mirror of
https://github.com/fatedier/frp.git
synced 2024-12-12 09:41:19 +01:00
add subdomain configuration; add conn auth timeout
This commit is contained in:
parent
4c69a4810e
commit
396e148f80
@ -40,6 +40,8 @@ pool_count = 20
|
||||
# if not set, you can access this custom_domains without certification
|
||||
http_username = admin
|
||||
http_password = admin
|
||||
# if domain for frps is frps.com, then you can access [web01] proxy by URL http://test.frps.com
|
||||
subdomain = test
|
||||
|
||||
[web02]
|
||||
type = http
|
||||
@ -64,3 +66,4 @@ local_port = 80
|
||||
use_gzip = true
|
||||
custom_domains = web03.yourdomain.com
|
||||
host_header_rewrite = example.com
|
||||
subdomain = dev
|
||||
|
@ -26,6 +26,10 @@ privilege_token = 12345678
|
||||
privilege_allow_ports = 2000-3000,3001,3003,4000-50000
|
||||
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value
|
||||
max_pool_count = 100
|
||||
# conn_timeout set the timeout interval (seconds) when the frpc connects frps
|
||||
conn_timeout = 10
|
||||
# domain for frps
|
||||
domain = codermao.com
|
||||
|
||||
# ssh is the proxy name, client will use this name and auth_token to connect to server
|
||||
[ssh]
|
||||
|
@ -152,6 +152,7 @@ func loginToServer(cli *client.ProxyClient) (c *conn.Conn, err error) {
|
||||
HostHeaderRewrite: cli.HostHeaderRewrite,
|
||||
HttpUserName: cli.HttpUserName,
|
||||
HttpPassWord: cli.HttpPassWord,
|
||||
SubDomain: cli.SubDomain,
|
||||
Timestamp: nowTime,
|
||||
}
|
||||
if cli.PrivilegeMode {
|
||||
|
@ -221,8 +221,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
||||
nowTime := time.Now().Unix()
|
||||
if req.PrivilegeMode {
|
||||
privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp))
|
||||
// privilegeKey avaiable in 15 minutes
|
||||
if nowTime-req.Timestamp > 15*60 {
|
||||
// privilegeKey unavaiable after server.CtrlConnTimeout seconds
|
||||
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
|
||||
info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName)
|
||||
log.Warn(info)
|
||||
return
|
||||
@ -234,8 +234,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
||||
}
|
||||
} else {
|
||||
authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp))
|
||||
// authKey avaiable in 15 minutes
|
||||
if nowTime-req.Timestamp > 15*60 {
|
||||
// privilegeKey unavaiable after server.CtrlConnTimeout seconds
|
||||
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
|
||||
info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName)
|
||||
log.Warn(info)
|
||||
return
|
||||
@ -289,6 +289,10 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
||||
s.HostHeaderRewrite = req.HostHeaderRewrite
|
||||
s.HttpUserName = req.HttpUserName
|
||||
s.HttpPassWord = req.HttpPassWord
|
||||
// package URL
|
||||
if req.SubDomain != "" {
|
||||
s.SubDomain = req.SubDomain + "." + server.Domain
|
||||
}
|
||||
if req.PoolCount > server.MaxPoolCount {
|
||||
s.PoolCount = server.MaxPoolCount
|
||||
} else if req.PoolCount < 0 {
|
||||
@ -302,6 +306,7 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
||||
log.Warn(info)
|
||||
return
|
||||
}
|
||||
log.Info("serverProxy: %+v", s)
|
||||
|
||||
// update metric's proxy status
|
||||
metric.SetProxyInfo(s.Name, s.Type, s.BindAddr, s.UseEncryption, s.UseGzip, s.PrivilegeMode, s.CustomDomains, s.ListenPort)
|
||||
|
@ -166,6 +166,11 @@ func LoadConf(confFile string) (err error) {
|
||||
if ok {
|
||||
proxyClient.HttpPassWord = tmpStr
|
||||
}
|
||||
// subdomain
|
||||
tmpStr, ok = section["subdomain"]
|
||||
if ok {
|
||||
proxyClient.SubDomain = tmpStr
|
||||
}
|
||||
}
|
||||
|
||||
// privilege_mode
|
||||
@ -219,6 +224,9 @@ func LoadConf(confFile string) (err error) {
|
||||
} else {
|
||||
return fmt.Errorf("Parse conf error: proxy [%s] custom_domains must be set when type equals http", proxyClient.Name)
|
||||
}
|
||||
|
||||
// subdomain
|
||||
proxyClient.SubDomain, ok = section["subdomain"]
|
||||
} else if proxyClient.Type == "https" {
|
||||
// custom_domains
|
||||
domainStr, ok := section["custom_domains"]
|
||||
|
@ -26,4 +26,5 @@ type BaseConf struct {
|
||||
HostHeaderRewrite string
|
||||
HttpUserName string
|
||||
HttpPassWord string
|
||||
SubDomain string
|
||||
}
|
||||
|
@ -37,6 +37,7 @@ type ControlReq struct {
|
||||
HostHeaderRewrite string `json:"host_header_rewrite"`
|
||||
HttpUserName string `json:"http_username"`
|
||||
HttpPassWord string `json:"http_password"`
|
||||
SubDomain string `json:"subdomain"`
|
||||
Timestamp int64 `json:"timestamp"`
|
||||
}
|
||||
|
||||
|
@ -45,6 +45,8 @@ var (
|
||||
LogMaxDays int64 = 3
|
||||
PrivilegeMode bool = false
|
||||
PrivilegeToken string = ""
|
||||
CtrlConnTimeout int64 = 10
|
||||
Domain string = ""
|
||||
|
||||
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
|
||||
PrivilegeAllowPorts map[int64]struct{}
|
||||
@ -222,6 +224,16 @@ func loadCommonConf(confFile string) error {
|
||||
MaxPoolCount = v
|
||||
}
|
||||
}
|
||||
tmpStr, ok = conf.Get("common", "conn_timeout")
|
||||
if ok {
|
||||
v, err := strconv.ParseInt(tmpStr, 10, 64)
|
||||
if err != nil {
|
||||
return fmt.Errorf("Parse conf error: conn_timeout is incorrect")
|
||||
} else {
|
||||
CtrlConnTimeout = v
|
||||
}
|
||||
}
|
||||
Domain, ok = conf.Get("common", "domain")
|
||||
return nil
|
||||
}
|
||||
|
||||
|
@ -130,6 +130,12 @@ func (p *ProxyServer) Start(c *conn.Conn) (err error) {
|
||||
}
|
||||
p.listeners = append(p.listeners, l)
|
||||
}
|
||||
l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
p.listeners = append(p.listeners, l)
|
||||
|
||||
} else if p.Type == "https" {
|
||||
for _, domain := range p.CustomDomains {
|
||||
l, err := VhostHttpsMuxer.Listen(domain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
|
||||
|
Loading…
Reference in New Issue
Block a user