cyonjan/frp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

change allow_prot from map to array

Browse Source
This commit is contained in:
yuyulei 2017-05-18 22:40:56 +08:00
parent 3f9749488a
commit 059df03e09
2 changed files with 71 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/cmd/frps/control.go
View File

@ -253,7 +253,8 @@ func doLogin(req *msg.ControlReq, c *conn.Conn) (ret int64, info string, s *serv
// and PrivilegeMode is enabled // and PrivilegeMode is enabled
if s.Type == "tcp" { if s.Type == "tcp" {
if len(server.PrivilegeAllowPorts) != 0 { if len(server.PrivilegeAllowPorts) != 0 {
_, ok := server.PrivilegeAllowPorts[s.ListenPort] // TODO: once linstenPort used, should remove the port from privilege ports
ok := server.ContainsPort(server.PrivilegeAllowPorts, s.ListenPort)
if !ok { if !ok {
info = fmt.Sprintf("ProxyName [%s], remote_port [%d] isn't allowed", req.ProxyName, s.ListenPort) info = fmt.Sprintf("ProxyName [%s], remote_port [%d] isn't allowed", req.ProxyName, s.ListenPort)
log.Warn(info) log.Warn(info)

101
src/models/server/config.go
View File

@ -49,7 +49,7 @@ var (
SubDomainHost string = "" SubDomainHost string = ""
// if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected // if PrivilegeAllowPorts is not nil, tcp proxies which remote port exist in this map can be connected
PrivilegeAllowPorts map[int64]struct{} PrivilegeAllowPorts [][2]int64
MaxPoolCount int64 = 100 MaxPoolCount int64 = 100
HeartBeatTimeout int64 = 30 HeartBeatTimeout int64 = 30
UserConnTimeout int64 = 10 UserConnTimeout int64 = 10
@ -179,40 +179,12 @@ func loadCommonConf(confFile string) error {
return fmt.Errorf("Parse conf error: privilege_token must be set if privilege_mode is enabled") return fmt.Errorf("Parse conf error: privilege_token must be set if privilege_mode is enabled")
} }
PrivilegeAllowPorts = make(map[int64]struct{}) allowPortsStr, ok := conf.Get("common", "privilege_allow_ports")
tmpStr, ok = conf.Get("common", "privilege_allow_ports") // TODO: check if conflicts exist in port ranges
if ok { if ok {
// for example: 1000-2000,2001,2002,3000-4000 PrivilegeAllowPorts, err = getPortRanges(allowPortsStr)
portRanges := strings.Split(tmpStr, ",")
for _, portRangeStr := range portRanges {
// 1000-2000 or 2001
portArray := strings.Split(portRangeStr, "-")
// lenght: only 1 or 2 is correct
rangeType := len(portArray)
if rangeType == 1 {
singlePort, err := strconv.ParseInt(portArray[0], 10, 64)
if err != nil { if err != nil {
return fmt.Errorf("Parse conf error: privilege_allow_ports is incorrect, %v", err) return err
}
PrivilegeAllowPorts[singlePort] = struct{}{}
} else if rangeType == 2 {
min, err := strconv.ParseInt(portArray[0], 10, 64)
if err != nil {
return fmt.Errorf("Parse conf error: privilege_allow_ports is incorrect, %v", err)
}
max, err := strconv.ParseInt(portArray[1], 10, 64)
if err != nil {
return fmt.Errorf("Parse conf error: privilege_allow_ports is incorrect, %v", err)
}
if max < min {
return fmt.Errorf("Parse conf error: privilege_allow_ports range incorrect")
}
for i := min; i <= max; i++ {
PrivilegeAllowPorts[i] = struct{}{}
}
} else {
return fmt.Errorf("Parse conf error: privilege_allow_ports is incorrect")
}
} }
} }
} }
@ -454,3 +426,66 @@ func GetProxyServer(proxyName string) (p *ProxyServer, ok bool) {
p, ok = ProxyServers[proxyName] p, ok = ProxyServers[proxyName]
return return
} }
func getPortRanges(rangeStr string) (portRanges [][2]int64, err error) {
// for example: 1000-2000,2001,2002,3000-4000
log.Debug("rangeStr is %s", rangeStr)
rangeArray := strings.Split(rangeStr, ",")
for _, portRangeStr := range rangeArray {
// 1000-2000 or 2001
portArray := strings.Split(portRangeStr, "-")
// lenght: only 1 or 2 is correct
rangeType := len(portArray)
if rangeType == 1 {
singlePort, err := strconv.ParseInt(portArray[0], 10, 64)
if err != nil {
return [][2]int64{}, fmt.Errorf("Parse conf error: privilege_allow_ports is incorrect, %v", err)
}
portRanges = append(portRanges, [2]int64{singlePort, singlePort})
} else if rangeType == 2 {
min, err := strconv.ParseInt(portArray[0], 10, 64)
if err != nil {
return [][2]int64{}, fmt.Errorf("Parse conf error: privilege_allow_ports is incorrect, %v", err)
}
max, err := strconv.ParseInt(portArray[1], 10, 64)
if err != nil {
return [][2]int64{}, fmt.Errorf("Parse conf error: privilege_allow_ports is incorrect, %v", err)
}
if max < min {
return [][2]int64{}, fmt.Errorf("Parse conf error: privilege_allow_ports range incorrect")
}
portRanges = append(portRanges, [2]int64{min, max})
} else {
return [][2]int64{}, fmt.Errorf("Parse conf error: privilege_allow_ports is incorrect")
}
}
return portRanges, nil
}
func ContainsPort(portRanges [][2]int64, port int64) bool {
for _, pr := range portRanges {
if port >= pr[0] && port <= pr[1] {
return true
}
}
return false
}
func PortRangesCut(portRanges [][2]int64, port int64) [][2]int64 {
var tmpRanges [][2]int64
for _, pr := range portRanges {
if port >= pr[0] && port <= pr[1] {
leftRange := [2]int64{pr[0], port - 1}
rightRange := [2]int64{port + 1, pr[1]}
if leftRange[0] <= leftRange[1] {
tmpRanges = append(tmpRanges, leftRange)
}
if rightRange[0] <= rightRange[1] {
tmpRanges = append(tmpRanges, rightRange)
}
} else {
tmpRanges = append(tmpRanges, pr)
}
}
return tmpRanges
}