既然要翻墙,肯定要有一台墙外主机。为了配合加密,以及 HTTP/HTTPS 协议代理,需要编译有 mcrypt 和 curl 的 PHP;在如今我估计这应该都属于web主机标配环境.
如果是文本数据,就加密后返回;如果非文本数据,就不加密了。返回给本地代理以第一个字符是"0" or "1"来指示接下来的数据是否经过加密。
-
<?PHP
-
$PASSWORD = "yourpasswordhere";
-
$pw_md5 = md5($PASSWORD, true);
-
$key = substr($pw_md5, 0, 8);
-
$iv = substr($pw_md5, 8, 8);
-
-
$input = file_get_contents("php://input");
-
-
$td = mcrypt_module_open('des', '', 'cbc', '');
-
mcrypt_generic_init($td, $key, $iv);
-
if (strlen($input) > 0 && $input % 8 == 0) {
-
$input = strip_pkcs7("des", "cbc", mdecrypt_generic($td, $input));
-
-
$req = explode("\r\n\r\n", $input, 3);
-
-
$rawreqline = explode(" ", $req[0]);
-
$url = parse_url($rawreqline[1]);
-
-
$_headers = explode("\r\n", trim($req[1]));
-
//$_headers[count($_headers)] = "X-Forwarded-For: ".$_SERVER['REMOTE_ADDR'];
-
if ($url["scheme"] == "http" || $url["scheme"] == "https") {
-
$ch = curl_init($rawreqline[1]);
-
/* avoid HTTP/1.1 Transfer-Encoding: chunked */
-
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
-
curl_setopt($ch, CURLOPT_HTTPHEADER, $_headers);
-
curl_setopt($ch, CURLOPT_HEADER, 1);
-
if ($url["scheme"] == "https") {
-
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
-
}
-
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
-
if ($rawreqline[0] == "POST" && count($req) == 3) {
-
curl_setopt($ch, CURLOPT_POST, 1);
-
curl_setopt($ch, CURLOPT_POSTFIELDS, $req[2]);
-
}
-
$data = curl_exec($ch);
-
-
curl_close($ch);
-
}
-
$text_mode = "0";
-
-
$res = explode("\r\n\r\n", $data, 2);
-
$header = explode("\r\n", $res[0], 2); // STATUS HEADER
-
$headers = explode("\r\n", $header[1]);
-
foreach ($headers as $hline) {
-
$h = explode(":", $hline, 2);
-
$k = strtolower(trim($h[0]));
-
if ($k == "content-type" && strpos(strtolower(trim($h[1])), "text/") === 0) {
-
$text_mode = "1";
-
break;
-
}
-
}
-
if ($text_mode == "1") {
-
mcrypt_generic_deinit($td);
-
mcrypt_generic_init($td, $key, $iv);
-
$data = mcrypt_generic($td, padding_pkcs7("des", "cbc", $data));
-
}
-
$data = $text_mode . $data;
-
}
-
?><?=$data?>
Topic:
最新评论