feat(pkg/socks5): socks5 proxy beta version

finish socks5 proxy mod function fix ca auto generate
DVKunion · Sep 8, 2022 · 20d586c · 20d586c
1 parent 3b41846
commit 20d586c
Show file tree

Hide file tree

Showing 33 changed files with 2,009 additions and 372 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -0,0 +1 @@
+# github.com/DVKunion/SeaMoon/pkg/consts.Version
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,67 @@
+#name: Release
+#
+#on:
+#  push:
+#    tags:
+#      - 'v*'
+#
+#jobs:
+#  binary:
+#    name: release binary files
+#    runs-on: ubuntu-latest
+#    steps:
+#      - name: Set up Go 1.x
+#        uses: actions/setup-go@v2
+#        with:
+#          go-version: ^1.18
+#
+#      - name: Checkout
+#        uses: actions/checkout@v2
+#
+#      - name: Build
+#        run: |
+#          bash build.sh ${GITHUB_REF##*/}
+#
+#      - name: release
+#        env:
+#          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+#        run: |
+#          set -x
+#          assets=()
+#          for asset in targets/*; do
+#            assets+=("-a" "$asset")
+#          done
+#          tag_name="${GITHUB_REF##*/}"
+#          hub release create "${assets[@]}" -m "$tag_name" "$tag_name"
+#
+#  docker:
+#    name: Release Docker
+#    runs-on: ubuntu-latest
+#    steps:
+#      - name: Checkout
+#        uses: actions/checkout@v2
+#
+#      - name: Dockerhub login
+#        env:
+#          DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
+#        run: |
+#          echo "${DOCKER_PASSWORD}" | docker login --username luyuhuang --password-stdin
+#
+#      - name: Set up QEMU
+#        uses: docker/setup-qemu-action@v1
+#
+#      - name: Set up Docker Buildx
+#        id: buildx
+#        uses: docker/setup-buildx-action@v1
+#        with:
+#          version: latest
+#
+#      - name: Build dockerfile (with push)
+#        run: |
+#          docker buildx build \
+#          --platform=linux/amd64,linux/arm/v7,linux/arm64 \
+#          --output "type=image,push=true" \
+#          --build-arg VERSION=${GITHUB_REF##*/} \
+#          --file ./mainfest/Dockerfile . \
+#          --tag dvkunion/seamoon:latest \
+#          --tag dvkunion/seamoon:${GITHUB_REF##*/}
diff --git a/.gitignore b/.gitignore
@@ -10,10 +10,13 @@
 
 # Output of the go coverage tool, specifically when used with LiteIDE
 *.out
+*.sock
 
 # Dependency directories (remove the comment below to include it)
 # vendor/
 
 .idea
 .DS_Store
-*.pem
+*.pem
+*.crt
+*.key
diff --git a/README.md b/README.md
@@ -17,7 +17,7 @@
     月海之名取自于苏轼的《西江月·顷在黄州》，寓意月海取自于传统安全工具，用之于云，最终达到隐匿于海的效果。
 </p>
 <p align="center">
-目前工具正处于开发中，欢迎各位提交 <a href="https://github.com/DVKunion/SeaMoon/issues">Issue</a> |  <a href="https://github.com/DVKunion/SeaMoon/pulls">Pr</a>
+目前工具正处于开发中，欢迎各位提交 <a href="https://github.com/DVKunion/SeaMoon/issues"><b>Issue</b></a> |  <a href="https://github.com/DVKunion/SeaMoon/pulls"><b>Pr</b></a>
 </p>
 
 <br />
@@ -36,12 +36,15 @@
 
 网络层支持是月海的基础功能，也是云函数最基本的优势和特性。 支持一级代理 / 链式代理，
 
-| 代理类型   | 原理文档                                                                          | 服务端支持 | 客户端支持 |
-|--------|-------------------------------------------------------------------------------|:-----:|:-----:|
-| HTTP   | [HTTP.md](https://github.com/DVKunion/SeaMoon/blob/main/docs/net/HTTP.md)     |   ✅   |   ✅   |
-| HTTPS  | [HTTP.md](https://github.com/DVKunion/SeaMoon/blob/main/docs/net/HTTP.md)     |   ✅   |   ✅   |
-| Socks5 | [Socks5.md](https://github.com/DVKunion/SeaMoon/blob/main/docs/net/SOCKS5.md) | 🐶开发中 | 🐶开发中 |
-| 链式代理   |                                                                               |       |       |
+| 代理类型      | 原理文档                                                                          | 服务端支持 | 客户端支持 |
+|-----------|-------------------------------------------------------------------------------|:-----:|:-----:|
+| HTTP      | [HTTP.md](https://github.com/DVKunion/SeaMoon/blob/main/docs/net/HTTP.md)     |   ✅   |   ✅   |
+| HTTPS     | [HTTP.md](https://github.com/DVKunion/SeaMoon/blob/main/docs/net/HTTP.md)     |   ✅   |   ✅   |
+| Socks5    | [Socks5.md](https://github.com/DVKunion/SeaMoon/blob/main/docs/net/SOCKS5.md) |   ✅   |   ✅   |
+| SS/SSR    | [Socks5.md](https://github.com/DVKunion/SeaMoon/blob/main/docs/net/SOCKS5.md) | 🐷待开发 | 🐷待开发 |
+| VMess     | [Socks5.md](https://github.com/DVKunion/SeaMoon/blob/main/docs/net/SOCKS5.md) | 🐷待开发 | 🐷待开发 |
+| websocket |                                                                               | 🐷待开发 | 🐷待开发 |
+| 链式代理      |                                                                               | ❌暂无计划 | ❌暂无计划 |
 
