可选web

.github/workflows/rust.yml

@@ -14,21 +14,21 @@ defaults:
     shell: bash
 
 jobs:
-#  test:
-#    runs-on: ubuntu-latest
-#    steps:
-#      - uses: actions/checkout@v2
-#      - name: Cargo cache
-#        uses: actions/cache@v2
-#        with:
-#          path: |
-#            ~/.cargo/registry
-#            ./target
-#          key: test-cargo-registry
-#      - name: List
-#        run: find ./
-#      - name: Run tests
-#        run: cargo test --verbose
+  #  test:
+  #    runs-on: ubuntu-latest
+  #    steps:
+  #      - uses: actions/checkout@v2
+  #      - name: Cargo cache
+  #        uses: actions/cache@v2
+  #        with:
+  #          path: |
+  #            ~/.cargo/registry
+  #            ./target
+  #          key: test-cargo-registry
+  #      - name: List
+  #        run: find ./
+  #      - name: Run tests
+  #        run: cargo test --verbose
 
   build:
     strategy:
@@ -38,46 +38,46 @@ jobs:
         include:
           - TARGET: i686-unknown-linux-musl # test in an alpine container on a mac
             OS: ubuntu-latest
-            FEATURES: normal
+            FEATURES: normal,web
           - TARGET: x86_64-unknown-linux-gnu # tested in a debian container on a mac
             OS: ubuntu-latest
-            FEATURES: ring-cipher
+            FEATURES: ring-cipher,web
           - TARGET: x86_64-unknown-linux-musl # test in an alpine container on a mac
             OS: ubuntu-latest
-            FEATURES: ring-cipher
+            FEATURES: ring-cipher,web
           - TARGET: aarch64-unknown-linux-gnu # tested on aws t4g.nano
             OS: ubuntu-latest
-            FEATURES: ring-cipher
+            FEATURES: ring-cipher,web
           - TARGET: aarch64-unknown-linux-musl # tested on aws t4g.nano in alpine container
             OS: ubuntu-latest
-            FEATURES: normal
+            FEATURES: normal,web
           - TARGET: armv7-unknown-linux-gnueabihf # raspberry pi 2-3-4, not tested
             OS: ubuntu-latest
-            FEATURES: ring-cipher
+            FEATURES: ring-cipher,web
           - TARGET: armv7-unknown-linux-musleabihf # raspberry pi 2-3-4, not tested
             OS: ubuntu-latest
-            FEATURES: normal
+            FEATURES: normal,web
           - TARGET: arm-unknown-linux-gnueabihf # raspberry pi 0-1, not tested
             OS: ubuntu-latest
-            FEATURES: ring-cipher
+            FEATURES: ring-cipher,web
           - TARGET: arm-unknown-linux-musleabihf # raspberry pi 0-1, not tested
             OS: ubuntu-latest
-            FEATURES: normal
+            FEATURES: normal,web
           - TARGET: x86_64-apple-darwin # tested on a mac, is not properly signed so there are security warnings
             OS: macos-latest
-            FEATURES: ring-cipher
+            FEATURES: ring-cipher,web
           - TARGET: aarch64-apple-darwin # tested on a mac, is not properly signed so there are security warnings
             OS: macos-latest
-            FEATURES: ring-cipher
+            FEATURES: ring-cipher,web
           - TARGET: i686-pc-windows-msvc # tested on a windows machine
             OS: windows-latest
-            FEATURES: ring-cipher
+            FEATURES: ring-cipher,web
           - TARGET: x86_64-pc-windows-msvc # tested on a windows machine
             OS: windows-latest
-            FEATURES: ring-cipher
+            FEATURES: ring-cipher,web
           - TARGET: mipsel-unknown-linux-musl # openwrt
             OS: ubuntu-latest
-            FEATURES: normal
+            FEATURES: normal,web
           - TARGET: mips-unknown-linux-musl # openwrt
             OS: ubuntu-latest
             FEATURES: normal

