120 lines
3.6 KiB
Go
120 lines
3.6 KiB
Go
package main
|
||
|
||
import (
|
||
"crypto/tls"
|
||
"flag"
|
||
"log"
|
||
"net/http"
|
||
"time"
|
||
|
||
"github.com/darkit/goproxy/internal/config"
|
||
"github.com/darkit/goproxy/internal/proxy"
|
||
)
|
||
|
||
// 自定义委托,用于HTTPS到HTTPS代理
|
||
type CustomDelegate struct {
|
||
proxy.DefaultDelegate
|
||
targetHost string
|
||
targetPort string
|
||
}
|
||
|
||
// 修改请求头
|
||
func (d *CustomDelegate) ModifyRequest(req *http.Request) {
|
||
log.Printf("收到加密请求: %s %s", req.Method, req.URL.String())
|
||
|
||
// 设置标准浏览器请求头
|
||
req.Header.Set("User-Agent", "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/122.0.0.0 Safari/537.36")
|
||
req.Header.Set("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8")
|
||
req.Header.Set("Accept-Language", "zh-CN,zh;q=0.9,en;q=0.8")
|
||
req.Header.Set("Connection", "keep-alive")
|
||
|
||
// 设置Host头
|
||
req.Host = d.targetHost
|
||
|
||
// 设置请求的URL方案为HTTPS
|
||
req.URL.Scheme = "https"
|
||
|
||
log.Printf("转发请求到: https://%s:%s%s", d.targetHost, d.targetPort, req.URL.Path)
|
||
}
|
||
|
||
// 修改响应头
|
||
func (d *CustomDelegate) ModifyResponse(resp *http.Response) error {
|
||
log.Printf("收到目标响应: %d %s", resp.StatusCode, resp.Status)
|
||
|
||
// 添加代理标识
|
||
resp.Header.Set("X-Proxied-By", "GoProxy-HTTPS2HTTPS")
|
||
resp.Header.Set("X-Proxy-Target", d.targetHost)
|
||
|
||
// 添加CORS头
|
||
resp.Header.Set("Access-Control-Allow-Origin", "*")
|
||
|
||
return nil
|
||
}
|
||
|
||
// 解析后端服务器
|
||
func (d *CustomDelegate) ResolveBackend(req *http.Request) (string, error) {
|
||
// 直接返回目标地址和端口
|
||
address := d.targetHost + ":" + d.targetPort
|
||
log.Printf("连接到目标服务器: %s", address)
|
||
return address, nil
|
||
}
|
||
|
||
func main() {
|
||
// 命令行参数
|
||
listenAddr := flag.String("listen", ":8443", "监听地址")
|
||
targetHost := flag.String("target", "www.github.com", "目标站点主机名")
|
||
targetPort := flag.String("port", "443", "目标站点端口")
|
||
certFile := flag.String("cert", "server.crt", "TLS证书文件路径")
|
||
keyFile := flag.String("key", "server.key", "TLS密钥文件路径")
|
||
flag.Parse()
|
||
|
||
// 创建配置
|
||
cfg := config.DefaultConfig()
|
||
cfg.ReverseProxy = true // 启用反向代理模式
|
||
cfg.DecryptHTTPS = false // 不解密HTTPS流量,避免TLS问题
|
||
cfg.TLSCert = *certFile // TLS证书文件路径
|
||
cfg.TLSKey = *keyFile // TLS密钥文件路径
|
||
cfg.IdleTimeout = 30 * time.Second // 连接空闲超时
|
||
cfg.AddXForwardedFor = true // 添加X-Forwarded-For头
|
||
cfg.AddXRealIP = true // 添加X-Real-IP头
|
||
cfg.SupportWebSocketUpgrade = true // 支持WebSocket升级
|
||
cfg.EnableCompression = false // 不启用压缩
|
||
cfg.EnableCORS = true // 启用CORS
|
||
cfg.EnableRetry = false // 关闭重试功能
|
||
cfg.EnableConnectionPool = false // 禁用连接池
|
||
|
||
// 创建自定义委托
|
||
delegate := &CustomDelegate{
|
||
targetHost: *targetHost,
|
||
targetPort: *targetPort,
|
||
}
|
||
|
||
// 创建代理实例
|
||
p := proxy.New(&proxy.Options{
|
||
Config: cfg,
|
||
Delegate: delegate,
|
||
})
|
||
|
||
// 创建HTTPS服务器
|
||
server := &http.Server{
|
||
Addr: *listenAddr,
|
||
Handler: p,
|
||
TLSConfig: &tls.Config{
|
||
MinVersion: tls.VersionTLS12,
|
||
},
|
||
}
|
||
|
||
// 启动HTTPS服务器
|
||
log.Printf("HTTPS->HTTPS代理启动,监听地址: %s,目标: https://%s:%s",
|
||
*listenAddr, *targetHost, *targetPort)
|
||
log.Printf("使用TLS证书: %s,密钥: %s", *certFile, *keyFile)
|
||
|
||
err := server.ListenAndServeTLS(*certFile, *keyFile)
|
||
if err != nil {
|
||
log.Fatalf("服务器启动失败: %v", err)
|
||
}
|
||
}
|
||
|
||
// 生成自签名SSL证书命令示例:
|
||
// openssl req -x509 -newkey rsa:4096 -keyout server.key -out server.crt -days 365 -nodes -subj "/CN=localhost"
|