mirror of
https://github.com/fatedier/frp.git
synced 2024-12-13 10:11:04 +01:00
frps/control rename authTimeout; add judgement for subdomain
This commit is contained in:
parent
7cc5d03f35
commit
c702355669
@ -26,8 +26,9 @@ privilege_token = 12345678
|
|||||||
privilege_allow_ports = 2000-3000,3001,3003,4000-50000
|
privilege_allow_ports = 2000-3000,3001,3003,4000-50000
|
||||||
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value
|
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value
|
||||||
max_pool_count = 100
|
max_pool_count = 100
|
||||||
# conn_timeout set the timeout interval (seconds) when the frpc connects frps
|
# authentication_timeout means the timeout interval (minute units) when the frpc connects frps
|
||||||
conn_timeout = 10
|
# if authentication_timeout set zero, the time is not verified
|
||||||
|
authentication_timeout = 15
|
||||||
# domain for frps
|
# domain for frps
|
||||||
domain = frps.com
|
domain = frps.com
|
||||||
|
|
||||||
|
@ -18,6 +18,7 @@ import (
|
|||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
|
"strings"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/fatedier/frp/src/models/consts"
|
"github.com/fatedier/frp/src/models/consts"
|
||||||
@ -221,8 +222,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
|||||||
nowTime := time.Now().Unix()
|
nowTime := time.Now().Unix()
|
||||||
if req.PrivilegeMode {
|
if req.PrivilegeMode {
|
||||||
privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp))
|
privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp))
|
||||||
// privilegeKey unavaiable after server.CtrlConnTimeout seconds
|
// privilegeKey unavaiable after server.AuthTimeout minutes
|
||||||
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
|
if server.AuthTimeout != 0 && nowTime-req.Timestamp > server.AuthTimeout {
|
||||||
info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName)
|
info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName)
|
||||||
log.Warn(info)
|
log.Warn(info)
|
||||||
return
|
return
|
||||||
@ -234,8 +235,7 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
|||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp))
|
authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp))
|
||||||
// privilegeKey unavaiable after server.CtrlConnTimeout seconds
|
if server.AuthTimeout != 0 && nowTime-req.Timestamp > server.AuthTimeout {
|
||||||
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
|
|
||||||
info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName)
|
info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName)
|
||||||
log.Warn(info)
|
log.Warn(info)
|
||||||
return
|
return
|
||||||
@ -291,6 +291,11 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
|
|||||||
s.HttpPassWord = req.HttpPassWord
|
s.HttpPassWord = req.HttpPassWord
|
||||||
// package URL
|
// package URL
|
||||||
if req.SubDomain != "" {
|
if req.SubDomain != "" {
|
||||||
|
if strings.Contains(req.SubDomain, ".") || strings.Contains(req.SubDomain, "*") {
|
||||||
|
info = fmt.Sprintf("ProxyName [%s], type [%s] not support when subdomain is not set", req.ProxyName, req.Type)
|
||||||
|
log.Warn(info)
|
||||||
|
return
|
||||||
|
}
|
||||||
s.SubDomain = req.SubDomain + "." + server.Domain
|
s.SubDomain = req.SubDomain + "." + server.Domain
|
||||||
}
|
}
|
||||||
if req.PoolCount > server.MaxPoolCount {
|
if req.PoolCount > server.MaxPoolCount {
|
||||||
|
@ -45,7 +45,7 @@ var (
|
|||||||
LogMaxDays int64 = 3
|
LogMaxDays int64 = 3
|
||||||
PrivilegeMode bool = false
|
PrivilegeMode bool = false
|
||||||
PrivilegeToken string = ""
|
PrivilegeToken string = ""
|
||||||
CtrlConnTimeout int64 = 10
|
AuthTimeout int64 = 15
|
||||||
Domain string = ""
|
Domain string = ""
|
||||||
|
|
||||||
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
|
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
|
||||||
@ -224,13 +224,13 @@ func loadCommonConf(confFile string) error {
|
|||||||
MaxPoolCount = v
|
MaxPoolCount = v
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
tmpStr, ok = conf.Get("common", "conn_timeout")
|
tmpStr, ok = conf.Get("common", "authentication_timeout")
|
||||||
if ok {
|
if ok {
|
||||||
v, err := strconv.ParseInt(tmpStr, 10, 64)
|
v, err := strconv.ParseInt(tmpStr, 10, 64)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("Parse conf error: conn_timeout is incorrect")
|
return fmt.Errorf("Parse conf error: authentication_timeout is incorrect")
|
||||||
} else {
|
} else {
|
||||||
CtrlConnTimeout = v
|
AuthTimeout = v
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Domain, ok = conf.Get("common", "domain")
|
Domain, ok = conf.Get("common", "domain")
|
||||||
|
@ -130,11 +130,13 @@ func (p *ProxyServer) Start(c *conn.Conn) (err error) {
|
|||||||
}
|
}
|
||||||
p.listeners = append(p.listeners, l)
|
p.listeners = append(p.listeners, l)
|
||||||
}
|
}
|
||||||
l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
|
if p.SubDomain != "" {
|
||||||
if err != nil {
|
l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
|
||||||
return err
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
p.listeners = append(p.listeners, l)
|
||||||
}
|
}
|
||||||
p.listeners = append(p.listeners, l)
|
|
||||||
|
|
||||||
} else if p.Type == "https" {
|
} else if p.Type == "https" {
|
||||||
for _, domain := range p.CustomDomains {
|
for _, domain := range p.CustomDomains {
|
||||||
|
Loading…
Reference in New Issue
Block a user