update

kxg3030 · Jul 22, 2022 · 7f6b7d7 · 7f6b7d7
1 parent 8e083a8
commit 7f6b7d7
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 7 deletions.
diff --git a/Core/ProxyHttp.go b/Core/ProxyHttp.go
@@ -3,6 +3,7 @@ package Core
 import (
 	"bufio"
 	"bytes"
+	"context"
 	"crypto/tls"
 	"fmt"
 	"github.com/kxg3030/shermie-proxy/Core/Websocket"
@@ -19,7 +20,7 @@ import (
 )
 
 const ConnectSuccess = "HTTP/1.1 200 Connection Established\r\n\r\n"
-const ConnectFailed = "HTTP/1.1 403 Connection Forbidden\r\n\r\n"
+const ConnectFailed = "HTTP/1.1 502 Bad Gateway\r\n\r\n"
 const SslFileHost = "zt.io"
 
 type ProxyHttp struct {
@@ -38,7 +39,8 @@ type ProxyHttp struct {
 type ResolveWs func(msgType int, message []byte, wsConn *Websocket.Conn) error
 
 func NewProxyHttp() *ProxyHttp {
-	p := &ProxyHttp{}
+	p := &ProxyHttp{
+	}
 	return p
 }
 
@@ -156,6 +158,7 @@ func (i *ProxyHttp) Transport(request *http.Request) (*http.Response, error) {
 	response, err := (&http.Transport{
 		DisableKeepAlives:     true,
 		ResponseHeaderTimeout: 60 * time.Second,
+		DialContext:           i.DialContext(),
 	}).RoundTrip(request)
 	if err != nil {
 		return nil, err
@@ -217,11 +220,11 @@ func (i *ProxyHttp) SslReceiveSend() {
 	err = sslConn.Handshake()
 	// 如果不是http的ssl请求,则说明是普通ws请求(ws请求会ssl校验报错),这里专门处理这种情况
 	if err != nil {
+		i.ssl = false
 		if err == io.EOF || strings.Index(err.Error(), "closed") != -1 {
 			Log.Log.Println("客户端连接超时：" + err.Error())
 			return
 		}
-		i.ssl = false
 		i.handleWsShakehandErr(sslConn.ReadLastTimeBytes())
 		return
 	}
@@ -235,7 +238,7 @@ func (i *ProxyHttp) SslReceiveSend() {
 	i.reader = bufio.NewReader(i.conn)
 	i.request, err = http.ReadRequest(i.reader)
 	if err != nil {
-		if err == io.EOF{
+		if err == io.EOF {
 			Log.Log.Println("浏览器ssl连接断开：" + err.Error())
 			return
 		}
@@ -275,7 +278,7 @@ func (i *ProxyHttp) SslReceiveSend() {
 	i.response.Body = io.NopCloser(bytes.NewReader(body))
 	err = i.response.Write(i.conn)
 	if err != nil {
-		if strings.Contains(err.Error(),"aborted"){
+		if strings.Contains(err.Error(), "aborted") {
 			Log.Log.Println("代理返回响应数据失败：连接已关闭")
 			return
 		}
@@ -378,6 +381,7 @@ func (i *ProxyHttp) handleWsRequest() bool {
 			HandshakeTimeout: time.Second * 10,
 		}
 	}
+	dialer.NetDialContext = i.DialContext()
 	targetWsConn, _, err := dialer.Dial(hostname, i.request.Header)
 	if err != nil {
 		Log.Log.Println("连接ws服务器失败：" + err.Error())
@@ -437,6 +441,21 @@ func (i *ProxyHttp) handleWsRequest() bool {
 	return false
 }
 
+func (i *ProxyHttp) DialContext() func(ctx context.Context, network, addr string) (conn net.Conn, err error) {
+	return func(ctx context.Context, network, addr string) (conn net.Conn, err error) {
+		separator := strings.LastIndex(addr, ":")
+		ipList, err := i.server.dns.Fetch(addr[:separator])
+		var ip string
+		for _, item := range ipList {
+			ip = item.String()
+			if !strings.Contains(ip, ":") {
+				break
+			}
+		}
+		return net.Dial("tcp", ip+addr[separator:])
+	}
+}
+
 // 连接是否可用
 func (i *ProxyHttp) WsIsConnected(conn *Websocket.Conn) bool {
 	err := conn.WriteMessage(1, nil)

diff --git a/Core/ProxyServer.go b/Core/ProxyServer.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"github.com/kxg3030/shermie-proxy/Core/Websocket"
 	"github.com/kxg3030/shermie-proxy/Log"
+	"github.com/viki-org/dnscache"
 	"net"
 	"net/http"
 	"time"
@@ -28,6 +29,7 @@ var HttpHeadMap = map[string]int{
 type ProxyServer struct {
 	port                string
 	listener            *net.TCPListener
+	dns      *dnscache.Resolver
 	OnRequestEvent      func(request *http.Request)
 	OnResponseEvent     func(response *http.Response)
 	OnReceiveEvent      error
@@ -39,6 +41,7 @@ type ProxyServer struct {
 func NewProxyServer(port string) *ProxyServer {
 	p := &ProxyServer{
 		port: port,
+		dns:dnscache.New(time.Minute * 5),
 	}
 	return p
 }
@@ -61,7 +64,7 @@ func (i *ProxyServer) Start() error {
 }
 
 func (i *ProxyServer) MultiListen() {
-	for s := 0; s < 10; s++ {
+	for s := 0; s < 5; s++ {
 		go func() {
 			for {
 				conn, err := i.listener.Accept()

diff --git a/Core/Storage.go b/Core/Storage.go
@@ -38,7 +38,6 @@ func (i *Storage) GetCertificate(hostname string, port string) (interface{}, err
 		defer i.lock.Unlock()
 		return nil, err
 	}
-	// 按域名将证书分组,同一个域名多次请求只需要生成一次证书;多个不同的域名才会存在协程竞争
 	if action, exist := i.buffer[host]; exist {
 		i.lock.Unlock()
 		return action.cert, nil

diff --git a/go.mod b/go.mod
@@ -1,3 +1,5 @@
 module github.com/kxg3030/shermie-proxy
 
 go 1.16
+
+require github.com/viki-org/dnscache v0.0.0-20130720023526-c70c1f23c5d8 // indirect
diff --git a/go.sum b/go.sum
@@ -0,0 +1,2 @@
+github.com/viki-org/dnscache v0.0.0-20130720023526-c70c1f23c5d8 h1:EVObHAr8DqpoJCVv6KYTle8FEImKhtkfcZetNqxDoJQ=
+github.com/viki-org/dnscache v0.0.0-20130720023526-c70c1f23c5d8/go.mod h1:dniwbG03GafCjFohMDmz6Zc6oCuiqgH6tGNyXTkHzXE=
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		github.com/viki-org/dnscache v0.0.0-20130720023526-c70c1f23c5d8 h1:EVObHAr8DqpoJCVv6KYTle8FEImKhtkfcZetNqxDoJQ=
		github.com/viki-org/dnscache v0.0.0-20130720023526-c70c1f23c5d8/go.mod h1:dniwbG03GafCjFohMDmz6Zc6oCuiqgH6tGNyXTkHzXE=