fatedier
diff --git a/‎.github/workflows/golangci-lint.yml‎
Lines changed: 1 addition & 11 deletions b/‎.github/workflows/golangci-lint.yml‎
Lines changed: 1 addition & 11 deletions
diff --git a/‎.golangci.yml‎
Lines changed: 3 additions & 0 deletions b/‎.golangci.yml‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 32 additions & 0 deletions b/‎README.md‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎Release.md‎
Lines changed: 5 additions & 2 deletions b/‎Release.md‎
Lines changed: 5 additions & 2 deletions
diff --git a/‎client/connector.go‎
Lines changed: 1 addition & 1 deletion b/‎client/connector.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎client/service.go‎
Lines changed: 12 additions & 3 deletions b/‎client/service.go‎
Lines changed: 12 additions & 3 deletions
diff --git a/‎client/visitor/xtcp.go‎
Lines changed: 1 addition & 1 deletion b/‎client/visitor/xtcp.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎cmd/frpc/sub/nathole.go‎
Lines changed: 4 additions & 1 deletion b/‎cmd/frpc/sub/nathole.go‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎cmd/frpc/sub/proxy.go‎
Lines changed: 8 additions & 2 deletions b/‎cmd/frpc/sub/proxy.go‎
Lines changed: 8 additions & 2 deletions
diff --git a/‎cmd/frps/root.go‎
Lines changed: 4 additions & 1 deletion b/‎cmd/frps/root.go‎
Lines changed: 4 additions & 1 deletion
@@ -23,14 +23,4 @@ jobs:
       uses: golangci/golangci-lint-action@v8
       with:
         # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
-        version: v2.1
-
-        # Optional: golangci-lint command line arguments.
-        # args: --issues-exit-code=0
-
-        # Optional: show only new issues if it's a pull request. The default value is `false`.
-        # only-new-issues: true
-
-        # Optional: if set to true then the all caching functionality will be complete disabled,
-        #           takes precedence over all other caching options.
-        # skip-cache: true
+        version: v2.3
@@ -73,6 +73,9 @@ linters:
     - linters:
       - revive
       text: unused-parameter
+    - linters:
+      - revive
+      text: "avoid meaningless package names"
     - linters:
       - unparam
       text: is always false
 
@@ -13,19 +13,36 @@ frp is an open source project with its ongoing development made possible entirel
 
 <h3 align="center">Gold Sponsors</h3>
 <!--gold sponsors start-->
+<p align="center">
+  <a href="https://go.warp.dev/frp" target="_blank">
+    <img width="360px" src="https://raw.githubusercontent.com/warpdotdev/brand-assets/refs/heads/main/Github/Sponsor/Warp-Github-LG-01.png">
+    <br>
+    <b>Warp, the intelligent terminal</b>
+    <br>
+	<sub>Available for macOS, Linux and Windows</sub>
+  </a>
+</p>
 <p align="center">
   <a href="https://jb.gg/frp" target="_blank">
     <img width="420px" src="https://raw.githubusercontent.com/fatedier/frp/dev/doc/pic/sponsor_jetbrains.jpg">
+	<br>
+	<b>The complete IDE crafted for professional Go developers</b>
   </a>
 </p>
 <p align="center">
   <a href="https://github.com/daytonaio/daytona" target="_blank">
     <img width="420px" src="https://raw.githubusercontent.com/fatedier/frp/dev/doc/pic/sponsor_daytona.png">
+	<br>
+	<b>Secure and Elastic Infrastructure for Running Your AI-Generated Code</b>
   </a>
 </p>
 <p align="center">
   <a href="https://github.com/beclab/Olares" target="_blank">
     <img width="420px" src="https://raw.githubusercontent.com/fatedier/frp/dev/doc/pic/sponsor_olares.jpeg">
+	<br>
+	<b>The sovereign cloud that puts you in control</b>
+	<br>
+	<sub>An open source, self-hosted alternative to public clouds, built for data ownership and privacy</sub>
   </a>
 </p>
 <!--gold sponsors end-->
@@ -612,6 +629,21 @@ When specifying `auth.method = "token"` in `frpc.toml` and `frps.toml` - token b
 
 Make sure to specify the same `auth.token` in `frps.toml` and `frpc.toml` for frpc to pass frps validation
 
+##### Token Source
+
+frp supports reading authentication tokens from external sources using the `tokenSource` configuration. Currently, file-based token source is supported.
+
+**File-based token source:**
+
+```toml
+# frpc.toml
+auth.method = "token"
+auth.tokenSource.type = "file"
+auth.tokenSource.file.path = "/path/to/token/file"
+```
+
+The token will be read from the specified file at startup. This is useful for scenarios where tokens are managed by external systems or need to be kept separate from configuration files for security reasons.
+
 #### OIDC Authentication
 
 When specifying `auth.method = "oidc"` in `frpc.toml` and `frps.toml` - OIDC based authentication will be used.
 
