frps/control rename authTimeout; add judgement for subdomain

This commit is contained in:
Maodanping 2016-11-08 13:40:40 +08:00
parent 7cc5d03f35
commit c702355669
4 changed files with 22 additions and 14 deletions

View File

@ -26,8 +26,9 @@ privilege_token = 12345678
privilege_allow_ports = 2000-3000,3001,3003,4000-50000 privilege_allow_ports = 2000-3000,3001,3003,4000-50000
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value # pool_count in each proxy will change to max_pool_count if they exceed the maximum value
max_pool_count = 100 max_pool_count = 100
# conn_timeout set the timeout interval (seconds) when the frpc connects frps # authentication_timeout means the timeout interval (minute units) when the frpc connects frps
conn_timeout = 10 # if authentication_timeout set zero, the time is not verified
authentication_timeout = 15
# domain for frps # domain for frps
domain = frps.com domain = frps.com

View File

@ -18,6 +18,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"io" "io"
"strings"
"time" "time"
"github.com/fatedier/frp/src/models/consts" "github.com/fatedier/frp/src/models/consts"
@ -221,8 +222,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
nowTime := time.Now().Unix() nowTime := time.Now().Unix()
if req.PrivilegeMode { if req.PrivilegeMode {
privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp)) privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp))
// privilegeKey unavaiable after server.CtrlConnTimeout seconds // privilegeKey unavaiable after server.AuthTimeout minutes
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout { if server.AuthTimeout != 0 && nowTime-req.Timestamp > server.AuthTimeout {
info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName) info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName)
log.Warn(info) log.Warn(info)
return return
@ -234,8 +235,7 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
} }
} else { } else {
authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp)) authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp))
// privilegeKey unavaiable after server.CtrlConnTimeout seconds if server.AuthTimeout != 0 && nowTime-req.Timestamp > server.AuthTimeout {
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName) info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName)
log.Warn(info) log.Warn(info)
return return
@ -291,6 +291,11 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
s.HttpPassWord = req.HttpPassWord s.HttpPassWord = req.HttpPassWord
// package URL // package URL
if req.SubDomain != "" { if req.SubDomain != "" {
if strings.Contains(req.SubDomain, ".") || strings.Contains(req.SubDomain, "*") {
info = fmt.Sprintf("ProxyName [%s], type [%s] not support when subdomain is not set", req.ProxyName, req.Type)
log.Warn(info)
return
}
s.SubDomain = req.SubDomain + "." + server.Domain s.SubDomain = req.SubDomain + "." + server.Domain
} }
if req.PoolCount > server.MaxPoolCount { if req.PoolCount > server.MaxPoolCount {

View File

@ -45,7 +45,7 @@ var (
LogMaxDays int64 = 3 LogMaxDays int64 = 3
PrivilegeMode bool = false PrivilegeMode bool = false
PrivilegeToken string = "" PrivilegeToken string = ""
CtrlConnTimeout int64 = 10 AuthTimeout int64 = 15
Domain string = "" Domain string = ""
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected // if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
@ -224,13 +224,13 @@ func loadCommonConf(confFile string) error {
MaxPoolCount = v MaxPoolCount = v
} }
} }
tmpStr, ok = conf.Get("common", "conn_timeout") tmpStr, ok = conf.Get("common", "authentication_timeout")
if ok { if ok {
v, err := strconv.ParseInt(tmpStr, 10, 64) v, err := strconv.ParseInt(tmpStr, 10, 64)
if err != nil { if err != nil {
return fmt.Errorf("Parse conf error: conn_timeout is incorrect") return fmt.Errorf("Parse conf error: authentication_timeout is incorrect")
} else { } else {
CtrlConnTimeout = v AuthTimeout = v
} }
} }
Domain, ok = conf.Get("common", "domain") Domain, ok = conf.Get("common", "domain")

View File

@ -130,11 +130,13 @@ func (p *ProxyServer) Start(c *conn.Conn) (err error) {
} }
p.listeners = append(p.listeners, l) p.listeners = append(p.listeners, l)
} }
l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord) if p.SubDomain != "" {
if err != nil { l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
return err if err != nil {
return err
}
p.listeners = append(p.listeners, l)
} }
p.listeners = append(p.listeners, l)
} else if p.Type == "https" { } else if p.Type == "https" {
for _, domain := range p.CustomDomains { for _, domain := range p.CustomDomains {