t880216t-server 1.5.20

package/lib/main/router.js

@@ -0,0 +1,79 @@
+const bodyParser = require('koa-bodyparser');
+const { passToWhistle, passToService } = require('./util');
+const login = require('./cgi/login');
+const restart = require('./cgi/restart');
+const getSettings = require('./cgi/getSettings');
+const setAdmin = require('./cgi/setAdmin');
+const setDomain = require('./cgi/setDomain');
+const getVersion = require('./cgi/getVersion');
+const status = require('./cgi/status');
+const config = require('../config');
+
+const PUB_KEY_RE = /^[\w.-]+\.pub\.[a-z\d]+$/i;
+
+const passDirect = async (ctx) => {
+  await passToWhistle(ctx);
+};
+const getPassHandler = (cgiPath) => {
+  return async (ctx) => {
+    const { req } = ctx;
+    req.url = req.url.replace(cgiPath, `/plugin.nohost${cgiPath}`);
+    await passToWhistle(ctx);
+  };
+};
+
+const handleValues = (ctx) => {
+  if (PUB_KEY_RE.test(ctx.query.name)) {
+    ctx.headers['x-whistle-auth-key'] = config.mainAuthKey;
+  }
+  return passDirect(ctx);
+};
+
+module.exports = (router) => {
+  router.get('/cgi-bin/get-custom-certs-info', passDirect);
+  router.post('/cgi-bin/certs/remove', passDirect);
+  router.post('/cgi-bin/certs/upload', passDirect);
+  router.get('/cgi-bin/rootca', passDirect);
+  router.get('/rules', passDirect);
+  router.get('/values', handleValues);
+  router.all('/cgi-bin/sessions/export', passToService);
+  router.all('/cgi-bin/sessions/import', passToService);
+  router.get('/status', status);
+  router.all('/cgi-bin/(.*)', getPassHandler('/cgi-bin/'));
+  router.all('/network/(.*)', getPassHandler('/network/'));
+  router.all(/^\/account\/\$(\d+)\//, async (ctx) => {
+    const index = ctx.params[0];
+    ctx.url = ctx.url.replace(`/account/$${index}/`, '/');
+    await passToWhistle(ctx, null, index);
+  });
+  router.all('/account/(.*)', getPassHandler('/account/'));
+  router.all('/user/:name', (ctx) => {
+    const name = ctx.params.name.replace(/\..*$/, '');
+    ctx.redirect(`${ctx.path.slice(-1) === '/' ? '../' : ''}../account/${name}/`);
+  });
+  router.all('/open-api/(.*)', getPassHandler('/open-api/'));
+  router.all('/follow', getPassHandler('/follow'));
+  router.all('/unfollow', getPassHandler('/unfollow'));
+  router.all('/redirect', getPassHandler('/redirect'));
+
+  router.all('/p/:name/(.*)', async (ctx) => {
+    let { name } = ctx.params;
+    const segPath = `/p/${name}`;
+    name = name.indexOf('.') === -1 ? `/plugin.${name}` : name;
+    ctx.req.url = ctx.req.url.replace(segPath, name);
+    await passToWhistle(ctx);
+  });
+  router.all('/p/:name', (ctx) => {
+    ctx.redirect(ctx.req.url.replace(/(\?|$)/, '/$1'));
+  });
+  router.all('/whistle/(.*)', passDirect);
+  router.all('/whistle.(.*)', passDirect);
+  router.all('/plugin.(.*)', passDirect);
+  router.get('/get-version', getVersion);
+  router.all('/admin.html', login);
+  router.all('/main/cgi-bin/(.*)', login, bodyParser({ formLimit: '1mb' }));
+  router.post('/main/cgi-bin/restart', restart);
+  router.get('/main/cgi-bin/get-settings', getSettings);
+  router.post('/main/cgi-bin/set-admin', setAdmin);
+  router.post('/main/cgi-bin/set-domain', setDomain);
+};

