sing-box/experimental/clashapi/server.go

397 lines
10 KiB
Go
Raw Permalink Normal View History

2022-07-19 22:16:49 +08:00
package clashapi
import (
"bytes"
"context"
2022-07-20 09:41:44 +08:00
"errors"
2022-07-19 22:16:49 +08:00
"net"
"net/http"
2022-07-22 13:51:08 +08:00
"os"
2022-07-19 22:16:49 +08:00
"strings"
"time"
"github.com/sagernet/sing-box/adapter"
2022-07-24 17:58:52 +08:00
"github.com/sagernet/sing-box/common/json"
2022-07-28 16:36:31 +08:00
"github.com/sagernet/sing-box/common/urltest"
2022-07-19 22:16:49 +08:00
C "github.com/sagernet/sing-box/constant"
2022-09-26 19:37:06 +08:00
"github.com/sagernet/sing-box/experimental"
2022-09-10 14:40:16 +08:00
"github.com/sagernet/sing-box/experimental/clashapi/cachefile"
2022-07-22 09:29:13 +08:00
"github.com/sagernet/sing-box/experimental/clashapi/trafficontrol"
2022-07-19 22:16:49 +08:00
"github.com/sagernet/sing-box/log"
"github.com/sagernet/sing-box/option"
2022-08-22 18:53:47 +08:00
"github.com/sagernet/sing/common"
2022-07-19 22:16:49 +08:00
E "github.com/sagernet/sing/common/exceptions"
F "github.com/sagernet/sing/common/format"
N "github.com/sagernet/sing/common/network"
2022-09-13 10:41:10 +08:00
"github.com/sagernet/websocket"
2022-07-19 22:16:49 +08:00
"github.com/go-chi/chi/v5"
"github.com/go-chi/cors"
"github.com/go-chi/render"
)
2022-09-26 19:37:06 +08:00
func init() {
2022-10-01 09:56:09 +08:00
experimental.RegisterClashServerConstructor(NewServer)
2022-09-26 19:37:06 +08:00
}
2022-07-20 07:12:40 +08:00
var _ adapter.ClashServer = (*Server)(nil)
2022-07-19 22:16:49 +08:00
type Server struct {
2022-07-22 13:51:08 +08:00
router adapter.Router
2022-07-19 22:16:49 +08:00
logger log.Logger
httpServer *http.Server
2022-07-22 09:29:13 +08:00
trafficManager *trafficontrol.Manager
2022-07-28 16:36:31 +08:00
urlTestHistory *urltest.HistoryStorage
2022-09-10 14:09:47 +08:00
mode string
2022-09-10 14:40:16 +08:00
storeSelected bool
2023-03-05 11:05:30 +08:00
cacheFilePath string
2022-09-10 14:40:16 +08:00
cacheFile adapter.ClashCacheFile
2022-07-19 22:16:49 +08:00
}
2022-10-01 09:56:09 +08:00
func NewServer(router adapter.Router, logFactory log.ObservableFactory, options option.ClashAPIOptions) (adapter.ClashServer, error) {
2022-07-22 09:29:13 +08:00
trafficManager := trafficontrol.NewManager()
2022-07-19 22:16:49 +08:00
chiRouter := chi.NewRouter()
2022-07-21 21:03:41 +08:00
server := &Server{
2022-08-02 18:47:23 +08:00
router: router,
logger: logFactory.NewLogger("clash-api"),
httpServer: &http.Server{
2022-07-21 21:03:41 +08:00
Addr: options.ExternalController,
Handler: chiRouter,
},
2022-08-02 18:47:23 +08:00
trafficManager: trafficManager,
urlTestHistory: urltest.NewHistoryStorage(),
2022-09-10 14:09:47 +08:00
mode: strings.ToLower(options.DefaultMode),
}
if server.mode == "" {
server.mode = "rule"
2022-07-21 21:03:41 +08:00
}
2022-09-10 14:40:16 +08:00
if options.StoreSelected {
2022-09-13 17:34:29 +08:00
server.storeSelected = true
2022-09-10 14:40:16 +08:00
cachePath := os.ExpandEnv(options.CacheFile)
if cachePath == "" {
cachePath = "cache.db"