 ### 应用层
 
@@ -56,9 +59,10 @@
 
 ### 其他特性
 
-+ 身份认证加强保密性: 🐷待开发
++ 身份认证加强保密性: 🐶开发中
 + 探活机制/心跳检测: 🐷待开发
 + 多云平台/区域环境部署后随机选择机制: 🐷待开发
++ 精美的客户端web控制台: ? MayBe
 
 ## 🕹 ️开始使用
 
@@ -81,13 +85,16 @@
 + [浅谈云函数的利用面](https://xz.aliyun.com/t/9502)
 + [白嫖CDN，打造封不尽IP的代理池](https://freewechat.com/a/MzI0MDI5MTQ3OQ==/2247484068/1)
 + [Serverless 应用开发指南](https://serverless.ink/)
++ [HTTP被动扫描代理的那些事](https://www.freebuf.com/articles/web/212382.html)
++ [Subsocks: 用GO实现一个Socks5安全代理](https://luyuhuang.tech/2020/12/02/subsocks.html)
 
 **项目类**
 
 + [SFCProxy](https://github.com/shimmeris/SCFProxy)
++ [go-socks5](https://github.com/armon/go-socks5)
++ [subsocks](https://github.com/luyuhuang/subsocks)
 + [gost](https://github.com/ginuerzh/gost)
 + [InCloud](https://github.com/inbug-team/InCloud)
-+ [GOProxy](https://github.com/snail007/goproxy)
 + [sfc-proxy](https://github.com/Sakurasan/scf-proxy)
 + [Serverless-transitcode](https://github.com/copriwolf/serverless-transitcode)
 + [protoplex](https://github.com/SapphicCode/protoplex)
diff --git a/cmd/aliyun_server.go b/cmd/aliyun_server.go
@@ -1,24 +1,15 @@
 package main
 
 import (
-	"SeaMoon/pkg/proxy"
-	"github.com/aliyun/fc-runtime-go-sdk/fc"
+	"github.com/DVKunion/SeaMoon/pkg/consts"
+	"github.com/DVKunion/SeaMoon/pkg/server"
 	"os"
 )
 
-var (
-	serverMod = os.Getenv("serverMod")
-)
-
 func main() {
-	switch serverMod {
-	case "http":
-		fc.StartHttp(proxy.AliYunHttpHandler)
-		return
-	case "socks5":
-		fc.StartHttp(proxy.AliYunSocks5Handler)
-		return
-	default:
-		return
+	if consts.Version == "dev" {
+		server.NewServer("socks5", "0.0.0.0", "10000").Serve()
+	} else {
+		server.NewServer(os.Getenv("serverMod"), "0.0.0.0", "9000").Serve()
 	}
 }
diff --git a/cmd/client.go b/cmd/client.go
@@ -1,56 +1,56 @@
 package main
 
 import (
-	"SeaMoon/pkg/proxy"
-	"fmt"
+	"github.com/DVKunion/SeaMoon/pkg/client"
+	"github.com/DVKunion/SeaMoon/pkg/consts"
+	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	"os"
 )
 
 var (
-	proxyAddr          string
-	listenAddr         string
-	clientMod          string
-	verbose            bool
-	rootClientCommand  = &cobra.Command{}
-	proxyClientCommand = &cobra.Command{
-		Use:   "proxy",
-		Short: "SeaMoon Proxy Client",
+	mod        string
+	debug      bool
+	verbose    bool
+	listenAddr string
+	proxyAddr  string
+
+	clientMap = map[string]func(listenAddr string, proxyAddr string, verbose bool){
+		"http":   client.NewHttpClient,
+		"socks5": client.NewSocks5Client,
+	}
+
+	rootCommand = &cobra.Command{
+		Use:   "client",
+		Short: "SeaMoon Client",
 		Run: func(cmd *cobra.Command, args []string) {
-			Proxy()
+			Client()
 		},
 	}
 	versionCommand = &cobra.Command{
 		Use: "version",
 		Run: func(cmd *cobra.Command, args []string) {
-			fmt.Println("V1.0.0-BETA")
+			log.Info(consts.Version)
 		},
 	}
 )
 
