From 8c1d4789411e9e3e12abec9bcbb0b945a818a120 Mon Sep 17 00:00:00 2001 From: xream Date: Thu, 13 Jun 2024 20:29:23 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E8=AF=BB=E5=8F=96=E8=8A=82=E7=82=B9?= =?UTF-8?q?=E7=9A=84=20ca-str=20=E5=92=8C=20=5Fca=20(=E5=90=8E=E7=AB=AF?= =?UTF-8?q?=E6=96=87=E4=BB=B6=E8=B7=AF=E5=BE=84)=20=E5=AD=97=E6=AE=B5,=20?= =?UTF-8?q?=E8=87=AA=E5=8A=A8=E8=AE=A1=E7=AE=97=20fingerprint?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/package.json | 3 ++- backend/pnpm-lock.yaml | 9 +++++++++ backend/src/core/proxy-utils/index.js | 20 ++++++++++++++++++++ backend/src/utils/rs.js | 11 +++++++++++ 4 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 backend/src/utils/rs.js diff --git a/backend/package.json b/backend/package.json index 7f387ec..69e1af3 100644 --- a/backend/package.json +++ b/backend/package.json @@ -1,6 +1,6 @@ { "name": "sub-store", - "version": "2.14.337", + "version": "2.14.339", "description": "Advanced Subscription Manager for QX, Loon, Surge, Stash and ShadowRocket.", "main": "src/main.js", "scripts": { @@ -25,6 +25,7 @@ "express": "^4.17.1", "http-proxy-middleware": "^2.0.6", "js-base64": "^3.7.2", + "jsrsasign": "^11.1.0", "lodash": "^4.17.21", "request": "^2.88.2", "requests": "^0.3.0", diff --git a/backend/pnpm-lock.yaml b/backend/pnpm-lock.yaml index 9fcd7ff..5457d88 100644 --- a/backend/pnpm-lock.yaml +++ b/backend/pnpm-lock.yaml @@ -29,6 +29,9 @@ dependencies: js-base64: specifier: ^3.7.2 version: registry.npmmirror.com/js-base64@3.7.2 + jsrsasign: + specifier: ^11.1.0 + version: registry.npmmirror.com/jsrsasign@11.1.0 lodash: specifier: ^4.17.21 version: registry.npmmirror.com/lodash@4.17.21 @@ -6634,6 +6637,12 @@ packages: verror: registry.npmmirror.com/verror@1.10.0 dev: false + registry.npmmirror.com/jsrsasign@11.1.0: + resolution: {integrity: sha512-Ov74K9GihaK9/9WncTe1mPmvrO7Py665TUfUKvraXBpu+xcTWitrtuOwcjf4KMU9maPaYn0OuaWy0HOzy/GBXg==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/jsrsasign/-/jsrsasign-11.1.0.tgz} + name: jsrsasign + version: 11.1.0 + dev: false + registry.npmmirror.com/just-debounce@1.1.0: resolution: {integrity: sha512-qpcRocdkUmf+UTNBYx5w6dexX5J31AKK1OmPwH630a83DdVVUIngk55RSAiIGpQyoH0dlr872VHfPjnQnK1qDQ==, registry: http://registry.npm.taobao.org/, tarball: https://registry.npmmirror.com/just-debounce/-/just-debounce-1.1.0.tgz} name: just-debounce diff --git a/backend/src/core/proxy-utils/index.js b/backend/src/core/proxy-utils/index.js index cb92971..edbefb4 100644 --- a/backend/src/core/proxy-utils/index.js +++ b/backend/src/core/proxy-utils/index.js @@ -1,3 +1,4 @@ +import rs from '@/utils/rs'; import YAML from '@/utils/yaml'; import download from '@/utils/download'; import { @@ -463,6 +464,25 @@ function lastParse(proxy) { if (['', 'off'].includes(proxy.sni)) { proxy['disable-sni'] = true; } + let caStr = proxy['ca_str']; + if (proxy['ca-str']) { + caStr = proxy['ca-str']; + } else if (caStr) { + delete proxy['ca_str']; + proxy['ca-str'] = caStr; + } + try { + if ($.env.isNode && !caStr && proxy['_ca']) { + caStr = $.node.fs.readFileSync(proxy['_ca'], { + encoding: 'utf8', + }); + } + } catch (e) { + $.error(`Read ca file failed\nReason: ${e}`); + } + if (!proxy['tls-fingerprint'] && caStr) { + proxy['tls-fingerprint'] = rs.generateFingerprint(caStr); + } return proxy; } diff --git a/backend/src/utils/rs.js b/backend/src/utils/rs.js new file mode 100644 index 0000000..bf9c465 --- /dev/null +++ b/backend/src/utils/rs.js @@ -0,0 +1,11 @@ +import rs from 'jsrsasign'; + +export function generateFingerprint(caStr) { + const hex = rs.pemtohex(caStr); + const fingerPrint = rs.KJUR.crypto.Util.hashHex(hex, 'sha256'); + return fingerPrint.match(/.{2}/g).join(':').toUpperCase(); +} + +export default { + generateFingerprint, +};