package/lib/main/storage.js

@@ -0,0 +1,132 @@
+const Storage = require('whistle/lib/rules/storage');
+const path = require('path');
+const net = require('net');
+const { parse } = require('url');
+const https = require('https');
+const { isLocalAddress } = require('../util/address');
+const { shasum } = require('../util/login');
+const config = require('../config');
+const parseDomain = require('../util/parseDomain');
+const { registry } = require('../../package.json');
+
+const registryOpts = parse(registry);
+const storage = new Storage(path.join(process.env.WHISTLE_PATH, '.nohost'));
+const HOST_RE = /^https?:\/\/([^/]+)/;
+const TUNNEL_PATH_RE = /^([^/]+)$/;
+const INNER_PATH_RE = /^(?:\w+:\/\/[^/]+)?\/\.nohost-inner-path\.\//;
+const MAX_DOMAIN_LEN = 128;
+const DEFAULT_PASSWORD = shasum('123456');
+const ILLEGAL_DOMAIN_RE = /[^\w.,\s-]/;
+const noop = () => {};
+
+const checkDomain = (domain) => {
+  return typeof domain === 'string' && !ILLEGAL_DOMAIN_RE.test(domain) && domain.length < MAX_DOMAIN_LEN;
+};
+
+exports.checkDomain = checkDomain;
+
+registryOpts.rejectUnauthorized = false;
+const updateVersion = () => {
+  const client = https.get(registryOpts, (res) => {
+    res.on('error', noop);
+    if (res.statusCode !== 200) {
+      return;
+    }
+    let body;
+    res.on('data', (chunk) => {
+      body = body ? Buffer.concat([body, chunk]) : chunk;
+    });
+    res.on('end', () => {
+      body = body && `${body}`;
+      try {
+        const ver = body && JSON.parse(body)['dist-tags'].latest;
+        exports.latestVersion = ver;
+        storage.setProperty('latestVersion', ver);
+      } catch (e) {}
+    });
+  });
+  client.on('error', noop);
+  client.end();
+};
+
+exports.latestVersion = storage.getProperty('latestVersion');
+updateVersion();
+setInterval(updateVersion, 1000 * 60 * 30);
+
+const initData = () => {
+  const domain = storage.getProperty('domain');
+  if (!checkDomain(domain)) {
+    storage.setProperty('domain', '');
+  }
+};
+
+initData();
+
+const getString = (str) => {
+  return typeof str === 'string' ? str : '';
+};
+
+const getReqDomain = (req, isConnect) => {
+  let host = req.headers['x-whistle-real-host'] || req.headers.host;
+  if (isConnect ? TUNNEL_PATH_RE.test(req.url) : (!host && HOST_RE.test(req.url))) {
+    host = RegExp.$1;
+  }
+  return host && typeof host === 'string' ? host.split(':', 2) : '';
+};
+
+const getDomain = () => {
+  return storage.getProperty('domain');
+};
+
+const isUIDomain = (domain) => {
+  return domain === 'admin.nohost.pro' || parseDomain(`${getDomain()},${config.domain}`).includes(domain);
+};
+
+exports.isUIRequest = (req, isConnect) => {
+  const domain = getReqDomain(req, isConnect);
+  if (!domain) {
+    return;
+  }
+  if (req.headers['x-whistle-nohost-ui'] || isUIDomain(domain[0])) {
+    return true;
+  }
+  if (INNER_PATH_RE.test(req.url)) {
+    req.url = req.url.replace('/.nohost-inner-path./', '/');
+    return true;
+  }
+  if (!net.isIP(domain[0]) || config.portStr !== (domain[1] || '80')) {
+    return;
+  }
+  if (isLocalAddress(domain[0])) {
+    return true;
+  }
+  req.headers['x-whistle-nohost-ui'] = 1;
+  return false;
+};
+
+const getAdmin = () => {
+  const admin = storage.getProperty('admin') || '';
+  const username = getString(admin.username) || 'admin';
+  const password = getString(admin.password) || DEFAULT_PASSWORD;
+  return { username, password };
+};
+
+exports.setAdmin = (admin) => {
+  if (admin) {
+    const { username, password } = admin;
+    if (getString(username) && /^[\w.-]{1,32}$/.test(username) && getString(password)) {
+      const oldAdmin = getAdmin();
+      admin = { username, password: shasum(password) };
+      storage.setProperty('admin', admin);
+      return admin.username !== oldAdmin.username || admin.password !== oldAdmin.password;
+    }
+  }
+};
+
+exports.getAdmin = getAdmin;
+
+exports.setDomain = (str) => {
+  storage.setProperty('domain', str);
+};
+
+exports.getDomain = getDomain;

