Merge pull request #22 from meethigher/issue-15

支持tcpmux

Author: meethigher

src/main/java/top/meethigher/proxy/FastAes.java

@@ -0,0 +1,117 @@
+package top.meethigher.proxy;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.GCMParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import java.nio.ByteBuffer;
+import java.security.SecureRandom;
+import java.util.Base64;
+
+/**
+ * 高性能 AES/GCM 对称加解密工具类（仅依赖 JDK 标准库）
+ */
+public final class FastAes {
+
+    private static final String TRANSFORMATION = "AES/GCM/NoPadding";
+    private static final int    AES_KEY_LEN    = 128;          // bit
+    private static final int    GCM_TAG_LEN    = 128;          // bit
+    private static final int    GCM_IV_LEN     = 12;           // byte
+
+    private static final SecureRandom RAND = new SecureRandom();
+
+    /* 每个线程复用自己的 Cipher 实例 */
+    private static final ThreadLocal<Cipher> CIPHER_HOLDER = ThreadLocal.withInitial(() -> {
+        try {
+            return Cipher.getInstance(TRANSFORMATION);
+        } catch (Exception e) {
+            throw new RuntimeException("AES/GCM not available", e);
+        }
+    });
+
+    private FastAes() {}   // utility class
+
+    /* ---------------------------------- 对外 API ---------------------------------- */
+
+    /**
+     * 随机生成 AES-128 密钥
+     */
+    public static SecretKey generateKey() {
+        try {
+            KeyGenerator kg = KeyGenerator.getInstance("AES");
+            kg.init(AES_KEY_LEN);
+            return kg.generateKey();
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    /**
+     * 将原始密钥字节数组包装成 SecretKey
+     */
+    public static SecretKey restoreKey(byte[] rawKey) {
+        if (rawKey.length != AES_KEY_LEN / 8) {
+            throw new IllegalArgumentException("Key length != 16 byte");
+        }
+        return new SecretKeySpec(rawKey, "AES");
+    }
+
+    /**
+     * 加密：返回 byte[]，格式为 IV(12B) + CipherText + Tag(16B)
+     */
+    public static byte[] encrypt(byte[] plain, SecretKey key) {
+        try {
+            byte[] iv = new byte[GCM_IV_LEN];
+            RAND.nextBytes(iv);
+
+            Cipher cipher = CIPHER_HOLDER.get();
+            cipher.init(Cipher.ENCRYPT_MODE, key, new GCMParameterSpec(GCM_TAG_LEN, iv));
+
+            byte[] cipherText = cipher.doFinal(plain);
+
+            return ByteBuffer.allocate(iv.length + cipherText.length)
+                             .put(iv)
+                             .put(cipherText)
+                             .array();
+        } catch (Exception e) {
+            throw new RuntimeException("Encrypt error", e);
+        }
+    }
+
+    /**
+     * 解密：输入格式须为 IV(12B) + CipherText + Tag(16B)
+     */
+    public static byte[] decrypt(byte[] ivPlusCipherText, SecretKey key) {
+        try {
+            if (ivPlusCipherText.length < GCM_IV_LEN) {
+                throw new IllegalArgumentException("Bad input length");
+            }
+            ByteBuffer buf = ByteBuffer.wrap(ivPlusCipherText);
+
+            byte[] iv = new byte[GCM_IV_LEN];
+            buf.get(iv);
+
+            byte[] cipherAndTag = new byte[buf.remaining()];
+            buf.get(cipherAndTag);
+
+            Cipher cipher = CIPHER_HOLDER.get();
+            cipher.init(Cipher.DECRYPT_MODE, key, new GCMParameterSpec(GCM_TAG_LEN, iv));
+
+            return cipher.doFinal(cipherAndTag);
+        } catch (Exception e) {
+            throw new RuntimeException("Decrypt error", e);
+        }
+    }
+
+    /* ----------------------------- 简易 Base64 封装 ----------------------------- */
+
+    public static String encryptToBase64(byte[] plain, SecretKey key) {
+        return Base64.getEncoder().encodeToString(encrypt(plain, key));
+    }
+
+    public static byte[] decryptFromBase64(String base64, SecretKey key) {
+        return decrypt(Base64.getDecoder().decode(base64), key);
+    }
+
+}

src/main/java/top/meethigher/proxy/LoadBalancer.java

@@ -0,0 +1,13 @@
+package top.meethigher.proxy;
+
+/**
+ * 负载均衡策略
+ *
+ * @author <a href="https://meethigher.top">chenchuancheng</a>
+ * @since 2025/07/26 13:05
+ */
+public interface LoadBalancer<T> {
+    T next();
+
+    String name();
+}

