ouczbs/FastGithub
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

自动反代被污染为127.0.0.1的域名

Browse Source
This commit is contained in:
陈国伟 2021-10-11 16:18:09 +08:00
parent 4d32aca9c4
commit c9a2ea3dda
4 changed files with 47 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Directory.Build.props
View File

@ -1,6 +1,6 @@
<Project> <Project>
<PropertyGroup> <PropertyGroup>
<Version>2.0.3</Version> <Version>2.0.4</Version>
<Nullable>enable</Nullable> <Nullable>enable</Nullable>
<Description>github加速神器</Description> <Description>github加速神器</Description>
<Copyright>https://github.com/dotnetcore/FastGithub</Copyright> <Copyright>https://github.com/dotnetcore/FastGithub</Copyright>

4
FastGithub.Http/HttpClientHandler.cs
View File

@ -203,6 +203,10 @@ namespace FastGithub.Http
var parser = new Org.BouncyCastle.X509.X509CertificateParser(); var parser = new Org.BouncyCastle.X509.X509CertificateParser();
var x509Cert = parser.ReadCertificate(cert.GetRawCertData()); var x509Cert = parser.ReadCertificate(cert.GetRawCertData());
var subjects = x509Cert.GetSubjectAlternativeNames(); var subjects = x509Cert.GetSubjectAlternativeNames();
if (subjects == null)
{
yield break;
}
foreach (var subject in subjects) foreach (var subject in subjects)
{ {

12
FastGithub.HttpServer/HttpProxyMiddleware.cs
View File

@ -22,6 +22,8 @@ namespace FastGithub.HttpServer
{ {
private const string LOOPBACK = "127.0.0.1"; private const string LOOPBACK = "127.0.0.1";
private const string LOCALHOST = "localhost"; private const string LOCALHOST = "localhost";
private const int HTTP_PORT = 80;
private const int HTTPS_PORT = 443;
private readonly FastGithubConfig fastGithubConfig; private readonly FastGithubConfig fastGithubConfig;
private readonly IDomainResolver domainResolver; private readonly IDomainResolver domainResolver;
@ -114,11 +116,7 @@ namespace FastGithub.HttpServer
/// <returns></returns> /// <returns></returns>
private bool IsFastGithubServer(HostString host) private bool IsFastGithubServer(HostString host)
{ {
if (host.Port == this.fastGithubConfig.HttpProxyPort) return host.Port == this.fastGithubConfig.HttpProxyPort && (host.Host == LOOPBACK || host.Host == LOCALHOST);
{
return host.Host == LOOPBACK || host.Host == LOCALHOST;
}
return false;
} }
/// <summary> /// <summary>
@ -146,9 +144,7 @@ namespace FastGithub.HttpServer
/// <param name="host"></param> /// <param name="host"></param>
/// <returns></returns> /// <returns></returns>
private async Task<EndPoint> GetTargetEndPointAsync(HostString host) private async Task<EndPoint> GetTargetEndPointAsync(HostString host)
{ {
const int HTTP_PORT = 80;
const int HTTPS_PORT = 443;
var targetHost = host.Host; var targetHost = host.Host;
var targetPort = host.Port ?? HTTPS_PORT; var targetPort = host.Port ?? HTTPS_PORT;

39
FastGithub.HttpServer/HttpReverseProxyMiddleware.cs
View File

@ -3,6 +3,7 @@ using FastGithub.Http;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using System; using System;
using System.Diagnostics.CodeAnalysis;
using System.Threading.Tasks; using System.Threading.Tasks;
using Yarp.ReverseProxy.Forwarder; using Yarp.ReverseProxy.Forwarder;
@ -13,11 +14,19 @@ namespace FastGithub.HttpServer
/// </summary> /// </summary>
sealed class HttpReverseProxyMiddleware sealed class HttpReverseProxyMiddleware
{ {
private const string LOOPBACK = "127.0.0.1";
private const string LOCALHOST = "localhost";
private const int HTTP_PORT = 80;
private const int HTTPS_PORT = 443;
private static readonly DomainConfig sniDomainConfig = new() { TlsSni = true };
private readonly IHttpForwarder httpForwarder; private readonly IHttpForwarder httpForwarder;
private readonly IHttpClientFactory httpClientFactory; private readonly IHttpClientFactory httpClientFactory;
private readonly FastGithubConfig fastGithubConfig; private readonly FastGithubConfig fastGithubConfig;
private readonly ILogger<HttpReverseProxyMiddleware> logger; private readonly ILogger<HttpReverseProxyMiddleware> logger;
public HttpReverseProxyMiddleware( public HttpReverseProxyMiddleware(
IHttpForwarder httpForwarder, IHttpForwarder httpForwarder,
IHttpClientFactory httpClientFactory, IHttpClientFactory httpClientFactory,
@ -39,7 +48,7 @@ namespace FastGithub.HttpServer
public async Task InvokeAsync(HttpContext context, RequestDelegate next) public async Task InvokeAsync(HttpContext context, RequestDelegate next)
{ {
var host = context.Request.Host; var host = context.Request.Host;
if (this.fastGithubConfig.TryGetDomainConfig(host.Host, out var domainConfig) == false) if (this.TryGetDomainConfig(host, out var domainConfig) == false)
{ {
await next(context); await next(context);
} }
@ -62,6 +71,34 @@ namespace FastGithub.HttpServer
} }
} }
/// <summary>
/// 获取域名的DomainConfig
/// </summary>
/// <param name="host"></param>
/// <param name="domainConfig"></param>
/// <returns></returns>
private bool TryGetDomainConfig(HostString host, [MaybeNullWhen(false)] out DomainConfig domainConfig)
{
if (this.fastGithubConfig.TryGetDomainConfig(host.Host, out domainConfig) == true)
{
return true;
}
// http(s)://127.0.0.1
// http(s)://localhost
if (host.Host == LOOPBACK || host.Host == LOCALHOST)
{
if (host.Port == null || host.Port == HTTPS_PORT || host.Port == HTTP_PORT)
{
return false;
}
}
// 未配置的域名但dns污染解析为127.0.0.1的域名
domainConfig = sniDomainConfig;
return true;
}
/// <summary> /// <summary>
/// 获取目标前缀 /// 获取目标前缀
/// </summary> /// </summary>