lolly

xfy/lolly

Author	SHA1	Message	Date
xfy	6f17bbad7e	chore: remove trailing blank lines and clean up whitespace	2026-06-03 18:08:34 +08:00
xfy	1a6b5f9166	Merge origin/master into master	2026-06-03 16:36:23 +08:00
xfy	2734b04d8f	refactor: remove 16.8k lines of dead code across all internal packages - Delete unused files: tempfile subsystem, matcher variants, server/internal - Remove 200+ unused functions across proxy, ssl, lua, http2/3, stream, variable - Fix proxy test type errors (backgroundRefresh ctx→Request) - Move bench/tools mock backend into internal/testutil - Remove corresponding test functions for all deleted code	2026-06-03 16:15:43 +08:00
Sonetto	5dec128510	Merge pull request #3 from xfy911/improve-comments docs: add comprehensive documentation comments	2026-06-03 15:41:36 +08:00
xfy911	a136b07bb9	docs: add documentation comments for exported constants and variables - Fix gjson/gjson.go package comments and constant documentation - Fix internal/config/config.go constant documentation - Fix internal/utils/httperror.go variable documentation - Fix internal/matcher/matcher.go constant documentation - Fix internal/middleware/compression/compression.go constant documentation - Fix internal/middleware/limitrate/limitrate.go constant documentation - Fix internal/middleware/rewrite/rewrite.go constant documentation - Fix internal/middleware/security/access.go and auth.go constant documentation - Fix internal/ssl/client_verify.go constant documentation - Fix internal/variable/builtin.go and ssl.go constant documentation - Fix internal/lua/api_log.go HTTP and log level constant documentation - Fix internal/benchmark/tools/tools.go constant documentation - Include author attribution (xfy)	2026-06-03 15:28:53 +08:00
xfy911	fc1de2d445	docs: add documentation comments for more exported constants and variables - Add comments for ssl/client_verify.go verification modes - Add comments for security/auth.go hash algorithms - Add comments for rewrite/rewrite.go flags - Add comments for compression/compression.go algorithms - Add comments for limitrate/limitrate.go strategies - Include author attribution (xfy)	2026-06-03 15:28:53 +08:00
xfy	37e20ae9a0	refactor: remove unused extractCertificates function and tests	2026-06-03 13:51:55 +08:00
xfy	eb404f98a2	fix(ssl): implement OCSP refreshAll to actually refresh stale responses refreshAll() was a no-op — it checked which entries needed refreshing but never called fetchOCSP. Now it: - Stores cert/issuer pairs when registering certificates - Actually fetches fresh OCSP responses for stale/expired entries - Updates error counts and marks entries as failed after max retries	2026-06-03 01:14:09 +08:00
xfy	3b84d62971	fix(ssl): extract OCSP HTTP request loop into singleOCSPAttempt The previous code used defer resp.Body.Close() inside a for loop, causing all response bodies to remain open until the function returned. Extract the per-attempt logic into singleOCSPAttempt so each response body is closed immediately after processing.	2026-06-03 01:11:07 +08:00
