cloudflared-mirror/connection/rpc.go

package connection

import (
	"context"
	"io"
	"net"
	"time"

	"github.com/rs/zerolog"
	"zombiezen.com/go/capnproto2/rpc"

	"github.com/cloudflare/cloudflared/tunnelrpc"
	tunnelpogs "github.com/cloudflare/cloudflared/tunnelrpc/pogs"
)

type tunnelServerClient struct {
	client    tunnelpogs.TunnelServer_PogsClient
	transport rpc.Transport
}

// NewTunnelRPCClient creates and returns a new RPC client, which will communicate using a stream on the given muxer.
// This method is exported for supervisor to call Authenticate RPC
func NewTunnelServerClient(
	ctx context.Context,
	stream io.ReadWriteCloser,
	log *zerolog.Logger,
) *tunnelServerClient {
	transport := tunnelrpc.NewTransportLogger(log, rpc.StreamTransport(stream))
	conn := rpc.NewConn(
		transport,
		tunnelrpc.ConnLog(log),
	)
	registrationClient := tunnelpogs.RegistrationServer_PogsClient{Client: conn.Bootstrap(ctx), Conn: conn}
	return &tunnelServerClient{
		client:    tunnelpogs.TunnelServer_PogsClient{RegistrationServer_PogsClient: registrationClient, Client: conn.Bootstrap(ctx), Conn: conn},
		transport: transport,
	}
}

func (tsc *tunnelServerClient) Authenticate(ctx context.Context, classicTunnel *ClassicTunnelProperties, registrationOptions *tunnelpogs.RegistrationOptions) (tunnelpogs.AuthOutcome, error) {
	authResp, err := tsc.client.Authenticate(ctx, classicTunnel.OriginCert, classicTunnel.Hostname, registrationOptions)
	if err != nil {
		return nil, err
	}
	return authResp.Outcome(), nil
}

func (tsc *tunnelServerClient) Close() {
	// Closing the client will also close the connection
	_ = tsc.client.Close()
	_ = tsc.transport.Close()
}

type NamedTunnelRPCClient interface {
	RegisterConnection(
		c context.Context,
		config *NamedTunnelProperties,
		options *tunnelpogs.ConnectionOptions,
		connIndex uint8,
		edgeAddress net.IP,
		observer *Observer,
	) (*tunnelpogs.ConnectionDetails, error)
	SendLocalConfiguration(
		c context.Context,
		config []byte,
		observer *Observer,
	) error
	GracefulShutdown(ctx context.Context, gracePeriod time.Duration)
	Close()
}

type registrationServerClient struct {
	client    tunnelpogs.RegistrationServer_PogsClient
	transport rpc.Transport
}

func newRegistrationRPCClient(
	ctx context.Context,
	stream io.ReadWriteCloser,
	log *zerolog.Logger,
) NamedTunnelRPCClient {
	transport := tunnelrpc.NewTransportLogger(log, rpc.StreamTransport(stream))
	conn := rpc.NewConn(
		transport,
		tunnelrpc.ConnLog(log),
	)
	return &registrationServerClient{
		client:    tunnelpogs.RegistrationServer_PogsClient{Client: conn.Bootstrap(ctx), Conn: conn},
		transport: transport,
	}
}

func (rsc *registrationServerClient) RegisterConnection(
	ctx context.Context,
	properties *NamedTunnelProperties,
	options *tunnelpogs.ConnectionOptions,
	connIndex uint8,
	edgeAddress net.IP,
	observer *Observer,
) (*tunnelpogs.ConnectionDetails, error) {
	conn, err := rsc.client.RegisterConnection(
		ctx,
		properties.Credentials.Auth(),
		properties.Credentials.TunnelID,
		connIndex,
		options,
	)
	if err != nil {
		if err.Error() == DuplicateConnectionError {
			observer.metrics.regFail.WithLabelValues("dup_edge_conn", "registerConnection").Inc()
			return nil, errDuplicationConnection
		}
		observer.metrics.regFail.WithLabelValues("server_error", "registerConnection").Inc()
		return nil, serverRegistrationErrorFromRPC(err)
	}

	observer.metrics.regSuccess.WithLabelValues("registerConnection").Inc()

	return conn, nil
}

func (rsc *registrationServerClient) SendLocalConfiguration(ctx context.Context, config []byte, observer *Observer) (err error) {
	observer.metrics.localConfigMetrics.pushes.Inc()
	defer func() {
		if err != nil {
			observer.metrics.localConfigMetrics.pushesErrors.Inc()
		}
	}()

