Merge pull request #4999 from fatedier/dev

bump version

README.md

@@ -13,22 +13,11 @@ frp is an open source project with its ongoing development made possible entirel
 
 <h3 align="center">Gold Sponsors</h3>
 <!--gold sponsors start-->
-<div align="center">
-
-## Recall.ai - API for meeting recordings
-
-If you're looking for a meeting recording API, consider checking out [Recall.ai](https://www.recall.ai/?utm_source=github&utm_medium=sponsorship&utm_campaign=fatedier-frp),
-
-an API that records Zoom, Google Meet, Microsoft Teams, in-person meetings, and more.
-
-</div>
 <p align="center">
-  <a href="https://requestly.com/?utm_source=github&utm_medium=partnered&utm_campaign=frp" target="_blank">
+  <a href="https://www.recall.ai/?utm_source=github&utm_medium=sponsorship&utm_campaign=fatedier-frp" target="_blank">
-    <img width="480px" src="https://github.com/user-attachments/assets/24670320-997d-4d62-9bca-955c59fe883d">
+    <b>Recall.ai - API for meeting recordings</b><br>
     <br>
-    <b>Requestly - Free & Open-Source alternative to Postman</b>
+    <sup>If you're looking for a meeting recording API, consider checking out Recall.ai, an API that records Zoom, Google Meet, Microsoft Teams, in-person meetings, and more.</sup>
-    <br>
-    <sub>All-in-one platform to Test, Mock and Intercept APIs.</sub>
   </a>
 </p>
 <p align="center">

README_zh.md

@@ -15,22 +15,11 @@ frp 是一个完全开源的项目，我们的开发工作完全依靠赞助者
 
 <h3 align="center">Gold Sponsors</h3>
 <!--gold sponsors start-->
-<div align="center">
-
-## Recall.ai - API for meeting recordings
-
-If you're looking for a meeting recording API, consider checking out [Recall.ai](https://www.recall.ai/?utm_source=github&utm_medium=sponsorship&utm_campaign=fatedier-frp),
-
-an API that records Zoom, Google Meet, Microsoft Teams, in-person meetings, and more.
-
-</div>
 <p align="center">
-  <a href="https://requestly.com/?utm_source=github&utm_medium=partnered&utm_campaign=frp" target="_blank">
+  <a href="https://www.recall.ai/?utm_source=github&utm_medium=sponsorship&utm_campaign=fatedier-frp" target="_blank">
-    <img width="480px" src="https://github.com/user-attachments/assets/24670320-997d-4d62-9bca-955c59fe883d">
+    <b>Recall.ai - API for meeting recordings</b><br>
     <br>
-    <b>Requestly - Free & Open-Source alternative to Postman</b>
+    <sup>If you're looking for a meeting recording API, consider checking out Recall.ai, an API that records Zoom, Google Meet, Microsoft Teams, in-person meetings, and more.</sup>
-    <br>
-    <sub>All-in-one platform to Test, Mock and Intercept APIs.</sub>
   </a>
 </p>
 <p align="center">

Release.md

@@ -1,8 +1,5 @@
 ## Features
 
-* HTTPS proxies now support load balancing groups. Multiple HTTPS proxies can be configured with the same `loadBalancer.group` and `loadBalancer.groupKey` to share the same custom domain and distribute traffic across multiple backend services, similar to the existing TCP and HTTP load balancing capabilities.
+* Add NAT traversal configuration options for XTCP proxies and visitors. Support disabling assisted addresses to avoid using slow VPN connections during NAT hole punching.
-* Individual frpc proxies and visitors now accept an `enabled` flag (defaults to true), letting you disable specific entries without relying on the global `start` list—disabled blocks are skipped when client configs load.
+* Enhanced OIDC client configuration with support for custom TLS certificate verification and proxy settings. Added `trustedCaFile`, `insecureSkipVerify`, and `proxyURL` options for OIDC token endpoint connections.
-
+* Added detailed Prometheus metrics with `proxy_counts_detailed` metric that includes both proxy type and proxy name labels, enabling monitoring of individual proxy connections instead of just aggregate counts.
-## Improvements
-
-* **VirtualNet**: Implemented intelligent reconnection with exponential backoff. When connection errors occur repeatedly, the reconnect interval increases from 60s to 300s (max), reducing unnecessary reconnection attempts. Normal disconnections still reconnect quickly at 10s intervals.

