Browse Source

feat: use self-signed certificate

master
dnomd343 2 years ago
parent
commit
8c26d6fda7
  1. 12
      Dockerfile
  2. 14
      Tester/Plugin.py
  3. 6
      Tester/Settings.py
  4. 38
      Tester/__init__.py
  5. 18
      test.py

12
Dockerfile

@ -437,6 +437,17 @@ RUN \
COPY --from=upx /upx/ /usr/ COPY --from=upx /upx/ /usr/
RUN upx -9 /tmp/dnsproxy RUN upx -9 /tmp/dnsproxy
# Compile mad
FROM golang:1.16-alpine3.15 AS mad
ENV MAD_VERSION="v20210401"
RUN \
wget https://github.com/txthinking/mad/archive/refs/tags/${MAD_VERSION}.tar.gz && \
tar xf ${MAD_VERSION}.tar.gz && cd ./mad-*/cli/mad/ && \
CGO_ENABLED=0 go build -ldflags="-s -w" && \
mv ./mad /tmp/
COPY --from=upx /upx/ /usr/
RUN upx -9 /tmp/mad
# Combine all release # Combine all release
FROM python:3.10-alpine3.16 AS asset FROM python:3.10-alpine3.16 AS asset
COPY --from=python-pkg /packages.tar.gz / COPY --from=python-pkg /packages.tar.gz /
@ -460,6 +471,7 @@ COPY --from=relaybaton /tmp/relaybaton /asset/usr/bin/
COPY --from=pingtunnel /tmp/pingtunnel /asset/usr/bin/ COPY --from=pingtunnel /tmp/pingtunnel /asset/usr/bin/
COPY --from=wireproxy /tmp/wireproxy /asset/usr/bin/ COPY --from=wireproxy /tmp/wireproxy /asset/usr/bin/
COPY --from=dnsproxy /tmp/dnsproxy /asset/usr/bin/ COPY --from=dnsproxy /tmp/dnsproxy /asset/usr/bin/
COPY --from=mad /tmp/mad /asset/usr/bin/
# Release docker image # Release docker image
FROM python:3.10-alpine3.16 FROM python:3.10-alpine3.16

14
Tester/Plugin.py

@ -12,10 +12,7 @@ from Basis.Functions import genFlag, hostFormat, getAvailablePort
pluginParams = { pluginParams = {
'SITE': Settings['site'], 'SITE': Settings['site']
'HOST': Settings['host'],
'CERT': Settings['cert'],
'KEY': Settings['key'],
} }
pluginConfig = { pluginConfig = {
@ -321,8 +318,13 @@ def load(proxyType: str):
raise RuntimeError('Unknown proxy type for sip003 plugin') raise RuntimeError('Unknown proxy type for sip003 plugin')
cloakLoad() # init cloak config cloakLoad() # init cloak config
kcptunLoad() # init kcptun config kcptunLoad() # init kcptun config
pluginParams['PASSWD'] = genFlag(length = 8) # random password for test pluginParams.update({
pluginParams['PATH'] = '/' + genFlag(length = 6) # random uri path for test 'HOST': Settings['host'],
'CERT': Settings['cert'],
'KEY': Settings['key'],
'PASSWD': genFlag(length = 8), # random password for test
'PATH': '/' + genFlag(length = 6), # random uri path for test
})
for pluginType in pluginConfig: for pluginType in pluginConfig:
for pluginTest, pluginTestInfo in pluginConfig[pluginType].items(): # traverse all plugin test item for pluginTest, pluginTestInfo in pluginConfig[pluginType].items(): # traverse all plugin test item
pluginParams['RANDOM'] = genFlag(length = 8) # refresh RANDOM field pluginParams['RANDOM'] = genFlag(length = 8) # refresh RANDOM field

6
Tester/Settings.py

@ -6,7 +6,7 @@ Settings = {
'serverBind': '127.0.0.1', 'serverBind': '127.0.0.1',
'clientBind': '127.0.0.1', 'clientBind': '127.0.0.1',
'site': 'www.bing.com', 'site': 'www.bing.com',
'host': '343.re', 'host': '',
'cert': '/etc/ssl/certs/343.re/fullchain.pem', 'cert': '',
'key': '/etc/ssl/certs/343.re/privkey.pem', 'key': '',
} }

