2024-07-05

Api/OtherCommands.go

@@ -15,43 +15,56 @@ const (
 	OtherCommandRandomFixedTLSSet = uintptr(1003)
 	//OtherCommandRandomFixedTLSGet 是否使用固定的TLS指纹 [参数1 SunnyNetContext] 返回 String
 	OtherCommandRandomFixedTLSGet = uintptr(1004)
+	//OtherCommandHttpClientRandomTLS  HTTP 客户端 设置随机使用TLS指纹 [参数1 Context]
+	OtherCommandHttpClientRandomTLS = uintptr(1005)
 )
 
 func OtherCommands(Cmd uintptr, Command ...uintptr) uintptr {
 	switch Cmd {
-	case OtherCommandDisable_TCP, OtherCommandRandomTLSSet, OtherCommandRandomFixedTLSSet, OtherCommandRandomFixedTLSGet:
-		if len(Command) < 1 {
-			return 0
-		}
-		SunnyContext := int(Command[0])
-		state := int(Command[1]) == 1
-		SunnyNet.SunnyStorageLock.Lock()
-		w := SunnyNet.SunnyStorage[SunnyContext]
-		SunnyNet.SunnyStorageLock.Unlock()
-		if w == nil {
-			return 0
+	case OtherCommandHttpClientRandomTLS:
+		{
+			Context := int(Command[0])
+			open := int(Command[1]) == 1
+			if HTTPSetRandomTLS(Context, open) {
+				return 1
+			}
 		}
-		switch Cmd {
-		case OtherCommandDisable_TCP:
-			w.DisableTCP(state)
-			return 1
-		case OtherCommandRandomTLSSet:
-			w.SetRandomTLS(state)
-			return 1
-		case OtherCommandRandomFixedTLSSet:
-			w.SetRandomFixedTLS(string(public.CStringToBytes(Command[1], int(Command[2]))))
-			return 1
-		case OtherCommandRandomFixedTLSGet:
-			r := w.GetTLSTestValues()
-			s := ""
-			for _, v := range r {
-				if s == "" {
-					s = strconv.Itoa(int(v))
-				} else {
-					s += "," + strconv.Itoa(int(v))
+		return 0
+	case OtherCommandDisable_TCP, OtherCommandRandomTLSSet, OtherCommandRandomFixedTLSSet, OtherCommandRandomFixedTLSGet:
+		{
+			if len(Command) < 1 {
+				return 0
+			}
+			SunnyContext := int(Command[0])
+			state := int(Command[1]) == 1
+			SunnyNet.SunnyStorageLock.Lock()
+			w := SunnyNet.SunnyStorage[SunnyContext]
+			SunnyNet.SunnyStorageLock.Unlock()
+			if w == nil {
+				return 0
+			}
+			switch Cmd {
+			case OtherCommandDisable_TCP:
+				w.DisableTCP(state)
+				return 1
+			case OtherCommandRandomTLSSet:
+				w.SetRandomTLS(state)
+				return 1
+			case OtherCommandRandomFixedTLSSet:
+				w.SetRandomFixedTLS(string(public.CStringToBytes(Command[1], int(Command[2]))))
+				return 1
+			case OtherCommandRandomFixedTLSGet:
+				r := w.GetTLSTestValues()
+				s := ""
+				for _, v := range r {
+					if s == "" {
+						s = strconv.Itoa(int(v))
+					} else {
+						s += "," + strconv.Itoa(int(v))
+					}
 				}
+				return public.PointerPtr(s)
 			}
-			return public.PointerPtr(s)
 		}
 		return 0
 

Api/SunnyNet.go

@@ -39,6 +39,42 @@ func SetRequestHeader(MessageId int, name, val string) {
 	k.Request.Header[name] = []string{val}
 }
 
+// SetRequestALLHeader 设置HTTP/S请求体中的全部协议头
+func SetRequestALLHeader(MessageId int, value string) {
+	k, ok := SunnyNet.GetSceneProxyRequest(MessageId)
+	if ok == false {
+		return
+	}
+	if k == nil {
+		return
+	}
+	k.Lock.Lock()
+	defer k.Lock.Unlock()
+	if k.Request == nil {
+		return
+	}
+	if k.Request.Header == nil {
+		k.Request.Header = make(http.Header)
+	}
+	arr := strings.Split(strings.ReplaceAll(value, "\r", ""), "\n")
+	if len(arr) > 0 {
+		k.Request.Header = make(http.Header)
+		for _, v := range arr {
+			arr2 := strings.Split(v, ":")
+			if len(arr2) >= 1 {
+				if len(v) >= len(arr2[0])+1 {
+					data := strings.TrimSpace(v[len(arr2[0])+1:])
+					if len(k.Request.Header[arr2[0]]) > 0 {
+						k.Request.Header[arr2[0]] = append(k.Request.Header[arr2[0]], data)
+					} else {
+						k.Request.Header[arr2[0]] = []string{data}
+					}
+				}
+			}
+		}
+	}
+}
+
 // SetRequestProxy 设置HTTP/S请求代理，仅支持Socket5和http 例如 socket5://admin:[email protected]:8888 或 http://admin:[email protected]:8888
 func SetRequestProxy(MessageId int, ProxyUrl string) bool {
 	k, ok := SunnyNet.GetSceneProxyRequest(MessageId)
@@ -321,12 +357,22 @@ func GetRequestHeader(MessageId int, name string) uintptr {
 		aegName := strings.ToLower(name)
 		for _Name, v := range k.Request.Header {
 			if strings.ToLower(_Name) == aegName {
-				return public.PointerPtr(v[0])
+				s := ""
+				for i, vv := range v {
+					if i == 0 {
+						s = vv
+					} else {
+						s += "\r\n" + vv
+					}
+				}
+				if len(s) > 0 {
+
+				}
+				return public.PointerPtr(s)
 			}
 		}
-		return public.NULLPtr
 	}
-	return public.PointerPtr(val[0])
+	return public.NULLPtr
 }
 