client/visitor/stcp.go

@@ -15,7 +15,6 @@
 package visitor
 
 import (
-	"fmt"
 	"io"
 	"net"
 	"strconv"
@@ -82,22 +81,11 @@ func (sv *STCPVisitor) internalConnWorker() {
 
 func (sv *STCPVisitor) handleConn(userConn net.Conn) {
 	xl := xlog.FromContextSafe(sv.ctx)
-	var tunnelErr error
+	defer userConn.Close()
-	defer func() {
-		// If there was an error and connection supports CloseWithError, use it
-		if tunnelErr != nil {
-			if eConn, ok := userConn.(interface{ CloseWithError(error) error }); ok {
-				_ = eConn.CloseWithError(tunnelErr)
-				return
-			}
-		}
-		userConn.Close()
-	}()
 
 	xl.Debugf("get a new stcp user connection")
 	visitorConn, err := sv.helper.ConnectServer()
 	if err != nil {
-		tunnelErr = err
 		return
 	}
 	defer visitorConn.Close()
@@ -114,7 +102,6 @@ func (sv *STCPVisitor) handleConn(userConn net.Conn) {
 	err = msg.WriteMsg(visitorConn, newVisitorConnMsg)
 	if err != nil {
 		xl.Warnf("send newVisitorConnMsg to server error: %v", err)
-		tunnelErr = err
 		return
 	}
 
@@ -123,14 +110,12 @@ func (sv *STCPVisitor) handleConn(userConn net.Conn) {
 	err = msg.ReadMsgInto(visitorConn, &newVisitorConnRespMsg)
 	if err != nil {
 		xl.Warnf("get newVisitorConnRespMsg error: %v", err)
-		tunnelErr = err
 		return
 	}
 	_ = visitorConn.SetReadDeadline(time.Time{})
 
 	if newVisitorConnRespMsg.Error != "" {
 		xl.Warnf("start new visitor connection error: %s", newVisitorConnRespMsg.Error)
-		tunnelErr = fmt.Errorf("%s", newVisitorConnRespMsg.Error)
 		return
 	}
 
@@ -140,7 +125,6 @@ func (sv *STCPVisitor) handleConn(userConn net.Conn) {
 		remote, err = libio.WithEncryption(remote, []byte(sv.cfg.SecretKey))
 		if err != nil {
 			xl.Errorf("create encryption stream error: %v", err)
-			tunnelErr = err
 			return
 		}
 	}

client/visitor/visitor.go

@@ -71,7 +71,7 @@ func NewVisitor(
 				Name:           cfg.GetBaseConfig().Name,
 				Ctx:            ctx,
 				VnetController: helper.VNetController(),
-				SendConnToVisitor: func(conn net.Conn) {
+				HandleConn: func(conn net.Conn) {
 					_ = baseVisitor.AcceptConn(conn)
 				},
 			},

client/visitor/xtcp.go

@@ -162,16 +162,8 @@ func (sv *XTCPVisitor) keepTunnelOpenWorker() {
 func (sv *XTCPVisitor) handleConn(userConn net.Conn) {
 	xl := xlog.FromContextSafe(sv.ctx)
 	isConnTransferred := false
-	var tunnelErr error
 	defer func() {
 		if !isConnTransferred {
-			// If there was an error and connection supports CloseWithError, use it
-			if tunnelErr != nil {
-				if eConn, ok := userConn.(interface{ CloseWithError(error) error }); ok {
-					_ = eConn.CloseWithError(tunnelErr)
-					return
-				}
-			}
 			userConn.Close()
 		}
 	}()
@@ -189,8 +181,6 @@ func (sv *XTCPVisitor) handleConn(userConn net.Conn) {
 	tunnelConn, err := sv.openTunnel(ctx)
 	if err != nil {
 		xl.Errorf("open tunnel error: %v", err)
-		tunnelErr = err
-
 		// no fallback, just return
 		if sv.cfg.FallbackTo == "" {
 			return
@@ -210,7 +200,6 @@ func (sv *XTCPVisitor) handleConn(userConn net.Conn) {
 		muxConnRWCloser, err = libio.WithEncryption(muxConnRWCloser, []byte(sv.cfg.SecretKey))
 		if err != nil {
 			xl.Errorf("create encryption stream error: %v", err)
-			tunnelErr = err
 			return
 		}
 	}

conf/frpc_full_example.toml

@@ -143,11 +143,6 @@ transport.tls.enable = true
 # Default is empty, means all proxies.
 # start = ["ssh", "dns"]
 
-# Alternative to 'start': You can control each proxy individually using the 'enabled' field.
-# Set 'enabled = false' in a proxy configuration to disable it.
-# If 'enabled' is not set or set to true, the proxy is enabled by default.
-# The 'enabled' field provides more granular control and is recommended over 'start'.
-
 # Specify udp packet size, unit is byte. If not set, the default value is 1500.
 # This parameter should be same between client and server.
 # It affects the udp and sudp proxy.
@@ -174,8 +169,6 @@ metadatas.var2 = "123"
 # If global user is not empty, it will be changed to {user}.{proxy} such as 'your_name.ssh'
 name = "ssh"
 type = "tcp"
-# Enable or disable this proxy. true or omit this field to enable, false to disable.
-# enabled = true
 localIP = "127.0.0.1"
 localPort = 22
 # Limit bandwidth for this proxy, unit is KB and MB
@@ -260,8 +253,6 @@ healthCheck.httpHeaders=[
 [[proxies]]
 name = "web02"
 type = "https"
-# Disable this proxy by setting enabled to false
-# enabled = false
 localIP = "127.0.0.1"
 localPort = 8000
 subdomain = "web02"

