feat: add masquerade options & update README

2025-04-03 20:47:38 +03:00 · 2023-06-04 14:56:35 -07:00 · 2023-06-04 14:56:35 -07:00 · 635ad9782a
commit 635ad9782a
parent cefe5d9f76
4 changed files with 80 additions and 16 deletions
--- a/README.md
+++ b/README.md
@ -8,22 +8,28 @@

 ## Build (编译)

+Use the environment variable `HY_APP_PLATFORMS` to control which platforms to build for. For example: `"windows/amd64,linux/amd64,linux/arm"`
+
+用环境变量 `HY_APP_PLATFORMS` 来控制编译哪些平台的可执行文件。例如：`"windows/amd64,linux/amd64,linux/arm"`
+
 ```bash
-go build ./app
+python ./hyperbole.py build
 ```

+Builds will be placed in `./build` (编译输出在 `./build` 目录下)
+
 ## Usage (使用)

 ### Server
 ```bash
-./app server -c config.yaml
+./hysteria server -c config.yaml
 ```

 [Example sever config (示例服务器配置)](app/server.example.yaml)

 ### Client
 ```bash
-./app client -c config.yaml
+./hysteria client -c config.yaml
 ```

 [Example client config (示例客户端配置)](app/client.example.yaml)
@ -34,4 +40,4 @@ go build ./app
 chrome --origin-to-force-quic-on=example.com:443
 ```

-Then visit `https://example.com:443` in Chrome.
+Then visit `https://example.com/` in Chrome.
--- a/app/client.example.yaml
+++ b/app/client.example.yaml
@ -1,6 +1,6 @@
 server: example.com

-auth: "hello world"
+auth: some_password

 # tls:
 #   sni: another.example.com
@ -17,13 +17,13 @@ auth: "hello world"
 #   disablePathMTUDiscovery: false

 bandwidth:
-  up: "100 mbps"
-  down: "100 mbps"
+  up: 100 mbps
+  down: 100 mbps

 # fastOpen: true

 socks5:
  listen: 127.0.0.1:1080
-  # username: "user"
-  # password: "haha233"
-  # disableUDP: true
+  # username: user
+  # password: pass
+  # disableUDP: true
--- a/app/cmd/server.go
+++ b/app/cmd/server.go
@ -5,6 +5,9 @@ import (
 	"crypto/tls"
 	"errors"
 	"net"
+	"net/http"
+	"net/http/httputil"
+	"net/url"
 	"strings"

 	"github.com/apernet/hysteria/core/server"
@ -78,6 +81,11 @@ func viperToServerConfig() (*server.Config, error) {
 	if err != nil {
 		return nil, err
 	}
+	// Masquerade
+	masqHandler, err := viperToMasqHandler()
+	if err != nil {
+		return nil, err
+	}
 	// Config
 	config := &server.Config{
 		TLSConfig:       tlsConfig,
@ -88,7 +96,7 @@ func viperToServerConfig() (*server.Config, error) {
 		DisableUDP:      disableUDP,
 		Authenticator:   authenticator,
 		EventLogger:     &serverLogger{},
-		MasqHandler:     nil, // TODO
+		MasqHandler:     masqHandler,
 	}
 	return config, nil
 }
@ -240,6 +248,50 @@ func viperToAuthenticator() (server.Authenticator, error) {
 	}
 }

+func viperToMasqHandler() (http.Handler, error) {
+	masqType := viper.GetString("masquerade.type")
+	if masqType == "" {
+		// Default to use the 404 handler
+		return http.NotFoundHandler(), nil
+	}
+	switch masqType {
+	case "404":
+		return http.NotFoundHandler(), nil
+	case "file":
+		dir := viper.GetString("masquerade.file.dir")
+		if dir == "" {
+			return nil, configError{Field: "masquerade.file.dir", Err: errors.New("empty directory")}
+		}
+		return http.FileServer(http.Dir(dir)), nil
+	case "proxy":
+		urlStr := viper.GetString("masquerade.proxy.url")
+		if urlStr == "" {
+			return nil, configError{Field: "masquerade.proxy.url", Err: errors.New("empty url")}
+		}
+		u, err := url.Parse(urlStr)
+		if err != nil {
+			return nil, configError{Field: "masquerade.proxy.url", Err: err}
+		}
+		proxy := &httputil.ReverseProxy{
+			Rewrite: func(r *httputil.ProxyRequest) {
+				r.SetURL(u)
+				// SetURL rewrites the Host header,
+				// but we don't want that if rewriteHost is false
+				if !viper.GetBool("masquerade.proxy.rewriteHost") {
+					r.Out.Host = r.In.Host
+				}
+			},
+			ErrorHandler: func(w http.ResponseWriter, r *http.Request, err error) {
+				logger.Error("HTTP reverse proxy error", zap.Error(err))
+				w.WriteHeader(http.StatusBadGateway)
+			},
+		}
+		return proxy, nil
+	default:
+		return nil, configError{Field: "masquerade.type", Err: errors.New("unsupported masquerade type")}
+	}
+}
+
 type serverLogger struct{}

 func (l *serverLogger) Connect(addr net.Addr, id string, tx uint64) {
--- a/app/server.example.yaml
+++ b/app/server.example.yaml
@ -13,7 +13,7 @@ acme:
  # disableTLSALPN: false
  # altHTTPPort: 80
  # altTLSALPNPort: 443
-  # dir: "custom_dir"
+  # dir: custom_dir

 # quic:
 #   initStreamReceiveWindow: 8388608
@ -25,11 +25,17 @@ acme:
 #   disablePathMTUDiscovery: false

 # bandwidth:
-#   up: "100 mbps"
-#   down: "100 mbps"
+#   up: 100 mbps
+#   down: 100 mbps
 #
 # disableUDP: false

 auth:
-  type: "password"
-  password: "hello world"
+  type: password
+  password: some_password
+
+masquerade:
+  type: proxy
+  proxy:
+    url: https://some.site.net
+    rewriteHost: true