 // SetResponseHeader 修改、设置 HTTP/S当前返回数据中的指定协议头
@@ -372,7 +418,7 @@ func SetResponseAllHeader(MessageId int, value string) {
 	if k.Response.Header == nil {
 		k.Response.Header = make(http.Header)
 	}
-	arr := strings.Split(value, "\r\n")
+	arr := strings.Split(strings.ReplaceAll(value, "\r", ""), "\n")
 	if len(arr) > 0 {
 		k.Response.Header = make(http.Header)
 		for _, v := range arr {

Api/goWinhttp.go

@@ -5,6 +5,7 @@ import (
 	"github.com/qtgolang/SunnyNet/src/Certificate"
 	"github.com/qtgolang/SunnyNet/src/GoWinHttp"
 	"io"
+	mrand "math/rand"
 	"net/http"
 	"net/url"
 	"sync"
@@ -268,3 +269,39 @@ func HTTPSetRedirect(Context int, Redirect bool) bool {
 	k.SetRedirect(Redirect)
 	return true
 }
+
+// HTTPSetRandomTLS
+// HTTP 客户端 设置随机使用TLS指纹
+func HTTPSetRandomTLS(Context int, Open bool) bool {
+	k := LoadHTTPClient(Context)
+	if k == nil {
+		return false
+	}
+	k.Lock.Lock()
+	defer k.Lock.Unlock()
+	if Open {
+		k.GetTLSValues = GetTLSValues
+	} else {
+		k.GetTLSValues = nil
+	}
+	return true
+}
+
+var _httpRandomTLSValue []uint16
+
+func init() {
+	_httpRandomTLSValue = make([]uint16, public.RandomTLSValueArrayLen)
+	copy(_httpRandomTLSValue, public.RandomTLSValueArray)
+}
+func GetTLSValues() []uint16 {
+	HTTPMapLock.Lock()
+	defer HTTPMapLock.Unlock()
+	n := mrand.Intn(public.RandomTLSValueArrayLen) + 1
+	for i := public.RandomTLSValueArrayLen - 1; i > 0; i-- {
+		j := mrand.Intn(i + 1)
+		_httpRandomTLSValue[i], _httpRandomTLSValue[j] = _httpRandomTLSValue[j], _httpRandomTLSValue[i]
+	}
+	shuffledArray := make([]uint16, n)
+	copy(shuffledArray, _httpRandomTLSValue[:n])
+	return shuffledArray
+}

SunnyNet/SunnyNet.go

@@ -884,10 +884,6 @@ func (s *ProxyRequest) transparentProcessing() {
 	_bytes, _ := s.RwObj.Peek(s.RwObj.Reader.Buffered())
 	//升级到TLS客户端
 	fig := &tls.Config{InsecureSkipVerify: true}
-	obj := s.Global.GetTLSValues()
-	if obj != nil {
-		fig.CipherSuites = obj
-	}
 	T := tls.Client(s.Conn, fig)
 	//将数据重新写进去
 	T.Reset(_bytes)
@@ -932,7 +928,6 @@ func (s *ProxyRequest) httpProcessing(aheadData []byte, DefaultPort, Tag string)
 	}()
 	//缓冲区读取字节流
 	ReadData, WhetherExceedsLength := s.ConnRead(aheadData, false)
-
 	//从字节流中取出HOST
 	host := public.GetHost(string(ReadData))
 	if host != public.NULL && host != s.Target.Host {
@@ -1184,6 +1179,7 @@ func (s *ProxyRequest) https() {
 	var HelloMsg *tls.ClientHelloMsg
 	//普通会话升级到TLS会话，并且设置生成的握手证书,限制tls最大版本为1.2,因为1.3可能存在算法不支持
 	//如果某些服务器只支持tls1.3,将会在 tlsConn.ClientHello() 函数中自动纠正为 tls1.3
+	//tlsConfig := &tls.Config{Certificates: []tls.Certificate{*certificate}, MaxVersion: tls.VersionTLS12, NextProtos: []string{"h2", "http/1.1"}}
 	tlsConfig := &tls.Config{Certificates: []tls.Certificate{*certificate}, MaxVersion: tls.VersionTLS12}
 	tlsConn = tls.Server(s.Conn, tlsConfig)
 	defer func() {
@@ -1203,11 +1199,11 @@ func (s *ProxyRequest) https() {
 		_ = tlsConn.SetDeadline(time.Now().Add(3 * time.Second))
 		//开始握手
 		msg, _serverName, _err := tlsConn.ClientHello()
-		bs := tlsConn.Read_Handshake_bytes()
 		if _serverName != "" && s.IsMustTcpRules(_serverName) {
 			if s.Global.disableTCP {
 				return
 			}
+			bs := tlsConn.Read_Handshake_bytes()
 			s.MustTcpProcessing(bs, public.TagMustTCP)
 			return
 		}

