frps/control rename authTimeout; add judgement for subdomain

pull/152/head
Maodanping 2016-11-08 13:40:40 +08:00
parent 7cc5d03f35
commit c702355669
4 changed files with 22 additions and 14 deletions

View File

@ -26,8 +26,9 @@ privilege_token = 12345678
privilege_allow_ports = 2000-3000,3001,3003,4000-50000
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value
max_pool_count = 100
# conn_timeout set the timeout interval (seconds) when the frpc connects frps
conn_timeout = 10
# authentication_timeout means the timeout interval (minute units) when the frpc connects frps
# if authentication_timeout set zero, the time is not verified
authentication_timeout = 15
# domain for frps
domain = frps.com

View File

@ -18,6 +18,7 @@ import (
"encoding/json"
"fmt"
"io"
"strings"
"time"
"github.com/fatedier/frp/src/models/consts"
@ -221,8 +222,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
nowTime := time.Now().Unix()
if req.PrivilegeMode {
privilegeKey := pcrypto.GetAuthKey(req.ProxyName + server.PrivilegeToken + fmt.Sprintf("%d", req.Timestamp))
// privilegeKey unavaiable after server.CtrlConnTimeout seconds
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
// privilegeKey unavaiable after server.AuthTimeout minutes
if server.AuthTimeout != 0 && nowTime-req.Timestamp > server.AuthTimeout {
info = fmt.Sprintf("ProxyName [%s], privilege mode authorization timeout", req.ProxyName)
log.Warn(info)
return
@ -234,8 +235,7 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
}
} else {
authKey := pcrypto.GetAuthKey(req.ProxyName + s.AuthToken + fmt.Sprintf("%d", req.Timestamp))
// privilegeKey unavaiable after server.CtrlConnTimeout seconds
if server.CtrlConnTimeout != 0 && nowTime-req.Timestamp > server.CtrlConnTimeout {
if server.AuthTimeout != 0 && nowTime-req.Timestamp > server.AuthTimeout {
info = fmt.Sprintf("ProxyName [%s], authorization timeout", req.ProxyName)
log.Warn(info)
return
@ -291,6 +291,11 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string) {
s.HttpPassWord = req.HttpPassWord
// package URL
if req.SubDomain != "" {
if strings.Contains(req.SubDomain, ".") || strings.Contains(req.SubDomain, "*") {
info = fmt.Sprintf("ProxyName [%s], type [%s] not support when subdomain is not set", req.ProxyName, req.Type)
log.Warn(info)
return
}
s.SubDomain = req.SubDomain + "." + server.Domain
}
if req.PoolCount > server.MaxPoolCount {

View File

@ -45,7 +45,7 @@ var (
LogMaxDays int64 = 3
PrivilegeMode bool = false
PrivilegeToken string = ""
CtrlConnTimeout int64 = 10
AuthTimeout int64 = 15
Domain string = ""
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
@ -224,13 +224,13 @@ func loadCommonConf(confFile string) error {
MaxPoolCount = v
}
}
tmpStr, ok = conf.Get("common", "conn_timeout")
tmpStr, ok = conf.Get("common", "authentication_timeout")
if ok {
v, err := strconv.ParseInt(tmpStr, 10, 64)
if err != nil {
return fmt.Errorf("Parse conf error: conn_timeout is incorrect")
return fmt.Errorf("Parse conf error: authentication_timeout is incorrect")
} else {
CtrlConnTimeout = v
AuthTimeout = v
}
}
Domain, ok = conf.Get("common", "domain")

View File

@ -130,11 +130,13 @@ func (p *ProxyServer) Start(c *conn.Conn) (err error) {
}
p.listeners = append(p.listeners, l)
}
l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
if err != nil {
return err
if p.SubDomain != "" {
l, err := VhostHttpMuxer.Listen(p.SubDomain, p.HostHeaderRewrite, p.HttpUserName, p.HttpPassWord)
if err != nil {
return err
}
p.listeners = append(p.listeners, l)
}
p.listeners = append(p.listeners, l)
} else if p.Type == "https" {
for _, domain := range p.CustomDomains {