From f61aa657fcf0c1cf02b12591d7be3e21bd54a82a Mon Sep 17 00:00:00 2001 From: GoEdgeLab Date: Mon, 30 Nov 2020 15:29:02 +0800 Subject: [PATCH] =?UTF-8?q?[WEBSOCKET]=E5=9C=A8=E6=97=A5=E5=BF=97=E4=B8=AD?= =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E8=AF=A6=E7=BB=86=E9=94=99=E8=AF=AF=E6=8F=90?= =?UTF-8?q?=E7=A4=BA/TLS=E8=BF=9E=E6=8E=A5=E5=A2=9E=E5=8A=A0InsecureSkipVe?= =?UTF-8?q?rify=E9=80=89=E9=A1=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/nodes/http_request_websocket.go | 3 +++ internal/nodes/origin_utils.go | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/internal/nodes/http_request_websocket.go b/internal/nodes/http_request_websocket.go index d6a3991..7b209b1 100644 --- a/internal/nodes/http_request_websocket.go +++ b/internal/nodes/http_request_websocket.go @@ -1,6 +1,7 @@ package nodes import ( + "errors" "github.com/iwind/TeaGo/logs" "io" "net/http" @@ -11,6 +12,7 @@ import ( func (this *HTTPRequest) doWebsocket() { if this.web.WebsocketRef == nil || !this.web.WebsocketRef.IsOn || this.web.Websocket == nil || !this.web.Websocket.IsOn { this.writer.WriteHeader(http.StatusForbidden) + this.addError(errors.New("websocket have not been enabled yet")) return } @@ -23,6 +25,7 @@ func (this *HTTPRequest) doWebsocket() { if err == nil { if !this.web.Websocket.MatchOrigin(u.Host) { this.writer.WriteHeader(http.StatusForbidden) + this.addError(errors.New("websocket origin '" + requestOrigin + "' not been allowed")) return } } diff --git a/internal/nodes/origin_utils.go b/internal/nodes/origin_utils.go index 22f3087..7a29934 100644 --- a/internal/nodes/origin_utils.go +++ b/internal/nodes/origin_utils.go @@ -24,7 +24,9 @@ func OriginConnect(origin *serverconfigs.OriginConfig) (net.Conn, error) { // TODO 支持指定特定网卡 // TODO Addr支持端口范围,如果有多个端口时,随机一个端口使用 // TODO 支持使用证书 - return tls.Dial("tcp", origin.Addr.Host+":"+origin.Addr.PortRange, &tls.Config{}) + return tls.Dial("tcp", origin.Addr.Host+":"+origin.Addr.PortRange, &tls.Config{ + InsecureSkipVerify: true, + }) } // TODO 支持从Unix、Pipe、HTTP、HTTPS中读取数据