xfy	5090bd4cbe	fix(ssl): use reserved IP for connection failure test Use 198.18.0.1 (IANA reserved benchmark address) instead of 127.0.0.1:9999 to ensure reliable connection failure in tests. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-09 08:20:10 +08:00
xfy	f145a8770e	refactor: modernize code with Go 1.22+ features Apply modern Go patterns across the codebase: - Replace `interface{}` with `any` (Go 1.18+) - Use `for range n` instead of `for i := 0; i < n; i++` (Go 1.22+) - Replace `sort.Slice` with `slices.Sort` from slices package - Simplify sync.WaitGroup patterns with errgroup where appropriate - Add Makefile targets for modernize analyzer Total: 84 files updated, net reduction of 79 lines Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-30 10:37:45 +08:00
xfy	e7306a0c72	perf: optimize ConsistentHash and RateLimiter for better concurrency - ConsistentHash: reuse main hash ring in SelectExcludingByKey instead of rebuilding per call, reducing memory allocation from 369KB to 1.8KB (99.5%) - RateLimiter: replace single RWMutex with 16-segment sharded locks to reduce lock contention in high-concurrency scenarios - TLS SessionTickets: add warning log when KeyFile is empty to alert users about session invalidation after restart Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-30 10:23:19 +08:00
xfy	6b8b00c900	refactor(ssl): extract TLS config generation to sslutil - 新增 internal/sslutil/tlsconfig.go 统一 TLS 配置函数 - 提取 ParseTLSVersion/ParseCipherSuites/DefaultCipherSuites 等 - 更新 ssl.go/stream/ssl.go/proxy_ssl.go 使用统一函数 - 消除约 150 行重复代码 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-29 18:18:33 +08:00
xfy	cf2fcca7e8	refactor: 提取公共逻辑、消除重复代码、加强错误处理 - 提取 App 公共逻辑到 app_common.go，消除 app.go/app_windows.go 重复定义 - 提取 Server 生命周期/中间件/路由逻辑到独立文件（lifecycle.go/middleware_builder.go/router.go） - 提取 Proxy 缓存处理/头部修改/目标选择到独立模块 - 提取 CheckIPAccess/CheckTokenAuth 到 utils/httperror.go，消除 status/purge 重复实现 - 修复 stream 双向转发：任一方向完成立即关闭双端，避免连接泄漏 - 修复 SSL/TLS 中静默忽略错误的问题，添加日志记录 - 统一日志消息为英文 💘 Generated with Crush Assisted-by: GLM 5.1 via Crush <crush@charm.land>	2026-04-28 18:00:48 +08:00
xfy	9f7090df67	test(handler,middleware,server,ssl,proxy): 扩展测试覆盖率 - handler: 添加 sendfile 和 static 处理器测试 - middleware/security: 添加访问控制、认证、请求头、限流测试 - server: 添加池、pprof、清理、状态、升级、vhost 测试 - ssl: 添加客户端验证、OCSP、SSL 测试 - proxy: 添加代理覆盖率补充测试 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-22 10:42:05 +08:00
xfy	2458ac1ed1	docs: 为其余模块添加标准化 godoc 注释为剩余模块添加完整文档注释： - app: 应用生命周期管理 - cache: 文件缓存 - config: 配置加载器 - handler: 静态文件处理和错误页面 - http2/http3: HTTP/2 和 HTTP/3 适配器 - loadbalance: 负载均衡算法和均衡器 - middleware: bodylimit、compression、rewrite、security - mimeutil: MIME 类型检测 - netutil: URL 处理工具 - resolver: DNS 解析器 - server: 服务器升级处理 - ssl: SSL/TLS 和 OCSP - stream: 流处理 - testutil: 测试工具 - variable: 变量池和 SSL 变量 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-04-20 10:59:53 +08:00