package/lib/main/util.js

@@ -0,0 +1,138 @@
+const { proxy, getRawHeaders } = require('@nohost/router');
+const { isIP } = require('net');
+const cpuNum = require('os').cpus().length;
+const {
+  getRemoteAddr,
+  getRemotePort,
+} = require('whistle/lib/util');
+const { fork } = require('./whistleMgr');
+const startService = require('../service');
+const { fork: forkWorker } = require('./worker');
+const config = require('../config');
+
+const LOCALHOST = '127.0.0.1';
+const FROM_RE = /[?&]from=[\w.-]+(?:&|$)/;
+const ERROR_HEADERS = { 'x-server': 'nohost/router' };
+
+const sendError = (res, err) => {
+  if (res.writeHead) {
+    res.writeHead(500, ERROR_HEADERS);
+    res.end(err.stack);
+  } else {
+    res.destroy();
+  }
+};
+const proxyCtx = async (ctx, options) => {
+  const svrRes = await proxy(ctx.req, ctx.res, options);
+  ctx.status = svrRes.statusCode;
+  ctx.set(svrRes.headers);
+  ctx.body = svrRes;
+};
+
+exports.passToWhistle = async (req, res, index) => {
+  const ctx = !res && req;
+  if (ctx) {
+    res = ctx.res;
+    req = ctx.req;
+  }
+  const options = { host: LOCALHOST };
+  let remoteAddrHead;
+  let remotePortHead;
+  const isSingleton = index == null;
+  try {
+    const result = isSingleton ? await fork() : await forkWorker(index);
+    options.port = result.port;
+    remoteAddrHead = result.remoteAddrHead;
+    remotePortHead = result.remotePortHead;
+  } catch (err) {
+    if (ctx) {
+      throw err;
+    }
+    return sendError(res, err);
+  }
+  if (req._hasError) {
+    return;
+  }
+  const { headers } = req;
+  const remoteAddress = !isSingleton && headers['x-whistle-remote-address'];
+  const remotePort = !isSingleton && headers['x-whistle-remote-port'];
+  if (remotePort > 0 && remotePort < 65536 && isIP(remoteAddress)) {
+    headers[remoteAddrHead] = remoteAddress;
+    headers[remotePortHead] = remotePort;
+    delete headers['x-whistle-remote-address'];
+    delete headers['x-whistle-remote-port'];
+  } else {
+    headers[remoteAddrHead] = getRemoteAddr(req);
+    headers[remotePortHead] = getRemotePort(req);
+  }
+  if (ctx) {
+    return proxyCtx(ctx, options);
+  }
+  if (req.upgrade) {
+    return proxy(req, res, options);
+  }
+  try {
+    const svrRes = await proxy(req, res, options);
+    res.writeHead(svrRes.statusCode, getRawHeaders(svrRes));
+    svrRes.pipe(res);
+  } catch (err) {
+    sendError(res, err);
+  }
+};
+
+const MAX_REQUESTS = 120;
+const conns = [0];
+
+const getServerIndex = () => {
+  const len = conns.length;
+  let min = conns[0];
+  if (min < MAX_REQUESTS) {
+    ++conns[0];
+    return 0;
+  }
+  let index = 0;
+  for (let i = 1; i < len; i++) {
+    if (min > conns[i]) {
+      min = conns[i];
+      index = i;
+    }
+  }
+  if (min < MAX_REQUESTS || len >= cpuNum) {
+    ++conns[index];
+    return index;
+  }
+  conns[len] = 1;
+  return len;
+};
+
+exports.passToService = async (ctx) => {
+  const index = getServerIndex();
+  const port = await startService(index);
+  await proxyCtx(ctx, { host: LOCALHOST, port });
+  --conns[index];
+};
+
+const REDIRECT_PAGES = {
+  '/': '/select.html',
+  '/share.html': '/share.html',
+  '/select.html': '/select.html',
+  '/index.html': '/select.html',
+  '/capture.html': '/',
+  '/data.html': '/',
+};
+
+exports.getRedirectUrl = (ctx) => {
+  let { redirect } = config;
+  const { pageName, originalUrl: url, accountName } = ctx;
+  const page = REDIRECT_PAGES[pageName];
+  if (!redirect || !page || FROM_RE.test(url)) {
+    return;
+  }
+  redirect = `${redirect}${page}`;
+  const index = url.indexOf('?');
+  let query = index === -1 ? '' : url.substring(index + 1);
+  if (accountName) {
+    query = `${query ? `${query}&` : ''}account=${encodeURIComponent(accountName)}`;
+  }
+  return query ? `${redirect}?${query}` : redirect;
+};

