Signed-off-by: arraykeys@gmail.com <arraykeys@gmail.com>

2018-01-24 10:18:37 +08:00
parent d81a823da1
commit d4fd34165e
4 changed files with 30 additions and 30 deletions
--- a/5
+++ b/5
@ -1,6 +1,9 @@
 proxy更新日志
 v4.1
-1.优化了http(s),socks5代理中的域名智能判断,如果是内网IP,直接走本地网络,提升浏览体验.
+1.优化了http(s),socks5代理中的域名智能判断,如果是内网IP,直接走本地网络,提升浏览体验,
+ 同时优化了检查机制,判断更快.
+2.http代理basic认证增加了对https协议的支持,现在basic认证可以控制所有http(s)流量了.
+

 v4.0
 1.内网穿透三端重构了一个multiplexing版本，使用github.com/xtaci/smux实现了tcp链接的多路复用，
--- a/services/http.go
+++ b/services/http.go
@ -161,11 +161,7 @@ func (s *HTTP) callback(inConn net.Conn) {
 		} else if *s.cfg.Always {
 			useProxy = true
 		} else {
-			if req.IsHTTPS() {
-				s.checker.Add(address, true, req.Method, "", nil)
-			} else {
-				s.checker.Add(address, false, req.Method, req.URL, req.HeadBuf)
-			}
+			s.checker.Add(address)
 			//var n, m uint
 			useProxy, _, _ = s.checker.IsBlocked(req.Host)
 			//log.Printf("blocked ? : %v, %s , fail:%d ,success:%d", useProxy, address, n, m)
--- a/services/socks.go
+++ b/services/socks.go
@ -421,7 +421,7 @@ func (s *Socks) proxyTCP(inConn *net.Conn, methodReq socks.MethodsRequest, reque
 				if utils.IsIternalIP(host) {
 					useProxy = false
 				} else {
-					s.checker.Add(request.Addr(), true, "", "", nil)
+					s.checker.Add(request.Addr())
 					useProxy, _, _ = s.checker.IsBlocked(request.Addr())
 				}
 				if useProxy {
--- a/utils/structs.go
+++ b/utils/structs.go
@ -74,22 +74,20 @@ func (c *Checker) loadMap(f string) (dataMap ConcurrentMap) {
 }
 func (c *Checker) start() {
 	go func() {
+		//log.Printf("checker started")
 		for {
+			//log.Printf("checker did")
 			for _, v := range c.data.Items() {
 				go func(item CheckerItem) {
 					if c.isNeedCheck(item) {
-						//log.Printf("check %s", item.Domain)
+						//log.Printf("check %s", item.Host)
 						var conn net.Conn
 						var err error
-						if item.IsHTTPS {
 						conn, err = ConnectHost(item.Host, c.timeout)
 						if err == nil {
 							conn.SetDeadline(time.Now().Add(time.Millisecond))
 							conn.Close()
 						}
-						} else {
-							err = HTTPGet(item.URL, c.timeout)
-						}
 						if err != nil {
 							item.FailCount = item.FailCount + 1
 						} else {
@ -155,22 +153,13 @@ func (c *Checker) domainIsInMap(address string, blockedMap bool) bool {
 	}
 	return false
 }
-func (c *Checker) Add(address string, isHTTPS bool, method, URL string, data []byte) {
+func (c *Checker) Add(address string) {
 	if c.domainIsInMap(address, false) || c.domainIsInMap(address, true) {
 		return
 	}
-	if !isHTTPS && strings.ToLower(method) != "get" {
-		return
-	}
 	var item CheckerItem
-	u := strings.Split(address, ":")
 	item = CheckerItem{
-		URL:     URL,
-		Domain:  u[0],
 		Host: address,
-		Data:    data,
-		IsHTTPS: isHTTPS,
-		Method:  method,
 	}
 	c.data.SetIfAbsent(item.Host, item)
 }
@ -361,6 +350,12 @@ func (req *HTTPRequest) HTTP() (err error) {
 	return
 }
 func (req *HTTPRequest) HTTPS() (err error) {
+	if req.isBasicAuth {
+		err = req.BasicAuth()
+		if err != nil {
+			return
+		}
+	}
 	req.Host = req.hostOrURL
 	req.addPortIfNot()
 	//_, err = fmt.Fprint(*req.conn, "HTTP/1.1 200 Connection established\r\n\r\n")
@ -376,7 +371,8 @@ func (req *HTTPRequest) IsHTTPS() bool {

 func (req *HTTPRequest) BasicAuth() (err error) {

-	//log.Printf("request :%s", string(b[:n]))
+	//log.Printf("request :%s", string(b[:n]))authorization
+	isProxyAuthorization := false
 	authorization, err := req.getHeader("Authorization")
 	if err != nil {
 		fmt.Fprint((*req.conn), "HTTP/1.1 401 Unauthorized\r\nWWW-Authenticate: Basic realm=\"\"\r\n\r\nUnauthorized")
@ -386,10 +382,11 @@ func (req *HTTPRequest) BasicAuth() (err error) {
 	if authorization == "" {
 		authorization, err = req.getHeader("Proxy-Authorization")
 		if err != nil {
-			fmt.Fprint((*req.conn), "HTTP/1.1 401 Unauthorized\r\nWWW-Authenticate: Basic realm=\"\"\r\n\r\nUnauthorized")
+			fmt.Fprint((*req.conn), "HTTP/1.1 407 Unauthorized\r\nWWW-Authenticate: Basic realm=\"\"\r\n\r\nUnauthorized")
 			CloseConn(req.conn)
 			return
 		}
+		isProxyAuthorization = true
 	}
 	//log.Printf("Authorization:%s", authorization)
 	basic := strings.Fields(authorization)
@ -414,7 +411,11 @@ func (req *HTTPRequest) BasicAuth() (err error) {
 	authOk := (*req.basicAuth).Check(string(user), addr[0], URL)
 	//log.Printf("auth %s,%v", string(user), authOk)
 	if !authOk {
-		fmt.Fprint((*req.conn), "HTTP/1.1 401 Unauthorized\r\n\r\nUnauthorized")
+		code := "401"
+		if isProxyAuthorization {
+			code = "407"
+		}
+		fmt.Fprintf((*req.conn), "HTTP/1.1 %s Unauthorized\r\n\r\nUnauthorized", code)
 		CloseConn(req.conn)
 		err = fmt.Errorf("basic auth fail")
 		return