}
2022-10-25 12:55:00 +08:00
if foundPath, loaded := C.FindPath(cachePath); loaded {
cachePath = foundPath
} else {
cachePath = C.BasePath(cachePath)
}
2023-03-05 11:05:30 +08:00
server.cacheFilePath = cachePath
2022-09-10 14:40:16 +08:00
}
2022-07-19 22:16:49 +08:00
cors := cors.New(cors.Options{
AllowedOrigins: []string{"*"},
AllowedMethods: []string{"GET", "POST", "PUT", "PATCH", "DELETE"},
AllowedHeaders: []string{"Content-Type", "Authorization"},
MaxAge: 300,
})
chiRouter.Use(cors.Handler)
chiRouter.Group(func(r chi.Router) {
r.Use(authentication(options.Secret))
2022-09-13 17:29:57 +08:00
r.Get("/", hello(options.ExternalUI != ""))
2022-07-19 22:16:49 +08:00
r.Get("/logs", getLogs(logFactory))
r.Get("/traffic", traffic(trafficManager))
r.Get("/version", version)
2022-09-10 14:09:47 +08:00
r.Mount("/configs", configRouter(server, logFactory, server.logger))
2022-07-21 21:03:41 +08:00
r.Mount("/proxies", proxyRouter(server, router))
2022-07-19 22:16:49 +08:00
r.Mount("/rules", ruleRouter(router))
r.Mount("/connections", connectionRouter(trafficManager))
2022-07-22 09:29:13 +08:00
r.Mount("/providers/proxies", proxyProviderRouter())
2022-07-19 22:16:49 +08:00
r.Mount("/providers/rules", ruleProviderRouter())
r.Mount("/script", scriptRouter())
r.Mount("/profile", profileRouter())
r.Mount("/cache", cacheRouter())
2023-02-02 15:58:13 +08:00
r.Mount("/dns", dnsRouter(router))
2022-07-19 22:16:49 +08:00
})
2022-07-20 07:36:06 +08:00
if options.ExternalUI != "" {
chiRouter.Group(func(r chi.Router) {
2022-10-25 12:55:00 +08:00
fs := http.StripPrefix("/ui", http.FileServer(http.Dir(C.BasePath(os.ExpandEnv(options.ExternalUI)))))
2022-07-20 07:36:06 +08:00
r.Get("/ui", http.RedirectHandler("/ui/", http.StatusTemporaryRedirect).ServeHTTP)
r.Get("/ui/*", func(w http.ResponseWriter, r *http.Request) {
fs.ServeHTTP(w, r)
})
})
}
2022-09-10 14:40:16 +08:00
return server, nil
2022-07-19 22:16:49 +08:00
}
2023-03-18 20:26:58 +08:00
func (s *Server) PreStart() error {
2023-03-05 11:05:30 +08:00
if s.cacheFilePath != "" {
cacheFile, err := cachefile.Open(s.cacheFilePath)
if err != nil {
return E.Cause(err, "open cache file")
}
s.cacheFile = cacheFile
}
2023-03-18 20:26:58 +08:00
return nil
}
func (s *Server) Start() error {
2022-07-19 22:16:49 +08:00
listener, err := net.Listen("tcp", s.httpServer.Addr)
if err != nil {
return E.Cause(err, "external controller listen error")
}
s.logger.Info("restful api listening at ", listener.Addr())
go func() {
err = s.httpServer.Serve(listener)
2022-07-20 09:41:44 +08:00
if err != nil && !errors.Is(err, http.ErrServerClosed) {
2022-07-20 07:12:40 +08:00
s.logger.Error("external controller serve error: ", err)
2022-07-19 22:16:49 +08:00
}
}()
return nil
}
func (s *Server) Close() error {
2022-08-22 16:33:33 +08:00
return common.Close(
common.PtrOrNil(s.httpServer),
s.trafficManager,
2022-09-10 14:40:16 +08:00
s.cacheFile,
2022-08-22 16:33:33 +08:00
)
2022-07-19 22:16:49 +08:00
}
2022-09-10 14:40:16 +08:00
func (s *Server) Mode() string {
return s.mode
}