package/lib/main/whistleMgr.js

@@ -0,0 +1,56 @@
+const path = require('path');
+const { fork } = require('pfork');
+const { getAdmin, getDomain } = require('./storage');
+const config = require('../config');
+
+const script = path.join(__dirname, '../whistle.js');
+const DELAY_TIME = 1000 * 6;
+let server;
+
+exports.fork = () => {
+  if (!server) {
+    const admin = getAdmin();
+    server = new Promise((resolve, reject) => fork({
+      script,
+      baseDir: config.baseDir,
+      username: admin.username,
+      password: admin.password,
+      debugMode: config.debugMode,
+      domain: `${getDomain()},${config.domain}`,
+      realPort: config.port,
+      realHost: config.host || '',
+      authKey: config.authKey,
+      mainAuthKey: config.mainAuthKey,
+      storageServer: config.storage,
+      dnsServer: config.dnsServer,
+      globalPluginPath: config.globalPluginPath,
+      accountPluginPath: config.accountPluginPath,
+    }, (err, options, child) => {
+      if (err) {
+        server = null;
+        reject(err);
+      } else {
+        server.whistleProcess = child;
+        child.once('close', () => {
+          server = null;
+        });
+        resolve(options);
+      }
+    }));
+  }
+  return server;
+};
+
+exports.restart = () => {
+  if (server) {
+    if (server.whistleProcess) {
+      server.whistleProcess.kill(DELAY_TIME);
+    } else {
+      const svr = server;
+      server.then(() => {
+        svr.whistleProcess.kill(DELAY_TIME);
+      });
+    }
+    server = null;
+  }
+};

package/lib/main/worker.js

@@ -0,0 +1,52 @@
+const p = require('pfork');
+const path = require('path');
+const config = require('../config');
+const workerNum = require('./workerNum');
+
+const WHISTLE_WORKER = path.join(__dirname, '../plugins/whistle.nohost/lib/whistle.js');
+const DELAY = 6000;
+const cache = {};
+
+const getName = (index) => {
+  if (index > 0) {
+    index %= workerNum;
+  }
+  return `$${index}`;
+};
+
+exports.fork = (index) => {
+  if (index > 0) {
+    index %= workerNum;
+  }
+  const name = getName(index);
+  cache[name] = cache[name] || new Promise((resolve, reject) => {
+    p.fork({
+      worker: true,
+      pluginsPath: config.pluginsPath,
+      value: name,
+      password: `${Math.random()}`,
+      guestName: '-',
+      storage: `whistle.nohost/${name}`,
+      script: WHISTLE_WORKER,
+      storageServer: config.storage,
+      dnsServer: config.dnsServer,
+      accountPluginPath: config.accountPluginPath,
+    }, (err, result, child) => {
+      if (err) {
+        delete cache[name];
+        return reject(err);
+      }
+      child.on('exit', () => {
+        delete cache[name];
+      });
+      resolve(result);
+    });
+  });
+  return cache[name];
+};
+exports.kill = (index) => {
+  p.kill({
+    script: WHISTLE_WORKER,
+    value: getName(index),
+  }, DELAY);
+};

