Merge branch 'main' of github.com:OpenNHP/opennhp

WinGeek · WinGeek · commit 51d8117771bd · 2024-12-19T21:15:19.000+08:00
diff --git a/README.md b/README.md
@@ -11,7 +11,7 @@
 **NHP (Network-resource Hiding Protocol)** is a lightweight, cryptography-based Zero Trust protocol designed to safeguard servers and data from attackers by leveraging resource-hiding and encryption. It includes two core sub-protocols:
 
 - **Network-infrastructure Hiding Protocol (nHP):** Protects servers and applications by concealing domains, IP addresses, and ports.  
-- **Data-object Hiding Protocol (dHP):** Ensures data security and privacy (e.g., files, databases, APIs) through cryptographic key negotiation and encryption.
+- **Data-object Hiding Protocol (dHP):** Ensures data security and privacy by making data "usable but not visible" through cryptographic key negotiation and encryption.
 
 **OpenNHP** is the open source implementation of NHP.
 
diff --git a/ac/httpac.go b/ac/httpac.go
@@ -139,7 +139,7 @@ func (ha *HttpAC) initRouter() {
 	refreshGrp.GET("/:token", func(ctx *gin.Context) {
 		var err error
 		token := ctx.Param("token")
-		log.Info("get refresh request. aspId: %s, query: %v", token, ctx.Request.URL.RawQuery)
+		log.Info("get refresh request. token: %s, query: %v", token, ctx.Request.URL.RawQuery)
 
 		if len(token) == 0 {
 			err = common.ErrUrlPathInvalid
diff --git a/agent/knock.go b/agent/knock.go
@@ -256,8 +256,9 @@ func (a *UdpAgent) preAccessRequest(ackMsg *common.ServerKnockAckMsg) (err error
 		acWg.Add(1)
 		go func(info *common.PreAccessInfo) {
 			defer acWg.Done()
-
-			a.processPreAccessAction(info)
+			if info != nil {
+				a.processPreAccessAction(info)
+			}
 		}(action)
 	}
 	acWg.Wait()
diff --git a/docs/zh-cn/deploy.zh-cn.md b/docs/zh-cn/deploy.zh-cn.md
@@ -151,12 +151,13 @@ permalink: /zh-cn/deploy/
 
 ### 2.6 测试NHP网络隐身效果
 
-验证NHP网络隐身效果，可以通过nhp-agent主机 *（IP：192.168.56.1）*进行`ping` nhp-ac主机 *（IP：192.168.56.102）*来测试。
+验证NHP网络隐身效果，可以通过nhp-agent主机 *（IP：192.168.56.1）*进行`nmap扫描（以80端口为例）` nhp-ac主机 *（IP：192.168.56.102）*来测试。此外，可以在另外一台虚拟机（模拟黑客扫描攻击），扫描nhp-ac 主机查看效果。
 
 | 测试用例 | 测试命令 | 测试目的  | 预期结果  |
 |:--:|:--:|:--:|:--:|
-| nhp-agent未运行 |`ping 192.168.56.102` | 测试AC对Agent隐身 | ping 失败  |
-| nhp-agent已运行 |`ping 192.168.56.102` | 测试AC对Agent开放 | ping 成功  |
+| nhp-agent未运行 |`nmap -sS -p 80 192.168.56.102` | 测试AC对Agent隐身 | 80/tcp filtered  |
+| nhp-agent已运行 |`nmap -sS -p 80 192.168.56.102` | 测试AC对Agent开放 | 80/tcp open  |
+| nhp-agent已运行 |`nmap -sS -p 80 192.168.56.102` | 测试AC对黑客隐身 | 80/tcp filtered  |
 
 ## 3. 日志说明
 
diff --git a/go.mod b/go.mod
@@ -11,7 +11,7 @@ require (
 	github.com/pelletier/go-toml/v2 v2.1.1
 	github.com/spf13/viper v1.18.2
 	github.com/urfave/cli/v2 v2.27.0
-	golang.org/x/crypto v0.17.0
+	golang.org/x/crypto v0.31.0
 	gorm.io/driver/mysql v1.5.2
 	gorm.io/gorm v1.25.5
 )

Original file line number	Diff line number	Diff line change
`@@ -11,7 +11,7 @@ require (`
`11`	`11`	`github.com/pelletier/go-toml/v2 v2.1.1`
`12`	`12`	`github.com/spf13/viper v1.18.2`
`13`	`13`	`github.com/urfave/cli/v2 v2.27.0`
`14`		`- golang.org/x/crypto v0.17.0`
	`14`	`+ golang.org/x/crypto v0.31.0`
`15`	`15`	`gorm.io/driver/mysql v1.5.2`
`16`	`16`	`gorm.io/gorm v1.25.5`
`17`	`17`	`)`