func (s *Server) StoreSelected() bool {
return s.storeSelected
}
func (s *Server) CacheFile() adapter.ClashCacheFile {
return s.cacheFile
}
2022-09-15 15:22:08 +08:00
func (s *Server) HistoryStorage() *urltest.HistoryStorage {
return s.urlTestHistory
}
2022-07-26 06:56:13 +08:00
func (s *Server) RoutedConnection(ctx context.Context, conn net.Conn, metadata adapter.InboundContext, matchedRule adapter.Rule) (net.Conn, adapter.Tracker) {
2022-11-24 12:37:29 +08:00
tracker := trafficontrol.NewTCPTracker(conn, s.trafficManager, castMetadata(metadata), s.router, matchedRule)
2022-07-26 06:56:13 +08:00
return tracker, tracker
2022-07-19 22:16:49 +08:00
}
2022-07-26 06:56:13 +08:00
func (s *Server) RoutedPacketConnection(ctx context.Context, conn N.PacketConn, metadata adapter.InboundContext, matchedRule adapter.Rule) (N.PacketConn, adapter.Tracker) {
tracker := trafficontrol.NewUDPTracker(conn, s.trafficManager, castMetadata(metadata), s.router, matchedRule)
return tracker, tracker
2022-07-19 22:16:49 +08:00
}
2022-07-22 09:29:13 +08:00
func castMetadata(metadata adapter.InboundContext) trafficontrol.Metadata {
2022-07-19 22:16:49 +08:00
var inbound string
if metadata.Inbound != "" {
inbound = metadata.InboundType + "/" + metadata.Inbound
} else {
inbound = metadata.InboundType
}
var domain string
if metadata.Domain != "" {
domain = metadata.Domain
} else {
domain = metadata.Destination.Fqdn
}
var processPath string
if metadata.ProcessInfo != nil {
if metadata.ProcessInfo.ProcessPath != "" {
processPath = metadata.ProcessInfo.ProcessPath
} else if metadata.ProcessInfo.PackageName != "" {
processPath = metadata.ProcessInfo.PackageName
}
if processPath == "" {
if metadata.ProcessInfo.UserId != -1 {
processPath = F.ToString(metadata.ProcessInfo.UserId)
}
} else if metadata.ProcessInfo.User != "" {
processPath = F.ToString(processPath, " (", metadata.ProcessInfo.User, ")")
} else if metadata.ProcessInfo.UserId != -1 {
processPath = F.ToString(processPath, " (", metadata.ProcessInfo.UserId, ")")
}
}
2022-07-22 09:29:13 +08:00
return trafficontrol.Metadata{
NetWork: metadata.Network,
Type: inbound,
SrcIP: metadata.Source.Addr,
DstIP: metadata.Destination.Addr,
SrcPort: F.ToString(metadata.Source.Port),
DstPort: F.ToString(metadata.Destination.Port),
Host: domain,
DNSMode: "normal",
ProcessPath: processPath,
2022-07-19 22:16:49 +08:00
}
}
func authentication(serverSecret string) func(next http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
fn := func(w http.ResponseWriter, r *http.Request) {
if serverSecret == "" {
next.ServeHTTP(w, r)
return
}
// Browser websocket not support custom header
if websocket.IsWebSocketUpgrade(r) && r.URL.Query().Get("token") != "" {
token := r.URL.Query().Get("token")
if token != serverSecret {
render.Status(r, http.StatusUnauthorized)
render.JSON(w, r, ErrUnauthorized)
return
}
next.ServeHTTP(w, r)
return
}
header := r.Header.Get("Authorization")
bearer, token, found := strings.Cut(header, " ")
hasInvalidHeader := bearer != "Bearer"
hasInvalidSecret := !found || token != serverSecret
