Add config file setting

2022-04-15 10:24:58 -05:00 · 2022-04-15 10:24:58 -05:00 · bf0542bf18
commit bf0542bf18
parent a7e2bbe74c
8 changed files with 26 additions and 7 deletions
--- a/client/admin.go
+++ b/client/admin.go
@ -47,8 +47,8 @@ func (svr *Service) RunAdminServer(address string) (err error) {
 	}

 	subRouter := router.NewRoute().Subrouter()
-	user, passwd := svr.cfg.AdminUser, svr.cfg.AdminPwd
-	subRouter.Use(frpNet.NewHTTPAuthMiddleware(user, passwd).Middleware)
+	user, passwd, hashed := svr.cfg.AdminUser, svr.cfg.AdminPwd, svr.cfg.HashedPwd
+	subRouter.Use(frpNet.NewHTTPAuthMiddleware(user, passwd, hashed).Middleware)

 	// api, see admin_api.go
 	subRouter.HandleFunc("/api/reload", svr.apiReload).Methods("GET")
--- a/cmd/frps/root.go
+++ b/cmd/frps/root.go
@ -49,6 +49,7 @@ var (
 	dashboardPort     int
 	dashboardUser     string
 	dashboardPwd      string
+	hashedPwd         bool
 	enablePrometheus  bool
 	assetsDir         string
 	logFile           string
@ -80,6 +81,7 @@ func init() {
 	rootCmd.PersistentFlags().IntVarP(&dashboardPort, "dashboard_port", "", 0, "dashboard port")
 	rootCmd.PersistentFlags().StringVarP(&dashboardUser, "dashboard_user", "", "admin", "dashboard user")
 	rootCmd.PersistentFlags().StringVarP(&dashboardPwd, "dashboard_pwd", "", "admin", "dashboard password")
+	rootCmd.PersistentFlags().BoolVarP(&hashedPwd, "hashed_pwd", "", false, "specify if password is hashed")
 	rootCmd.PersistentFlags().BoolVarP(&enablePrometheus, "enable_prometheus", "", false, "enable prometheus dashboard")
 	rootCmd.PersistentFlags().StringVarP(&logFile, "log_file", "", "console", "log file")
 	rootCmd.PersistentFlags().StringVarP(&logLevel, "log_level", "", "info", "log level")
@ -166,6 +168,7 @@ func parseServerCommonCfgFromCmd() (cfg config.ServerCommonConf, err error) {
 	cfg.DashboardPort = dashboardPort
 	cfg.DashboardUser = dashboardUser
 	cfg.DashboardPwd = dashboardPwd
+	cfg.HashedPwd = hashedPwd
 	cfg.EnablePrometheus = enablePrometheus
 	cfg.LogFile = logFile
 	cfg.LogLevel = logLevel
--- a/pkg/config/client.go
+++ b/pkg/config/client.go
@ -83,6 +83,8 @@ type ClientCommonConf struct {
 	// AdminPwd specifies the password that the admin server will use for
 	// login.
 	AdminPwd string `ini:"admin_pwd" json:"admin_pwd"`
+	// HashedPwd specifies if the password is hashed using BCrypt or not
+	HashedPwd bool `ini:"hashed_pwd" json:"hashed_pwd"`
 	// AssetsDir specifies the local directory that the admin server will load
 	// resources from. If this value is "", assets will be loaded from the
 	// bundled executable using statik. By default, this value is "".
--- a/pkg/config/proxy.go
+++ b/pkg/config/proxy.go
@ -160,6 +160,7 @@ type HTTPProxyConf struct {
 	Locations         []string          `ini:"locations" json:"locations"`
 	HTTPUser          string            `ini:"http_user" json:"http_user"`
 	HTTPPwd           string            `ini:"http_pwd" json:"http_pwd"`
+	HashedPwd         bool              `ini:"hashed_pwd" json:"hashed_pwd"`
 	HostHeaderRewrite string            `ini:"host_header_rewrite" json:"host_header_rewrite"`
 	Headers           map[string]string `ini:"-" json:"headers"`
 }
--- a/pkg/config/server.go
+++ b/pkg/config/server.go
@ -78,6 +78,8 @@ type ServerCommonConf struct {
 	// DashboardPwd specifies the password that the dashboard will use for
 	// login.
 	DashboardPwd string `ini:"dashboard_pwd" json:"dashboard_pwd"`
+	// HashedPwd specifies if the password is hashed using BCrypt or not
+	HashedPwd bool `ini:"hashed_pwd" json:"hashed_pwd"`
 	// EnablePrometheus will export prometheus metrics on {dashboard_addr}:{dashboard_port}
 	// in /metrics api.
 	EnablePrometheus bool `ini:"enable_prometheus" json:"enable_prometheus"`
@ -193,6 +195,7 @@ func GetDefaultServerConf() ServerCommonConf {
 		DashboardPort:           0,
 		DashboardUser:           "",
 		DashboardPwd:            "",
+		HashedPwd:               false,
 		EnablePrometheus:        false,
 		AssetsDir:               "",
 		LogFile:                 "console",
--- a/pkg/plugin/client/static_file.go
+++ b/pkg/plugin/client/static_file.go
@ -18,6 +18,7 @@ import (
 	"io"
 	"net"
 	"net/http"
+	"strconv"

