2023-03-30 20:28:15 +08:00
|
|
|
// Copyright 2023 The frp Authors
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
2019-01-15 00:11:08 +08:00
|
|
|
package nathole
|
2017-10-24 18:20:07 +08:00
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"fmt"
|
|
|
|
"net"
|
|
|
|
"sync"
|
|
|
|
"time"
|
|
|
|
|
2023-03-30 20:28:15 +08:00
|
|
|
"github.com/fatedier/golib/crypto"
|
2022-08-29 01:02:53 +08:00
|
|
|
"github.com/fatedier/golib/errors"
|
|
|
|
"github.com/fatedier/golib/pool"
|
|
|
|
|
2020-09-23 13:49:14 +08:00
|
|
|
"github.com/fatedier/frp/pkg/msg"
|
|
|
|
"github.com/fatedier/frp/pkg/util/log"
|
|
|
|
"github.com/fatedier/frp/pkg/util/util"
|
2017-10-24 18:20:07 +08:00
|
|
|
)
|
|
|
|
|
2022-08-29 01:02:53 +08:00
|
|
|
// NatHoleTimeout seconds.
|
2017-10-24 18:20:07 +08:00
|
|
|
var NatHoleTimeout int64 = 10
|
|
|
|
|
2023-03-30 20:28:15 +08:00
|
|
|
func NewTransactionID() string {
|
|
|
|
id, _ := util.RandID()
|
|
|
|
return fmt.Sprintf("%d%s", time.Now().Unix(), id)
|
|
|
|
}
|
|
|
|
|
2019-03-11 15:53:58 +08:00
|
|
|
type SidRequest struct {
|
|
|
|
Sid string
|
|
|
|
NotifyCh chan struct{}
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
type Controller struct {
|
2017-10-24 18:20:07 +08:00
|
|
|
listener *net.UDPConn
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
clientCfgs map[string]*ClientCfg
|
|
|
|
sessions map[string]*Session
|
2017-10-24 18:20:07 +08:00
|
|
|
|
2023-03-30 20:28:15 +08:00
|
|
|
encryptionKey []byte
|
|
|
|
mu sync.RWMutex
|
2017-10-24 18:20:07 +08:00
|
|
|
}
|
|
|
|
|
2023-03-30 20:28:15 +08:00
|
|
|
func NewController(udpBindAddr string, encryptionKey []byte) (nc *Controller, err error) {
|
2017-10-24 18:20:07 +08:00
|
|
|
addr, err := net.ResolveUDPAddr("udp", udpBindAddr)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
lconn, err := net.ListenUDP("udp", addr)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2020-05-24 17:48:37 +08:00
|
|
|
nc = &Controller{
|
2023-03-30 20:28:15 +08:00
|
|
|
listener: lconn,
|
|
|
|
clientCfgs: make(map[string]*ClientCfg),
|
|
|
|
sessions: make(map[string]*Session),
|
|
|
|
encryptionKey: encryptionKey,
|
2017-10-24 18:20:07 +08:00
|
|
|
}
|
|
|
|
return nc, nil
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
func (nc *Controller) ListenClient(name string, sk string) (sidCh chan *SidRequest) {
|
|
|
|
clientCfg := &ClientCfg{
|
2017-10-24 18:20:07 +08:00
|
|
|
Name: name,
|
|
|
|
Sk: sk,
|
2019-03-11 15:53:58 +08:00
|
|
|
SidCh: make(chan *SidRequest),
|
2017-10-24 18:20:07 +08:00
|
|
|
}
|
|
|
|
nc.mu.Lock()
|
|
|
|
nc.clientCfgs[name] = clientCfg
|
|
|
|
nc.mu.Unlock()
|
|
|
|
return clientCfg.SidCh
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
func (nc *Controller) CloseClient(name string) {
|
2017-10-24 18:20:07 +08:00
|
|
|
nc.mu.Lock()
|
|
|
|
defer nc.mu.Unlock()
|
|
|
|
delete(nc.clientCfgs, name)
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
func (nc *Controller) Run() {
|
2017-10-24 18:20:07 +08:00
|
|
|
for {
|
|
|
|
buf := pool.GetBuf(1024)
|
|
|
|
n, raddr, err := nc.listener.ReadFromUDP(buf)
|
|
|
|
if err != nil {
|
2023-03-30 20:28:15 +08:00
|
|
|
log.Warn("nat hole listener read from udp error: %v", err)
|
2017-10-24 18:20:07 +08:00
|
|
|
return
|
|
|
|
}
|
2023-03-30 20:28:15 +08:00
|
|
|
plain, err := crypto.Decode(buf[:n], nc.encryptionKey)
|
|
|
|
if err != nil {
|
|
|
|
log.Warn("nathole listener decode from %s error: %v", raddr.String(), err)
|
|
|
|
continue
|
|
|
|
}
|
2017-10-24 18:20:07 +08:00
|
|
|
|
2023-03-30 20:28:15 +08:00
|
|
|
rawMsg, err := msg.ReadMsg(bytes.NewReader(plain))
|
2017-10-24 18:20:07 +08:00
|
|
|
if err != nil {
|
2023-03-30 20:28:15 +08:00
|
|
|
