2023-09-08

	取消UPX压缩（UPX压缩可能导致程序运行缓慢）
	设置、取消IE代理始终返回 false
	修复上次更新限制tls1.2，而某些网站必须使用tls1.3的问题

Build.bat

@@ -2,5 +2,4 @@ set CGO_ENABLED=1
 set GOOS=windows
 set GOARCH=386
 go build -buildmode=c-shared  -ldflags "-s -w" -o "export\Sunny.dll"
-upx -9 "export\Sunny.dll"
 pause

Buildx64.bat

@@ -2,5 +2,4 @@ set CGO_ENABLED=1
 set GOOS=windows
 set GOARCH=amd64
 go build -buildmode=c-shared  -ldflags "-s -w" -o "export\Sunny64.dll"
-upx -9 "export\Sunny64.dll"
 pause

main.go

@@ -2,14 +2,13 @@ package main
 
 import "C"
 import (
-	"net/http"
 	_ "net/http/pprof"
 	//不要问 问为什么要把http复制到项目里面来，不是多此一举？
 	//只在这里解释一次，因为官方的http库 会自动添加UAgent，而且可能自动处理协议头大小写，那么复制到项目里面来，我们可以随意修改
 )
 
 func init() {
-	go func() { _ = http.ListenAndServe("127.0.0.1:6061", nil) }()
+	//go func() { _ = http.ListenAndServe("127.0.0.1:6061", nil) }()
 }
 
 func main() {

project/SunnyNet/main.go

@@ -689,6 +689,7 @@ func (s *ProxyRequest) ConnRead(aheadData []byte, Dosage bool) (rs []byte, Wheth
 		st.Write(bs[0:sx])
 		if e != nil {
 			if st.Len() < length {
+				islet, ok, bodyLen, ContentLength = public.LegitimateRequest(st.Bytes())
 				if !islet {
 					// 如果已读入字节数 小于 512 并且 超过 10次 已读入数没有变动，那么直接返回
 					cmp[st.Len()]++
@@ -1049,7 +1050,9 @@ func (s *ProxyRequest) https() {
 	var serverName string
 	var HelloMsg *tls.ClientHelloMsg
 	//普通会话升级到TLS会话，并且设置生成的握手证书,限制tls最大版本为1.2,因为1.3可能存在算法不支持
-	tlsConn = tls.Server(s.Conn, &tls.Config{Certificates: []tls.Certificate{*certificate}, MaxVersion: tls.VersionTLS12})
+	//如果某些服务器只支持tls1.3,将会在 tlsConn.ClientHello() 函数中自动纠正为 tls1.3
+	tlsConfig := &tls.Config{Certificates: []tls.Certificate{*certificate}, MaxVersion: tls.VersionTLS12}
+	tlsConn = tls.Server(s.Conn, tlsConfig)
 	defer func() {
 		//函数退出时 清理TLS会话
 		tlsConn.RReset()
@@ -1059,7 +1062,6 @@ func (s *ProxyRequest) https() {
 	//设置1秒的超时 来判断是否 https 请求 因为正常的非HTTPS TCP 请求也会进入到这里来，需要判断一下
 	_ = tlsConn.SetDeadline(time.Now().Add(1 * time.Second))
 	//取出第一个字节，判断是否TLS
-
 	peek := tlsConn.Peek(1)
 	if len(peek) == 1 && (peek[0] == 22 || peek[0] == 23) {
 		//发送数据 如果 不是 HEX 16 或 17 那么肯定不是HTTPS 或TLS-TCP
@@ -1086,8 +1088,10 @@ func (s *ProxyRequest) https() {
 				//根据握手的服务器域名 重新创建证书
 				certificate, err = s.Global.getCertificate(s.Target.String())
 				if certificate != nil {
-					//限制tls最大版本为1.2,因为1.3可能存在算法不支持
-					tlsConn.SetServer(&tls.Config{MaxVersion: tls.VersionTLS12, Certificates: []tls.Certificate{*certificate}, ServerName: HttpCertificate.ParsingHost(s.Target.String())})
+					//因为tlsConfig是指针类型，所以这里可以直接对它进行修改,而不用重新赋值
+					tlsConfig.Certificates = []tls.Certificate{*certificate}
+					tlsConfig.ServerName = HttpCertificate.ParsingHost(s.Target.String())
+					//tlsConn.SetServer(&tls.Config{MaxVersion: tlsConfig.MaxVersion, Certificates: []tls.Certificate{*certificate}, ServerName: HttpCertificate.ParsingHost(s.Target.String())})
 				}
 			}
 			//继续握手
@@ -1097,18 +1101,18 @@ func (s *ProxyRequest) https() {
 		err = errors.New("No HTTPS ")
 	}
 	if err != nil {
-		// 以上握手过程中 有错误产生 有错误则不是TLS
+		//以上握手过程中 有错误产生 有错误则不是TLS
 		//判断这些错误信息，是否还能继续处理
-		//现有连接被远程主机强制关闭。
 		if s.Global.isMustTcp == false && (err == io.EOF || strings.Index(err.Error(), "An existing connection was forcibly closed by the remote host.") != -1 || strings.Index(err.Error(), "An established connection was aborted by the software in your host machine") != -1) {
 			s.Request = new(http.Request)
 			s.Request.URL, _ = url.Parse(public.HttpsRequestPrefix + strings.ReplaceAll(s.Target.Host, public.Space, public.NULL))
 			s.Request.Host = strings.ReplaceAll(s.Target.Host, public.Space, public.NULL)
 			s.Error(errors.New("The client closes the connection "))
 			return
 		}
+		bs := tlsConn.Read_last_time_bytes()
 		//证书无效
-		if s.Global.isMustTcp == false && strings.Index(err.Error(), "unknown certificate") != -1 || strings.Index(err.Error(), "client offered only unsupported versions") != -1 {
+		if len(bs) == 0 || s.Global.isMustTcp == false && strings.Index(err.Error(), "unknown certificate") != -1 || strings.Index(err.Error(), "client offered only unsupported versions") != -1 {
 			s.Request = new(http.Request)
 			if serverName == public.NULL {
 				s.Request.URL, _ = url.Parse(public.HttpsRequestPrefix + s.Target.Host)
@@ -1121,7 +1125,6 @@ func (s *ProxyRequest) https() {
 			return
 		}
 		//如果是其他错误，将TLS握手过程中的信息取出来，进行http处理流程，继续判断
-		bs := tlsConn.Read_last_time_bytes()
 		tlsConn.RReset()
 		s.httpProcessing(bs, public.HttpDefaultPort, public.TagTcpAgreement)
 		return
@@ -1701,8 +1704,7 @@ func (s *Sunny) ExportCert() []byte {
 
