xfy/lolly
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
568 Commits 1 Branch 7 Tags
Commit Graph

15 Commits

Author SHA1 Message Date
xfy911
a136b07bb9 docs: add documentation comments for exported constants and variables 
- Fix gjson/gjson.go package comments and constant documentation
- Fix internal/config/config.go constant documentation
- Fix internal/utils/httperror.go variable documentation
- Fix internal/matcher/matcher.go constant documentation
- Fix internal/middleware/compression/compression.go constant documentation
- Fix internal/middleware/limitrate/limitrate.go constant documentation
- Fix internal/middleware/rewrite/rewrite.go constant documentation
- Fix internal/middleware/security/access.go and auth.go constant documentation
- Fix internal/ssl/client_verify.go constant documentation
- Fix internal/variable/builtin.go and ssl.go constant documentation
- Fix internal/lua/api_log.go HTTP and log level constant documentation
- Fix internal/benchmark/tools/tools.go constant documentation
- Include author attribution (xfy)
 2026-06-03 15:28:53 +08:00
xfy911
fc1de2d445 docs: add documentation comments for more exported constants and variables 
- Add comments for ssl/client_verify.go verification modes
- Add comments for security/auth.go hash algorithms
- Add comments for rewrite/rewrite.go flags
- Add comments for compression/compression.go algorithms
- Add comments for limitrate/limitrate.go strategies
- Include author attribution (xfy)
 2026-06-03 15:28:53 +08:00
xfy
edc135ae5f refactor(utils): enhance ParseCIDR to support single IP 
Enhance parseCIDR in utils/ipallowlist.go to support single IP addresses
(without CIDR prefix) and ensure IP is in canonical form. This matches
the functionality previously in access.go.

- Add ParseCIDR as public function supporting CIDR and single IP
- Update access.go to use utils.ParseCIDR instead of local implementation
- Remove duplicate parseCIDR function from access.go
- Update tests to use utils.ParseCIDR

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-05-08 18:20:09 +08:00
xfy
f145a8770e refactor: modernize code with Go 1.22+ features 
Apply modern Go patterns across the codebase:
- Replace `interface{}` with `any` (Go 1.18+)
- Use `for range n` instead of `for i := 0; i < n; i++` (Go 1.22+)
- Replace `sort.Slice` with `slices.Sort` from slices package
- Simplify sync.WaitGroup patterns with errgroup where appropriate
- Add Makefile targets for modernize analyzer

Total: 84 files updated, net reduction of 79 lines

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-30 10:37:45 +08:00
xfy
bc9b7ba616 refactor(security): merge access Update methods 
- 新增 UpdateList(target string, cidrs []string) 统一更新方法
- UpdateAllowList/UpdateDenyList 改为包装调用
- 消除约 15 行重复代码,保持向后兼容

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-29 18:20:14 +08:00
xfy
13bfc090f7 docs(middleware): 为中间件模块添加标准化 godoc 注释 
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
 2026-04-20 11:23:03 +08:00
xfy
6866c763f1 refactor(security,proxy): 移除重复代码使用公共函数 
- access: 移除 getRemoteAddrIP 改用 netutil.GetRemoteAddrIP
- proxy: 简化 createBalancer 调用 createBalancerByName

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 15:56:20 +08:00
xfy
103e8ff0cf feat(geoip): 添加基于国家代码的 GeoIP 访问控制功能 
- 新增 GeoIPConfig 配置结构,支持 MaxMind MMDB 数据库
- 实现 GeoIPLookup 查询器,带 LRU 缓存和 TTL 支持
- AccessControl 集成 GeoIP 检查,按国家代码过滤请求
- 支持私有 IP 特殊处理策略 (allow/deny)
- 添加完整的单元测试和配置验证测试
- 新增 stream-udp.conf 示例配置文档

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-13 16:14:44 +08:00
xfy
8b382606df Merge branch 'lint-fix' - resolve sendfile.go conflict 
Conflict: sendfile.go (!linux build tag) was incorrectly modified to
include linuxSendfile and getSocketFd functions which already exist
in sendfile_linux.go.

Resolution: Keep HEAD version (simple fallback returning ENOTSUP) as
Linux implementation is properly separated in sendfile_linux.go.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-13 09:26:48 +08:00
xfy
649a6ed23f refactor(security): 重命名 HeadersMiddleware 移除冗余前缀 
SecurityHeadersMiddleware → HeadersMiddleware
NewSecurityHeaders → NewHeaders
NewSecurityHeadersWithHSTS → NewHeadersWithHSTS

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-10 09:40:38 +08:00
xfy
7a98a0b044 refactor: 抽取网络工具函数到 netutil 包,移除冗余代码 
- 新增 internal/netutil 包,统一 IP 提取和 URL 解析函数
- proxy/websocket/middleware 使用 netutil 替代重复实现
- 移除 handler/sendfile 中未使用的 BufferPool 相关代码
- 移除 http3/adapter 中未使用的反向转换函数
- 提取 server.registerStaticHandler 函数改进代码结构
- 优化 access.go 锁范围,减少持锁时间

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-04-03 18:24:21 +08:00
xfy
98736e1f1c feat(security): 增强访问控制安全性,支持可信代理配置 
- 新增 TrustedProxies 配置项,安全解析 X-Forwarded-For
- 防止 IP 伪造攻击,仅信任来自可信代理的头部
- 使用右侧非可信 IP 作为真实客户端 IP
- 改进连接数限制中间件集成

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-04-03 16:57:32 +08:00
xfy
80936ae66b feat(server,proxy,ssl,docs): 完成 Phase 7 功能完善 
主要变更:
- WebSocket 代理支持 (internal/proxy/websocket.go)
- OCSP stapling 实现 (internal/ssl/ocsp.go)
- 监控状态端点 (internal/server/status.go)
- 新增 nginx 模块文档 (19-24)
- UDP 代理超时配置支持
- 多模块代码注释完善和功能增强

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-03 13:13:12 +08:00
xfy
9d24263918 feat(stream,server,handler): 实现 Phase 6 性能优化和热升级 
新增功能:
- stream 模块: 流式传输支持,优化大文件和实时数据传输
- Goroutine 池: 限制并发数量,减少调度开销
- 优雅升级: 零停机热升级,继承父进程监听器
- sendfile: 零拷贝文件传输,大文件直接从内核传输

重构改进:
- App 结构体封装,支持热升级和信号处理
- 配置结构字段对齐和代码清理
- 完善错误处理和日志记录

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-04-03 10:39:22 +08:00
xfy
d4998e5634 feat(ssl,security): 实现 SSL/TLS 和安全中间件模块 
- ssl: TLS 配置管理、证书加载、SNI 支持、现代安全默认值
- security/auth: HTTP Basic Auth (bcrypt/argon2id 密码哈希)
- security/ratelimit: 令牌桶限流、连接数限制
- security/access: IP 访问控制 (CIDR allow/deny)
- security/headers: 安全响应头 (X-Frame-Options, CSP, HSTS 等)

Phase 4 完成

Co-Authored-By: Claude <noreply@anthropic.com>
 2026-04-03 09:53:18 +08:00