Cargo.toml

@@ -33,17 +33,17 @@ async-trait = "0.1.71"
 tokio-util = { version = "0.7.8", features = ["full"] }
 socket2 = { version = "0.5.5", features = ["all"] }
 
-actix-web = "4.5.1"
-actix-files = "0.6.5"
+actix-web = { version = "4.5.1", optional = true }
+actix-files = { version = "0.6.5", optional = true }
 serde = { version = "1.0.193", features = ["derive"] }
 crossbeam-utils = "0.8.15"
 futures-util = "0.3.30"
 uuid = { version = "1.3.0", features = ["v4"] }
 [features]
-default = ["aes-gcm"]
+default = ["normal"]
 normal = ["aes-gcm"]
 ring-cipher = ["ring"]
-
+web = ["actix-web", "actix-files"]
 [build-dependencies]
 protobuf-codegen = "3.2.0"
 protoc-bin-vendored = "3.0.0"

README.md

@@ -1,19 +1,41 @@
 # vnts
-[vnt](https://github.com/lbl8603/vnt)的服务端 
+
+[vnt](https://github.com/lbl8603/vnt)的服务端
 
 查看参数
+
 ```
 Options:
-      --port <PORT>                指定端口
+      --port <PORT>                指定端口，默认29872
       --white-token <WHITE_TOKEN>  token白名单，例如 --white-token 1234 --white-token 123
       --gateway <GATEWAY>          网关，例如 --gateway 10.10.0.1
       --netmask <NETMASK>          子网掩码，例如 --netmask 255.255.255.0
-  -h, --help                       Print help
+      --finger                     开启指纹校验，开启后只会转发指纹正确的客户端数据包，增强安全性，这会损失一部分性能
+      --log-path <LOG_PATH>        log路径，默认为当前程序路径，为/dev/null时表示不输出log
+      --web-port <WEB_PORT>        web后台端口，默认29870，如果设置为0则表示不启动web后台
+      --username <USERNAME>        web后台用户名，默认为admin
+      --password <PASSWORD>        web后台用户密码，默认为admin
+  -h, --help                       Print help information
+  -V, --version                    Print version information
 ```
 
 ## 说明
+
 1. 修改服务端密钥后，客户端要重启才能正常链接(修改密钥后无法自动重连)
-2. 服务端密钥用于加密客户端和服务端之间传输的数据(使用rsa+aes256gcm加密)，可以防止token被中间人窃取，如果客户端显示的密钥指纹和服务端的不一致，则表示可能有中间人攻击
+2. 服务端密钥用于加密客户端和服务端之间传输的数据(使用rsa+aes256gcm加密)
+   ，可以防止token被中间人窃取，如果客户端显示的密钥指纹和服务端的不一致，则表示可能有中间人攻击
 3. 服务端密钥在'./key/'目录下,可以替换成自定义的密钥对
 4. 客户端的密码用于加密客户端之间传输的数据
-5. 默认情况服务日志输出在 './log/'下,可通过编写'./log/log4rs.yaml'文件自定义日志配置,参考[log4rs](https://github.com/estk/log4rs)
+5. 默认情况服务日志输出在 './log/'下,可通过编写'
+   ./log/log4rs.yaml'文件自定义日志配置,参考[log4rs](https://github.com/estk/log4rs)
+
+## 编译
+
+前提条件:安装rust编译环境([install rust](https://www.rust-lang.org/zh-CN/tools/install))
+
+```
+到项目根目录下执行 cargo build
+
+web是可选模块，如需编译则使用 cargo build --features web
+
+```

src/core/server/mod.rs

@@ -10,12 +10,13 @@ use crate::ConfigInfo;
 
 mod tcp;
 mod udp;
-pub mod web;
+#[cfg(feature = "web")]
+mod web;
 