package/lib/main/workerNum.js

@@ -0,0 +1,11 @@
+const os = require('os');
+
+const WORKER_NUM_FROM_ENV = parseInt(process.env.NOHOST_WORKER_NUM, 10);
+const RESERVE_MEM = 1024 * 1024 * 1204 * 2;
+if (WORKER_NUM_FROM_ENV > 0) {
+  module.exports = WORKER_NUM_FROM_ENV;
+} else {
+  const WORKER_NUM_FROM_MEM = Math.floor(Math.max(os.totalmem() - RESERVE_MEM, 0) / (1024 * 1024 * 500)) || 1;
+  const WORKER_NUM_FROM_CPU = os.cpus().length * 4;
+  module.exports = Math.min(WORKER_NUM_FROM_MEM, WORKER_NUM_FROM_CPU);
+}

package/lib/plugins/account/whistle.share/menu.html

@@ -0,0 +1,171 @@
+<script>
+  var w2 = window.whistleBridge;
+  var showModal = w2.showModal;
+  var baseUrl = window.parent.location.href
+    .replace(/[?#].*$/, "")
+    .replace(/\/nohost_share\/.*$/, "")
+    .replace(/\/$/, "");
+  var codeList = [];
+
+  for (var c1 = 0; c1 < 10; c1++) {
+    codeList.push(c1 + "");
+  }
+
+  for (var c2 = 97; c2 <= 122; ++c2) {
+    codeList.push(String.fromCharCode(c2));
+  }
+
+  var codeLen = codeList.length;
+
+  function getExportList() {
+    var list = localStorage.exportInfoList;
+    try {
+      list = JSON.parse(list);
+      if (Array.isArray(list)) {
+        return list.filter(function(item) {
+          return item && item.name && item.date;
+        });
+      }
+    } catch (e) {}
+    return [];
+  }
+
+  function saveExportList(name, date, username, code, env, route) {
+    var list = getExportList();
+    list.push({ name, date, username, code, env, route });
+    if (list.length > 100) {
+      list = list.slice(-30);
+    }
+    localStorage.exportInfoList = JSON.stringify(list);
+    return list;
+  }
+  // 如果有构建，可以用模板代替
+  function createTable(list) {
+    var highlight = list;
+    list = list || getExportList();
+    var len = (Date.now() + "").length;
+    list = list
+      .reverse()
+      .map(function(item, i) {
+        var username = item.username;
+        var code = item.code;
+        var route = item.route || "";
+        if (route) {
+          route = "&route=" + encodeURIComponent(route);
+        }
+        username = username ? "&username=" + encodeURIComponent(username) : "";
+        var url =
+          baseUrl +
+          "/nohost_share/" +
+          "?name=" +
+          encodeURIComponent(item.name) +
+          "&date=" +
+          encodeURIComponent(item.date) +
+          username +
+          (code ? "&encrypted=1" : "") +
+          route;
+        var date = new Date(
+          parseInt(item.name.substring(0, len), 10)
+        ).toLocaleString();
+        return (
+          "<tr" +
+          (!i && highlight ? ' style="font-weight: bold;"' : "") +
+          "><th>" +
+          (i + 1) +
+          "</th><td>" +
+          date +
+          '</td><td style="overflow: hidden"><a style="font-size: 13px;" href="' +
+          url +
+          '" target="_blank">' +
+          url +
+          "</a>" +
+          (code ? "<div>提取码：" + code + "</div>" : "") +
+          '</td><td><a href="javascript:;" class="w-copy-text-with-tips" data-clipboard-text="' +
+          url +
+          '">复制链接</a>' +
+          (code
+            ? '<br/><a href="javascript:;" class="w-copy-text-with-tips" data-clipboard-text="' +
+              code +