 func init() {
-	rootClientCommand.AddCommand(versionCommand)
-	proxyClientCommand.Flags().StringVarP(&clientMod, "mod", "m", "http", "mod of SeaMoon client")
-	proxyClientCommand.Flags().StringVarP(&listenAddr, "laddr", "l", ":9000", "local client address like : 0.0.0.0:9000")
-	proxyClientCommand.Flags().StringVarP(&proxyAddr, "paddr", "p", "", "proxy server address")
-	proxyClientCommand.Flags().BoolVarP(&verbose, "verbose", "v", false, "proxy detail log")
-
-	rootClientCommand.AddCommand(proxyClientCommand)
+	rootCommand.AddCommand(versionCommand)
+	rootCommand.Flags().StringVarP(&mod, "mod", "m", "http", "mod of SeaMoon client")
+	rootCommand.Flags().StringVarP(&listenAddr, "laddr", "l", ":9000", "local client address like : 0.0.0.0:9000")
+	rootCommand.Flags().StringVarP(&proxyAddr, "paddr", "p", "", "proxy server address")
+	rootCommand.Flags().BoolVarP(&verbose, "verbose", "v", false, "proxy detail log")
+	rootCommand.Flags().BoolVarP(&debug, "debug", "d", false, "proxy detail log")
 }
 
-func Proxy() {
-	switch clientMod {
-	case "http":
-		proxy.NewHttpClient(listenAddr, proxyAddr, verbose)
-		break
-	case "socks5":
-		proxy.NewSocks5Client(listenAddr, proxyAddr, verbose)
-		break
-	}
+func Client() {
+	handle := clientMap[mod]
+	handle(listenAddr, proxyAddr, verbose)
 }
 
 func main() {
-	if err := rootClientCommand.Execute(); err != nil {
+	if err := rootCommand.Execute(); err != nil {
 		os.Exit(1)
 	}
 }
diff --git a/docs/START.md b/docs/START.md
@@ -6,23 +6,26 @@
 
 > Github Action自动打包还在开发中，后续会陆续支持各种平台环境的Client，点击下载即可用。
 
-证书准备:
-`cd pkg/ca`
-`bash openssl-gen.sh`
+客户端启动:  
+`go mod tidy`
 
-以mac为例，双击ca.pem，信任证书即可(原理同burp证书信任)
+**http代理**  
+`go run cmd/client.go -m http -l :9000 -p http://YOUR_FC_SERVER -v`
 
-客户端启动:
-`go mod tidy`  
-`go run cmd/client.go proxy -m http -l :9000 -p YOUR_FC_SERVER -v`
+**socks5代理**
+`go run cmd/client.go -m socks5 -l :9000 -p ws://YOUR_FC_SERVER -v`
+
+证书信任:
+客户端运行后，会自动在运行目录下生成证书文件。  
+以mac为例，双击ca.crt，信任证书即可(原理同burp证书信任)
 
 各参数详情:
 
-| 参数名称          | 参数描述                                |  默认值  |
-|---------------|-------------------------------------|:-----:|
-| proxy         | 客户端运行模式: 代理模式                       |   无   |
-| -m / --mod    | 代理模式 :http/socks5                   | http  |
-| -l / --laddr  | 本地代理地址: 127.0.0.1:9000              | :9000 | 
-| -p / --paddr  | 云端代理地址: http://xxxxxxx.xxxx.xxxx:80 |   无   |
-| -v /--verbose | 是否展示代理日志详情                          | false |
+| 参数名称          | 参数描述                                                      |  默认值  |
+|---------------|-----------------------------------------------------------|:-----:|
+| proxy         | 客户端运行模式: 代理模式                                             |   无   |
+| -m / --mod    | 代理模式 :http/socks5                                         | http  |
+| -l / --laddr  | 本地代理地址: 127.0.0.1:9000                                    | :9000 | 
+| -p / --paddr  | 云端代理地址: http://xxxxxxx.xxxx.xxxx ｜ ws://xxxxxxx.xxxx.xxxx |   无   |
+| -v /--verbose | 是否展示代理日志详情                                                | false |
 
diff --git a/docs/img/speed2.png b/docs/img/speed2.png
diff --git a/docs/net/HTTP.md b/docs/net/HTTP.md
@@ -1,10 +1,13 @@
 # HTTP
 
+[TODO] 重构HTTP逻辑，通过net进行转发而不是上层的http
+
 HTTP代理 涉及了三个问题。
 
 1. HOST 路由问题
 2. HTTPS 请求认证问题
 3. 链式代理
+4. 底层转发http.client.do()问题
 
 依次在原理部分解释月海是如何处理上述问题的
 
@@ -56,4 +59,14 @@ HTTP代理 涉及了三个问题。
 
 HTTPS 迎刃而解。
 
-### 链式代理
+### 链式代理
+
+待开发
+
+### 底层逻辑问题
+
+月海测试beta版本，使用的方式是通过net.http 直接发送从header获取的完整路径请求。
+
+这和现有的一些工具逻辑完全一致。 但是在测试时，很容易出现：`http redirect request` 、 js/css加载失败或直接失效的场景，这相比socks5的舒适度差了一大截。
+
+因此，基于完美主义，后续将会重构一版底层net转发的逻辑。