Signed-off-by: arraykeys@gmail.com <arraykeys@gmail.com>

2017-11-03 19:16:52 +08:00
parent 577261806c
commit e45bf338cb
5 changed files with 15 additions and 8 deletions
--- a/3
+++ b/3
@ -1,4 +1,7 @@
 proxy更新日志
+v3.6
+1.http(s),socks代理,认证增加了外部api认证,可以通过外部api对用户名和密码进行认证.
+
 v3.5
 1.优化了kcp参数,速度有所提升.
 2.修复了socks无法正常工作的问题.
--- a/main.go
+++ b/main.go
@ -9,7 +9,7 @@ import (
 	"syscall"
 )

-const APP_VERSION = "3.5"
+const APP_VERSION = "3.6"

 func main() {
 	err := initConfig()
--- a/release.sh
+++ b/release.sh
@ -1,5 +1,5 @@
 #!/bin/bash
-VER="3.5"
+VER="3.6"
 RELEASE="release-${VER}"
 rm -rf .cert
 mkdir .cert
--- a/services/socks.go
+++ b/services/socks.go
@ -10,6 +10,7 @@ import (
 	"proxy/utils/aes"
 	"proxy/utils/socks"
 	"runtime/debug"
+	"strings"
 	"time"

 	"golang.org/x/crypto/ssh"
@ -353,7 +354,8 @@ func (s *Socks) socksConnCallback(inConn net.Conn) {
 		pass := string(r[2+r[1]+1:])
 		//log.Printf("user:%s,pass:%s", user, pass)
 		//auth
-		if s.basicAuth.CheckUserPass(user, pass) {
+		_addr := strings.Split(inConn.RemoteAddr().String(), ":")
+		if s.basicAuth.CheckUserPass(user, pass, _addr[0]) {
 			inConn.Write([]byte{0x01, 0x00})
 		} else {
 			inConn.Write([]byte{0x01, 0x01})
@ -560,6 +562,10 @@ func (s *Socks) ConnectSSH() (err error) {
 }
 func (s *Socks) InitBasicAuth() (err error) {
 	s.basicAuth = utils.NewBasicAuth()
+	if *s.cfg.AuthURL != "" {
+		s.basicAuth.SetAuthURL(*s.cfg.AuthURL, *s.cfg.AuthURLOkCode, *s.cfg.AuthURLTimeout, *s.cfg.AuthURLRetry)
+		log.Printf("auth from %s", *s.cfg.AuthURL)
+	}
 	if *s.cfg.AuthFile != "" {
 		var n = 0
 		n, err = s.basicAuth.AddFromFile(*s.cfg.AuthFile)
--- a/utils/structs.go
+++ b/utils/structs.go
@ -223,11 +223,9 @@ func (ba *BasicAuth) Add(userpassArr []string) (n int) {
 	}
 	return
 }
-func (ba *BasicAuth) CheckUserPass(user, pass string) (ok bool) {
-	if p, _ok := ba.data.Get(user); _ok {
-		return p.(string) == pass
-	}
-	return
+func (ba *BasicAuth) CheckUserPass(user, pass, ip string) (ok bool) {
+
+	return ba.Check(user+":"+pass, ip)
 }
 func (ba *BasicAuth) Check(userpass string, ip string) (ok bool) {
 	u := strings.Split(strings.Trim(userpass, " "), ":")