2021-08-17 14:30:02 +00:00
|
|
|
package connection
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"io"
|
2022-06-18 00:24:37 +00:00
|
|
|
"net"
|
2021-08-17 14:30:02 +00:00
|
|
|
"time"
|
|
|
|
|
2024-08-30 11:51:20 +00:00
|
|
|
"github.com/pkg/errors"
|
|
|
|
|
2023-04-12 21:41:11 +00:00
|
|
|
"github.com/cloudflare/cloudflared/management"
|
2024-05-24 18:40:10 +00:00
|
|
|
"github.com/cloudflare/cloudflared/tunnelrpc"
|
2021-08-17 14:30:02 +00:00
|
|
|
tunnelpogs "github.com/cloudflare/cloudflared/tunnelrpc/pogs"
|
|
|
|
)
|
|
|
|
|
2024-05-24 18:40:10 +00:00
|
|
|
// registerClient derives a named tunnel rpc client that can then be used to register and unregister connections.
|
|
|
|
type registerClientFunc func(context.Context, io.ReadWriteCloser, time.Duration) tunnelrpc.RegistrationClient
|
2021-08-17 14:30:02 +00:00
|
|
|
|
|
|
|
type controlStream struct {
|
|
|
|
observer *Observer
|
|
|
|
|
2024-05-24 18:40:10 +00:00
|
|
|
connectedFuse ConnectedFuse
|
|
|
|
tunnelProperties *TunnelProperties
|
|
|
|
connIndex uint8
|
|
|
|
edgeAddress net.IP
|
|
|
|
protocol Protocol
|
2021-08-17 14:30:02 +00:00
|
|
|
|
2024-05-24 18:40:10 +00:00
|
|
|
registerClientFunc registerClientFunc
|
|
|
|
registerTimeout time.Duration
|
2021-08-17 14:30:02 +00:00
|
|
|
|
|
|
|
gracefulShutdownC <-chan struct{}
|
|
|
|
gracePeriod time.Duration
|
|
|
|
stoppedGracefully bool
|
|
|
|
}
|
|
|
|
|
|
|
|
// ControlStreamHandler registers connections with origintunneld and initiates graceful shutdown.
|
|
|
|
type ControlStreamHandler interface {
|
2022-01-05 16:01:56 +00:00
|
|
|
// ServeControlStream handles the control plane of the transport in the current goroutine calling this
|
2022-04-27 10:51:06 +00:00
|
|
|
ServeControlStream(ctx context.Context, rw io.ReadWriteCloser, connOptions *tunnelpogs.ConnectionOptions, tunnelConfigGetter TunnelConfigJSONGetter) error
|
2022-01-05 16:01:56 +00:00
|
|
|
// IsStopped tells whether the method above has finished
|
2021-08-17 14:30:02 +00:00
|
|
|
IsStopped() bool
|
|
|
|
}
|
|
|
|
|
2022-04-27 10:51:06 +00:00
|
|
|
type TunnelConfigJSONGetter interface {
|
|
|
|
GetConfigJSON() ([]byte, error)
|
|
|
|
}
|
|
|
|
|
2021-08-17 14:30:02 +00:00
|
|
|
// NewControlStream returns a new instance of ControlStreamHandler
|
|
|
|
func NewControlStream(
|
|
|
|
observer *Observer,
|
|
|
|
connectedFuse ConnectedFuse,
|
2024-05-24 18:40:10 +00:00
|
|
|
tunnelProperties *TunnelProperties,
|
2021-08-17 14:30:02 +00:00
|
|
|
connIndex uint8,
|
2022-06-18 00:24:37 +00:00
|
|
|
edgeAddress net.IP,
|
2024-05-24 18:40:10 +00:00
|
|
|
registerClientFunc registerClientFunc,
|
|
|
|
registerTimeout time.Duration,
|
2021-08-17 14:30:02 +00:00
|
|
|
gracefulShutdownC <-chan struct{},
|
|
|
|
gracePeriod time.Duration,
|
2022-08-11 20:31:36 +00:00
|
|
|
protocol Protocol,
|
2021-08-17 14:30:02 +00:00
|
|
|
) ControlStreamHandler {
|
2024-05-24 18:40:10 +00:00
|
|
|
if registerClientFunc == nil {
|
|
|
|
registerClientFunc = tunnelrpc.NewRegistrationClient
|
2021-08-17 14:30:02 +00:00
|
|
|
}
|
|
|
|
return &controlStream{
|
2024-05-24 18:40:10 +00:00
|
|
|
observer: observer,
|
|
|
|
connectedFuse: connectedFuse,
|
|
|
|
tunnelProperties: tunnelProperties,
|
|
|
|
registerClientFunc: registerClientFunc,
|
|
|
|
registerTimeout: registerTimeout,
|
|
|
|
connIndex: connIndex,
|
|
|
|
edgeAddress: edgeAddress,
|
|
|
|
gracefulShutdownC: gracefulShutdownC,
|
|
|
|
gracePeriod: gracePeriod,
|
|
|
|
protocol: protocol,
|
2021-08-17 14:30:02 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *controlStream) ServeControlStream(
|
|
|
|
ctx context.Context,
|
|
|
|
rw io.ReadWriteCloser,
|
|
|
|
connOptions *tunnelpogs.ConnectionOptions,
|
2022-04-27 10:51:06 +00:00
|
|
|
tunnelConfigGetter TunnelConfigJSONGetter,
