leftyer/SamWaf
1
0
Fork 0
mirror of https://gitee.com/samwaf/SamWaf.git synced 2025-12-06 06:58:54 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix:check challenge

Browse Source 
#352
This commit is contained in:
samwaf
2025-06-06 10:58:59 +08:00
parent cc4f7c709b
commit 93cee9edb1
11 changed files with 63 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
common/zlog/zlog.go
View File

@@ -20,7 +20,7 @@ import (
var logger *zap.Logger
// InitZLog 初始化zlog
func InitZLog(releaseFlag string, outputFormat string) {
func InitZLog(debugEnable bool, outputFormat string) {
encoderConfig := zap.NewProductionEncoderConfig()
encoderConfig.EncodeTime = zapcore.ISO8601TimeEncoder
var encoder zapcore.Encoder
@@ -34,9 +34,9 @@ func InitZLog(releaseFlag string, outputFormat string) {
}
fileWriteSyncer := getFileLogWriter()
if releaseFlag == "false" {
if debugEnable == true {
core := zapcore.NewTee(
// 同时向控制台和文件写日志, 生产环境记得把控制台写入去掉
// 调试默认
zapcore.NewCore(encoder, zapcore.AddSync(os.Stdout), zapcore.DebugLevel),
zapcore.NewCore(encoder, fileWriteSyncer, zapcore.DebugLevel),
)
@@ -58,20 +58,36 @@ func getFileLogWriter() (writeSyncer zapcore.WriteSyncer) {
// 检测环境变量是否存在
envVar := "SamWafIDE"
if _, exists := os.LookupEnv(envVar); exists {
//fmt.Println("当前在IDE,环境变量" + value)
exeDir = "."
} else {
exePath, err := os.Executable()
if err != nil {
fmt.Errorf(err.Error())
exeDir = ""
fmt.Printf("Samwaf GetCurrent Exe Error: %v\n", err)
// 使用当前工作目录作为备选方案
if wd, wdErr := os.Getwd(); wdErr == nil {
exeDir = wd
} else {
exeDir = "."
}
} else {
exeDir = filepath.Dir(exePath)
}
}
// 确保logs目录存在
logDir := filepath.Join(exeDir, "logs")
if err := os.MkdirAll(logDir, 0755); err != nil {
fmt.Printf("Samwaf Log Create logs error: %v\n", err)
// 如果无法创建目录,使用临时目录
logDir = os.TempDir()
}
logFile := filepath.Join(logDir, "log.log")
fmt.Printf("Samwaf Log Path: %s\n", logFile)
// 使用 lumberjack 实现 log rotate
lumberJackLogger := &lumberjack.Logger{
Filename: exeDir + "/logs/log.log",
Filename: logFile,
MaxSize: 100,
MaxBackups: 60,
MaxAge: 1,

1
global/global.go
View File

@@ -70,6 +70,7 @@ var (
//zlog 日志相关信息
GWAF_LOG_OUTPUT_FORMAT string = "console" //zlog输出格式 控制台格式console,json格式
GWAF_LOG_DEBUG_ENABLE bool = false //是否开启debug日志默认关闭
GWAF_RELEASE string = "false" // 当前是否为发行版
GWAF_RELEASE_VERSION_NAME string = "20241028" // 发行版的版本号名称
GWAF_RELEASE_VERSION string = "v1.0.0" // 发行版的版本号

2
main.go
View File

@@ -709,7 +709,7 @@ func main() {
//加载配置
wafconfig.LoadAndInitConfig()
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, global.GWAF_LOG_OUTPUT_FORMAT)
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, global.GWAF_LOG_OUTPUT_FORMAT)
if v := recover(); v != nil {
zlog.Error("主流程上被异常了")
}

8
wafconfig/wafconfig.go
View File

@@ -102,6 +102,14 @@ func LoadAndInitConfig() {
configChanged = true
}
// 添加debug日志开关配置
if config.IsSet("zlog.debug_enable") {
global.GWAF_LOG_DEBUG_ENABLE = config.GetBool("zlog.debug_enable")
} else {
config.Set("zlog.debug_enable", global.GWAF_LOG_DEBUG_ENABLE)
configChanged = true
}
//配置和提取白名单
if config.IsSet("security.ip_whitelist") {
global.GWAF_IP_WHITELIST = config.GetString("security.ip_whitelist")

2
wafenginecore/check_antileech_test.go
View File

@@ -14,7 +14,7 @@ import (
func TestCheckAntiLeech(t *testing.T) {
// 初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
// 初始化 WAF 引擎
waf := &WafEngine{

2
wafenginecore/checkallowurl_test.go
View File

@@ -16,7 +16,7 @@ func TestCheckAllowURL(t *testing.T) {
t.Parallel()
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
// 初始化 WAF 引擎
waf := &WafEngine{
HostTarget: make(map[string]*wafenginmodel.HostSafe),