log.Warn("read nat hole message error: %v", err)
|
2017-10-24 18:20:07 +08:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
switch m := rawMsg.(type) {
|
2023-03-30 20:28:15 +08:00
|
|
|
case *msg.NatHoleBinding:
|
|
|
|
go nc.HandleBinding(m, raddr)
|
2017-12-05 01:34:33 +08:00
|
|
|
case *msg.NatHoleVisitor:
|
|
|
|
go nc.HandleVisitor(m, raddr)
|
2017-10-24 18:20:07 +08:00
|
|
|
case *msg.NatHoleClient:
|
|
|
|
go nc.HandleClient(m, raddr)
|
|
|
|
default:
|
2023-03-30 20:28:15 +08:00
|
|
|
log.Trace("unknown nat hole message type")
|
2017-10-24 18:20:07 +08:00
|
|
|
continue
|
|
|
|
}
|
|
|
|
pool.PutBuf(buf)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
func (nc *Controller) GenSid() string {
|
2017-10-24 18:20:07 +08:00
|
|
|
t := time.Now().Unix()
|
2020-05-24 17:48:37 +08:00
|
|
|
id, _ := util.RandID()
|
2017-10-24 18:20:07 +08:00
|
|
|
return fmt.Sprintf("%d%s", t, id)
|
|
|
|
}
|
|
|
|
|
2023-03-30 20:28:15 +08:00
|
|
|
func (nc *Controller) HandleBinding(m *msg.NatHoleBinding, raddr *net.UDPAddr) {
|
|
|
|
log.Trace("handle binding message from %s", raddr.String())
|
|
|
|
resp := &msg.NatHoleBindingResp{
|
|
|
|
TransactionID: m.TransactionID,
|
|
|
|
Address: raddr.String(),
|
|
|
|
}
|
|
|
|
plain, err := msg.Pack(resp)
|
|
|
|
if err != nil {
|
|
|
|
log.Error("pack nat hole binding response error: %v", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
buf, err := crypto.Encode(plain, nc.encryptionKey)
|
|
|
|
if err != nil {
|
|
|
|
log.Error("encode nat hole binding response error: %v", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
_, err = nc.listener.WriteToUDP(buf, raddr)
|
|
|
|
if err != nil {
|
|
|
|
log.Error("write nat hole binding response to %s error: %v", raddr.String(), err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
func (nc *Controller) HandleVisitor(m *msg.NatHoleVisitor, raddr *net.UDPAddr) {
|
2017-10-24 18:20:07 +08:00
|
|
|
sid := nc.GenSid()
|
2020-05-24 17:48:37 +08:00
|
|
|
session := &Session{
|
2017-12-05 01:34:33 +08:00
|
|
|
Sid: sid,
|
|
|
|
VisitorAddr: raddr,
|
2022-08-29 01:02:53 +08:00
|
|
|
NotifyCh: make(chan struct{}),
|
2017-10-24 18:20:07 +08:00
|
|
|
}
|
|
|
|
nc.mu.Lock()
|
|
|
|
clientCfg, ok := nc.clientCfgs[m.ProxyName]
|
2018-05-16 23:45:44 +08:00
|
|
|
if !ok {
|
2017-10-24 18:20:07 +08:00
|
|
|
nc.mu.Unlock()
|
2018-05-17 00:07:56 +08:00
|
|
|
errInfo := fmt.Sprintf("xtcp server for [%s] doesn't exist", m.ProxyName)
|
|
|
|
log.Debug(errInfo)
|
2022-08-29 01:02:53 +08:00
|
|
|
_, _ = nc.listener.WriteToUDP(nc.GenNatHoleResponse(nil, errInfo), raddr)
|
2017-10-24 18:20:07 +08:00
|
|
|
return
|
|
|
|
}
|
2018-05-16 23:45:44 +08:00
|
|
|
if m.SignKey != util.GetAuthKey(clientCfg.Sk, m.Timestamp) {
|
|
|
|
nc.mu.Unlock()
|
2018-05-17 00:07:56 +08:00
|
|
|
errInfo := fmt.Sprintf("xtcp connection of [%s] auth failed", m.ProxyName)
|
|
|
|
log.Debug(errInfo)
|
2022-08-29 01:02:53 +08:00
|
|
|
_, _ = nc.listener.WriteToUDP(nc.GenNatHoleResponse(nil, errInfo), raddr)
|
2018-05-16 23:45:44 +08:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2017-10-24 18:20:07 +08:00
|
|
|
nc.sessions[sid] = session
|
|
|
|
nc.mu.Unlock()
|
2017-12-05 01:34:33 +08:00
|
|
|
log.Trace("handle visitor message, sid [%s]", sid)
|
2017-10-24 18:20:07 +08:00
|
|
|
|
|
|
|
defer func() {
|
|
|
|
nc.mu.Lock()
|
|
|
|
delete(nc.sessions, sid)
|
|
|
|
nc.mu.Unlock()
|
|
|
|
}()
|
|
|
|
|
|
|
|
err := errors.PanicToError(func() {
|
2019-03-11 15:53:58 +08:00
|
|
|
clientCfg.SidCh <- &SidRequest{
|
|
|
|
Sid: sid,
|
|
|
|
NotifyCh: session.NotifyCh,
|
|
|
|
}
|
2017-10-24 18:20:07 +08:00
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Wait client connections.