@@ -1,4 +1,7 @@
 ## Features
 
-* Support for YAML merge functionality (anchors and references with dot-prefixed fields) in strict configuration mode without requiring `--strict-config=false` parameter.
-* Support for proxy protocol in UDP proxies to preserve real client IP addresses.
+* Support tokenSource for loading authentication tokens from files.
+
+## Fixes
+
+* Fix SSH tunnel gateway incorrectly binding to proxyBindAddr instead of bindAddr, which caused external connections to fail when proxyBindAddr was set to 127.0.0.1.
@@ -48,7 +48,7 @@ type defaultConnectorImpl struct {
 	cfg *v1.ClientCommonConfig
 
 	muxSession *fmux.Session
-	quicConn   quic.Connection
+	quicConn   *quic.Conn
 	closeOnce  sync.Once
 }
 
 
@@ -88,13 +88,16 @@ type ServiceOptions struct {
 }
 
 // setServiceOptionsDefault sets the default values for ServiceOptions.
-func setServiceOptionsDefault(options *ServiceOptions) {
+func setServiceOptionsDefault(options *ServiceOptions) error {
 	if options.Common != nil {
-		options.Common.Complete()
+		if err := options.Common.Complete(); err != nil {
+			return err
+		}
 	}
 	if options.ConnectorCreator == nil {
 		options.ConnectorCreator = NewConnector
 	}
+	return nil
 }
 
 // Service is the client service that connects to frps and provides proxy services.
@@ -134,7 +137,9 @@ type Service struct {
 }
 
 func NewService(options ServiceOptions) (*Service, error) {
-	setServiceOptionsDefault(&options)
+	if err := setServiceOptionsDefault(&options); err != nil {
+		return nil, err
+	}
 
 	var webServer *httppkg.Server
 	if options.Common.WebServer.Port > 0 {
@@ -398,6 +403,10 @@ func (svr *Service) stop() {
 		svr.ctl.GracefulClose(svr.gracefulShutdownDuration)
 		svr.ctl = nil
 	}
+	if svr.webServer != nil {
+		svr.webServer.Close()
+		svr.webServer = nil
+	}
 }
 
 func (svr *Service) getProxyStatus(name string) (*proxy.WorkingStatus, bool) {
 
@@ -398,7 +398,7 @@ func (ks *KCPTunnelSession) Close() {
 }
 
 type QUICTunnelSession struct {
-	session    quic.Connection
+	session    *quic.Conn
 	listenConn *net.UDPConn
 	mu         sync.RWMutex
 
 
@@ -51,7 +51,10 @@ var natholeDiscoveryCmd = &cobra.Command{
 		cfg, _, _, _, err := config.LoadClientConfig(cfgFile, strictConfigMode)
 		if err != nil {
 			cfg = &v1.ClientCommonConfig{}
-			cfg.Complete()
+			if err := cfg.Complete(); err != nil {
+				fmt.Printf("failed to complete config: %v\n", err)
+				os.Exit(1)
+			}
 		}
 		if natHoleSTUNServer != "" {
 			cfg.NatHoleSTUNServer = natHoleSTUNServer
 
@@ -73,7 +73,10 @@ func NewProxyCommand(name string, c v1.ProxyConfigurer, clientCfg *v1.ClientComm
 		Use:   name,
 		Short: fmt.Sprintf("Run frpc with a single %s proxy", name),
 		Run: func(cmd *cobra.Command, args []string) {
-			clientCfg.Complete()
+			if err := clientCfg.Complete(); err != nil {
+				fmt.Println(err)
+				os.Exit(1)
+			}
 			if _, err := validation.ValidateClientCommonConfig(clientCfg); err != nil {
 				fmt.Println(err)
 				os.Exit(1)
@@ -99,7 +102,10 @@ func NewVisitorCommand(name string, c v1.VisitorConfigurer, clientCfg *v1.Client
 		Use:   "visitor",
 		Short: fmt.Sprintf("Run frpc with a single %s visitor", name),
 		Run: func(cmd *cobra.Command, args []string) {
-			clientCfg.Complete()
+			if err := clientCfg.Complete(); err != nil {
+				fmt.Println(err)
+				os.Exit(1)
+			}
 			if _, err := validation.ValidateClientCommonConfig(clientCfg); err != nil {
 				fmt.Println(err)
 				os.Exit(1)
 
