-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathmain.go
173 lines (163 loc) · 4.29 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
package main
import (
"crypto/tls"
"fmt"
"io"
"log"
"net"
"net/http"
"net/http/httputil"
"net/url"
"strings"
"sync"
)
var (
// 代理监听主机
ProxyHost = "127.0.0.1"
// 代理监听端口
ProxyPort = 8080
// 需要反代的网址
SiteList = []string{"pixiv.net", "*.pixiv.net", "*.secure.pixiv.net", "*.pximg.net", "*.pixiv.org",
"github.com", "*.github.com", "*.githubusercontent.com", "*.githubassets.com"}
// DOH 列表
DohList = []string{
"https://dns.artikel10.org/dns-query",
"https://dns1.dnscrypt.ca:453/dns-query",
"https://dns.digitalsize.net/dns-query",
}
// 正代与反代间通信不需要占用端口
FakeListener = &Listener{make(chan net.Conn, 100)}
// DNS 缓存
DnsCache = &sync.Map{}
)
func init() {
gencert("./", SiteList)
}
// A Listener is a generic network listener for stream-oriented protocols.
// Multiple goroutines may invoke methods on a Listener simultaneously.
type Listener struct {
channel chan net.Conn
}
// Accept waits for and returns the next connection to the listener.
func (ln *Listener) Accept() (net.Conn, error) {
conn := <-ln.channel
return conn, nil
}
// Close closes the listener.
// Any blocked Accept operations will be unblocked and return errors.
func (ln *Listener) Close() error {
close(ln.channel)
return nil
}
// Addr returns the listener's network address.
func (ln *Listener) Addr() net.Addr {
return &net.IPAddr{IP: net.IPv4(127, 0, 0, 1)}
}
func main() {
// 反向代理
log.Println("PixivChan OK!")
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
log.Println(r.Host, r.RequestURI, "start")
url, err := url.Parse(fmt.Sprintf("https://%s", r.Host))
if err != nil {
log.Println(r.Host, r.RequestURI, err)
}
proxy := httputil.NewSingleHostReverseProxy(url)
proxy.Transport = &http.Transport{
DisableKeepAlives: true,
// 隐藏 sni 标志
TLSClientConfig: &tls.Config{
ServerName: "-",
InsecureSkipVerify: true,
},
// 指向正确的 IP
Dial: func(network, addr string) (net.Conn, error) {
return lookup(DohList, DnsCache, r.Host)
},
}
proxy.ErrorHandler = func(w http.ResponseWriter, r *http.Request, err error) {
log.Println(r.Host, r.RequestURI, err)
}
proxy.ServeHTTP(w, r)
})
go func() {
srv := &http.Server{Addr: "Go!", Handler: handler}
err := srv.ServeTLS(FakeListener, "pixivchan.cer", "pixivchan.key")
log.Panicln(err)
}()
// 正向代理,使流量走到反向代理
ln, err := net.Listen("tcp", fmt.Sprintf("%s:%d", ProxyHost, ProxyPort))
if err != nil {
log.Panicln(err)
}
for {
browser, err := ln.Accept()
if err != nil {
log.Panicln(err)
}
go func(browser net.Conn) {
defer browser.Close()
var b = make([]byte, 1024)
n, err := browser.Read(b)
if err != nil {
log.Println(err)
return
}
var method, host, address string
fmt.Sscanf(string(b[:n]), "%s%s", &method, &host)
// PAC 代理设置
if method == "GET" && host == "/pixivchan.pac" {
browser.Write([]byte("HTTP/1.1 200 OK\r\n"))
browser.Write([]byte("Content-Type: application/javascript; charset=UTF-8\r\n"))
browser.Write([]byte("\r\n"))
err = pac(browser, PacParam{SiteList, ProxyHost, ProxyPort})
if err != nil {
log.Println(err)
return
}
return
}
uri, err := url.Parse(host)
if err != nil {
elem := strings.Split(host, ":")
if len(elem) < 2 {
log.Println(err)
return
}
ip := net.ParseIP(strings.Join(elem[:len(elem)-1], ":"))
if ip == nil {
log.Println(err)
return
}
uri = &url.URL{Host: ip.String(), Scheme: ip.String(), Opaque: elem[len(elem)-1]}
}
if method == "CONNECT" { // HTTPS
address = uri.Scheme + ":" + uri.Opaque
} else { // HTTP
address = uri.Host
if !strings.Contains(uri.Host, ":") {
address = uri.Host + ":80"
}
}
var server net.Conn
if inpac(SiteList, uri.Scheme) {
var reverse net.Conn
server, reverse = net.Pipe()
FakeListener.channel <- reverse
} else {
server, err = net.Dial("tcp", address)
if err != nil {
log.Println(err)
return
}
}
if method == "CONNECT" {
fmt.Fprint(browser, "HTTP/1.1 200 Connection established\r\n\r\n")
} else {
server.Write(b[:n])
}
go io.Copy(server, browser)
io.Copy(browser, server)
}(browser)
}
}