Git Product home page Git Product logo

frp-python's Issues

安全性改良建议

参考frp的:

  1. 增加token
  2. 增加ssl

我是自己使用,所以给你提供一个取巧的思路(仅自用)。主要考虑是因为你的c/s配置约定是写在命令行参数上的,因此意味着本来“连接数”就有限。

目前假设1 frpc->1 frps的情况。我简单魔改你的程式为“只保留第一次的连接”。这样第一次连接后,后续任何frpc都会直接close(哪怕第一次的连接出错挂了)。这样,只要运维时第一次连接成功,就可以放心的挂这个服务——哪怕frpc挂了,也不会被第三者假冒frpc、进而导致嗅探风险。

这是我首次写python,随便改改供参考。

        self.userConns = []
+        self.serverConns = None
       ......
    def accept_frp_connection(self,sock, mask):
        frpc_conn, addr = sock.accept()
+        if self.serverConns is None:
+            self.serverConns = frpc_conn
m            frpc_conn.setblocking(False)
m            # 注册为可读套接字
m            sel.register(frpc_conn, selectors.EVENT_READ, self.handle_controller_data)
+        elif addr[0]=='127.0.0.1':
+            frpc_conn.setblocking(False)
+            # 注册为可读套接字
+            sel.register(frpc_conn, selectors.EVENT_READ, self.handle_controller_data)
+        else:
+            print('发现可疑连接:' + str(addr))
+            frpc_conn.close()

还有一个我不是特别明白的地方,ctrl+c关闭应用后,即便netstat也查不到端口了,但是立即启动依旧会报告错误,非常影响连续测试。

frpc_sock.bind(('0.0.0.0', targetport))
OSError: [Errno 98] Address already in use

可能python的端口需要特殊的“安全关闭”方法?

小建议

  1. 分支发布模式,平时开发代码放在分支里,一个“比较完善”的版本完成后,在整体合并到master。
  2. master里的注释最好清理掉。这些注释出现在开发分支里就够了。
  3. 正式版里把“不太有价值的print”去掉(5个月没更新,我假设目前master是你这个时候的正式版)。

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.