if hasInvalidHeader || hasInvalidSecret {
render.Status(r, http.StatusUnauthorized)
render.JSON(w, r, ErrUnauthorized)
return
}
next.ServeHTTP(w, r)
}
return http.HandlerFunc(fn)
}
}
2022-09-13 17:29:57 +08:00
func hello(redirect bool) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
if redirect {
http.Redirect(w, r, "/ui/", http.StatusTemporaryRedirect)
} else {
render.JSON(w, r, render.M{"hello": "clash"})
}
}
2022-07-19 22:16:49 +08:00
}
var upgrader = websocket.Upgrader{
CheckOrigin: func(r *http.Request) bool {
return true
},
}
type Traffic struct {
Up int64 `json:"up"`
Down int64 `json:"down"`
}
2022-07-22 09:29:13 +08:00
func traffic(trafficManager *trafficontrol.Manager) func(w http.ResponseWriter, r *http.Request) {
2022-07-19 22:16:49 +08:00
return func(w http.ResponseWriter, r *http.Request) {
var wsConn *websocket.Conn
if websocket.IsWebSocketUpgrade(r) {
var err error
wsConn, err = upgrader.Upgrade(w, r, nil)
if err != nil {
return
}
}
if wsConn == nil {
w.Header().Set("Content-Type", "application/json")
render.Status(r, http.StatusOK)
}
tick := time.NewTicker(time.Second)
defer tick.Stop()
buf := &bytes.Buffer{}
var err error
for range tick.C {
buf.Reset()
up, down := trafficManager.Now()
if err := json.NewEncoder(buf).Encode(Traffic{
Up: up,
Down: down,
}); err != nil {
break
}
if wsConn == nil {
_, err = w.Write(buf.Bytes())
w.(http.Flusher).Flush()
} else {
err = wsConn.WriteMessage(websocket.TextMessage, buf.Bytes())
}
if err != nil {
break
}
}
}
}
type Log struct {
Type string `json:"type"`
Payload string `json:"payload"`
}
func getLogs(logFactory log.ObservableFactory) func(w http.ResponseWriter, r *http.Request) {
return func(w http.ResponseWriter, r *http.Request) {
levelText := r.URL.Query().Get("level")
if levelText == "" {
levelText = "info"
}
level, ok := log.ParseLevel(levelText)
if ok != nil {
render.Status(r, http.StatusBadRequest)
render.JSON(w, r, ErrBadRequest)
return
}
2022-07-20 09:41:44 +08:00
subscription, done, err := logFactory.Subscribe()
if err != nil {
render.Status(r, http.StatusNoContent)
return
}
defer logFactory.UnSubscribe(subscription)
2022-07-19 22:16:49 +08:00
var wsConn *websocket.Conn
if websocket.IsWebSocketUpgrade(r) {
var err error
wsConn, err = upgrader.Upgrade(w, r, nil)
if err != nil {
return
}
}
if wsConn == nil {
w.Header().Set("Content-Type", "application/json")
render.Status(r, http.StatusOK)
}
buf := &bytes.Buffer{}
var logEntry log.Entry
for {
select {
case <-done:
return
case logEntry = <-subscription:
}
if logEntry.Level > level {
continue
}
buf.Reset()
err = json.NewEncoder(buf).Encode(Log{
Type: log.FormatLevel(logEntry.Level),
Payload: logEntry.Message,
})
if err != nil {
break
}
if wsConn == nil {
_, err = w.Write(buf.Bytes())
w.(http.Flusher).Flush()
} else {
err = wsConn.WriteMessage(websocket.TextMessage, buf.Bytes())
}
if err != nil {
break
}
}
}
}
func version(w http.ResponseWriter, r *http.Request) {
2022-07-20 07:12:40 +08:00
render.JSON(w, r, render.M{"version": "sing-box " + C.Version, "premium": true})
2022-07-19 22:16:49 +08:00
}