6 年之前 · dd65e32fb5
--- a/conf/nps.conf
+++ b/conf/nps.conf
@@ -3,10 +3,13 @@ appname = nps
 
				 runmode = pro
			
 
				 
			
 
				 #HTTP(S) proxy port, no startup if empty
			
 
				+http_proxy_ip=0.0.0.0
			
 
				 http_proxy_port=80
			
 
				 https_proxy_port=443
			
 
				 https_just_proxy=true
			
 
				-http_proxy_ip=0.0.0.0
			
 
				+#default https certificate setting
			
 
				+https_default_cert_file=conf/server.pem
			
 
				+https_default_key_file=conf/server.key
			
 
				 
			
 
				 ##bridge
			
 
				 bridge_type=tcp
			
--- a/server/proxy/https.go
+++ b/server/proxy/https.go
@@ -33,8 +33,20 @@ func (https *HttpsServer) Start() error {
 
				 			https.handleHttps(c)
			
 
				 		})
			
 
				 	} else {
			
 
				+		//start the default listener
			
 
				+		certFile := beego.AppConfig.String("https_default_cert_file")
			
 
				+		keyFile := beego.AppConfig.String("https_default_key_file")
			
 
				+		if common.FileExists(certFile) && common.FileExists(keyFile) {
			
 
				+			l := NewHttpsListener(https.listener)
			
 
				+			https.NewHttps(l, certFile, keyFile)
			
 
				+			https.httpsListenerMap.Store("default", l)
			
 
				+		}
			
 
				 		conn.Accept(https.listener, func(c net.Conn) {
			
 
				 			serverName, rb := GetServerNameFromClientHello(c)
			
 
				+			//if the clientHello does not contains sni ,use the default ssl certificate
			
 
				+			if serverName == "" {
			
 
				+				serverName = "default"
			
 
				+			}
			
 
				 			var l *HttpsListener
			
 
				 			if v, ok := https.httpsListenerMap.Load(serverName); ok {
			
 
				 				l = v.(*HttpsListener)
			
@@ -42,17 +54,23 @@ func (https *HttpsServer) Start() error {
 
				 				r := buildHttpsRequest(serverName)
			
 
				 				if host, err := file.GetDb().GetInfoByHost(serverName, r); err != nil {
			
 
				 					c.Close()
			
 
				-					logs.Notice("the url %s can't be parsed!", serverName)
			
 
				+					logs.Notice("the url %s can't be parsed!,remote addr %s", serverName, c.RemoteAddr().String())
			
 
				 					return
			
 
				 				} else {
			
 
				 					if !common.FileExists(host.CertFilePath) || !common.FileExists(host.KeyFilePath) {
			
 
				-						c.Close()
			
 
				-						logs.Error("the key %s cert %s file is not exist", host.KeyFilePath, host.CertFilePath)
			
 
				-						return
			
 
				+						//if the host cert file or key file is not set ,use the default file
			
 
				+						if v, ok := https.httpsListenerMap.Load("default"); ok {
			
 
				+							l = v.(*HttpsListener)
			
 
				+						} else {
			
 
				+							c.Close()
			
 
				+							logs.Error("the key %s cert %s file is not exist", host.KeyFilePath, host.CertFilePath)
			
 
				+							return
			
 
				+						}
			
 
				+					} else {
			
 
				+						l = NewHttpsListener(https.listener)
			
 
				+						https.NewHttps(l, host.CertFilePath, host.KeyFilePath)
			
 
				+						https.httpsListenerMap.Store(serverName, l)
			
 
				 					}
			
 
				-					l = NewHttpsListener(https.listener)
			
 
				-					https.NewHttps(l, host.CertFilePath, host.KeyFilePath)
			
 
				-					https.httpsListenerMap.Store(serverName, l)
			
 
				 				}
			
 
				 			}
			
 
				 			acceptConn := conn.NewConn(c)