+              '">复制提取码</a>'
+            : "") +
+          "</td>"
+        );
+      })
+      .join("");
+    if (!list) {
+      list = '<tr><td colspan="4" style="text-align: center;">Empty</td></tr>';
+    }
+    var head =
+      '<thead><th style="width: 60px">#</th><th style="width: 180px">Date</th><th>URL</th><th style="width: 120px">Operation</th></thead>';
+    return (
+      '<table class="table">' + head + "<tbody><tr>" + list + "</tbody></table>"
+    );
+  }
+
+  function showFeeds(list) {
+    w2.showModal({
+      width: 1200,
+      title: "抓包分享记录",
+      body: createTable(list)
+    });
+  }
+
+  function getEnvName(item) {
+    var headers = item && item.req && item.req.headers;
+    return headers && headers["x-whistle-nohost-env"];
+  }
+
+  function exportSessions(options, code) {
+    var selectedList = options.selectedList;
+    if (!selectedList.length) {
+      selectedList = [options.activeItem];
+    }
+    var name = Date.now() + "" + Math.floor(Math.random() * 10000);
+    w2.request(
+      {
+        url: baseUrl + "/export_sessions?route=!required!",
+        crossDomain: true,
+        type: "post",
+        data: {
+          code: code || "",
+          name: name,
+          sessions: JSON.stringify(selectedList)
+        }
+      },
+      function(data) {
+        if (!data) {
+          return w2.toast.error("分享失败，请稍后再试！");
+        }
+        var env = getEnvName(selectedList[0]);
+        showFeeds(
+          saveExportList(name, data.date, data.username, code, env, data.route)
+        );
+      }
+    );
+  }
+  w2.addNetworkListener(function(options) {
+    if (options.name === "【分享】生成链接") {
+      w2.showModal({
+        width: 320,
+        body:
+          '<p style="font-size: 18px; text-align: center;">是否设置提取码？</p><span style="color: #666;">设置提取码后，用户只有输入提取码才能查看。</span><button type="button" class="close" data-dismiss="modal" style="position: absolute; top: 3px; right: 5px;"><span aria-hidden="true">&times;</span></button>',
+        footer:
+          '<button type="button" onclick="exportWithCode()" class="btn btn-primary" data-dismiss="modal"><span class="glyphicon glyphicon-lock" style="margin-right: 3px;"></span>设置提取码</button><button type="button"  onclick="exportWithoutCode()" class="btn btn-default" data-dismiss="modal">不设置</button>',
+        methods: {
+          exportWithoutCode: function() {
+            exportSessions(options);
+          },
+          exportWithCode: function() {
+            var code = [];
+            for (var i = 0; i < 4; i++) {
+              code[i] = codeList[Math.floor(Math.random() * 100000) % codeLen];
+            }
+            exportSessions(options, code.join(""));
+          }
+        }
+      });
+    } else {
+      showFeeds();
+    }
+  });
+</script>

package/lib/plugins/account/whistle.share/package.json

@@ -0,0 +1,20 @@
+{
+  "name": "whistle.share",
+  "version": "1.0.0",
+  "whistleConfig": {
+    "priority": 100,
+    "hideLongProtocol": true,
+    "hideShortProtocol": true,
+    "networkMenus": [
+      {
+        "name": "【分享】生成链接",
+        "page": "/menu.html",
+        "required": true
+      },
+      {
+        "name": "【分享】查看记录",
+        "page": "/menu.html"
+      }
+    ]
+  }
+}