xfy	8ed800271d	test: 迁移基准测试循环到 Go 1.24 b.Loop() API - 所有 *_bench_test.go 文件从 for i := 0; i < b.N; i++ 改为 for b.Loop() - 部分测试文件从 for i := 0; i < N; ... 改为 for range N 或 for i := range N - 涵盖模块: cache, handler, http2, http3, loadbalance, logging, lua, middleware/accesslog, middleware/bodylimit, middleware/rewrite, middleware/security, netutil, resolver, server, ssl, stream Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-16 13:50:15 +08:00
xfy	fdefaefdb3	test(ssl): 添加 SSL/TLS 性能基准测试覆盖 TLS 握手、证书加载、会话恢复和 OCSP 装订性能。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-16 11:44:45 +08:00
xfy	d21e27fbac	fix(lint): 修复 golangci-lint 错误 (119 -> 0 issues) 主要修复： - errcheck: defer Close 使用 //nolint:errcheck，类型断言改为 ok 检查 - govet fieldalignment: 调整结构体字段顺序优化内存布局 - revive unused-parameter: 将未使用参数改为 _ - exhaustive: 添加缺失的 switch case 或 default - goconst: 提取重复字符串为常量 (accessAllow, accessDeny 等) - staticcheck SA9003: 修复空分支逻辑 - gofmt: 运行 gofmt -w 格式化 - nolintlint: 修复 nolint 注释格式其他改进： - 更新 .golangci.yml 配置，启用更严格的检查 - 移除未使用的代码和导入 - 简化测试辅助函数调用 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-13 16:15:31 +08:00
xfy	95b6119e34	refactor: 使用标准库 slices/maps 替代自定义函数 - 使用 slices.Contains 替代 contains/containsInt 函数 - 使用 maps.Copy 替代手动遍历复制 - 删除 internal/cache 中不再需要的辅助函数 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-13 13:15:13 +08:00
xfy	96bd4b0ed5	refactor(ssl): 提取证书池加载函数到 sslutil 包将 LoadCACertPool 和 LoadCertPool 函数提取到独立的 sslutil 包，消除 ssl 和 stream 模块中的重复实现。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-13 10:58:57 +08:00
xfy	8b382606df	Merge branch 'lint-fix' - resolve sendfile.go conflict Conflict: sendfile.go (!linux build tag) was incorrectly modified to include linuxSendfile and getSocketFd functions which already exist in sendfile_linux.go. Resolution: Keep HEAD version (simple fallback returning ENOTSUP) as Linux implementation is properly separated in sendfile_linux.go. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-13 09:26:48 +08:00
xfy	eb379d9121	test(proxy,ssl,server,variable): 补全测试覆盖 - websocket: 升级请求构建、响应读写、大消息转发、并发桥接 - ssl: CRL 吊销检查、证书链深度限制、完整验证流程 - server: 初始化配置、静态文件、GoroutinePool、FileCache - variable: mTLS 客户端证书变量和指纹计算 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-10 17:59:22 +08:00
xfy	01343ce783	refactor(ssl): 提取客户端验证模式常量将硬编码字符串提取为私有常量，避免魔法字符串重复。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-10 17:59:22 +08:00
xfy	616762e840	refactor(netutil): 提取通用主机名处理函数 - 新增 StripPort() 函数用于移除主机名中的端口 - 新增 HasPort() 函数用于检测主机名是否包含端口 - 替代 vhost 和 ssl 模块中的内联端口处理逻辑 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-10 11:20:10 +08:00
xfy	d89e55481c	refactor(ssl): 适配 resolver.DNSCacheEntry 重命名适配 resolver 模块类型重命名 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-10 09:40:48 +08:00
xfy	412bfebdd8	feat(http2): 新增 HTTP/2 支持，集成到服务器和应用	2026-04-09 12:18:52 +08:00
xfy	9d49349ee1	feat(ssl,config): 新增 Session Tickets 和 mTLS 客户端证书验证 - SessionTicketsConfig 支持 TLS 1.3 会话恢复，密钥轮换和持久化 - ClientVerifyConfig 支持双向 TLS 认证，CA 证书池和 CRL - TLSManager 集成 SessionTicketManager 和 ClientVerifier - 新增完整测试覆盖密钥轮换和客户端验证逻辑 Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-08 14:36:47 +08:00