src/main/java/top/meethigher/proxy/NetAddress.java

@@ -0,0 +1,50 @@
+package top.meethigher.proxy;
+
+import java.util.Objects;
+
+public class NetAddress {
+    private final String host;
+    private final int port;
+
+    public NetAddress(String host, int port) {
+        this.host = host;
+        this.port = port;
+    }
+
+    public String getHost() {
+        return host;
+    }
+
+    public int getPort() {
+        return port;
+    }
+
+    @Override
+    public String toString() {
+        return host + ":" + port;
+    }
+
+    @Override
+    public boolean equals(Object o) {
+        if (o == null || getClass() != o.getClass()) {
+            return false;
+        }
+
+        NetAddress that = (NetAddress) o;
+        return this.host.equals(that.getHost()) && this.port == that.getPort();
+    }
+
+    @Override
+    public int hashCode() {
+        return Objects.hashCode(this.toString());
+    }
+
+    public static NetAddress parse(String addr) {
+        try {
+            String[] addrArr = addr.split(":");
+            return new NetAddress(addrArr[0], Integer.parseInt(addrArr[1]));
+        } catch (Exception e) {
+            return null;
+        }
+    }
+}

src/main/java/top/meethigher/proxy/http/ReverseHttpProxy.java

@@ -243,7 +243,7 @@ public static ReverseHttpProxy create(Router router, HttpServer httpServer, Http
         return new ReverseHttpProxy(httpServer, httpClient, router, generateName());
     }
 
-    protected static String generateName() {
+    public static String generateName() {
         final String prefix = ReverseHttpProxy.class.getSimpleName() + "-";
         try {
             // 池号对于虚拟机来说是全局的，以避免在类加载器范围的环境中池号重叠

src/main/java/top/meethigher/proxy/tcp/ReverseTcpProxy.java

@@ -10,7 +10,11 @@
 import io.vertx.core.net.SocketAddress;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import top.meethigher.proxy.LoadBalancer;
+import top.meethigher.proxy.NetAddress;
 
+import java.util.ArrayList;
+import java.util.List;
 import java.util.concurrent.ThreadLocalRandom;
 
 /**
@@ -32,24 +36,32 @@ public class ReverseTcpProxy {
     protected final Handler<NetSocket> connectHandler;
     protected final NetServer netServer;
     protected final NetClient netClient;
-    protected final String targetHost;
-    protected final int targetPort;
+    protected final LoadBalancer<NetAddress> lb;
+    protected final List<NetAddress> netAddresses;
     protected final String name;
 
     protected ReverseTcpProxy(NetServer netServer, NetClient netClient,
-                              String targetHost, int targetPort, String name) {
+                              LoadBalancer<NetAddress> loadBalancer,
+                              List<NetAddress> netAddresses,
+                              String name) {
         this.name = name;
-        this.targetHost = targetHost;
-        this.targetPort = targetPort;
+        this.lb = loadBalancer;
+        this.netAddresses = netAddresses;
         this.netServer = netServer;
         this.netClient = netClient;
         this.connectHandler = sourceSocket -> {
             // 暂停流读取
             sourceSocket.pause();
             SocketAddress sourceRemote = sourceSocket.remoteAddress();
             SocketAddress sourceLocal = sourceSocket.localAddress();
-            log.debug("source {} -- {} connected", sourceLocal, sourceRemote);
             sourceSocket.closeHandler(v -> log.debug("source {} -- {} closed", sourceLocal, sourceRemote));
+            NetAddress next = lb.next();
+            String targetHost = next.getHost();
+            int targetPort = next.getPort();
+            log.debug("source {} -- {} connected. lb [{}] next target {}", sourceLocal, sourceRemote,
+                    lb.name(),
+                    next
+            );
             netClient.connect(targetPort, targetHost)
                     .onFailure(e -> {
                         log.error("failed to connect to {}:{}", targetHost, targetPort, e);
@@ -61,7 +73,7 @@ protected ReverseTcpProxy(NetServer netServer, NetClient netClient,
                         SocketAddress targetRemote = targetSocket.remoteAddress();
                         SocketAddress targetLocal = targetSocket.localAddress();
                         log.debug("target {} -- {} connected", targetLocal, targetRemote);
-                        
+
                         // feat: v1.0.5以前的版本，在closeHandler里面，将对端连接也关闭。比如targetSocket关闭时，则将sourceSocket也关闭。
                         // 结果导致在转发短连接时，出现了bug。参考https://github.com/meethigher/tcp-reverse-proxy/issues/6
                         targetSocket.closeHandler(v -> log.debug("target {} -- {} closed", targetLocal, targetRemote));
@@ -88,20 +100,56 @@ protected ReverseTcpProxy(NetServer netServer, NetClient netClient,
 
     public static ReverseTcpProxy create(Vertx vertx,
                                          String targetHost, int targetPort, String name) {
-        return new ReverseTcpProxy(vertx.createNetServer(), vertx.createNetClient(), targetHost, targetPort, name);
+        List<NetAddress> list = new ArrayList<>();
+        TcpRoundRobinLoadBalancer lb = TcpRoundRobinLoadBalancer.create(list);
+        return new ReverseTcpProxy(
+                vertx.createNetServer(),
+                vertx.createNetClient(),
+                lb,
+                list,
+                name
+        ).addNode(new NetAddress(targetHost, targetPort));
     }
 
