add subdomain configuration; add conn auth timeout

This commit is contained in:
Maodanping 2016-11-05 14:15:16 +08:00
parent 4c69a4810e
commit 396e148f80
9 changed files with 45 additions and 4 deletions

View File

@ -40,6 +40,8 @@ pool_count = 20
# if not set, you can access this custom_domains without certification # if not set, you can access this custom_domains without certification
http_username = admin http_username = admin
http_password = admin http_password = admin
# if domain for frps is frps.com, then you can access [web01] proxy by URL http://test.frps.com
subdomain = test
[web02] [web02]
type = http type = http
@ -64,3 +66,4 @@ local_port = 80
use_gzip = true use_gzip = true
custom_domains = web03.yourdomain.com custom_domains = web03.yourdomain.com
host_header_rewrite = example.com host_header_rewrite = example.com
subdomain = dev

View File

@ -26,6 +26,10 @@ privilege_token = 12345678
privilege_allow_ports = 2000-3000,3001,3003,4000-50000 privilege_allow_ports = 2000-3000,3001,3003,4000-50000
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value # pool_count in each proxy will change to max_pool_count if they exceed the maximum value
max_pool_count = 100 max_pool_count = 100
# conn_timeout set the timeout interval (seconds) when the frpc connects frps
conn_timeout = 10
# domain for frps
domain = codermao.com
# ssh is the proxy name, client will use this name and auth_token to connect to server # ssh is the proxy name, client will use this name and auth_token to connect to server
[ssh] [ssh]

View File

@ -152,6 +152,7 @@ func loginToServer(cli *client.ProxyClient) (c *conn.Conn, err error) {
HostHeaderRewrite: cli.HostHeaderRewrite, HostHeaderRewrite: cli.HostHeaderRewrite,
HttpUserName: cli.HttpUserName, HttpUserName: cli.HttpUserName,
HttpPassWord: cli.HttpPassWord, HttpPassWord: cli.HttpPassWord,
SubDomain: cli.SubDomain,
Timestamp: nowTime, Timestamp: nowTime,
} }
if cli.PrivilegeMode { if cli.PrivilegeMode {

View File

@ -221,8 +221,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
nowTime := time.Now().Unix() nowTime := time.Now().Unix()
if req.PrivilegeMode { if req.PrivilegeMode {
privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp)) privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp))
// privilegeKey avaiable in 15 minutes // privilegeKey unavaiable after server.CtrlConnTimeout seconds
if nowTime-req.Timestamp > 15*60 { if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName) info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName)
log.Warn(info) log.Warn(info)
return return
@ -234,8 +234,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
} }
} else { } else {
authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp)) authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp))
// authKey avaiable in 15 minutes // privilegeKey unavaiable after server.CtrlConnTimeout seconds
if nowTime-req.Timestamp > 15*60 { if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName) info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName)
log.Warn(info) log.Warn(info)
return return
@ -289,6 +289,10 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
s.HostHeaderRewrite = req.HostHeaderRewrite s.HostHeaderRewrite = req.HostHeaderRewrite
s.HttpUserName = req.HttpUserName s.HttpUserName = req.HttpUserName
s.HttpPassWord = req.HttpPassWord s.HttpPassWord = req.HttpPassWord
// package URL
if req.SubDomain != "" {
s.SubDomain = req.SubDomain + "." + server.Domain
}
if req.PoolCount > server.MaxPoolCount { if req.PoolCount > server.MaxPoolCount {
s.PoolCount = server.MaxPoolCount s.PoolCount = server.MaxPoolCount
} else if req.PoolCount < 0 { } else if req.PoolCount < 0 {
@ -302,6 +306,7 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
log.Warn(info) log.Warn(info)
return return
} }
log.Info("serverProxy: %+v", s)
// update metric's proxy status // update metric's proxy status
metric.SetProxyInfo(s.Name, s.Type, s.BindAddr, s.UseEncryption, s.UseGzip, s.PrivilegeMode, s.CustomDomains, s.ListenPort) metric.SetProxyInfo(s.Name, s.Type, s.BindAddr, s.UseEncryption, s.UseGzip, s.PrivilegeMode, s.CustomDomains, s.ListenPort)

View File

@ -166,6 +166,11 @@ func LoadConf(confFile string) (err error) {
if ok { if ok {
proxyClient.HttpPassWord = tmpStr proxyClient.HttpPassWord = tmpStr
} }
// subdomain
tmpStr, ok = section["subdomain"]
if ok {
proxyClient.SubDomain = tmpStr
}
} }
// privilege_mode // privilege_mode
@ -219,6 +224,9 @@ func LoadConf(confFile string) (err error) {
} else { } else {
return fmt.Errorf("Parse conf error: proxy [%s] custom_domains must be set when type equals http", proxyClient.Name) return fmt.Errorf("Parse conf error: proxy [%s] custom_domains must be set when type equals http", proxyClient.Name)
} }
// subdomain
proxyClient.SubDomain, ok = section["subdomain"]
} else if proxyClient.Type == "https" { } else if proxyClient.Type == "https" {
// custom_domains // custom_domains
domainStr, ok := section["custom_domains"] domainStr, ok := section["custom_domains"]

View File

@ -26,4 +26,5 @@ type BaseConf struct {
HostHeaderRewrite string HostHeaderRewrite string
HttpUserName string HttpUserName string
HttpPassWord string HttpPassWord string
SubDomain string
} }

View File

@ -37,6 +37,7 @@ type ControlReq struct {
HostHeaderRewrite string `json:"host_header_rewrite"` HostHeaderRewrite string `json:"host_header_rewrite"`
HttpUserName string `json:"http_username"` HttpUserName string `json:"http_username"`
HttpPassWord string `json:"http_password"` HttpPassWord string `json:"http_password"`
SubDomain string `json:"subdomain"`
Timestamp int64 `json:"timestamp"` Timestamp int64 `json:"timestamp"`
} }

View File

@ -45,6 +45,8 @@ var (
LogMaxDays int64 = 3 LogMaxDays int64 = 3
PrivilegeMode bool = false PrivilegeMode bool = false
PrivilegeToken string = "" PrivilegeToken string = ""
CtrlConnTimeout int64 = 10
Domain string = ""
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected // if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
PrivilegeAllowPorts map[int64]struct{} PrivilegeAllowPorts map[int64]struct{}
@ -222,6 +224,16 @@ func loadCommonConf(confFile string) error {
MaxPoolCount = v MaxPoolCount = v
} }
} }
tmpStr, ok = conf.Get("common", "conn_timeout")
if ok {
v, err := strconv.ParseInt(tmpStr, 10, 64)
if err != nil {
return fmt.Errorf("Parse conf error: conn_timeout is incorrect")
} else {
CtrlConnTimeout = v
}
}
Domain, ok = conf.Get("common", "domain")
return nil return nil
} }

View File

@ -130,6 +130,12 @@ func (p *ProxyServer) Start(c *conn.Conn) (err error) {
} }
p.listeners = append(p.listeners, l) p.listeners = append(p.listeners, l)
} }
l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
if err != nil {
return err
}
p.listeners = append(p.listeners, l)
} else if p.Type == "https" { } else if p.Type == "https" {
for _, domain := range p.CustomDomains { for _, domain := range p.CustomDomains {
l, err := VhostHttpsMuxer.Listen(domain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord) l, err := VhostHttpsMuxer.Listen(domain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)