go.mod

@@ -16,7 +16,7 @@ require (
 	github.com/pion/stun/v2 v2.0.0
 	github.com/pires/go-proxyproto v0.7.0
 	github.com/prometheus/client_golang v1.19.1
-	github.com/quic-go/quic-go v0.55.0
+	github.com/quic-go/quic-go v0.53.0
 	github.com/rodaine/table v1.2.0
 	github.com/samber/lo v1.47.0
 	github.com/songgao/water v0.0.0-20200317203138-2b4b6d7c09d8
@@ -26,10 +26,10 @@ require (
 	github.com/tidwall/gjson v1.17.1
 	github.com/vishvananda/netlink v1.3.0
 	github.com/xtaci/kcp-go/v5 v5.6.13
-	golang.org/x/crypto v0.41.0
+	golang.org/x/crypto v0.37.0
-	golang.org/x/net v0.43.0
+	golang.org/x/net v0.39.0
 	golang.org/x/oauth2 v0.28.0
-	golang.org/x/sync v0.16.0
+	golang.org/x/sync v0.13.0
 	golang.org/x/time v0.5.0
 	golang.zx2c4.com/wireguard v0.0.0-20231211153847-12269c276173
 	gopkg.in/ini.v1 v1.67.0
@@ -67,10 +67,11 @@ require (
 	github.com/tjfoc/gmsm v1.4.1 // indirect
 	github.com/vishvananda/netns v0.0.4 // indirect
 	go.uber.org/automaxprocs v1.6.0 // indirect
-	golang.org/x/mod v0.27.0 // indirect
+	go.uber.org/mock v0.5.0 // indirect
-	golang.org/x/sys v0.35.0 // indirect
+	golang.org/x/mod v0.24.0 // indirect
-	golang.org/x/text v0.28.0 // indirect
+	golang.org/x/sys v0.32.0 // indirect
-	golang.org/x/tools v0.36.0 // indirect
+	golang.org/x/text v0.24.0 // indirect
+	golang.org/x/tools v0.31.0 // indirect
 	golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
 	google.golang.org/protobuf v1.36.5 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect

go.sum

@@ -105,8 +105,8 @@ github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSz
 github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc=
 github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
 github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
-github.com/quic-go/quic-go v0.55.0 h1:zccPQIqYCXDt5NmcEabyYvOnomjs8Tlwl7tISjJh9Mk=
+github.com/quic-go/quic-go v0.53.0 h1:QHX46sISpG2S03dPeZBgVIZp8dGagIaiu2FiVYvpCZI=
-github.com/quic-go/quic-go v0.55.0/go.mod h1:DR51ilwU1uE164KuWXhinFcKWGlEjzys2l8zUl5Ss1U=
+github.com/quic-go/quic-go v0.53.0/go.mod h1:e68ZEaCdyviluZmy44P6Iey98v/Wfz6HCjQEm+l8zTY=
 github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
 github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
 github.com/rodaine/table v1.2.0 h1:38HEnwK4mKSHQJIkavVj+bst1TEY7j9zhLMWu4QJrMA=
@@ -156,24 +156,24 @@ github.com/xtaci/lossyconn v0.0.0-20200209145036-adba10fffc37/go.mod h1:HpMP7DB2
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs=
 go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8=
-go.uber.org/mock v0.5.2 h1:LbtPTcP8A5k9WPXj54PPPbjcI4Y6lhyOZXn+VS7wNko=
+go.uber.org/mock v0.5.0 h1:KAMbZvZPyBPWgD14IrIQ38QCyjwpvVVV6K/bHl1IwQU=
-go.uber.org/mock v0.5.2/go.mod h1:wLlUxC2vVTPTaE3UD51E0BGOAElKrILxhVSDYQLld5o=
+go.uber.org/mock v0.5.0/go.mod h1:ge71pBPLYDk7QIi1LupWxdAykm7KIEFchiOqd6z7qMM=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201012173705-84dcc777aaee/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE=
 golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
-golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4=
+golang.org/x/crypto v0.37.0 h1:kJNSjF/Xp7kU0iB2Z+9viTPMW4EqqsrywMXLJOOsXSE=
-golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc=
+golang.org/x/crypto v0.37.0/go.mod h1:vg+k43peMZ0pUMhYmVAWysMK35e6ioLh3wB8ZCAfbVc=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
+golang.org/x/mod v0.24.0 h1:ZfthKaKaT4NrhGVZHO1/WDTwGES4De8KtWO0SIbNJMU=
-golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc=
+golang.org/x/mod v0.24.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -187,8 +187,8 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
-golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE=
+golang.org/x/net v0.39.0 h1:ZCu7HMWDxpXpaiKdhzIfaltL9Lp31x/3fCP11bc6/fY=
-golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg=
+golang.org/x/net v0.39.0/go.mod h1:X7NRbYVEA+ewNkCNyJ513WmMdQ3BineSwVtN2zD/d+E=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.28.0 h1:CrgCKl8PPAVtLnU3c+EDw6x11699EWlsDeWNWKdIOkc=
 golang.org/x/oauth2 v0.28.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
@@ -197,8 +197,8 @@ golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw=
+golang.org/x/sync v0.13.0 h1:AauUjRAJ9OSnvULf/ARrrVywoJDy0YS2AwQ98I37610=
-golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
+golang.org/x/sync v0.13.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -213,24 +213,24 @@ golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
+golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20=
-golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY=
 golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
 golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
-golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4=
+golang.org/x/term v0.31.0 h1:erwDkOK1Msy6offm1mOgvspSkslFnIGsFnxOKoufg3o=
-golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw=
+golang.org/x/term v0.31.0/go.mod h1:R4BeIy7D95HzImkxGkTW1UQTtP54tio2RyHz7PwK0aw=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
-golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng=
+golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0=
-golang.org/x/text v0.28.0/go.mod h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU=
+golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU=
 golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
 golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -241,8 +241,8 @@ golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBn
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg=
+golang.org/x/tools v0.31.0 h1:0EedkvKDbh+qistFTd0Bcwe/YLh4vHwWEkiI0toFIBU=
-golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s=
+golang.org/x/tools v0.31.0/go.mod h1:naFTU+Cev749tSJRXJlna0T3WxKvb1kWEx15xA4SdmQ=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 h1:B82qJJgjvYKsXS9jeunTOisW56dUokqW/FOteYJJ/yg=