main.go

@@ -2,12 +2,30 @@ package main
 
 import "C"
 import (
+	"fmt"
 	_ "net/http/pprof"
 	//不要问 问为什么要把http复制到项目里面来，不是多此一举？
 	//只在这里解释一次，因为官方的http库 会自动添加UAgent，而且可能自动处理协议头大小写，那么复制到项目里面来，我们可以随意修改
 )
 
 func init() {
+	fmt.Println(`
+------------------------------------------------------
+               欢迎使用Sunny网络中间件   
+                 本项目为开源项目  
+            仅用于技术交流学习和研究的目的 
+          请遵守法律法规,请勿用作任何非法用途 
+               否则造成一切后果自负 
+           若您下载并使用即视为您知晓并同意
+------------------------------------------------------
+        Sunny开源项目网站：https://esunny.vip
+           Sunny QQ交流群(一群)：751406884
+           Sunny QQ交流群(二群)：545120699
+           Sunny QQ交流群(三群)：170902713
+       QQ频道：https://pd.qq.com/s/cgzgyjj6u
+------------------------------------------------------
+
+`)
 }
 
 func main() {

public/constobj.go

@@ -14,7 +14,7 @@ import (
 	"time"
 )
 
-const SunnyVersion = "2024-06-03"
+const SunnyVersion = "2024-07-05"
 
 // TCP请求相关
 const (

public/public.go

@@ -813,7 +813,11 @@ func BuildRequest(RawData []byte, host, source, DefaultPort string, setProxyHost
 					//Expect: 100-continue
 					continue
 				}
-				req.Header[Name] = []string{value}
+				if req.Header[Name] != nil {
+					req.Header[Name] = append(req.Header[Name], value)
+				} else {
+					req.Header[Name] = []string{value}
+				}
 				if req.URL == nil && strings.ToUpper(HeadArr[0]) == "HOST" {
 					if strings.HasPrefix(Path, host) {
 						Path = CopyString(Path[len(host):])

src/GoWinHttp/main.go

@@ -69,6 +69,7 @@ type WinHttp struct {
 	PoolName          string
 	GetTLSValues      func() []uint16
 }
+
 type Proxy struct {
 	S5TypeProxy bool
 	Address     string //127.0.0.1:8888
@@ -466,7 +467,11 @@ func (w *WinHttp) Open(method, _url string) *WinHttp {
 
 // SetHeader 设置协议头
 func (w *WinHttp) SetHeader(Name, Value string) *WinHttp {
-	w.request.Header[Name] = []string{Value}
+	if w.request.Header[Name] == nil {
+		w.request.Header[Name] = []string{Value}
+	} else {
+		w.request.Header[Name] = append(w.request.Header[Name], Value)
+	}
 	return w
 }
 
@@ -657,6 +662,7 @@ func (w *WinHttp) Send(data any) (_r *http.Response, _e error) {
 	}
 	_ = w.WinPool.Conn.SetWriteDeadline(time.Now().Add(w.SendTimeout))
 	SendData := w.formatMsg(data)
+
 	_, err = w.WinPool.Conn.Write(SendData)
 	//SendData = make([]byte, 0)
 	if err != nil {
@@ -724,7 +730,9 @@ func (w *WinHttp) formatMsg(data any) []byte {
 			continue
 		}
 		if len(v) > 0 {
-			buff.WriteString(k + ": " + v[0] + "\r\n")
+			for _, vvv := range v {
+				buff.WriteString(k + ": " + vvv + "\r\n")
+			}
 		} else {
 			buff.WriteString(k + ": \r\n")
 		}

src/crypto/tls/handshake_server_tls13.go

@@ -149,7 +149,7 @@ func (hs *serverHandshakeStateTLS13) processClientHello() error {
 
 	var preferenceList, supportedList []uint16
 	if c.config.PreferServerCipherSuites {
-		preferenceList = defaultCipherSuitesTLS13()
+		preferenceList = c.config.cipherSuites()
 		supportedList = hs.clientHello.cipherSuites
 
 		// If the client does not seem to have hardware support for AES-GCM,

test.go

@@ -23,7 +23,7 @@ func Test() {
 	s.SetGoCallback(HttpCallback, TcpCallback, WSCallback, UdpCallback)
 	//s.SetIeProxy(false)
 	//s.MustTcp(true)
-	Port := 2024
+	Port := 2023
 	//s.SetMustTcpRegexp("*.baidu.com")
 	s = s.SetPort(Port).Start()
 	//开启随机TLS指纹