|
2021-08-17 14:30:02 +00:00
|
|
|
) error {
|
2024-05-24 18:40:10 +00:00
|
|
|
registrationClient := c.registerClientFunc(ctx, rw, c.registerTimeout)
|
|
|
|
|
|
|
|
registrationDetails, err := registrationClient.RegisterConnection(
|
|
|
|
ctx,
|
|
|
|
c.tunnelProperties.Credentials.Auth(),
|
|
|
|
c.tunnelProperties.Credentials.TunnelID,
|
|
|
|
connOptions,
|
|
|
|
c.connIndex,
|
|
|
|
c.edgeAddress)
|
2022-04-27 10:51:06 +00:00
|
|
|
if err != nil {
|
2024-05-24 18:40:10 +00:00
|
|
|
defer registrationClient.Close()
|
|
|
|
if err.Error() == DuplicateConnectionError {
|
|
|
|
c.observer.metrics.regFail.WithLabelValues("dup_edge_conn", "registerConnection").Inc()
|
|
|
|
return errDuplicationConnection
|
|
|
|
}
|
|
|
|
c.observer.metrics.regFail.WithLabelValues("server_error", "registerConnection").Inc()
|
|
|
|
return serverRegistrationErrorFromRPC(err)
|
2021-08-17 14:30:02 +00:00
|
|
|
}
|
2024-05-24 18:40:10 +00:00
|
|
|
c.observer.metrics.regSuccess.WithLabelValues("registerConnection").Inc()
|
2022-08-11 20:31:36 +00:00
|
|
|
|
2023-04-12 21:41:11 +00:00
|
|
|
c.observer.logConnected(registrationDetails.UUID, c.connIndex, registrationDetails.Location, c.edgeAddress, c.protocol)
|
2024-11-25 18:43:32 +00:00
|
|
|
c.observer.sendConnectedEvent(c.connIndex, c.protocol, registrationDetails.Location, c.edgeAddress)
|
2021-08-17 14:30:02 +00:00
|
|
|
c.connectedFuse.Connected()
|
|
|
|
|
2022-04-27 10:51:06 +00:00
|
|
|
// if conn index is 0 and tunnel is not remotely managed, then send local ingress rules configuration
|
|
|
|
if c.connIndex == 0 && !registrationDetails.TunnelIsRemotelyManaged {
|
|
|
|
if tunnelConfig, err := tunnelConfigGetter.GetConfigJSON(); err == nil {
|
2024-05-24 18:40:10 +00:00
|
|
|
if err := registrationClient.SendLocalConfiguration(ctx, tunnelConfig); err != nil {
|
|
|
|
c.observer.metrics.localConfigMetrics.pushesErrors.Inc()
|
2022-04-27 10:51:06 +00:00
|
|
|
c.observer.log.Err(err).Msg("unable to send local configuration")
|
|
|
|
}
|
2024-05-24 18:40:10 +00:00
|
|
|
c.observer.metrics.localConfigMetrics.pushes.Inc()
|
2022-04-27 10:51:06 +00:00
|
|
|
} else {
|
|
|
|
c.observer.log.Err(err).Msg("failed to obtain current configuration")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-08-30 11:51:20 +00:00
|
|
|
return c.waitForUnregister(ctx, registrationClient)
|
2021-09-24 09:31:28 +00:00
|
|
|
}
|
|
|
|
|
2024-08-30 11:51:20 +00:00
|
|
|
func (c *controlStream) waitForUnregister(ctx context.Context, registrationClient tunnelrpc.RegistrationClient) error {
|
2021-08-17 14:30:02 +00:00
|
|
|
// wait for connection termination or start of graceful shutdown
|
2024-05-24 18:40:10 +00:00
|
|
|
defer registrationClient.Close()
|
2024-08-30 11:51:20 +00:00
|
|
|
var shutdownError error
|
2021-08-17 14:30:02 +00:00
|
|
|
select {
|
|
|
|
case <-ctx.Done():
|
2024-08-30 11:51:20 +00:00
|
|
|
shutdownError = ctx.Err()
|
2021-08-17 14:30:02 +00:00
|
|
|
break
|
|
|
|
case <-c.gracefulShutdownC:
|
|
|
|
c.stoppedGracefully = true
|
|
|
|
}
|
|
|
|
|
|
|
|
c.observer.sendUnregisteringEvent(c.connIndex)
|
2024-08-30 11:51:20 +00:00
|
|
|
err := registrationClient.GracefulShutdown(ctx, c.gracePeriod)
|
|
|
|
if err != nil {
|
|
|
|
return errors.Wrap(err, "Error shutting down control stream")
|
|
|
|
}
|
2023-04-12 21:41:11 +00:00
|
|
|
c.observer.log.Info().
|
|
|
|
Int(management.EventTypeKey, int(management.Cloudflared)).
|
|
|
|
Uint8(LogFieldConnIndex, c.connIndex).
|
|
|
|
IPAddr(LogFieldIPAddress, c.edgeAddress).
|
|
|
|
Msg("Unregistered tunnel connection")
|
2024-08-30 11:51:20 +00:00
|
|
|
return shutdownError
|
2021-08-17 14:30:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (c *controlStream) IsStopped() bool {
|
|
|
|
return c.stoppedGracefully
|
|
|
|
}
|