pkg/config/load.go

@@ -281,17 +281,6 @@ func LoadClientConfig(path string, strict bool) (
 		})
 	}
 
-	// Filter by enabled field in each proxy
-	// nil or true means enabled, false means disabled
-	proxyCfgs = lo.Filter(proxyCfgs, func(c v1.ProxyConfigurer, _ int) bool {
-		enabled := c.GetBaseConfig().Enabled
-		return enabled == nil || *enabled
-	})
-	visitorCfgs = lo.Filter(visitorCfgs, func(c v1.VisitorConfigurer, _ int) bool {
-		enabled := c.GetBaseConfig().Enabled
-		return enabled == nil || *enabled
-	})
-
 	if cliCfg != nil {
 		if err := cliCfg.Complete(); err != nil {
 			return nil, nil, nil, isLegacyFormat, err

pkg/config/v1/proxy.go

@@ -108,11 +108,8 @@ type DomainConfig struct {
 }
 
 type ProxyBaseConfig struct {
-	Name string `json:"name"`
+	Name        string            `json:"name"`
-	Type string `json:"type"`
+	Type        string            `json:"type"`
-	// Enabled controls whether this proxy is enabled. nil or true means enabled, false means disabled.
-	// This allows individual control over each proxy, complementing the global "start" field.
-	Enabled     *bool             `json:"enabled,omitempty"`
 	Annotations map[string]string `json:"annotations,omitempty"`
 	Transport   ProxyTransport    `json:"transport,omitempty"`
 	// metadata info for each proxy

pkg/config/v1/visitor.go

@@ -32,11 +32,8 @@ type VisitorTransport struct {
 }
 
 type VisitorBaseConfig struct {
-	Name string `json:"name"`
+	Name      string           `json:"name"`
-	Type string `json:"type"`
+	Type      string           `json:"type"`
-	// Enabled controls whether this visitor is enabled. nil or true means enabled, false means disabled.
-	// This allows individual control over each visitor, complementing the global "start" field.
-	Enabled   *bool            `json:"enabled,omitempty"`
 	Transport VisitorTransport `json:"transport,omitempty"`
 	SecretKey string           `json:"secretKey,omitempty"`
 	// if the server user is not set, it defaults to the current user

pkg/plugin/visitor/plugin.go

@@ -23,20 +23,11 @@ import (
 	"github.com/fatedier/frp/pkg/vnet"
 )
 
-// PluginContext provides the necessary context and callbacks for visitor plugins.
 type PluginContext struct {
-	// Name is the unique identifier for this visitor, used for logging and routing.
+	Name           string
-	Name string
+	Ctx            context.Context
-
-	// Ctx manages the plugin's lifecycle and carries the logger for structured logging.
-	Ctx context.Context
-
-	// VnetController manages TUN device routing. May be nil if virtual networking is disabled.
 	VnetController *vnet.Controller
-
+	HandleConn     func(net.Conn)
-	// SendConnToVisitor sends a connection to the visitor's internal processing queue.
-	// Does not return error; failures are handled by closing the connection.
-	SendConnToVisitor func(net.Conn)
 }
 
 // Creators is used for create plugins to handle connections.

pkg/plugin/visitor/virtual_net.go

@@ -42,8 +42,6 @@ type VirtualNetPlugin struct {
 	controllerConn net.Conn
 	closeSignal    chan struct{}
 
