From b150e4f79c15794ac8e1cd6eb4c69231d5ba32b8 Mon Sep 17 00:00:00 2001 From: Stille Date: Fri, 31 Dec 2021 20:21:26 +0800 Subject: [PATCH] Update v0.7.2 for anylink --- anylink/Dockerfile | 4 ++-- anylink/README.md | 1 + anylink/build.sh | 1 + anylink/{docker_build.sh => build_docker.sh} | 0 anylink/docker_entrypoint.sh | 2 +- anylink/server/admin/server.go | 5 +++++ anylink/server/base/app_ver.go | 2 +- anylink/server/base/cfg.go | 1 + anylink/server/base/config.go | 1 + anylink/server/conf/{files => }/profile.xml | 0 anylink/server/conf/server-sample.toml | 3 ++- anylink/server/handler/link_auth.go | 9 ++++++--- anylink/server/handler/server.go | 16 +++++++++------- anylink/server/handler/start.go | 12 ++++++++++++ 14 files changed, 42 insertions(+), 15 deletions(-) rename anylink/{docker_build.sh => build_docker.sh} (100%) rename anylink/server/conf/{files => }/profile.xml (100%) diff --git a/anylink/Dockerfile b/anylink/Dockerfile index e5bb5fd..3d42f34 100644 --- a/anylink/Dockerfile +++ b/anylink/Dockerfile @@ -1,6 +1,6 @@ # web FROM node:lts-alpine as builder_node -ENV VERSION 0.7.1 +ENV VERSION 0.7.2 WORKDIR /web COPY ./web /web RUN npm install --registry=https://registry.npm.taobao.org \ @@ -34,7 +34,7 @@ COPY docker_entrypoint.sh /app/ COPY ./server/bridge-init.sh /app/ COPY ./server/conf /app/conf -#COPY ./server/files /app/conf/files +COPY ./LICENSE /app/LICENSE #TODO 本地打包时使用镜像 diff --git a/anylink/README.md b/anylink/README.md index 6345227..8e7faf4 100644 --- a/anylink/README.md +++ b/anylink/README.md @@ -8,6 +8,7 @@ Docker [stilleshan/anylink](https://hub.docker.com/r/stilleshan/anylink) 基于 [bjdgyc/anylink](https://github.com/bjdgyc/anylink) 项目的 docker 镜像. ## 更新 +- **2021-12-31** 更新`0.7.2`版 docker 镜像. - **2021-12-29** 更新`0.7.1`版 docker 镜像. - **2021-08-26** 更新`0.6.2`版 docker 镜像. - **2021-08-02** 更新`0.5.1`版 docker 镜像. diff --git a/anylink/build.sh b/anylink/build.sh index 2699d84..ac34de4 100644 --- a/anylink/build.sh +++ b/anylink/build.sh @@ -42,6 +42,7 @@ cp -r server/bridge-init.sh $deploy cp -r server/conf $deploy cp -r systemd $deploy +cp -r LICENSE $deploy tar zcvf ${deploy}.tar.gz $deploy diff --git a/anylink/docker_build.sh b/anylink/build_docker.sh similarity index 100% rename from anylink/docker_build.sh rename to anylink/build_docker.sh diff --git a/anylink/docker_entrypoint.sh b/anylink/docker_entrypoint.sh index e0393a3..ea23118 100644 --- a/anylink/docker_entrypoint.sh +++ b/anylink/docker_entrypoint.sh @@ -18,6 +18,6 @@ case $var1 in iptables -t nat -A POSTROUTING -s "${IPV4_CIDR}" -o eth0+ -j MASQUERADE iptables -nL -t nat - /app/anylink "$@" + exec /app/anylink "$@" ;; esac diff --git a/anylink/server/admin/server.go b/anylink/server/admin/server.go index 00bb25e..fb6108f 100644 --- a/anylink/server/admin/server.go +++ b/anylink/server/admin/server.go @@ -18,6 +18,11 @@ func StartAdmin() { r := mux.NewRouter() r.Use(authMiddleware) + // 监控检测 + r.HandleFunc("/status.html", func(w http.ResponseWriter, r *http.Request) { + w.Write([]byte("ok")) + }).Name("index") + r.Handle("/", http.RedirectHandler("/ui/", http.StatusFound)).Name("index") r.PathPrefix("/ui/").Handler( // http.StripPrefix("/ui/", http.FileServer(http.Dir(base.Cfg.UiPath))), diff --git a/anylink/server/base/app_ver.go b/anylink/server/base/app_ver.go index 42d9058..2be516f 100644 --- a/anylink/server/base/app_ver.go +++ b/anylink/server/base/app_ver.go @@ -3,5 +3,5 @@ package base const ( APP_NAME = "AnyLink" // 修复前端bug - APP_VER = "0.7.1" + APP_VER = "0.7.2" ) diff --git a/anylink/server/base/cfg.go b/anylink/server/base/cfg.go index d6f27be..49a9c92 100644 --- a/anylink/server/base/cfg.go +++ b/anylink/server/base/cfg.go @@ -32,6 +32,7 @@ var ( type ServerConfig struct { // LinkAddr string `json:"link_addr"` Conf string `json:"conf"` + Profile string `json:"profile"` ServerAddr string `json:"server_addr"` ServerDTLSAddr string `json:"server_dtls_addr"` ServerDTLS bool `json:"server_dtls"` diff --git a/anylink/server/base/config.go b/anylink/server/base/config.go index f86282e..b7edc7b 100644 --- a/anylink/server/base/config.go +++ b/anylink/server/base/config.go @@ -21,6 +21,7 @@ type config struct { var configs = []config{ {Typ: