Enable websocket

admin/initial/method.go

@@ -90,6 +90,13 @@ func NormalActive(userOptions *Options, topo *topology.Topology, proxy share.Pro
 			userOptions.Secret = ""
 		}
 
+		param := new(protocol.NegParam)
+		param.Addr = userOptions.Connect
+		param.Conn = conn
+		param.Domain = userOptions.Domain
+		proto := protocol.NewDownProto(param)
+		proto.CNegotiate()
+
 		if err := share.ActivePreAuth(conn); err != nil {
 			printer.Fail("[*] Error occurred: %s", err.Error())
 			os.Exit(0)
@@ -207,6 +214,11 @@ func NormalPassive(userOptions *Options, topo *topology.Topology) net.Conn {
 			userOptions.Secret = ""
 		}
 
+		param := new(protocol.NegParam)
+		param.Conn = conn
+		proto := protocol.NewDownProto(param)
+		proto.SNegotiate()
+
 		if err := share.PassivePreAuth(conn); err != nil {
 			printer.Fail("[*] Error occurred: %s\r\n", err.Error())
 			conn.Close()

agent/handler/connect.go

@@ -90,6 +90,11 @@ func (connect *Connect) start(mgr *manager.Manager) {
 		}
 		conn = transport.WrapTLSClientConn(conn, tlsConfig)
 	}
+	// There's no need for the "domain" parameter between intranet nodes
+	param := new(protocol.NegParam)
+	param.Conn = conn
+	proto := protocol.NewDownProto(param)
+	proto.CNegotiate()
 
 	if err = share.ActivePreAuth(conn); err != nil {
 		return

agent/handler/listen.go

@@ -125,6 +125,11 @@ func (listen *Listen) normalListen(mgr *manager.Manager, options *initial.Option
 			conn = transport.WrapTLSServerConn(conn, tlsConfig)
 		}
 
+		param := new(protocol.NegParam)
+		param.Conn = conn
+		proto := protocol.NewDownProto(param)
+		proto.SNegotiate()
+
 		if err := share.PassivePreAuth(conn); err != nil {
 			conn.Close()
 			continue
@@ -300,6 +305,11 @@ func (listen *Listen) iptablesListen(mgr *manager.Manager, options *initial.Opti
 			conn = transport.WrapTLSServerConn(conn, tlsConfig)
 		}
 
+		param := new(protocol.NegParam)
+		param.Conn = conn
+		proto := protocol.NewDownProto(param)
+		proto.SNegotiate()
+
 		if err := share.PassivePreAuth(conn); err != nil {
 			conn.Close()
 			continue
@@ -473,6 +483,11 @@ func (listen *Listen) soReuseListen(mgr *manager.Manager, options *initial.Optio
 			conn = transport.WrapTLSServerConn(conn, tlsConfig)
 		}
 
+		param := new(protocol.NegParam)
+		param.Conn = conn
+		proto := protocol.NewDownProto(param)
+		proto.SNegotiate()
+
 		defer conn.SetReadDeadline(time.Time{})
 		conn.SetReadDeadline(time.Now().Add(2 * time.Second))
 

agent/initial/method.go

@@ -93,6 +93,13 @@ func NormalActive(userOptions *Options, proxy share.Proxy) (net.Conn, string) {
 			userOptions.Secret = ""
 		}
 
+		param := new(protocol.NegParam)
+		param.Addr = userOptions.Connect
+		param.Conn = conn
+		param.Domain = userOptions.Domain
+		proto := protocol.NewUpProto(param)
+		proto.CNegotiate()
+
 		if err := share.ActivePreAuth(conn); err != nil {
 			log.Fatalf("[*] Error occurred: %s", err.Error())
 		}
@@ -178,6 +185,11 @@ func NormalPassive(userOptions *Options) (net.Conn, string) {
 			userOptions.Secret = ""
 		}
 
+		param := new(protocol.NegParam)
+		param.Conn = conn
+		proto := protocol.NewUpProto(param)
+		proto.SNegotiate()
+
 		if err := share.PassivePreAuth(conn); err != nil {
 			log.Fatalf("[*] Error occurred: %s", err.Error())
 		}
@@ -322,6 +334,11 @@ func SoReusePassive(userOptions *Options) (net.Conn, string) {
 			userOptions.Secret = ""
 		}
 
+		param := new(protocol.NegParam)
+		param.Conn = conn
+		proto := protocol.NewUpProto(param)
+		proto.SNegotiate()
+
 		defer conn.SetReadDeadline(time.Time{})
 		conn.SetReadDeadline(time.Now().Add(2 * time.Second))
 

agent/process/offline.go

@@ -106,6 +106,11 @@ func normalPassiveReconn(options *initial.Options) net.Conn {
 			conn = transport.WrapTLSServerConn(conn, tlsConfig)
 		}
 
+		param := new(protocol.NegParam)
+		param.Conn = conn
+		proto := protocol.NewUpProto(param)
+		proto.SNegotiate()
+
 		if err := share.PassivePreAuth(conn); err != nil {
 			conn.Close()
 			continue
@@ -186,6 +191,11 @@ func soReusePassiveReconn(options *initial.Options) net.Conn {
 			conn = transport.WrapTLSServerConn(conn, tlsConfig)
 		}
 
+		param := new(protocol.NegParam)
+		param.Conn = conn
+		proto := protocol.NewUpProto(param)
+		proto.SNegotiate()
+
 		defer conn.SetReadDeadline(time.Time{})
 		conn.SetReadDeadline(time.Now().Add(2 * time.Second))
 
@@ -279,6 +289,13 @@ func normalReconnActiveReconn(options *initial.Options, proxy share.Proxy) net.C
 			conn = transport.WrapTLSClientConn(conn, tlsConfig)
 		}
 
+		param := new(protocol.NegParam)
+		param.Addr = options.Connect
+		param.Conn = conn
+		param.Domain = options.Domain
+		proto := protocol.NewUpProto(param)
+		proto.CNegotiate()
+
 		if err := share.ActivePreAuth(conn); err != nil {
 			conn.Close()
 			time.Sleep(time.Duration(options.Reconnect) * time.Second)

protocol/websocket.go

@@ -14,7 +14,8 @@ import (
 	"time"
 )
 
-// TODO: websocket数据帧还有些问题，暂时不启用
+// TODO: The WebSocket data frames still have some issues See: https://datatracker.ietf.org/doc/html/rfc6455#section-5.
+// But in actual testing, the NGINX reverse proxy works fine. Let's temporarily enable it, and if any issues arise, we can make improvements later.
 const websocketGUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
 const websocketPath = "/deadbeef"
 
@@ -35,11 +36,23 @@ func (proto *WSProto) CNegotiate() error {
 		return err
 	}
 
-	addrSlice := strings.SplitN(proto.addr, ":", 2)
-	if len(addrSlice) < 2 {
-		return errors.New("addr is error")
+	var addrSlice []string
+	if proto.addr != "" {
+		addrSlice = strings.SplitN(proto.addr, ":", 2)
+		if len(addrSlice) < 2 {
+			return errors.New("addr is error")
+		}
+	} else {
+		proto.addr = "stowaway.com:22"
+		addrSlice = strings.SplitN(proto.addr, ":", 2)
+	}
+
+	var host string
+	if proto.domain != "" {
+		host = proto.domain + ":" + addrSlice[1]
+	} else {
+		host = proto.addr
 	}
-	host := proto.domain + ":" + addrSlice[1]
 
 	// 发送websocket头
 	wsHeaders := fmt.Sprintf(`GET %s HTTP/1.1