Merge pull request #152 from fatedier/maodanp/subdomain

Maodanp/subdomain
This commit is contained in:
fatedier 2016-11-09 00:14:33 +08:00 committed by GitHub
commit 47db75e921
9 changed files with 52 additions and 4 deletions

View File

@ -40,6 +40,8 @@ pool_count = 20
# if not set, you can access this custom_domains without certification # if not set, you can access this custom_domains without certification
http_username = admin http_username = admin
http_password = admin http_password = admin
# if domain for frps is frps.com, then you can access [web01] proxy by URL http://test.frps.com
subdomain = test
[web02] [web02]
type = http type = http
@ -64,3 +66,4 @@ local_port = 80
use_gzip = true use_gzip = true
custom_domains = web03.yourdomain.com custom_domains = web03.yourdomain.com
host_header_rewrite = example.com host_header_rewrite = example.com
subdomain = dev

View File

@ -26,6 +26,11 @@ privilege_token = 12345678
privilege_allow_ports = 2000-3000,3001,3003,4000-50000 privilege_allow_ports = 2000-3000,3001,3003,4000-50000
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value # pool_count in each proxy will change to max_pool_count if they exceed the maximum value
max_pool_count = 100 max_pool_count = 100
# authentication_timeout means the timeout interval (minute units) when the frpc connects frps
# if authentication_timeout set zero, the time is not verified
authentication_timeout = 15
# domain for frps
domain = frps.com
# ssh is the proxy name, client will use this name and auth_token to connect to server # ssh is the proxy name, client will use this name and auth_token to connect to server
[ssh] [ssh]

View File

@ -152,6 +152,7 @@ func loginToServer(cli *client.ProxyClient) (c *conn.Conn, err error) {
HostHeaderRewrite: cli.HostHeaderRewrite, HostHeaderRewrite: cli.HostHeaderRewrite,
HttpUserName: cli.HttpUserName, HttpUserName: cli.HttpUserName,
HttpPassWord: cli.HttpPassWord, HttpPassWord: cli.HttpPassWord,
SubDomain: cli.SubDomain,
Timestamp: nowTime, Timestamp: nowTime,
} }
if cli.PrivilegeMode { if cli.PrivilegeMode {

View File

@ -18,6 +18,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"io" "io"
"strings"
"time" "time"
"github.com/fatedier/frp/src/models/consts" "github.com/fatedier/frp/src/models/consts"
@ -221,8 +222,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
nowTime := time.Now().Unix() nowTime := time.Now().Unix()
if req.PrivilegeMode { if req.PrivilegeMode {
privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp)) privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp))
// privilegeKey avaiable in 15 minutes // privilegeKey unavaiable after server.AuthTimeout minutes
if nowTime-req.Timestamp > 15*60 { if server.AuthTimeout != 0 && nowTime-req.Timestamp > server.AuthTimeout {
info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName) info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName)
log.Warn(info) log.Warn(info)
return return
@ -234,8 +235,7 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
} }
} else { } else {
authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp)) authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp))
// authKey avaiable in 15 minutes if server.AuthTimeout != 0 && nowTime-req.Timestamp > server.AuthTimeout {
if nowTime-req.Timestamp > 15*60 {
info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName) info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName)
log.Warn(info) log.Warn(info)
return return
@ -289,6 +289,15 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
s.HostHeaderRewrite = req.HostHeaderRewrite s.HostHeaderRewrite = req.HostHeaderRewrite
s.HttpUserName = req.HttpUserName s.HttpUserName = req.HttpUserName
s.HttpPassWord = req.HttpPassWord s.HttpPassWord = req.HttpPassWord
// package URL
if req.SubDomain != "" {
if strings.Contains(req.SubDomain, ".") || strings.Contains(req.SubDomain, "*") {
info = fmt.Sprintf("ProxyName [%s], type [%s] not support when subdomain is not set", req.ProxyName, req.Type)
log.Warn(info)
return
}
s.SubDomain = req.SubDomain + "." + server.Domain
}
if req.PoolCount > server.MaxPoolCount { if req.PoolCount > server.MaxPoolCount {
s.PoolCount = server.MaxPoolCount s.PoolCount = server.MaxPoolCount
} else if req.PoolCount < 0 { } else if req.PoolCount < 0 {

View File

@ -166,6 +166,11 @@ func LoadConf(confFile string) (err error) {
if ok { if ok {
proxyClient.HttpPassWord = tmpStr proxyClient.HttpPassWord = tmpStr
} }
// subdomain
tmpStr, ok = section["subdomain"]
if ok {
proxyClient.SubDomain = tmpStr
}
} }
// privilege_mode // privilege_mode
@ -219,6 +224,9 @@ func LoadConf(confFile string) (err error) {
} else { } else {
return fmt.Errorf("Parse conf error: proxy [%s] custom_domains must be set when type equals http", proxyClient.Name) return fmt.Errorf("Parse conf error: proxy [%s] custom_domains must be set when type equals http", proxyClient.Name)
} }
// subdomain
proxyClient.SubDomain, ok = section["subdomain"]
} else if proxyClient.Type == "https" { } else if proxyClient.Type == "https" {
// custom_domains // custom_domains
domainStr, ok := section["custom_domains"] domainStr, ok := section["custom_domains"]

View File

@ -26,4 +26,5 @@ type BaseConf struct {
HostHeaderRewrite string HostHeaderRewrite string
HttpUserName string HttpUserName string
HttpPassWord string HttpPassWord string
SubDomain string
} }

View File

@ -37,6 +37,7 @@ type ControlReq struct {
HostHeaderRewrite string `json:"host_header_rewrite"` HostHeaderRewrite string `json:"host_header_rewrite"`
HttpUserName string `json:"http_username"` HttpUserName string `json:"http_username"`
HttpPassWord string `json:"http_password"` HttpPassWord string `json:"http_password"`
SubDomain string `json:"subdomain"`
Timestamp int64 `json:"timestamp"` Timestamp int64 `json:"timestamp"`
} }

View File

@ -45,6 +45,8 @@ var (
LogMaxDays int64 = 3 LogMaxDays int64 = 3
PrivilegeMode bool = false PrivilegeMode bool = false
PrivilegeToken string = "" PrivilegeToken string = ""
AuthTimeout int64 = 15
Domain string = ""
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected // if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
PrivilegeAllowPorts map[int64]struct{} PrivilegeAllowPorts map[int64]struct{}
@ -222,6 +224,16 @@ func loadCommonConf(confFile string) error {
MaxPoolCount = v MaxPoolCount = v
} }
} }
tmpStr, ok = conf.Get("common", "authentication_timeout")
if ok {
v, err := strconv.ParseInt(tmpStr, 10, 64)
if err != nil {
return fmt.Errorf("Parse conf error: authentication_timeout is incorrect")
} else {
AuthTimeout = v
}
}
Domain, ok = conf.Get("common", "domain")
return nil return nil
} }

View File

@ -130,6 +130,14 @@ func (p *ProxyServer) Start(c *conn.Conn) (err error) {
} }
p.listeners = append(p.listeners, l) p.listeners = append(p.listeners, l)
} }
if p.SubDomain != "" {
l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
if err != nil {
return err
}
p.listeners = append(p.listeners, l)
}
} else if p.Type == "https" { } else if p.Type == "https" {
for _, domain := range p.CustomDomains { for _, domain := range p.CustomDomains {
l, err := VhostHttpsMuxer.Listen(domain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord) l, err := VhostHttpsMuxer.Listen(domain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)