diff --git a/client/control.go b/client/control.go index c44a641..0361812 100644 --- a/client/control.go +++ b/client/control.go @@ -295,7 +295,7 @@ func (ctl *Control) msgHandler() { }() defer ctl.msgHandlerShutdown.Done() - hbSend := time.NewTicker(time.Duration(ctl.clientCfg.HeartBeatInterval) * time.Second) + hbSend := time.NewTicker(time.Duration(ctl.clientCfg.HeartbeatInterval) * time.Second) defer hbSend.Stop() hbCheck := time.NewTicker(time.Second) defer hbCheck.Stop() @@ -314,7 +314,7 @@ func (ctl *Control) msgHandler() { } ctl.sendCh <- pingMsg case <-hbCheck.C: - if time.Since(ctl.lastPong) > time.Duration(ctl.clientCfg.HeartBeatTimeout)*time.Second { + if time.Since(ctl.lastPong) > time.Duration(ctl.clientCfg.HeartbeatTimeout)*time.Second { xl.Warn("heartbeat timeout") // let reader() stop ctl.conn.Close() diff --git a/conf/frpc_full.ini b/conf/frpc_full.ini index 8622ae7..1b5c700 100644 --- a/conf/frpc_full.ini +++ b/conf/frpc_full.ini @@ -23,15 +23,30 @@ log_max_days = 3 disable_log_color = false # for authentication, should be same as your frps.ini -# AuthenticateHeartBeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. +# authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. authenticate_heartbeats = false -# AuthenticateNewWorkConns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. +# authenticate_new_work_conns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. authenticate_new_work_conns = false # auth token token = 12345678 +# oidc_client_id specifies the client ID to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". +# By default, this value is "". +oidc_client_id = + +# oidc_client_secret specifies the client secret to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". +# By default, this value is "". +oidc_client_secret = + +# oidc_audience specifies the audience of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". +oidc_audience = + +# oidc_token_endpoint_url specifies the URL which implements OIDC Token Endpoint. +# It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "". +oidc_token_endpoint_url = + # set admin address for control frpc's action by http api such as reload admin_addr = 127.0.0.1 admin_port = 7400 diff --git a/conf/frps_full.ini b/conf/frps_full.ini index 969bbe2..2f00f5c 100644 --- a/conf/frps_full.ini +++ b/conf/frps_full.ini @@ -23,7 +23,7 @@ vhost_https_port = 443 # response header timeout(seconds) for vhost http server, default is 60s # vhost_http_timeout = 60 -# TcpMuxHttpConnectPort specifies the port that the server listens for TCP +# tcpmux_httpconnect_port specifies the port that the server listens for TCP # HTTP CONNECT requests. If the value is 0, the server will not multiplex TCP # requests on one single port. If it's not - it will listen on this value for # HTTP CONNECT requests. By default, this value is 0. @@ -44,6 +44,7 @@ enable_prometheus = true # dashboard assets directory(only for debug mode) # assets_dir = ./static + # console or real logFile path like ./frps.log log_file = ./frps.log @@ -58,12 +59,12 @@ disable_log_color = false # DetailedErrorsToClient defines whether to send the specific error (with debug info) to frpc. By default, this value is true. detailed_errors_to_client = true -# AuthenticationMethod specifies what authentication method to use authenticate frpc with frps. +# authentication_method specifies what authentication method to use authenticate frpc with frps. # If "token" is specified - token will be read into login message. # If "oidc" is specified - OIDC (Open ID Connect) token will be issued using OIDC settings. By default, this value is "token". authentication_method = token -# AuthenticateHeartBeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. +# authenticate_heartbeats