
base.Info("listen server", addr)
|
||||
err = srv.ServeTLS(ln, "", "")
|
||||
err = srv.ServeTLS(ln, base.Cfg.CertFile, base.Cfg.CertKey)
|
||||
if err != nil {
|
||||
base.Fatal(err)
|
||||
}
|
||||
|
|
|
@ -14,7 +14,7 @@ type Payload struct {
|
|||
}
|
||||
|
||||
/*
|
||||
var header = []byte{'S', 'T', 'F', 0x01, 0, 0, 0x00, 0}
|
||||
var header = []byte{'S', 'T', 'F', 0x01, 0, 0, 0x07, 0}
|
||||
https://tools.ietf.org/html/draft-mavrogiannopoulos-openconnect-02#section-2.2
|
||||
|
||||
+---------------------+---------------------------------------------+
|
||||
|
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
Loading…
Reference in New Issue