-	consecutiveErrors int // Tracks consecutive connection errors for exponential backoff
-
 	ctx    context.Context
 	cancel context.CancelFunc
 }
@@ -100,6 +98,7 @@ func (p *VirtualNetPlugin) Start() {
 
 func (p *VirtualNetPlugin) run() {
 	xl := xlog.FromContextSafe(p.ctx)
+	reconnectDelay := 10 * time.Second
 
 	for {
 		currentCloseSignal := make(chan struct{})
@@ -122,10 +121,7 @@ func (p *VirtualNetPlugin) run() {
 		p.controllerConn = controllerConn
 		p.mu.Unlock()
 
-		// Wrap with CloseNotifyConn which supports both close notification and error recording
+		pluginNotifyConn := netutil.WrapCloseNotifyConn(pluginConn, func() {
-		var closeErr error
-		pluginNotifyConn := netutil.WrapCloseNotifyConn(pluginConn, func(err error) {
-			closeErr = err
 			close(currentCloseSignal) // Signal the run loop on close.
 		})
 
@@ -133,9 +129,9 @@ func (p *VirtualNetPlugin) run() {
 		p.pluginCtx.VnetController.RegisterClientRoute(p.ctx, p.pluginCtx.Name, p.routes, controllerConn)
 		xl.Infof("successfully registered client route for visitor [%s]. Starting connection handler with CloseNotifyConn.", p.pluginCtx.Name)
 
-		// Pass the CloseNotifyConn to the visitor for handling.
+		// Pass the CloseNotifyConn to HandleConn.
-		// The visitor can call CloseWithError to record the failure reason.
+		// HandleConn is responsible for calling Close() on pluginNotifyConn.
-		p.pluginCtx.SendConnToVisitor(pluginNotifyConn)
+		p.pluginCtx.HandleConn(pluginNotifyConn)
 
 		// Wait for context cancellation or connection close.
 		select {
@@ -144,32 +140,8 @@ func (p *VirtualNetPlugin) run() {
 			p.cleanupControllerConn(xl)
 			return
 		case <-currentCloseSignal:
-			// Determine reconnect delay based on error with exponential backoff
+			xl.Infof("detected connection closed via CloseNotifyConn for visitor [%s].", p.pluginCtx.Name)
-			var reconnectDelay time.Duration
+			// HandleConn closed the plugin side. Close the controller side.
-			if closeErr != nil {
-				p.consecutiveErrors++
-				xl.Warnf("connection closed with error for visitor [%s] (consecutive errors: %d): %v",
-					p.pluginCtx.Name, p.consecutiveErrors, closeErr)
-
-				// Exponential backoff: 60s, 120s, 240s, 300s (capped)
-				baseDelay := 60 * time.Second
-				reconnectDelay = baseDelay * time.Duration(1<<uint(p.consecutiveErrors-1))
-				if reconnectDelay > 300*time.Second {
-					reconnectDelay = 300 * time.Second
-				}
-			} else {
-				// Reset consecutive errors on successful connection
-				if p.consecutiveErrors > 0 {
-					xl.Infof("connection closed normally for visitor [%s], resetting error counter (was %d)",
-						p.pluginCtx.Name, p.consecutiveErrors)
-					p.consecutiveErrors = 0
-				} else {
-					xl.Infof("connection closed normally for visitor [%s]", p.pluginCtx.Name)
-				}
-				reconnectDelay = 10 * time.Second
-			}
-
-			// The visitor closed the plugin side. Close the controller side.
 			p.cleanupControllerConn(xl)
 
 			xl.Infof("waiting %v before attempting reconnection for visitor [%s]...", reconnectDelay, p.pluginCtx.Name)
@@ -212,7 +184,7 @@ func (p *VirtualNetPlugin) Close() error {
 	}
 
 	// Explicitly close the controller side of the pipe.
-	// This ensures the pipe is broken even if the run loop is stuck or the visitor hasn't closed its end.
+	// This ensures the pipe is broken even if the run loop is stuck or HandleConn hasn't closed its end.
 	p.cleanupControllerConn(xl)
 	xl.Infof("finished cleaning up connections during close for visitor [%s]", p.pluginCtx.Name)
 

pkg/util/net/conn.go

@@ -135,11 +135,11 @@ type CloseNotifyConn struct {
 	// 1 means closed
 	closeFlag int32
 
-	closeFn func(error)
+	closeFn func()
 }
 
-// closeFn will be only called once with the error (nil if Close() was called, non-nil if CloseWithError() was called)
+// closeFn will be only called once
-func WrapCloseNotifyConn(c net.Conn, closeFn func(error)) *CloseNotifyConn {
+func WrapCloseNotifyConn(c net.Conn, closeFn func()) net.Conn {
 	return &CloseNotifyConn{
 		Conn:    c,
 		closeFn: closeFn,
@@ -149,27 +149,14 @@ func WrapCloseNotifyConn(c net.Conn, closeFn func(error)) *CloseNotifyConn {
 func (cc *CloseNotifyConn) Close() (err error) {
 	pflag := atomic.SwapInt32(&cc.closeFlag, 1)
 	if pflag == 0 {
-		err = cc.Conn.Close()
+		err = cc.Close()
 		if cc.closeFn != nil {
-			cc.closeFn(nil)
+			cc.closeFn()
 		}
 	}
 	return
 }
 
