fix problems

This commit is contained in:
kingecg 2026-07-11 11:38:51 +08:00
parent 8537d9c3a0
commit 5392c13086
7 changed files with 43 additions and 14 deletions

View File

@ -100,6 +100,11 @@ func stop(c *gin.Context) {
name := c.Param("name")
if name != "" {
serverConf := model.GetServerConfig(name)
if serverConf == nil {
c.Writer.WriteHeader(http.StatusNotFound)
c.Writer.Write(server.NewErrorResult(errors.New("server not found")))
return
}
server.StopServer(name, serverConf.Port)
c.Writer.WriteHeader(http.StatusOK)
data := "stopped"
@ -113,6 +118,11 @@ func start(c *gin.Context) {
name := c.Param("name")
if name != "" {
serverConf := model.GetServerConfig(name)
if serverConf == nil {
c.Writer.WriteHeader(http.StatusNotFound)
c.Writer.Write(server.NewErrorResult(errors.New("server not found")))
return
}
server.StartServer(name, serverConf.Port)
c.Writer.WriteHeader(http.StatusOK)
data := "started"

View File

@ -44,7 +44,12 @@ func login(c *gin.Context) {
// 验证是否为管理员账号
if loginModel.Username == "admin" {
// 解密密码并验证与配置文件中密码是否匹配
decryptText, _ := Decrypt(loginModel.Encrypt)
decryptText, err := Decrypt(loginModel.Encrypt)
if err != nil {
c.Writer.WriteHeader(http.StatusUnauthorized)
c.Writer.Write(server.NewErrorResult(err))
return
}
if decryptText == model.GetConfig().Admin.Password {
// 生成JWT令牌
token, err := GenerateToken(loginModel.Username)
@ -55,7 +60,7 @@ func login(c *gin.Context) {
}
// 设置认证Cookie并返回成功响应
cookie := &http.Cookie{
Name: "token",
Name: "auth_token",
Value: token,
Path: "/",
SameSite: http.SameSiteStrictMode,
@ -103,6 +108,9 @@ func Decrypt(ciphertext string) (string, error) {
plaintext = append(plaintext, dd[0]^0xFF)
}
//去除末尾13个字节
if len(plaintext) <= 13 {
return "", errors.New("ciphertext too short")
}
plaintext = plaintext[1 : len(plaintext)-13]
return string(plaintext), nil
}

6
go.sum
View File

@ -1,13 +1,7 @@
git.kingecg.top/kingecg/cmux v1.0.1 h1:Opon5dTuXqMij8SmPZ8fXH7X60L0VfTYvcGy527dYK8=
git.kingecg.top/kingecg/cmux v1.0.1/go.mod h1:a+F13YErFNop1u5s445sxaJkDqnZ8Vy7aIvWncbn+tM=
git.kingecg.top/kingecg/godaemon v1.0.4 h1:YBVdrgWoSShFAkltD89iLuylvTaq1/pbo/LJ7ezIB9w=
git.kingecg.top/kingecg/godaemon v1.0.4/go.mod h1:IinFiox6YMmObc0Tw9B+XMRamZKTP0TQ5ZenhPAu+Sk=
git.kingecg.top/kingecg/godaemon v1.0.6 h1:pQ8S8U+zJHG7N1CM5l1fsPKHOJj94GuoK1E/iQqX4P0=
git.kingecg.top/kingecg/godaemon v1.0.6/go.mod h1:/XanR1ZQVEEuaA3/jB2W49mrczvCwXGh27HcNBR/xT4=
git.kingecg.top/kingecg/gologger v1.0.10 h1:o6CNJ3TM9wOnKsV0hNasSSmZXEOMl5mBXZDnKJnC0a0=
git.kingecg.top/kingecg/gologger v1.0.10/go.mod h1:auMA7VGipqttnF0jmtclhbaIr08gqtVPj6BSMknHTOE=
git.kingecg.top/kingecg/gologger v1.0.11 h1:/GmDOvHJyaBRFXjsk2DqqawwraCBVrOpNRBHf1B6Do0=
git.kingecg.top/kingecg/gologger v1.0.11/go.mod h1:auMA7VGipqttnF0jmtclhbaIr08gqtVPj6BSMknHTOE=
git.kingecg.top/kingecg/gologger v1.0.12 h1:SRmpJY1v6joia6AEe9AIInusRiSwve7Rt1tZQMPrBqg=
git.kingecg.top/kingecg/gologger v1.0.12/go.mod h1:auMA7VGipqttnF0jmtclhbaIr08gqtVPj6BSMknHTOE=
github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0=

View File

@ -98,11 +98,15 @@ func LoadConfig() {
cpath := utils.NormalizePath("./config.json")
// 从指定路径读取配置文件的内容
// 忽略可能的错误,实际应用中应处理错误
content, _ := os.ReadFile(cpath)
content, err := os.ReadFile(cpath)
if err != nil {
panic("failed to read config file: " + err.Error())
}
// 将读取的 JSON 内容解析到 model.Config 结构体中
json.Unmarshal(content, &model.Config)
if err := json.Unmarshal(content, &model.Config); err != nil {
panic("failed to parse config file: " + err.Error())
}
// 规范化配置中日志追加器的文件路径
// 遍历配置中的所有日志追加器

View File

@ -47,8 +47,16 @@ func (f FileHandler) Open(name string) (http.File, error) {
}
// Resolve symlinks and clean path to prevent path traversal
realRoot, _ := filepath.EvalSymlinks(f.Root)
realRPath, _ := filepath.EvalSymlinks(rPath)
realRoot, err := filepath.EvalSymlinks(f.Root)
if err != nil {
l.Error("failed to resolve root symlinks:", err)
return nil, err
}
realRPath, err := filepath.EvalSymlinks(rPath)
if err != nil {
l.Error("failed to resolve path symlinks:", err)
return nil, errors.New("not permitted")
}
// Check if the resolved path is within root
if realRPath != realRoot && !strings.HasPrefix(realRPath, realRoot+string(filepath.Separator)) {

View File

@ -41,6 +41,11 @@ func (p *ProxyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
}
}
// Bounds check to prevent out of bounds access
if proxyIndex < 0 || int(proxyIndex) >= len(p.Upstreams) {
proxyIndex = 0
}
// 如果选中的上游服务器不健康,则进行重试
maxRetries := 3
for i := 0; i < maxRetries; i++ {

View File

@ -131,7 +131,7 @@ func JwtAuth(w http.ResponseWriter, r *http.Request, next http.Handler) {
return []byte(jwtConfig.Secret), nil
})
if err != nil {
l.Error("Failed to parse JWT: %v", err)
l.Error(fmt.Sprintf("Failed to parse JWT: %v", err))
http.Error(w, "Unauthorized.", http.StatusUnauthorized)
return
}