Merge branch 'main' of github.com:OpenNHP/opennhp

OpenNHP · Dec 19, 2024 · 51d8117 · 51d8117
2 parents 148ab09 + b01222d
commit 51d8117
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -11,7 +11,7 @@
 **NHP (Network-resource Hiding Protocol)** is a lightweight, cryptography-based Zero Trust protocol designed to safeguard servers and data from attackers by leveraging resource-hiding and encryption. It includes two core sub-protocols:
 
 - **Network-infrastructure Hiding Protocol (nHP):** Protects servers and applications by concealing domains, IP addresses, and ports.  
-- **Data-object Hiding Protocol (dHP):** Ensures data security and privacy (e.g., files, databases, APIs) through cryptographic key negotiation and encryption.
+- **Data-object Hiding Protocol (dHP):** Ensures data security and privacy by making data "usable but not visible" through cryptographic key negotiation and encryption.
 
 **OpenNHP** is the open source implementation of NHP.
 

diff --git a/ac/httpac.go b/ac/httpac.go
@@ -139,7 +139,7 @@ func (ha *HttpAC) initRouter() {
 	refreshGrp.GET("/:token", func(ctx *gin.Context) {
 		var err error
 		token := ctx.Param("token")
-		log.Info("get refresh request. aspId: %s, query: %v", token, ctx.Request.URL.RawQuery)
+		log.Info("get refresh request. token: %s, query: %v", token, ctx.Request.URL.RawQuery)
 
 		if len(token) == 0 {
 			err = common.ErrUrlPathInvalid

diff --git a/agent/knock.go b/agent/knock.go
@@ -256,8 +256,9 @@ func (a *UdpAgent) preAccessRequest(ackMsg *common.ServerKnockAckMsg) (err error
 		acWg.Add(1)
 		go func(info *common.PreAccessInfo) {
 			defer acWg.Done()
-
-			a.processPreAccessAction(info)
+			if info != nil {
+				a.processPreAccessAction(info)
+			}
 		}(action)
 	}
 	acWg.Wait()

diff --git a/docs/zh-cn/deploy.zh-cn.md b/docs/zh-cn/deploy.zh-cn.md
@@ -151,12 +151,13 @@ permalink: /zh-cn/deploy/
 
 ### 2.6 测试NHP网络隐身效果
 
-验证NHP网络隐身效果，可以通过nhp-agent主机 *（IP：192.168.56.1）*进行`ping` nhp-ac主机 *（IP：192.168.56.102）*来测试。
+验证NHP网络隐身效果，可以通过nhp-agent主机 *（IP：192.168.56.1）*进行`nmap扫描（以80端口为例）` nhp-ac主机 *（IP：192.168.56.102）*来测试。此外，可以在另外一台虚拟机（模拟黑客扫描攻击），扫描nhp-ac 主机查看效果。
 
 | 测试用例 | 测试命令 | 测试目的  | 预期结果  |
 |:--:|:--:|:--:|:--:|
-| nhp-agent未运行 |`ping 192.168.56.102` | 测试AC对Agent隐身 | ping 失败  |
-| nhp-agent已运行 |`ping 192.168.56.102` | 测试AC对Agent开放 | ping 成功  |
+| nhp-agent未运行 |`nmap -sS -p 80 192.168.56.102` | 测试AC对Agent隐身 | 80/tcp filtered  |
+| nhp-agent已运行 |`nmap -sS -p 80 192.168.56.102` | 测试AC对Agent开放 | 80/tcp open  |
+| nhp-agent已运行 |`nmap -sS -p 80 192.168.56.102` | 测试AC对黑客隐身 | 80/tcp filtered  |
 
 ## 3. 日志说明
 

diff --git a/go.mod b/go.mod
@@ -11,7 +11,7 @@ require (
 	github.com/pelletier/go-toml/v2 v2.1.1
 	github.com/spf13/viper v1.18.2
 	github.com/urfave/cli/v2 v2.27.0
-	golang.org/x/crypto v0.17.0
+	golang.org/x/crypto v0.31.0
 	gorm.io/driver/mysql v1.5.2
 	gorm.io/gorm v1.25.5
 )