 // SetIeProxy 设置IE代理 [Off=true 取消] [Off=false 设置] 在中间件设置端口后调用
 func (s *Sunny) SetIeProxy(Off bool) bool {
-	CrossCompiled.SetIeProxy(Off, s.Port())
-	return false
+	return CrossCompiled.SetIeProxy(Off, s.Port())
 }
 
 // SetGlobalProxy 设置全局上游代理 仅支持Socket5和http 例如 socket5://admin:[email protected]:8888 或 http://admin:[email protected]:8888

project/public/constobj.go

@@ -13,7 +13,7 @@ import (
 	"time"
 )
 
-const SunnyVersion = "2023-09-01"
+const SunnyVersion = "2023-09-08"
 
 // TCP请求相关
 const (

project/src/CrossCompiled/windows.go

@@ -14,9 +14,7 @@ import (
 	"io"
 	"os"
 	"os/exec"
-	"runtime"
 	"strconv"
-	"strings"
 	"syscall"
 )
 
@@ -88,16 +86,13 @@ func NFapi_Api_NfUdpPostSend(id uint64, remoteAddress *NFapi.SockaddrInx, buf []
 
 func SetIeProxy(Off bool, Port int) bool {
 	// "github.com/Tri sia/gos ysp roxy"
-	if runtime.GOOS == strings.Replace("windows", " ", "", 1) {
-		if Off {
-			_ = gosysproxy.Off()
-			return true
-		}
-		ies := "127.0.0.1:" + strconv.Itoa(Port)
-		_ = gosysproxy.SetGlobalProxy("http="+ies+";https="+ies, "")
+	if Off {
+		_ = gosysproxy.Off()
 		return true
 	}
-	return false
+	ies := "127.0.0.1:" + strconv.Itoa(Port)
+	_ = gosysproxy.SetGlobalProxy("http="+ies+";https="+ies, "")
+	return true
 }
 