@@ -70,7 +70,10 @@ var rootCmd = &cobra.Command{
 					"please use yaml/json/toml format instead!\n")
 			}
 		} else {
-			serverCfg.Complete()
+			if err := serverCfg.Complete(); err != nil {
+				fmt.Printf("failed to complete server config: %v\n", err)
+				os.Exit(1)
+			}
 			svrCfg = &serverCfg
 		}
Original file line number	Diff line number	Diff line change
`@@ -48,7 +48,7 @@ type defaultConnectorImpl struct {`
`48`	`48`	`cfg *v1.ClientCommonConfig`
`49`	`49`
`50`	`50`	`muxSession *fmux.Session`
`51`		`- quicConn quic.Connection`
	`51`	`+ quicConn *quic.Conn`
`52`	`52`	`closeOnce sync.Once`
`53`	`53`	`}`
`54`	`54`
Original file line number	Diff line number	Diff line change
`@@ -88,13 +88,16 @@ type ServiceOptions struct {`
`88`	`88`	`}`
`89`	`89`
`90`	`90`	`// setServiceOptionsDefault sets the default values for ServiceOptions.`
`91`		`-func setServiceOptionsDefault(options *ServiceOptions) {`
	`91`	`+func setServiceOptionsDefault(options *ServiceOptions) error {`
`92`	`92`	`if options.Common != nil {`
`93`		`- options.Common.Complete()`
	`93`	`+ if err := options.Common.Complete(); err != nil {`
	`94`	`+ return err`
	`95`	`+ }`
`94`	`96`	`}`
`95`	`97`	`if options.ConnectorCreator == nil {`
`96`	`98`	`options.ConnectorCreator = NewConnector`
`97`	`99`	`}`
	`100`	`+ return nil`
`98`	`101`	`}`
`99`	`102`
`100`	`103`	`// Service is the client service that connects to frps and provides proxy services.`
`@@ -134,7 +137,9 @@ type Service struct {`
`134`	`137`	`}`
`135`	`138`
`136`	`139`	`func NewService(options ServiceOptions) (*Service, error) {`
`137`		`- setServiceOptionsDefault(&options)`
	`140`	`+ if err := setServiceOptionsDefault(&options); err != nil {`
	`141`	`+ return nil, err`
	`142`	`+ }`
`138`	`143`
`139`	`144`	`var webServer *httppkg.Server`
`140`	`145`	`if options.Common.WebServer.Port > 0 {`
`@@ -398,6 +403,10 @@ func (svr *Service) stop() {`
`398`	`403`	`svr.ctl.GracefulClose(svr.gracefulShutdownDuration)`
`399`	`404`	`svr.ctl = nil`
`400`	`405`	`}`
	`406`	`+ if svr.webServer != nil {`
	`407`	`+ svr.webServer.Close()`
	`408`	`+ svr.webServer = nil`
	`409`	`+ }`
`401`	`410`	`}`
`402`	`411`
`403`	`412`	`func (svr Service) getProxyStatus(name string) (proxy.WorkingStatus, bool) {`
Original file line number	Diff line number	Diff line change
`@@ -398,7 +398,7 @@ func (ks *KCPTunnelSession) Close() {`
`398`	`398`	`}`
`399`	`399`
`400`	`400`	`type QUICTunnelSession struct {`
`401`		`- session quic.Connection`
	`401`	`+ session *quic.Conn`
`402`	`402`	`listenConn *net.UDPConn`
`403`	`403`	`mu sync.RWMutex`
`404`	`404`
Original file line number	Diff line number	Diff line change
`@@ -70,7 +70,10 @@ var rootCmd = &cobra.Command{`
`70`	`70`	`"please use yaml/json/toml format instead!\n")`
`71`	`71`	`}`
`72`	`72`	`} else {`
`73`		`- serverCfg.Complete()`
	`73`	`+ if err := serverCfg.Complete(); err != nil {`
	`74`	`+ fmt.Printf("failed to complete server config: %v\n", err)`
	`75`	`+ os.Exit(1)`
	`76`	`+ }`
`74`	`77`	`svrCfg = &serverCfg`
`75`	`78`	`}`
`76`	`79`