lxrite / Azure Http Proxy
Licence: mit
A fast, secure, lightweight and cross-platform HTTP proxy written in C++.
Stars: ✭ 170
Labels
Projects that are alternatives of or similar to Azure Http Proxy
Qtnetworkng
QtNetwork Next Generation. A coroutine based network framework for Qt/C++, with more simpler API than boost::asio.
Stars: ✭ 125 (-26.47%)
Mutual labels: http-proxy, openssl
Quic Proxy
A http/https proxy using QUIC as transport layer
Stars: ✭ 159 (-6.47%)
Mutual labels: http-proxy
Fwlite
A anti-censorship HTTP proxy with builtin shadowsocks support.
Stars: ✭ 129 (-24.12%)
Mutual labels: http-proxy
Nginx Ee
Automated Nginx compilation from sources with additional modules support. Compatible with WordOps, EasyEngine & Plesk
Stars: ✭ 132 (-22.35%)
Mutual labels: openssl
Beyond
BeyondCorp-inspired Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.
Stars: ✭ 151 (-11.18%)
Mutual labels: http-proxy
Underlock
Underlock makes it dead simple to encrypt and decrypt your data and files. It comes with little to no dependencies and has a very small API surface.
Stars: ✭ 128 (-24.71%)
Mutual labels: openssl
Mutual Tls Ssl
🔐 Tutorial of setting up Security for your API with one way authentication with TLS/SSL and mutual mutual authentication for a java based web server and a client with both Spring Boot. Different clients are provided such as Apache HttpClient, OkHttp, Spring RestTemplate, Spring WebFlux WebClient Jetty and Netty, the old and the new JDK HttpClient, the old and the new Jersey Client, Google HttpClient, Unirest, Retrofit, Feign, Methanol, vertx, Scala client Finagle, Featherbed, Dispatch Reboot, AsyncHttpClient, Sttp, Akka, Requests Scala, Http4s Blaze, Kotlin client Fuel, http4k, Kohttp and ktor. Also other server examples are available such as jersey with grizzly. Also gRPC examples are included
Stars: ✭ 163 (-4.12%)
Mutual labels: openssl
Cryptcheck
Verify some SSL/TLS website or XMPP implementation
Stars: ✭ 158 (-7.06%)
Mutual labels: openssl
Php Http Proxy
HTTP proxy written in PHP based on workerman.
Stars: ✭ 134 (-21.18%)
Mutual labels: http-proxy
Prism
Turn any OpenAPI2/3 and Postman Collection file into an API server with mocking, transformations and validations.
Stars: ✭ 2,484 (+1361.18%)
Mutual labels: http-proxy
Search Guard Ssl
Elasticsearch SSL for free. Supports native Open SSL.
Stars: ✭ 159 (-6.47%)
Mutual labels: openssl
Chaos Http Proxy
Introduce failures into HTTP requests via a proxy server
Stars: ✭ 128 (-24.71%)
Mutual labels: http-proxy
Corkscrew
Corkscrew is a tool for tunneling SSH through HTTP proxies.
Stars: ✭ 149 (-12.35%)
Mutual labels: http-proxy
Libhv
🔥 比libevent、libuv更易用的国产网络库。A c/c++ network library for developing TCP/UDP/SSL/HTTP/WebSocket client/server.
Stars: ✭ 3,355 (+1873.53%)
Mutual labels: openssl
Openssl
Provides SSL, TLS and general purpose cryptography.
Stars: ✭ 166 (-2.35%)
Mutual labels: openssl
azure-http-proxy 
简介
AHP(Azure Http Proxy)是一款高速、安全、轻量级和跨平台的HTTP代理,使用对称加密算法AES对传输的数据进行加密,使用非对称加密算法RSA传输密钥。
特性
- 一连接一密钥,AHP会对每个连接使用一个随机生成的密钥和初始化向量,避免重复使用同一密钥
- 使用非对称加密算法RSA传输密钥,只需对客户端公开RSA公钥
- 对目标域名的解析在服务端进行,可以解决本地DNS污染的问题
- 服务端同时支持多种数据加密方式,数据加密方式可由客户端任意指定,客户端可以权衡机器性能以及安全需求选择合适的加密方式
- 多线程并发处理,充分利用多处理器的优势,能同时处理成千上万的并发连接
- 多用户支持,允许为每个用户使用独立的帐号和密码
编译和安装
编译器
AHP使用了部分C++17特性,所以对编译器的版本有较高要求,下面列出了部分已测试过可以用来编译AHP的编译器
- Microsoft Visual Studio >= 2017
- GCC >= 7.3
- Clang >= 6.0
如果你想要使用低版本的编译器(C++11)来编译,可以试试这个分支。
安装依赖
- OpenSSL
Linux
几乎所有的Linux发行版都可以通过包管理安装OpenSSL。
Ubuntu
$ apt-get install libssl-dev
Fedora
$ yum install openssl
$ yum install openssl-devel
Windows
Windows可以使用vcpkg来安装OpenSSL。
$ vcpkg install openssl
编译
AHP使用自动化构建工具CMake来实现跨平台构建
- CMake >= 2.8
Windows下可以使用cmake-gui.exe,Linux或其他类Unix系统可以使用下面的命令编译
$ cd azure-http-proxy
$ mkdir build
$ cd build
$ cmake ..