xfy	f2352ab9cc	docs(config,stream,logging,handler,proxy,cache,server,ssl,middleware): 为核心模块添加详细 GoDoc 文档注释 - config: 为 Config 和所有子配置结构添加完整文档，包含使用示例和注意事项 - stream: 为负载均衡器和服务器添加详细的参数、返回值和功能说明 - logging: 为日志格式化和输出函数添加文档，说明支持的变量替换 - handler: 为路由器、静态文件和 sendfile 处理器添加文档 - proxy: 为健康检查器和代理功能添加完整文档 - cache/server/ssl/middleware: 补充相关模块的文档注释 - config.example.yaml: 添加可信代理配置、加密套件示例，更新压缩级别说明 Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-07 15:36:09 +08:00
xfy	fc71cf4835	refactor(test): 统一测试文件错误处理风格使用空白标识符忽略测试辅助函数中 Close、ReadFrom、Set 等返回值，与主代码风格保持一致。 Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-03 17:37:05 +08:00
xfy	0f7c69e59b	refactor(app,logging,proxy,ssl): 改进错误处理，使用空白标识符忽略明确不关心的返回值 - 使用 _ 忽略 Close、Write、Signal 等函数的错误返回值 - 这些场景的错误处理没有实际意义（关闭时已处于清理阶段） - 移除 health.go 中未使用的 mu 字段 - proxy 模块使用 for-range 替代 VisitAll 遍历头部 Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-03 17:36:47 +08:00
xfy	92cd93d4c0	refactor: 代码改进与注释补充 - logging: 补充包文档说明 - pool: 修复 workers 计数器并发安全 (atomic 操作) - stream: 完善注释与错误处理 - handler/static: 添加预压缩文件支持接口 - loadbalance: 补充算法注释 - vhost: 改进虚拟主机路由逻辑 - ssl: 优化证书加载注释 - main: 补充启动流程注释 Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-03 16:57:59 +08:00
xfy	ac9153f09d	fix(proxy,stream,server): Phase 8 问题修复与功能完善 - WebSocket 代理集成：handleWebSocket 现调用 ProxyWebSocket 实现 - 删除 UDP Stream 冗余代码：移除 udpListener 类型及相关测试 - 热升级监听器继承：改用 net.Listen + Serve 模式支持监听器传递 - 代码格式修复：注释格式调整、字段对齐、文件末尾换行符 Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-03 14:28:00 +08:00
xfy	95030cd68a	docs: 更新 AGENTS.md 文档添加各模块的 AGENTS.md 文档文件，记录模块职责和代码结构 Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-03 14:07:42 +08:00
xfy	c70ab305b7	test(app,proxy,ssl,stream): 完善测试覆盖率 - app: 添加 NewApp/SetPidFile/SetLogFile/sigName 测试 - proxy: 扩展健康检查器测试 - ssl: 添加 TLS 配置和 Close 方法测试 - stream: 添加负载均衡器和 UDP 会话测试覆盖率从 55.4% 提升至 60.3% Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-03 13:36:43 +08:00
xfy	80936ae66b	feat(server,proxy,ssl,docs): 完成 Phase 7 功能完善主要变更： - WebSocket 代理支持 (internal/proxy/websocket.go) - OCSP stapling 实现 (internal/ssl/ocsp.go) - 监控状态端点 (internal/server/status.go) - 新增 nginx 模块文档 (19-24) - UDP 代理超时配置支持 - 多模块代码注释完善和功能增强 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-04-03 13:13:12 +08:00
xfy	9d24263918	feat(stream,server,handler): 实现 Phase 6 性能优化和热升级新增功能: - stream 模块: 流式传输支持，优化大文件和实时数据传输 - Goroutine 池: 限制并发数量，减少调度开销 - 优雅升级: 零停机热升级，继承父进程监听器 - sendfile: 零拷贝文件传输，大文件直接从内核传输重构改进: - App 结构体封装，支持热升级和信号处理 - 配置结构字段对齐和代码清理 - 完善错误处理和日志记录 Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-03 10:39:22 +08:00
xfy	d4998e5634	feat(ssl,security): 实现 SSL/TLS 和安全中间件模块 - ssl: TLS 配置管理、证书加载、SNI 支持、现代安全默认值 - security/auth: HTTP Basic Auth (bcrypt/argon2id 密码哈希) - security/ratelimit: 令牌桶限流、连接数限制 - security/access: IP 访问控制 (CIDR allow/deny) - security/headers: 安全响应头 (X-Frame-Options, CSP, HSTS 等) Phase 4 完成 Co-Authored-By: Claude <noreply@anthropic.com>	2026-04-03 09:53:18 +08:00

38 Commits