-// CloseWithError closes the connection and passes the error to the close callback.
-func (cc *CloseNotifyConn) CloseWithError(err error) error {
-	pflag := atomic.SwapInt32(&cc.closeFlag, 1)
-	if pflag == 0 {
-		closeErr := cc.Conn.Close()
-		if cc.closeFn != nil {
-			cc.closeFn(err)
-		}
-		return closeErr
-	}
-	return nil
-}
-
 type StatsConn struct {
 	net.Conn
 

pkg/util/net/websocket.go

@@ -32,7 +32,7 @@ func NewWebsocketListener(ln net.Listener) (wl *WebsocketListener) {
 	muxer := http.NewServeMux()
 	muxer.Handle(FrpWebsocketPath, websocket.Handler(func(c *websocket.Conn) {
 		notifyCh := make(chan struct{})
-		conn := WrapCloseNotifyConn(c, func(_ error) {
+		conn := WrapCloseNotifyConn(c, func() {
 			close(notifyCh)
 		})
 		wl.acceptCh <- conn

server/controller/resource.go

@@ -35,9 +35,6 @@ type ResourceController struct {
 	// HTTP Group Controller
 	HTTPGroupCtl *group.HTTPGroupController
 
-	// HTTPS Group Controller
-	HTTPSGroupCtl *group.HTTPSGroupController
-
 	// TCP Mux Group Controller
 	TCPMuxGroupCtl *group.TCPMuxGroupCtl
 

server/group/https.go

@@ -1,197 +0,0 @@
-// Copyright 2025 The frp Authors
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package group
-
-import (
-	"context"
-	"net"
-	"sync"
-
-	gerr "github.com/fatedier/golib/errors"
-
-	"github.com/fatedier/frp/pkg/util/vhost"
-)
-
-type HTTPSGroupController struct {
-	groups map[string]*HTTPSGroup
-
-	httpsMuxer *vhost.HTTPSMuxer
-
-	mu sync.Mutex
-}
-
-func NewHTTPSGroupController(httpsMuxer *vhost.HTTPSMuxer) *HTTPSGroupController {
-	return &HTTPSGroupController{
-		groups:     make(map[string]*HTTPSGroup),
-		httpsMuxer: httpsMuxer,
-	}
-}
-
-func (ctl *HTTPSGroupController) Listen(
-	ctx context.Context,
-	group, groupKey string,
-	routeConfig vhost.RouteConfig,
-) (l net.Listener, err error) {
-	indexKey := group
-	ctl.mu.Lock()
-	g, ok := ctl.groups[indexKey]
-	if !ok {
-		g = NewHTTPSGroup(ctl)
-		ctl.groups[indexKey] = g
-	}
-	ctl.mu.Unlock()
-
-	return g.Listen(ctx, group, groupKey, routeConfig)
-}
-
-func (ctl *HTTPSGroupController) RemoveGroup(group string) {
-	ctl.mu.Lock()
-	defer ctl.mu.Unlock()
-	delete(ctl.groups, group)
-}
-
-type HTTPSGroup struct {
-	group    string
-	groupKey string
-	domain   string
-
-	acceptCh chan net.Conn
-	httpsLn  *vhost.Listener
-	lns      []*HTTPSGroupListener
-	ctl      *HTTPSGroupController
-	mu       sync.Mutex
-}
-
-func NewHTTPSGroup(ctl *HTTPSGroupController) *HTTPSGroup {
-	return &HTTPSGroup{
-		lns:      make([]*HTTPSGroupListener, 0),
-		ctl:      ctl,
-		acceptCh: make(chan net.Conn),
-	}
-}
-
-func (g *HTTPSGroup) Listen(
-	ctx context.Context,
-	group, groupKey string,
-	routeConfig vhost.RouteConfig,
-) (ln *HTTPSGroupListener, err error) {
-	g.mu.Lock()
-	defer g.mu.Unlock()
-	if len(g.lns) == 0 {
-		// the first listener, listen on the real address
-		httpsLn, errRet := g.ctl.httpsMuxer.Listen(ctx, &routeConfig)
-		if errRet != nil {
-			return nil, errRet
-		}
-		ln = newHTTPSGroupListener(group, g, httpsLn.Addr())
-
-		g.group = group
-		g.groupKey = groupKey
-		g.domain = routeConfig.Domain
-		g.httpsLn = httpsLn
-		g.lns = append(g.lns, ln)
-		go g.worker()
-	} else {
-		// route config in the same group must be equal
-		if g.group != group || g.domain != routeConfig.Domain {
-			return nil, ErrGroupParamsInvalid
-		}
-		if g.groupKey != groupKey {
-			return nil, ErrGroupAuthFailed
-		}
-		ln = newHTTPSGroupListener(group, g, g.lns[0].Addr())
-		g.lns = append(g.lns, ln)
-	}
-	return
-}
-
-func (g *HTTPSGroup) worker() {
-	for {
-		c, err := g.httpsLn.Accept()
-		if err != nil {
-			return
-		}
-		err = gerr.PanicToError(func() {
-			g.acceptCh <- c
-		})
-		if err != nil {
-			return
-		}
-	}
-}
-
-func (g *HTTPSGroup) Accept() <-chan net.Conn {
-	return g.acceptCh
-}
-
-func (g *HTTPSGroup) CloseListener(ln *HTTPSGroupListener) {
-	g.mu.Lock()
-	defer g.mu.Unlock()
-	for i, tmpLn := range g.lns {
-		if tmpLn == ln {
-			g.lns = append(g.lns[:i], g.lns[i+1:]...)
-			break
-		}
-	}
-	if len(g.lns) == 0 {
-		close(g.acceptCh)
-		if g.httpsLn != nil {
-			g.httpsLn.Close()
-		}
-		g.ctl.RemoveGroup(g.group)
-	}
-}
-
-type HTTPSGroupListener struct {
-	groupName string
-	group     *HTTPSGroup
-
-	addr    net.Addr
-	closeCh chan struct{}
-}
-
-func newHTTPSGroupListener(name string, group *HTTPSGroup, addr net.Addr) *HTTPSGroupListener {
-	return &HTTPSGroupListener{
-		groupName: name,
-		group:     group,
-		addr:      addr,
-		closeCh:   make(chan struct{}),
-	}
-}
-
-func (ln *HTTPSGroupListener) Accept() (c net.Conn, err error) {
-	var ok bool
-	select {
-	case <-ln.closeCh:
-		return nil, ErrListenerClosed
-	case c, ok = <-ln.group.Accept():
-		if !ok {
-			return nil, ErrListenerClosed
-		}
-		return c, nil
-	}
-}
-
-func (ln *HTTPSGroupListener) Addr() net.Addr {
-	return ln.addr
-}
-
-func (ln *HTTPSGroupListener) Close() (err error) {
-	close(ln.closeCh)
-
-	// remove self from HTTPSGroup
-	ln.group.CloseListener(ln)
-	return
-}