     public static ReverseTcpProxy create(Vertx vertx,
                                          String targetHost, int targetPort) {
-        return new ReverseTcpProxy(vertx.createNetServer(), vertx.createNetClient(), targetHost, targetPort, generateName());
+        List<NetAddress> list = new ArrayList<>();
+        return new ReverseTcpProxy(
+                vertx.createNetServer(),
+                vertx.createNetClient(),
+                TcpRoundRobinLoadBalancer.create(list),
+                list,
+                generateName()
+        ).addNode(new NetAddress(targetHost, targetPort));
     }
 
     public static ReverseTcpProxy create(NetServer netServer, NetClient netClient, String targetHost, int targetPort) {
-        return new ReverseTcpProxy(netServer, netClient, targetHost, targetPort, generateName());
+        List<NetAddress> list = new ArrayList<>();
+        return new ReverseTcpProxy(
+                netServer,
+                netClient,
+                TcpRoundRobinLoadBalancer.create(list),
+                list,
+                generateName()
+        ).addNode(new NetAddress(targetHost, targetPort));
     }
 
     public static ReverseTcpProxy create(NetServer netServer, NetClient netClient, String targetHost, int targetPort, String name) {
-        return new ReverseTcpProxy(netServer, netClient, targetHost, targetPort, name);
+        List<NetAddress> list = new ArrayList<>();
+        return new ReverseTcpProxy(
+                netServer,
+                netClient,
+                TcpRoundRobinLoadBalancer.create(list),
+                list,
+                name
+        ).addNode(new NetAddress(targetHost, targetPort));
+    }
+
+    public static ReverseTcpProxy create(NetServer netServer, NetClient netClient,
+                                         LoadBalancer<NetAddress> loadBalancer,
+                                         List<NetAddress> netAddresses,
+                                         String name) {
+        return new ReverseTcpProxy(netServer, netClient, loadBalancer, netAddresses, name);
     }
 
     public ReverseTcpProxy port(int port) {
@@ -114,8 +162,15 @@ public ReverseTcpProxy host(String host) {
         return this;
     }
 
+    public ReverseTcpProxy addNode(NetAddress netAddress) {
+        if (!netAddresses.contains(netAddress)) {
+            netAddresses.add(netAddress);
+        }
+        return this;
+    }
+
 
-    protected static String generateName() {
+    public static String generateName() {
         final String prefix = ReverseTcpProxy.class.getSimpleName() + "-";
         try {
             // 池号对于虚拟机来说是全局的，以避免在类加载器范围的环境中池号重叠
@@ -135,12 +190,15 @@ protected static String generateName() {
     }
 
     public void start() {
+        if (netAddresses.size() <= 0) {
+            throw new IllegalStateException("netAddresses size must be greater than 0");
+        }
         netServer.connectHandler(connectHandler).exceptionHandler(e -> log.error("connect failed", e));
         Future<NetServer> listenFuture = netServer.listen(sourcePort, sourceHost);
 
         Handler<AsyncResult<NetServer>> asyncResultHandler = ar -> {
             if (ar.succeeded()) {
-                log.info("{} started on {}:{}", name, sourceHost, sourcePort);
+                log.info("{} started on {}:{}\nLB-Mode: {}\n  {}", name, sourceHost, sourcePort, lb.name(), netAddresses);
             } else {
                 Throwable e = ar.cause();
                 log.error("{} start failed", name, e);

src/main/java/top/meethigher/proxy/tcp/TcpRoundRobinLoadBalancer.java

@@ -0,0 +1,44 @@
+package top.meethigher.proxy.tcp;
+
+import top.meethigher.proxy.LoadBalancer;
+import top.meethigher.proxy.NetAddress;
+
+import java.util.List;
+import java.util.concurrent.atomic.AtomicInteger;
+
+/**
+ * 轮询策略实现
+ *
+ * @author <a href="https://meethigher.top">chenchuancheng</a>
+ * @since 2025/07/26 13:41
+ */
+public class TcpRoundRobinLoadBalancer implements LoadBalancer<NetAddress> {
+
+    private final List<NetAddress> nodes;
+
+    private final AtomicInteger idx = new AtomicInteger(0);
+
+    private final String name = "TcpRoundRobinLoadBalancer";
+
+    private TcpRoundRobinLoadBalancer(List<NetAddress> nodes) {
+        this.nodes = nodes;
+    }
+
+
+    public NetAddress next() {
+        if (nodes == null) {
+            return null;
+        }
+        int index = idx.getAndUpdate(v -> (v + 1) % nodes.size());
+        return nodes.get(index);
+    }
+
+    @Override
+    public String name() {
+        return name;
+    }
+
+    public static TcpRoundRobinLoadBalancer create(List<NetAddress> nodes) {
+        return new TcpRoundRobinLoadBalancer(nodes);
+    }
+}