frpc: support nathole discover (#3381)

2026-01-11 22:23:12 +00:00 · 2023-03-30 20:28:15 +08:00
parent 9800b4cfcf
commit a22d6c9504
13 changed files with 521 additions and 17 deletions
--- a/pkg/nathole/nathole.go
+++ b/pkg/nathole/nathole.go
@@ -1,3 +1,17 @@
+// Copyright 2023 The frp Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 package nathole

 import (
@@ -7,6 +21,7 @@ import (
 	"sync"
 	"time"

+	"github.com/fatedier/golib/crypto"
 	"github.com/fatedier/golib/errors"
 	"github.com/fatedier/golib/pool"

@@ -18,6 +33,11 @@ import (
 // NatHoleTimeout seconds.
 var NatHoleTimeout int64 = 10

+func NewTransactionID() string {
+	id, _ := util.RandID()
+	return fmt.Sprintf("%d%s", time.Now().Unix(), id)
+}
+
 type SidRequest struct {
 	Sid      string
 	NotifyCh chan struct{}
@@ -29,10 +49,11 @@ type Controller struct {
 	clientCfgs map[string]*ClientCfg
 	sessions   map[string]*Session

-	mu sync.RWMutex
+	encryptionKey []byte
+	mu            sync.RWMutex
 }

-func NewController(udpBindAddr string) (nc *Controller, err error) {
+func NewController(udpBindAddr string, encryptionKey []byte) (nc *Controller, err error) {
 	addr, err := net.ResolveUDPAddr("udp", udpBindAddr)
 	if err != nil {
 		return nil, err
@@ -42,9 +63,10 @@ func NewController(udpBindAddr string) (nc *Controller, err error) {
 		return nil, err
 	}
 	nc = &Controller{
-		listener:   lconn,
-		clientCfgs: make(map[string]*ClientCfg),
-		sessions:   make(map[string]*Session),
+		listener:      lconn,
+		clientCfgs:    make(map[string]*ClientCfg),
+		sessions:      make(map[string]*Session),
+		encryptionKey: encryptionKey,
 	}
 	return nc, nil
 }
@@ -72,24 +94,30 @@ func (nc *Controller) Run() {
 		buf := pool.GetBuf(1024)
 		n, raddr, err := nc.listener.ReadFromUDP(buf)
 		if err != nil {
-			log.Trace("nat hole listener read from udp error: %v", err)
+			log.Warn("nat hole listener read from udp error: %v", err)
 			return
 		}
-
-		rd := bytes.NewReader(buf[:n])
-		rawMsg, err := msg.ReadMsg(rd)
+		plain, err := crypto.Decode(buf[:n], nc.encryptionKey)
 		if err != nil {
-			log.Trace("read nat hole message error: %v", err)
+			log.Warn("nathole listener decode from %s error: %v", raddr.String(), err)
+			continue
+		}
+
+		rawMsg, err := msg.ReadMsg(bytes.NewReader(plain))
+		if err != nil {
+			log.Warn("read nat hole message error: %v", err)
 			continue
 		}

 		switch m := rawMsg.(type) {
+		case *msg.NatHoleBinding:
+			go nc.HandleBinding(m, raddr)
 		case *msg.NatHoleVisitor:
 			go nc.HandleVisitor(m, raddr)
 		case *msg.NatHoleClient:
 			go nc.HandleClient(m, raddr)
 		default:
-			log.Trace("error nat hole message type")
+			log.Trace("unknown nat hole message type")
 			continue
 		}
 		pool.PutBuf(buf)
@@ -102,6 +130,29 @@ func (nc *Controller) GenSid() string {
 	return fmt.Sprintf("%d%s", t, id)
 }

+func (nc *Controller) HandleBinding(m *msg.NatHoleBinding, raddr *net.UDPAddr) {
+	log.Trace("handle binding message from %s", raddr.String())
+	resp := &msg.NatHoleBindingResp{
+		TransactionID: m.TransactionID,
+		Address:       raddr.String(),
+	}
+	plain, err := msg.Pack(resp)
+	if err != nil {
+		log.Error("pack nat hole binding response error: %v", err)
+		return
+	}
+	buf, err := crypto.Encode(plain, nc.encryptionKey)
+	if err != nil {
+		log.Error("encode nat hole binding response error: %v", err)
+		return
+	}
+	_, err = nc.listener.WriteToUDP(buf, raddr)
+	if err != nil {
+		log.Error("write nat hole binding response to %s error: %v", raddr.String(), err)
+		return
+	}
+}
+
 func (nc *Controller) HandleVisitor(m *msg.NatHoleVisitor, raddr *net.UDPAddr) {
 	sid := nc.GenSid()
 	session := &Session{