 	frpNet "github.com/fatedier/frp/pkg/util/net"

@ -35,6 +36,7 @@ type StaticFilePlugin struct {
 	stripPrefix string
 	httpUser    string
 	httpPasswd  string
+	hashedPwd   bool

 	l *Listener
 	s *http.Server
@ -45,6 +47,11 @@ func NewStaticFilePlugin(params map[string]string) (Plugin, error) {
 	stripPrefix := params["plugin_strip_prefix"]
 	httpUser := params["plugin_http_user"]
 	httpPasswd := params["plugin_http_passwd"]
+	hashedPwd, err := strconv.ParseBool(params["plugin_hashed_pwd"])
+
+	if err != nil {
+		hashedPwd = false
+	}

 	listener := NewProxyListener()

@ -53,6 +60,7 @@ func NewStaticFilePlugin(params map[string]string) (Plugin, error) {
 		stripPrefix: stripPrefix,
 		httpUser:    httpUser,
 		httpPasswd:  httpPasswd,
+		hashedPwd:   hashedPwd,

 		l: listener,
 	}
@ -64,7 +72,7 @@ func NewStaticFilePlugin(params map[string]string) (Plugin, error) {
 	}

 	router := mux.NewRouter()
-	router.Use(frpNet.NewHTTPAuthMiddleware(httpUser, httpPasswd).Middleware)
+	router.Use(frpNet.NewHTTPAuthMiddleware(httpUser, httpPasswd, hashedPwd).Middleware)
 	router.PathPrefix(prefix).Handler(frpNet.MakeHTTPGzipHandler(http.StripPrefix(prefix, http.FileServer(http.Dir(localPath))))).Methods("GET")
 	sp.s = &http.Server{
 		Handler: router,
--- a/pkg/util/net/http.go
+++ b/pkg/util/net/http.go
@ -50,12 +50,14 @@ func (aw *HTTPAuthWraper) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 type HTTPAuthMiddleware struct {
 	user   string
 	passwd string
+	hashed bool
 }

-func NewHTTPAuthMiddleware(user, passwd string) *HTTPAuthMiddleware {
+func NewHTTPAuthMiddleware(user, passwd string, hashed bool) *HTTPAuthMiddleware {
 	return &HTTPAuthMiddleware{
 		user:   user,
 		passwd: passwd,
+		hashed: hashed,
 	}
 }

@ -65,7 +67,7 @@ func (authMid *HTTPAuthMiddleware) Middleware(next http.Handler) http.Handler {
 		if (authMid.user == "" && authMid.passwd == "") ||
 			(hasAuth && reqUser == authMid.user && reqPasswd == authMid.passwd) {
 			next.ServeHTTP(w, r)
-		} else if authMid.user == reqUser && authMid.passwd[:4] == "$2a$" || authMid.passwd[:4] == "$2y$" {
+		} else if authMid.user == reqUser && authMid.hashed {
 			correct := bcrypt.CompareHashAndPassword([]byte(authMid.passwd), []byte(reqPasswd))
 			if correct == nil {
 				next.ServeHTTP(w, r)
--- a/server/dashboard.go
+++ b/server/dashboard.go
@ -48,8 +48,8 @@ func (svr *Service) RunDashboardServer(address string) (err error) {

 	subRouter := router.NewRoute().Subrouter()

-	user, passwd := svr.cfg.DashboardUser, svr.cfg.DashboardPwd
-	subRouter.Use(frpNet.NewHTTPAuthMiddleware(user, passwd).Middleware)
+	user, passwd, hashed := svr.cfg.DashboardUser, svr.cfg.DashboardPwd, svr.cfg.HashedPwd
+	subRouter.Use(frpNet.NewHTTPAuthMiddleware(user, passwd, hashed).Middleware)

 	// metrics
 	if svr.cfg.EnablePrometheus {