 // InstallCert 安装证书 将证书安装到Windows系统内

project/src/crypto/tls/handshake_server.go

@@ -10,6 +10,7 @@ import (
 	"crypto/ed25519"
 	"crypto/rsa"
 	"crypto/subtle"
+	"crypto/tls"
 	"crypto/x509"
 	"errors"
 	"fmt"
@@ -49,7 +50,6 @@ func (c *Conn) ServerHandshake(clientHello *ClientHelloMsg) error {
 
 	c.in.Lock()
 	defer c.in.Unlock()
-
 	if c.vers == VersionTLS13 {
 		hs := serverHandshakeStateTLS13{
 			c:           c,
@@ -163,7 +163,6 @@ func (c *Conn) ClientHello() (*ClientHelloMsg, string, error) {
 	defer c.handshakeMutex.Unlock()
 	c.in.Lock()
 	defer c.in.Unlock()
-
 	msg, e := c.readClientHello()
 	if msg == nil {
 		return msg, "", e
@@ -202,13 +201,24 @@ func (c *Conn) readClientHello() (*ClientHelloMsg, error) {
 	}
 	c.vers, ok = c.config.mutualVersion(clientVersions)
 	if !ok {
-		c.sendAlert(alertProtocolVersion)
-		return nil, fmt.Errorf("tls: client offered only unsupported versions: %x", clientVersions)
+		//如果配置的最大版本是tls1.2,并且客户端不支持tls1.2,将最大版本修正为tls1.3尝试一下
+		if c.config.MaxVersion == tls.VersionTLS12 {
+			c.config.MaxVersion = tls.VersionTLS13
+			c.vers, ok = c.config.mutualVersion(clientVersions)
+			if !ok {
+				c.config.MaxVersion = tls.VersionTLS12
+				c.sendAlert(alertProtocolVersion)
+				return nil, fmt.Errorf("tls: client offered only unsupported versions: %x", clientVersions)
+			}
+		} else {
+			c.sendAlert(alertProtocolVersion)
+			return nil, fmt.Errorf("tls: client offered only unsupported versions: %x", clientVersions)
+		}
+
 	}
 	c.haveVers = true
 	c.in.version = c.vers
 	c.out.version = c.vers
-
 	return clientHello, nil
 }
 

project/src/nfapi/api.go

@@ -58,10 +58,10 @@ func MessageBox(caption, text string, style uintptr) (result int) {
 	user32, _ := syscall.LoadLibrary("user32.dll")
 	messageBox, _ := syscall.GetProcAddress(user32, "MessageBoxW")
 	ret, _, callErr := syscall.SyscallN(messageBox, 4,
-		0, // hwnd
+		0,                                                          // hwnd
 		uintptr(unsafe.Pointer(syscall.StringToUTF16Ptr(text))),    // Text
 		uintptr(unsafe.Pointer(syscall.StringToUTF16Ptr(caption))), // Caption
-		style, // type
+		style,                                                      // type
 		0,
 		0)
 	if callErr != 0 {

test.go

@@ -25,7 +25,7 @@ func Test() {
 	s.SetGoCallback(HttpCallback, TcpCallback, WSCallback, UdpCallback)
 	//s.SetIeProxy(false)
 	//s.MustTcp(true)
-	Port := 2024
+	Port := 2022
 
 	s = s.SetPort(Port).Start()
 	fmt.Println(s.StartProcess())
@@ -35,9 +35,9 @@ func Test() {
 	// Go程序调试，是通过TCP连接的，若使用此命令将无法调试。
 	// s.ProcessALLName(true)
 
-	s.ProcessAddName("WeChat.exe")
+	//s.ProcessAddName("WeChat.exe")
 	// s.ProcessAddName("WeChatAppEx.exe")
-	//s.ProcessAddName("EDVED1F.tmp")
+	s.ProcessAddName("pop_dd_workbench.exe")
 	err := s.Error
 	if err != nil {
 		panic(err)