2
wafenginecore/checkdenyurl_test.go
View File

@@ -16,7 +16,7 @@ func TestCheckDenyURL(t *testing.T) {
t.Parallel()
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
// 初始化 WAF 引擎
waf := &WafEngine{
HostTarget: make(map[string]*wafenginmodel.HostSafe),

24
wafenginecore/wafengine.go
View File

@@ -520,17 +520,30 @@ func (waf *WafEngine) ServeHTTP(w http.ResponseWriter, r *http.Request) {
return
}
if content != "" {
r.Response.StatusCode = http.StatusOK
r.Response.Status = http.StatusText(http.StatusOK)
r.Response.Body = io.NopCloser(bytes.NewBuffer([]byte(content)))
r.Response.ContentLength = int64(len(content))
// 创建新的Response对象
r.Response = &http.Response{
StatusCode: http.StatusOK,
Status: http.StatusText(http.StatusOK),
Body: io.NopCloser(bytes.NewBuffer([]byte(content))),
ContentLength: int64(len(content)),
Header: make(http.Header),
Proto: "HTTP/1.1",
ProtoMajor: 1,
ProtoMinor: 1,
}
r.Response.Header.Set("Content-Length", strconv.FormatInt(int64(len(content)), 10))
// 直接写入响应到客户端
w.Header().Set("Content-Length", strconv.FormatInt(int64(len(content)), 10))
w.WriteHeader(http.StatusOK)
w.Write([]byte(content))
weblogbean.ACTION = "放行"
weblogbean.STATUS = r.Response.Status
weblogbean.STATUS_CODE = r.Response.StatusCode
weblogbean.TASK_FLAG = 1
global.GQEQUE_LOG_DB.Enqueue(weblogbean)
return
}
}
} else {
@@ -978,7 +991,7 @@ func (waf *WafEngine) modifyResponse() func(*http.Response) error {
// 根据配置决定是否检查HTTP响应代码并重定向到本地
if strings.HasPrefix(weblogfrist.URL, global.GSSL_HTTP_CHANGLE_PATH) {
zlog.Debug("TEST_Challenge", weblogfrist.HOST, weblogfrist.URL)
zlog.Info("acme-challenge", weblogfrist.HOST, weblogfrist.URL)
if global.GCONFIG_RECORD_SSLHTTP_CHECK == 0 || resp.StatusCode == 404 || resp.StatusCode == 301 || resp.StatusCode == 302 {
//如果远端HTTP01不存在挑战验证文件那么我们映射到走本地再试一下
//或者配置为不检查HTTP响应代码直接走本地
@@ -989,6 +1002,7 @@ func (waf *WafEngine) modifyResponse() func(*http.Response) error {
challengeFile := urls[3]
//检测challengeFile是否合法
if !utils.IsValidChallengeFile(challengeFile) {
zlog.Error("challengeFile is invalid", challengeFile)
return nil
}
//当前路径 data/vhost/domain code 变量下

12
wafenginecore/wafengine_test.go
View File

@@ -114,7 +114,7 @@ func TestReplaceURLContent(t *testing.T) {
t.Parallel()
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
if v := recover(); v != nil {
zlog.Error("error")
}
@@ -150,7 +150,7 @@ func TestGetOrgContent(t *testing.T) {
t.Parallel()
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
// 初始化WAF引擎
waf := &WafEngine{}
@@ -320,7 +320,7 @@ func TestGetOrgContentWithChunkedEncoding(t *testing.T) {
t.Parallel()
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
// 初始化WAF引擎
waf := &WafEngine{}
@@ -352,7 +352,7 @@ func TestGetOrgContentWithEmptyBody(t *testing.T) {
t.Parallel()
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
// 初始化WAF引擎
waf := &WafEngine{}
@@ -384,7 +384,7 @@ func TestGetOrgContentWithErrors(t *testing.T) {
t.Parallel()
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
// 初始化WAF引擎
waf := &WafEngine{}
@@ -411,7 +411,7 @@ func TestGetOrgContentWithErrors(t *testing.T) {
func TestGetOrgContent_MetaAndDoctypeCharset(t *testing.T) {
t.Parallel()
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
waf := &WafEngine{}
// 1. meta标签指定utf-8

2
wafenginecore/wafwebcache/webcache_test.go
View File

@@ -22,7 +22,7 @@ func setupTestEnv() {
global.GCACHE_WAFCACHE = cache.InitWafCache()
}
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
}
// 清理测试环境

2
waftask/task_createindex_test.go
View File

@@ -12,7 +12,7 @@ import (
// TestCreateIndexWithConcurrentOperations 测试在创建索引的同时进行读写操作
func TestCreateIndexWithConcurrentOperations(t *testing.T) {
//初始化日志
zlog.InitZLog(global.GWAF_RELEASE, "json")
zlog.InitZLog(global.GWAF_LOG_DEBUG_ENABLE, "json")
//初始化本地数据库
wafdb.InitCoreDb("../")
wafdb.InitLogDb("../")