specifies whether to include authentication token in heartbeats sent to frps. By default, this value is false. authenticate_heartbeats = false # AuthenticateNewWorkConns specifies whether to include authentication token in new work connections sent to frps. By default, this value is false. @@ -72,25 +73,31 @@ authenticate_new_work_conns = false # auth token token = 12345678 -# OidcClientId specifies the client ID to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". +# oidc_issuer specifies the issuer to verify OIDC tokens with. # By default, this value is "". -oidc_client_id = +oidc_issuer = -# OidcClientSecret specifies the client secret to use to get a token in OIDC authentication if AuthenticationMethod == "oidc". +# oidc_audience specifies the audience OIDC tokens should contain when validated. # By default, this value is "". -oidc_client_secret = +oidc_audience = -# OidcAudience specifies the audience of the token in OIDC authentication if AuthenticationMethod == "oidc". By default, this value is "". -oidc_audience = +# oidc_skip_expiry_check specifies whether to skip checking if the OIDC token is expired. +# By default, this value is false. +oidc_skip_expiry_check = false -# OidcTokenEndpointUrl specifies the URL which implements OIDC Token Endpoint. -# It will be used to get an OIDC token if AuthenticationMethod == "oidc". By default, this value is "". -oidc_token_endpoint_url = + +# oidc_skip_issuer_check specifies whether to skip checking if the OIDC token's issuer claim matches the issuer specified in OidcIssuer. +# By default, this value is false. +oidc_skip_issuer_check = false # heartbeat configure, it's not recommended to modify the default value # the default value of heartbeat_timeout is 90 # heartbeat_timeout = 90 +# user_conn_timeout configure, it's not recommended to modify the default value +# the default value of user_conn_timeout is 10 +# user_conn_timeout = 10 + # only allow frpc to bind ports you list, if you set nothing, there won't be any limit allow_ports = 2000-3000,3001,3003,4000-50000 @@ -100,7 +107,7 @@ max_pool_count = 5 # max ports can be used for each client, default value is 0 means no limit max_ports_per_client = 0 -# TlsOnly specifies whether to only accept TLS-encrypted connections. By default, the value is false. +# tls_only specifies whether to only accept TLS-encrypted connections. By default, the value is false. tls_only = false # tls_cert_file = server.crt diff --git a/pkg/config/client_common.go b/pkg/config/client_common.go index 1af9074..97f200a 100644 --- a/pkg/config/client_common.go +++ b/pkg/config/client_common.go @@ -121,11 +121,11 @@ type ClientCommonConf struct { // HeartBeatInterval specifies at what interval heartbeats are sent to the // server, in seconds. It is not recommended to change this value. By // default, this value is 30. - HeartBeatInterval int64 `json:"heartbeat_interval"` + HeartbeatInterval int64 `json:"heartbeat_interval"` // HeartBeatTimeout specifies the maximum allowed heartbeat response delay // before the connection is terminated, in seconds. It is not recommended // to change this value. By default, this value is 90. - HeartBeatTimeout int64 `json:"heartbeat_timeout"` + HeartbeatTimeout int64 `json:"heartbeat_timeout"` // Client meta info Metas map[string]string `json:"metas"` // UDPPacketSize specifies the udp packet size @@ -160,8 +160,8 @@ func GetDefaultClientConf() ClientCommonConf { TLSCertFile: "", TLSKeyFile: "", TLSTrustedCaFile: "", - HeartBeatInterval: 30, - HeartBeatTimeout: 90, + HeartbeatInterval: 30, + HeartbeatTimeout: 90, Metas: make(map[string]string), UDPPacketSize: 1500, } @@ -312,7 +312,7 @@ func UnmarshalClientConfFromIni(content string) (cfg ClientCommonConf, err error err = fmt.Errorf("Parse conf error: invalid heartbeat_timeout") return } - cfg.HeartBeatTimeout = v + cfg.HeartbeatTimeout = v } if tmpStr, ok = conf.Get("common", "heartbeat_interval"); ok { @@ -320,7 +320,7 @@ func UnmarshalClientConfFromIni(content string) (cfg ClientCommonConf, err error err = fmt.Errorf("Parse conf error: invalid heartbeat_interval") return } - cfg.HeartBeatInterval = v + cfg.HeartbeatInterval = v } for k, v := range conf.Section("common") { if strings.HasPrefix(k, "meta_") { @@ -338,12 +338,12 @@ func UnmarshalClientConfFromIni(content string) (cfg ClientCommonConf, err error } func (cfg *ClientCommonConf) Check() (err error) { - if cfg.HeartBeatInterval <= 0 { + if cfg.HeartbeatInterval <= 0 { err = fmt.Errorf("Parse conf error: invalid heartbeat_interval") return } - if cfg.HeartBeatTimeout < cfg.HeartBeatInterval { + if cfg.HeartbeatTimeout < cfg.HeartbeatInterval { err = fmt.Errorf("Parse conf error: invalid heartbeat_timeout, heartbeat_timeout is less than heartbeat_interval") return } diff --git a/pkg/config/server_common.go b/pkg/config/server_common.go index 594ad31..6eb25c2 100644 --- a/pkg/config/server_common.go +++ b/pkg/config/server_common.go @@ -83,7 +83,7 @@ type ServerCommonConf struct { // AssetsDir specifies the local directory that the dashboard will load // resources from. If this value is "", assets will be loaded from the // bundled executable using statik. By default, this value is "". - AssetsDir string `json:"asserts_dir"` + AssetsDir string `json:"assets_dir"` // LogFile specifies a file where logs will be written to. This value will // only be used if LogWay is set appropriately. By default, this value is // "console". @@ -154,7 +154,7 @@ type ServerCommonConf struct { // HeartBeatTimeout specifies the maximum time to wait for a heartbeat // before terminating the connection. It is not recommended to change this // value. By default, this value is 90. - HeartBeatTimeout int64 `json:"heart_beat_timeout"` + HeartbeatTimeout int64 `json:"heartbeat_timeout"` // UserConnTimeout specifies the maximum time to wait for a work // connection. By default, this value is 10. UserConnTimeout int64 `json:"user_conn_timeout"` @@ -199,7 +199,7 @@ func GetDefaultServerConf() ServerCommonConf { TLSCertFile: "", TLSKeyFile: "", TLSTrustedCaFile: "", - HeartBeatTimeout: 90, + HeartbeatTimeout: 90, UserConnTimeout: 10, Custom404Page: "", HTTPPlugins: make(map[string]plugin.HTTPPluginOptions), @@ -421,7 +421,7 @@ func UnmarshalServerConfFromIni(content string) (cfg ServerCommonConf, err error err = fmt.Errorf("Parse conf error: heartbeat_timeout is incorrect") return } - cfg.HeartBeatTimeout = v + cfg.HeartbeatTimeout = v } if tmpStr, ok = conf.Get("common", "tls_only"); ok && tmpStr == "true" { diff --git a/server/control.go b/server/control.go index ef470f5..bec64ac 100644 --- a/server/control.go +++ b/server/control.go @@ -408,7 +408,7 @@ func (ctl *Control) manager() { for { select { case <-heartbeat.C: - if time.Since(ctl.lastPing) > time.Duration(ctl.serverCfg.HeartBeatTimeout)*time.Second { + if time.Since(ctl.lastPing) > time.Duration(ctl.serverCfg.HeartbeatTimeout)*time.Second { xl.Warn("heartbeat timeout") return } diff --git a/server/dashboard_api.go b/server/dashboard_api.go index 210b6e3..d3100c8 100644 --- a/server/dashboard_api.go +++ b/server/dashboard_api.go @@ -74,7 +74,7 @@ func (svr *Service) APIServerInfo(w http.ResponseWriter, r *http.Request) { SubdomainHost: svr.cfg.SubDomainHost, MaxPoolCount: svr.cfg.MaxPoolCount, MaxPortsPerClient: svr.cfg.MaxPortsPerClient, - HeartBeatTimeout: svr.cfg.HeartBeatTimeout, + HeartBeatTimeout: svr.cfg.HeartbeatTimeout, TotalTrafficIn: serverStats.TotalTrafficIn, TotalTrafficOut: serverStats.TotalTrafficOut,