38
Tester/__init__.py

@ -1,11 +1,13 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
import os
import time import time
import requests import requests
from threading import Thread from threading import Thread
from Basis.Logger import logging from Basis.Logger import logging
from Basis.Functions import md5Sum, hostFormat, checkPortStatus from Tester.Settings import Settings
from Basis.Functions import md5Sum, genFlag, hostFormat, checkPortStatus
from Tester import Brook from Tester import Brook
from Tester import VMess from Tester import VMess
@ -16,7 +18,7 @@ from Tester import Hysteria
from Tester import Shadowsocks from Tester import Shadowsocks
from Tester import ShadowsocksR from Tester import ShadowsocksR
testEntry = { entry = {
'ss': Shadowsocks.load(), 'ss': Shadowsocks.load(),
'ss-all': Shadowsocks.load(isExtra = True), 'ss-all': Shadowsocks.load(isExtra = True),
'ssr': ShadowsocksR.load(), 'ssr': ShadowsocksR.load(),
@ -108,3 +110,35 @@ def test(testIter: iter, threadNum: int, testUrl: str, testFilter: set or None =
break break
for thread in threads: # wait until all threads exit for thread in threads: # wait until all threads exit
thread.join() thread.join()
def loadCert(host: str = 'proxyc.net', remark: str = 'ProxyC'):
loadPath = lambda x: os.path.join(Settings['workDir'], x)
certFlag = genFlag(length = 8)
caCert = loadPath('proxyc_%s_ca.pem' % certFlag)
caKey = loadPath('proxyc_%s_ca_key.pem' % certFlag)
cert = loadPath('proxyc_%s_cert.pem' % certFlag)
key = loadPath('proxyc_%s_cert_key.pem' % certFlag)
logging.critical('Create self-signed certificate')
os.system('mkdir -p %s' % Settings['workDir']) # create work directory
logging.critical('Create CA certificate and key')
os.system(' '.join(['mad', 'ca'] + [
'--ca', caCert, '--key', caKey,
'--commonName', remark,
'--organization', remark,
'--organizationUnit', remark,
]))
logging.critical('Signing certificate')
os.system(' '.join(['mad', 'cert'] + [
'--ca', caCert, '--ca_key', caKey,
'--cert', cert, '--key', key,
'--domain', host,
'--organization', remark,
'--organizationUnit', remark,
]))
logging.critical('Install CA certificate')
os.system('cat %s >> /etc/ssl/certs/ca-certificates.crt' % caCert)
Settings['host'] = host
Settings['cert'] = cert
Settings['key'] = key
logging.warning('Certificate loading complete')

18
test.py

@ -1,9 +1,9 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
import os
import sys import sys
import Tester import Tester
from Tester import testEntry
from Basis.Logger import logging from Basis.Logger import logging
threadNum = 16 threadNum = 16
@ -31,6 +31,7 @@ def getArg(field: str) -> str or None:
except: except:
return None return None
if '--help' in sys.argv: if '--help' in sys.argv:
print(helpMsg) print(helpMsg)
sys.exit(0) sys.exit(0)
@ -43,17 +44,18 @@ if getArg('--thread') is not None:
if getArg('--filter') is not None: if getArg('--filter') is not None:
testFilter = set(getArg('--filter').split(',')) testFilter = set(getArg('--filter').split(','))
logging.critical('test item: ' + ('all' if testItem is None else testItem)) Tester.loadCert('proxyc.net', 'ProxyC')
logging.critical('filter: %s' % testFilter) logging.critical('TEST ITEM: ' + ('all' if testItem is None else testItem))
logging.critical('url: ' + testUrl) logging.critical('FILTER: %s' % testFilter)
logging.critical('thread number: %i' % threadNum) logging.critical('URL: ' + testUrl)
logging.critical('THREAD NUMBER: %i' % threadNum)
logging.critical('TEST START') logging.critical('TEST START')
if testItem is not None: if testItem is not None:
Tester.test(testEntry[testItem], threadNum, testUrl, testFilter) Tester.test(Tester.entry[testItem], threadNum, testUrl, testFilter)
else: else:
for item in testEntry: for item in Tester.entry:
if item == ('ss' if '--all' in sys.argv else 'ss-all'): # skip ss / ss-all if item == ('ss' if '--all' in sys.argv else 'ss-all'): # skip ss / ss-all
continue continue
logging.critical('TEST ITEM -> ' + item) logging.critical('TEST ITEM -> ' + item)
Tester.test(testEntry[item], threadNum, testUrl, testFilter) Tester.test(Tester.entry[item], threadNum, testUrl, testFilter)
logging.critical('TEST COMPLETE') logging.critical('TEST COMPLETE')

Loading…
Cancel
Save