From 7cc67e852e358ffc111201ed2bf081f171b4388d Mon Sep 17 00:00:00 2001 From: fatedier Date: Wed, 11 Oct 2023 11:49:40 +0800 Subject: [PATCH] fix that transport.tls.disableCustomTLSFirstByte doesn't take effect (#3660) --- README.md | 2 ++ Release.md | 10 ++-------- client/service.go | 3 +++ pkg/util/version/version.go | 2 +- test/e2e/v1/basic/client_server.go | 20 +++++++++++++++++++- 5 files changed, 27 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 7c7656bf..b560d447 100644 --- a/README.md +++ b/README.md @@ -761,6 +761,8 @@ allowPorts = [ `vhostHTTPPort` and `vhostHTTPSPort` in frps can use same port with `bindPort`. frps will detect the connection's protocol and handle it correspondingly. +What you need to pay attention to is that if you want to configure `vhostHTTPSPort` and `bindPort` to the same port, you need to first set `transport.tls.disableCustomTLSFirstByte` to false. + We would like to try to allow multiple proxies bind a same remote port with different protocols in the future. ### Bandwidth Limit diff --git a/Release.md b/Release.md index 95f1ba36..3d164f73 100644 --- a/Release.md +++ b/Release.md @@ -1,9 +1,3 @@ -### Features +### Fixes -* Configuration: We now support TOML, YAML, and JSON for configuration. Please note that INI is deprecated and will be removed in future releases. New features will only be available in TOML, YAML, or JSON. Users wanting these new features should switch their configuration format accordingly. #2521 - -### Breaking Changes - -* Change the way to start the visitor through the command line from `frpc stcp --role=visitor xxx` to `frpc stcp visitor xxx`. -* Modified the semantics of the `server_addr` in the command line, no longer including the port. Added the `server_port` parameter to configure the port. -* No longer support range ports mapping in TOML/YAML/JSON. +* `transport.tls.disableCustomTLSFirstByte` doesn't have any effect. diff --git a/client/service.go b/client/service.go index 5ddc23c3..184a87a3 100644 --- a/client/service.go +++ b/client/service.go @@ -476,6 +476,9 @@ func (cm *ConnectionManager) realConnect() (net.Conn, error) { // Make sure that if it is wss, the websocket hook is executed after the tls hook. dialOptions = append(dialOptions, libdial.WithAfterHook(libdial.AfterHook{Hook: utilnet.DialHookWebsocket(protocol, tlsConfig.ServerName), Priority: 110})) default: + dialOptions = append(dialOptions, libdial.WithAfterHook(libdial.AfterHook{ + Hook: utilnet.DialHookCustomTLSHeadByte(tlsConfig != nil, lo.FromPtr(cm.cfg.Transport.TLS.DisableCustomTLSFirstByte)), + })) dialOptions = append(dialOptions, libdial.WithTLSConfig(tlsConfig)) } diff --git a/pkg/util/version/version.go b/pkg/util/version/version.go index 32b31837..5f6f3702 100644 --- a/pkg/util/version/version.go +++ b/pkg/util/version/version.go @@ -19,7 +19,7 @@ import ( "strings" ) -var version = "0.52.0" +var version = "0.52.1" func Full() string { return version diff --git a/test/e2e/v1/basic/client_server.go b/test/e2e/v1/basic/client_server.go index 082c0de5..16270781 100644 --- a/test/e2e/v1/basic/client_server.go +++ b/test/e2e/v1/basic/client_server.go @@ -291,7 +291,7 @@ var _ = ginkgo.Describe("[Feature: Client-Server]", func() { }) }) - ginkgo.Describe("TLS with disable_custom_tls_first_byte set to false", func() { + ginkgo.Describe("TLS with disableCustomTLSFirstByte set to false", func() { supportProtocols := []string{"tcp", "kcp", "quic", "websocket"} for _, protocol := range supportProtocols { tmp := protocol @@ -322,4 +322,22 @@ var _ = ginkgo.Describe("[Feature: Client-Server]", func() { }) } }) + + ginkgo.Describe("Use same port for bindPort and vhostHTTPSPort", func() { + supportProtocols := []string{"tcp", "kcp", "quic", "websocket"} + for _, protocol := range supportProtocols { + tmp := protocol + defineClientServerTest("Use same port for bindPort and vhostHTTPSPort: "+strings.ToUpper(tmp), f, &generalTestConfigures{ + server: fmt.Sprintf(` + vhostHTTPSPort = {{ .%s }} + %s + `, consts.PortServerName, renderBindPortConfig(protocol)), + // transport.tls.disableCustomTLSFirstByte should set to false when vhostHTTPSPort is same as bindPort + client: fmt.Sprintf(` + transport.protocol = "%s" + transport.tls.disableCustomTLSFirstByte = false + `, protocol), + }) + } + }) })