|
|
|
|
select {
|
|
|
|
case <-session.NotifyCh:
|
2018-05-17 00:07:56 +08:00
|
|
|
resp := nc.GenNatHoleResponse(session, "")
|
2017-12-05 01:34:33 +08:00
|
|
|
log.Trace("send nat hole response to visitor")
|
2022-08-29 01:02:53 +08:00
|
|
|
_, _ = nc.listener.WriteToUDP(resp, raddr)
|
2017-10-24 18:20:07 +08:00
|
|
|
case <-time.After(time.Duration(NatHoleTimeout) * time.Second):
|
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
func (nc *Controller) HandleClient(m *msg.NatHoleClient, raddr *net.UDPAddr) {
|
2017-10-24 18:20:07 +08:00
|
|
|
nc.mu.RLock()
|
|
|
|
session, ok := nc.sessions[m.Sid]
|
|
|
|
nc.mu.RUnlock()
|
|
|
|
if !ok {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
log.Trace("handle client message, sid [%s]", session.Sid)
|
|
|
|
session.ClientAddr = raddr
|
|
|
|
|
2018-05-17 00:07:56 +08:00
|
|
|
resp := nc.GenNatHoleResponse(session, "")
|
2017-10-24 18:20:07 +08:00
|
|
|
log.Trace("send nat hole response to client")
|
2022-08-29 01:02:53 +08:00
|
|
|
_, _ = nc.listener.WriteToUDP(resp, raddr)
|
2017-10-24 18:20:07 +08:00
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
func (nc *Controller) GenNatHoleResponse(session *Session, errInfo string) []byte {
|
2018-05-17 00:07:56 +08:00
|
|
|
var (
|
|
|
|
sid string
|
|
|
|
visitorAddr string
|
|
|
|
clientAddr string
|
|
|
|
)
|
|
|
|
if session != nil {
|
|
|
|
sid = session.Sid
|
|
|
|
visitorAddr = session.VisitorAddr.String()
|
|
|
|
clientAddr = session.ClientAddr.String()
|
|
|
|
}
|
2017-10-24 18:20:07 +08:00
|
|
|
m := &msg.NatHoleResp{
|
2018-05-17 00:07:56 +08:00
|
|
|
Sid: sid,
|
|
|
|
VisitorAddr: visitorAddr,
|
|
|
|
ClientAddr: clientAddr,
|
|
|
|
Error: errInfo,
|
2017-10-24 18:20:07 +08:00
|
|
|
}
|
|
|
|
b := bytes.NewBuffer(nil)
|
|
|
|
err := msg.WriteMsg(b, m)
|
|
|
|
if err != nil {
|
|
|
|
return []byte("")
|
|
|
|
}
|
|
|
|
return b.Bytes()
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
type Session struct {
|
2017-12-05 01:34:33 +08:00
|
|
|
Sid string
|
|
|
|
VisitorAddr *net.UDPAddr
|
|
|
|
ClientAddr *net.UDPAddr
|
2017-10-24 18:20:07 +08:00
|
|
|
|
|
|
|
NotifyCh chan struct{}
|
|
|
|
}
|
|
|
|
|
2020-05-24 17:48:37 +08:00
|
|
|
type ClientCfg struct {
|
2017-10-24 18:20:07 +08:00
|
|
|
Name string
|
|
|
|
Sk string
|
2019-03-11 15:53:58 +08:00
|
|
|
SidCh chan *SidRequest
|
2017-10-24 18:20:07 +08:00
|
|
|
}
|