server/proxy/https.go

@@ -15,7 +15,6 @@
 package proxy
 
 import (
-	"net"
 	"reflect"
 	"strings"
 
@@ -59,24 +58,27 @@ func (pxy *HTTPSProxy) Run() (remoteAddr string, err error) {
 			continue
 		}
 
-		l, err := pxy.listenForDomain(routeConfig, domain)
+		routeConfig.Domain = domain
-		if err != nil {
+		l, errRet := pxy.rc.VhostHTTPSMuxer.Listen(pxy.ctx, routeConfig)
-			return "", err
+		if errRet != nil {
+			err = errRet
+			return
 		}
+		xl.Infof("https proxy listen for host [%s]", routeConfig.Domain)
 		pxy.listeners = append(pxy.listeners, l)
-		addrs = append(addrs, util.CanonicalAddr(domain, pxy.serverCfg.VhostHTTPSPort))
+		addrs = append(addrs, util.CanonicalAddr(routeConfig.Domain, pxy.serverCfg.VhostHTTPSPort))
-		xl.Infof("https proxy listen for host [%s] group [%s]", domain, pxy.cfg.LoadBalancer.Group)
 	}
 
 	if pxy.cfg.SubDomain != "" {
-		domain := pxy.cfg.SubDomain + "." + pxy.serverCfg.SubDomainHost
+		routeConfig.Domain = pxy.cfg.SubDomain + "." + pxy.serverCfg.SubDomainHost
-		l, err := pxy.listenForDomain(routeConfig, domain)
+		l, errRet := pxy.rc.VhostHTTPSMuxer.Listen(pxy.ctx, routeConfig)
-		if err != nil {
+		if errRet != nil {
-			return "", err
+			err = errRet
+			return
 		}
+		xl.Infof("https proxy listen for host [%s]", routeConfig.Domain)
 		pxy.listeners = append(pxy.listeners, l)
-		addrs = append(addrs, util.CanonicalAddr(domain, pxy.serverCfg.VhostHTTPSPort))
+		addrs = append(addrs, util.CanonicalAddr(routeConfig.Domain, pxy.serverCfg.VhostHTTPSPort))
-		xl.Infof("https proxy listen for host [%s] group [%s]", domain, pxy.cfg.LoadBalancer.Group)
 	}
 