cfgStr, Name: "conf", Usage: "config file", ValStr: "./conf/server.toml", Short: "c"}, + {Typ: cfgStr, Name: "profile", Usage: "profile.xml file", ValStr: "./conf/profile.xml"}, {Typ: cfgStr, Name: "server_addr", Usage: "服务监听地址", ValStr: ":443"}, {Typ: cfgBool, Name: "server_dtls", Usage: "开启DTLS", ValBool: false}, {Typ: cfgStr, Name: "server_dtls_addr", Usage: "DTLS监听地址", ValStr: ":4433"}, diff --git a/anylink/server/conf/files/profile.xml b/anylink/server/conf/profile.xml similarity index 100% rename from anylink/server/conf/files/profile.xml rename to anylink/server/conf/profile.xml diff --git a/anylink/server/conf/server-sample.toml b/anylink/server/conf/server-sample.toml index 0539481..b3af587 100644 --- a/anylink/server/conf/server-sample.toml +++ b/anylink/server/conf/server-sample.toml @@ -6,10 +6,11 @@ #数据文件 db_type = "sqlite3" db_source = "./conf/anylink.db" -#证书文件 +#证书文件 使用跟nginx一样的证书即可 cert_file = "./conf/vpn_cert.pem" cert_key = "./conf/vpn_cert.key" files_path = "./conf/files" +profile = "./conf/profile.xml" #日志目录,为空写入标准输出 #log_path = "./log" log_path = "" diff --git a/anylink/server/handler/link_auth.go b/anylink/server/handler/link_auth.go index 9d2a6be..6c98138 100644 --- a/anylink/server/handler/link_auth.go +++ b/anylink/server/handler/link_auth.go @@ -14,6 +14,8 @@ import ( "github.com/bjdgyc/anylink/sessdata" ) +var profileHash = "" + func LinkAuth(w http.ResponseWriter, r *http.Request) { // 判断anyconnect客户端 userAgent := strings.ToLower(r.UserAgent()) @@ -89,7 +91,7 @@ func LinkAuth(w http.ResponseWriter, r *http.Request) { other := &dbdata.SettingOther{} _ = dbdata.SettingGet(other) rd := RequestData{SessionId: sess.Sid, SessionToken: sess.Sid + "@" + sess.Token, - Banner: other.Banner} + Banner: other.Banner, ProfileHash: profileHash} w.WriteHeader(http.StatusOK) tplRequest(tpl_complete, w, rd) base.Debug("login", cr.Auth.Username) @@ -125,6 +127,7 @@ type RequestData struct { SessionId string SessionToken string Banner string + ProfileHash string } var auth_request = ` @@ -176,8 +179,8 @@ var auth_complete = ` - /files/profile.xml - A8B0B07FBA93D06E8501E40AB807AEE2464E73B7 + /profile.xml + {{.ProfileHash}} diff --git a/anylink/server/handler/server.go b/anylink/server/handler/server.go index aef9fb1..0168c98 100644 --- a/anylink/server/handler/server.go +++ b/anylink/server/handler/server.go @@ -6,6 +6,7 @@ import ( "log" "net" "net/http" + "os" "time" "github.com/bjdgyc/anylink/base" @@ -26,14 +27,14 @@ func startTls() { ) // 判断证书文件 - //_, err = os.Stat(certFile) - //if errors.Is(err, os.ErrNotExist) { + // _, err = os.Stat(certFile) + // if errors.Is(err, os.ErrNotExist) { // // 自动生成证书 // certs[0], err = selfsign.GenerateSelfSignedWithDNS("vpn.anylink") - //} else { + // } else { // // 使用自定义证书 // certs[0], err = tls.LoadX509KeyPair(certFile, keyFile) - //} + // } certs[0], err = tls.LoadX509KeyPair(certFile, keyFile) if err != nil { @@ -77,9 +78,10 @@ func initRoute() http.Handler { r.HandleFunc("/", LinkAuth).Methods(http.MethodPost) r.HandleFunc("/CSCOSSLC/tunnel", LinkTunnel).Methods(http.MethodConnect) r.HandleFunc("/otp_qr", LinkOtpQr).Methods(http.MethodGet) - // r.HandleFunc("/profile.xml", func(w http.ResponseWriter, r *http.Request) { - // w.Write([]byte(auth_profile)) - // }).Methods(http.MethodGet) + r.HandleFunc("/profile.xml", func(w http.ResponseWriter, r *http.Request) { + b, _ := os.ReadFile(base.Cfg.Profile) + w.Write(b) + }).Methods(http.MethodGet) r.PathPrefix("/files/").Handler( http.StripPrefix("/files/", http.FileServer(http.Dir(base.Cfg.FilesPath)), diff --git a/anylink/server/handler/start.go b/anylink/server/handler/start.go index 5399bec..30ef2a0 100644 --- a/anylink/server/handler/start.go +++ b/anylink/server/handler/start.go @@ -1,6 +1,10 @@ package handler import ( + "crypto/sha1" + "encoding/hex" + "os" + "github.com/bjdgyc/anylink/admin" "github.com/bjdgyc/anylink/base" "github.com/bjdgyc/anylink/dbdata" @@ -22,6 +26,14 @@ func Start() { base.Fatal("LinkMode is err") } + // 计算profile.xml的hash + b, err := os.ReadFile(base.Cfg.Profile) + if err != nil { + panic(err) + } + ha := sha1.Sum(b) + profileHash = hex.EncodeToString(ha[:]) + go admin.StartAdmin() go startTls() go startDtls()