 pub async fn start(
     udp: std::net::UdpSocket,
     tcp: std::net::TcpListener,
-    http: Option<std::net::TcpListener>,
+    #[cfg(feature = "web")] http: Option<std::net::TcpListener>,
     config: ConfigInfo,
     rsa_cipher: Option<RsaCipher>,
 ) -> io::Result<()> {
@@ -29,6 +30,7 @@ pub async fn start(
     );
     tcp::start(TcpListener::from_std(tcp)?, handler.clone()).await;
     udp::start(udp, handler.clone()).await;
+    #[cfg(feature = "web")]
     if let Some(http) = http {
         if let Err(e) = web::start(http, cache, config, rsa_cipher).await {
             log::error!("{:?}", e);

src/main.rs

@@ -5,10 +5,11 @@ use std::io::Write;
 use std::net::Ipv4Addr;
 use std::path::PathBuf;
 
-use crate::cipher::RsaCipher;
 // use crate::service::{start_tcp, start_udp};
 use clap::Parser;
 
+use crate::cipher::RsaCipher;
+
 mod cipher;
 mod core;
 mod error;
@@ -42,12 +43,15 @@ pub struct StartArgs {
     /// log路径，默认为当前程序路径，为/dev/null时表示不输出log
     #[arg(long)]
     log_path: Option<String>,
+    #[cfg(feature = "web")]
     ///web后台端口，默认29870，如果设置为0则表示不启动web后台
     #[arg(long)]
     web_port: Option<u16>,
+    #[cfg(feature = "web")]
     /// web后台用户名，默认为admin
     #[arg(long)]
     username: Option<String>,
+    #[cfg(feature = "web")]
     /// web后台用户密码，默认为admin
     #[arg(long)]
     password: Option<String>,
@@ -61,7 +65,9 @@ pub struct ConfigInfo {
     pub broadcast: Ipv4Addr,
     pub netmask: Ipv4Addr,
     pub check_finger: bool,
+    #[cfg(feature = "web")]
     pub username: String,
+    #[cfg(feature = "web")]
     pub password: String,
 }
 
@@ -120,16 +126,21 @@ async fn main() {
     let args = StartArgs::parse();
     log_init(args.log_path);
     let port = args.port.unwrap_or(29872);
-    let web_port = args.web_port.unwrap_or(29870);
-    println!("端口: {}", port);
-    if web_port != 0 {
-        println!("web端口: {}", web_port);
-        if web_port == port {
-            panic!("web-port == port");
+    #[cfg(feature = "web")]
+    let web_port = {
+        let web_port = args.web_port.unwrap_or(29870);
+        println!("端口: {}", port);
+        if web_port != 0 {
+            println!("web端口: {}", web_port);
+            if web_port == port {
+                panic!("web-port == port");
+            }
+        } else {
+            println!("不启用web后台")
         }
-    } else {
-        println!("不启用web后台")
-    }
+        web_port
+    };
+
     let white_token = if let Some(white_token) = args.white_token {
         Some(HashSet::from_iter(white_token.into_iter()))
     } else {
@@ -208,7 +219,9 @@ async fn main() {
         broadcast,
         netmask,
         check_finger,
+        #[cfg(feature = "web")]
         username: args.username.unwrap_or_else(|| "admin".into()),
+        #[cfg(feature = "web")]
         password: args.password.unwrap_or_else(|| "admin".into()),
     };
     let rsa = match RsaCipher::new() {
@@ -228,6 +241,7 @@ async fn main() {
     let tcp = create_tcp(port).unwrap();
     log::info!("监听tcp端口: {:?}", port);
     println!("监听tcp端口: {:?}", port);
+    #[cfg(feature = "web")]
     let http = if web_port != 0 {
         let http = create_tcp(web_port).unwrap();
         log::info!("监听http端口: {:?}", web_port);
@@ -237,7 +251,16 @@ async fn main() {
         None
     };
     let config = config.clone();
-    if let Err(e) = core::start(udp, tcp, http, config, rsa).await {
+    if let Err(e) = core::start(
+        udp,
+        tcp,
+        #[cfg(feature = "web")]
+        http,
+        config,
+        rsa,
+    )
+    .await
+    {
         log::error!("{:?}", e)
     }
 }