$ make
如果编译成功会生成ahpc(客户端)和ahps(服务端)。
OpenWrt/LEDE 编译参考 openwrt-ahp
配置和运行
完整的配置示例见这里: https://github.com/lxrite/azure-http-proxy/tree/master/example
注意:不要使用示例配置中的RSA私钥和公钥,因为私钥一公开就是不安全的了。
如果你要运行的是服务端,那么你首先需要生成一对RSA密钥对,AHP支持任意长度不小于1024位的RSA密钥。下面的命令使用openssl生成2048位的私钥和公钥
$ openssl genrsa -out rsa_private_key.pem 2048
$ openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
服务端保留私钥并将公钥告诉客户端。
配置服务端
编辑server.json文件,Windows下应将此文件放到ahps.exe同目录下,Linux或其他类Unix系统将此文件放到~/.ahps/server.json。
{
"bind_address": "0.0.0.0",
"listen_port": 8090,
"rsa_private_key": "-----BEGIN RSA PRIVATE KEY----- ...... -----END RSA PRIVATE KEY-----",
"timeout": 240,
"workers": 4,
"auth": true,
"users": [
{
"username": "username1",
"password": "password1"
},
{
"username": "foobar",
"password": "bazqux"
}
]
}
| 字段名 | 描述 | 是否必选 | 默认值 |
|---|---|---|---|
| bind_address | 服务端绑定的IP地址 | 否 | "0.0.0.0" |
| listen_port | 服务端绑定的端口 | 否 | 8090 |
| rsa_private_key | RSA私钥 | 是 | 无 |
| timeout | 超时时间(秒) | 否 | 240 |
| workers | 并发工作线程数 | 否 | 4 |
| auth | 启用代理身份验证 | 否 | false |
| users | 用户列表 | auth为true时必选 | 无 |
配置客户端
编辑client.json文件,Windows下应将此文件放到ahpc.exe或ahpc-gui.exe同目录下,Linux或其他类Unix系统将此文件放到~/.ahpc/client.json。
{
"proxy_server_address": "127.0.0.1",
"proxy_server_port": 8090,
"bind_address": "127.0.0.1",
"listen_port": 8089,
"rsa_public_key": "-----BEGIN PUBLIC KEY----- ...... -----END PUBLIC KEY-----",
"cipher": "aes-256-cfb",
"timeout": 240,
"workers": 2
}
| 字段名 | 描述 | 是否必选 | 默认值 |
|---|---|---|---|
| proxy_server_address | 服务端的IP地址或域名 | 是 | 无 |
| proxy_server_port | 服务端的端口 | 是 | 无 |
| bind_address | 客户端绑定的IP地址 | 否 | "127.0.0.1" |
| listen_port | 客户端的监听端口 | 否 | 8089 |
| rsa_public_key | RSA公钥 | 是 | 无 |
| cipher | 加密方法 | 否 | "aes-256-cfb" |
| timeout | 超时时间(秒) | 否 | 240 |
| workers | 并发工作线程数 | 否 | 2 |
支持的加密方法
- aes-xyz-cfb
- aes-xyz-cfb8
- aes-xyz-cfb1
- aes-xyz-ofb
- aes-xyz-ctr
中间的xyz可以为128、192或256。
运行
确定配置无误后就可以运行AHP了。
运行服务端
Linux或其他类Unix系统
$ ./ahps
Windows
$ ahps.exe
运行客户端
Linux或其他类Unix系统
$ ./ahpc
Windows
$ ahpc.exe
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].