 	pxy.startCommonTCPListenersHandler()
@@ -87,18 +89,3 @@ func (pxy *HTTPSProxy) Run() (remoteAddr string, err error) {
 func (pxy *HTTPSProxy) Close() {
 	pxy.BaseProxy.Close()
 }
-
-func (pxy *HTTPSProxy) listenForDomain(routeConfig *vhost.RouteConfig, domain string) (net.Listener, error) {
-	tmpRouteConfig := *routeConfig
-	tmpRouteConfig.Domain = domain
-
-	if pxy.cfg.LoadBalancer.Group != "" {
-		return pxy.rc.HTTPSGroupCtl.Listen(
-			pxy.ctx,
-			pxy.cfg.LoadBalancer.Group,
-			pxy.cfg.LoadBalancer.GroupKey,
-			tmpRouteConfig,
-		)
-	}
-	return pxy.rc.VhostHTTPSMuxer.Listen(pxy.ctx, &tmpRouteConfig)
-}

server/service.go

@@ -322,9 +322,6 @@ func NewService(cfg *v1.ServerConfig) (*Service, error) {
 		if err != nil {
 			return nil, fmt.Errorf("create vhost httpsMuxer error, %v", err)
 		}
-
-		// Init HTTPS group controller after HTTPSMuxer is created
-		svr.rc.HTTPSGroupCtl = group.NewHTTPSGroupController(svr.rc.VhostHTTPSMuxer)
 	}
 
 	// frp tls listener

test/e2e/framework/process.go

@@ -75,8 +75,8 @@ func (f *Framework) RunFrps(args ...string) (*process.Process, string, error) {
 	if err != nil {
 		return p, p.StdOutput(), err
 	}
-	// Give frps extra time to finish binding ports before proceeding.
+	// sleep for a while to get std output
-	time.Sleep(4 * time.Second)
+	time.Sleep(2 * time.Second)
 	return p, p.StdOutput(), nil
 }
 

test/e2e/v1/features/group.go

@@ -1,7 +1,6 @@
 package features
 
 import (
-	"crypto/tls"
 	"fmt"
 	"strconv"
 	"sync"
@@ -9,7 +8,6 @@ import (
 
 	"github.com/onsi/ginkgo/v2"
 
-	"github.com/fatedier/frp/pkg/transport"
 	"github.com/fatedier/frp/test/e2e/framework"
 	"github.com/fatedier/frp/test/e2e/framework/consts"
 	"github.com/fatedier/frp/test/e2e/mock/server/httpserver"
@@ -114,80 +112,6 @@ var _ = ginkgo.Describe("[Feature: Group]", func() {
 
 			framework.ExpectTrue(fooCount > 1 && barCount > 1, "fooCount: %d, barCount: %d", fooCount, barCount)
 		})
-
-		ginkgo.It("HTTPS", func() {
-			vhostHTTPSPort := f.AllocPort()
-			serverConf := consts.DefaultServerConfig + fmt.Sprintf(`
-			vhostHTTPSPort = %d
-			`, vhostHTTPSPort)
-			clientConf := consts.DefaultClientConfig
-
-			tlsConfig, err := transport.NewServerTLSConfig("", "", "")
-			framework.ExpectNoError(err)
-
-			fooPort := f.AllocPort()
-			fooServer := httpserver.New(
-				httpserver.WithBindPort(fooPort),
-				httpserver.WithHandler(framework.SpecifiedHTTPBodyHandler([]byte("foo"))),
-				httpserver.WithTLSConfig(tlsConfig),
-			)
-			f.RunServer("", fooServer)
-
-			barPort := f.AllocPort()
-			barServer := httpserver.New(
-				httpserver.WithBindPort(barPort),
-				httpserver.WithHandler(framework.SpecifiedHTTPBodyHandler([]byte("bar"))),
-				httpserver.WithTLSConfig(tlsConfig),
-			)
-			f.RunServer("", barServer)
-
-			clientConf += fmt.Sprintf(`
-			[[proxies]]
-			name = "foo"
-			type = "https"
-			localPort = %d
-			customDomains = ["example.com"]
-			loadBalancer.group = "test"
-			loadBalancer.groupKey = "123"
-
-			[[proxies]]
-			name = "bar"
-			type = "https"
-			localPort = %d
-			customDomains = ["example.com"]
-			loadBalancer.group = "test"
-			loadBalancer.groupKey = "123"
-			`, fooPort, barPort)
-
-			f.RunProcesses([]string{serverConf}, []string{clientConf})
-
-			fooCount := 0
-			barCount := 0
-			for i := 0; i < 10; i++ {
-				framework.NewRequestExpect(f).
-					Explain("times " + strconv.Itoa(i)).
-					Port(vhostHTTPSPort).
-					RequestModify(func(r *request.Request) {
-						r.HTTPS().HTTPHost("example.com").TLSConfig(&tls.Config{
-							ServerName:         "example.com",
-							InsecureSkipVerify: true,
-						})
-					}).
-					Ensure(func(resp *request.Response) bool {
-						switch string(resp.Content) {
-						case "foo":
-							fooCount++
-						case "bar":
-							barCount++
-						default:
-							return false
-						}
-						return true
-					})
-			}
-
-			framework.ExpectTrue(fooCount > 1 && barCount > 1, "fooCount: %d, barCount: %d", fooCount, barCount)
-		})
 	})
 
 	ginkgo.Describe("Health Check", func() {