	return rsc.client.SendLocalConfiguration(ctx, config)
}

func (rsc *registrationServerClient) GracefulShutdown(ctx context.Context, gracePeriod time.Duration) {
	ctx, cancel := context.WithTimeout(ctx, gracePeriod)
	defer cancel()
	_ = rsc.client.UnregisterConnection(ctx)
}

func (rsc *registrationServerClient) Close() {
	// Closing the client will also close the connection
	_ = rsc.client.Close()
	// Closing the transport also closes the stream
	_ = rsc.transport.Close()
}

type rpcName string

const (
	register     rpcName = "register"
	reconnect    rpcName = "reconnect"
	unregister   rpcName = "unregister"
	authenticate rpcName = " authenticate"
)
TUN-2607: add RPC stream helpers 2019-11-21 17:03:13 +00:00			`package connection`

			`import (`
			`"context"`
TUN-3427: Define a struct that only implements RegistrationServer in tunnelpogs 2020-09-28 09:10:30 +00:00			`"io"`
TUN-6339: Add config for IPv6 support 2022-06-02 17:57:37 +00:00			`"net"`
TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`"time"`
TUN-2607: add RPC stream helpers 2019-11-21 17:03:13 +00:00
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`"github.com/rs/zerolog"`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`"zombiezen.com/go/capnproto2/rpc"`
TUN-4067: Reformat code for consistent import order, grouping, and fix formatting. Added goimports target to the Makefile to make this easier in the future. 2021-03-23 14:30:43 +00:00
			`"github.com/cloudflare/cloudflared/tunnelrpc"`
			`tunnelpogs "github.com/cloudflare/cloudflared/tunnelrpc/pogs"`
TUN-2607: add RPC stream helpers 2019-11-21 17:03:13 +00:00			`)`

TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`type tunnelServerClient struct {`
			`client tunnelpogs.TunnelServer_PogsClient`
			`transport rpc.Transport`
			`}`

			`// NewTunnelRPCClient creates and returns a new RPC client, which will communicate using a stream on the given muxer.`
			`// This method is exported for supervisor to call Authenticate RPC`
			`func NewTunnelServerClient(`
TUN-2607: add RPC stream helpers 2019-11-21 17:03:13 +00:00			`ctx context.Context,`
TUN-3427: Define a struct that only implements RegistrationServer in tunnelpogs 2020-09-28 09:10:30 +00:00			`stream io.ReadWriteCloser,`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`log *zerolog.Logger,`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`) *tunnelServerClient {`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`transport := tunnelrpc.NewTransportLogger(log, rpc.StreamTransport(stream))`
TUN-2607: add RPC stream helpers 2019-11-21 17:03:13 +00:00			`conn := rpc.NewConn(`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`transport,`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`tunnelrpc.ConnLog(log),`
TUN-2607: add RPC stream helpers 2019-11-21 17:03:13 +00:00			`)`
TUN-3427: Define a struct that only implements RegistrationServer in tunnelpogs 2020-09-28 09:10:30 +00:00			`registrationClient := tunnelpogs.RegistrationServer_PogsClient{Client: conn.Bootstrap(ctx), Conn: conn}`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`return &tunnelServerClient{`
			`client: tunnelpogs.TunnelServer_PogsClient{RegistrationServer_PogsClient: registrationClient, Client: conn.Bootstrap(ctx), Conn: conn},`
			`transport: transport,`
			`}`
			`}`

TUN-5749: Refactor cloudflared to pave way for reconfigurable ingress - Split origin into supervisor and proxy packages - Create configManager to handle dynamic config 2022-02-07 09:42:07 +00:00			`func (tsc tunnelServerClient) Authenticate(ctx context.Context, classicTunnel ClassicTunnelProperties, registrationOptions *tunnelpogs.RegistrationOptions) (tunnelpogs.AuthOutcome, error) {`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`authResp, err := tsc.client.Authenticate(ctx, classicTunnel.OriginCert, classicTunnel.Hostname, registrationOptions)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return authResp.Outcome(), nil`
			`}`

			`func (tsc *tunnelServerClient) Close() {`
			`// Closing the client will also close the connection`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`_ = tsc.client.Close()`
			`_ = tsc.transport.Close()`
TUN-2607: add RPC stream helpers 2019-11-21 17:03:13 +00:00			`}`

TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`type NamedTunnelRPCClient interface {`
			`RegisterConnection(`
			`c context.Context,`
TUN-5749: Refactor cloudflared to pave way for reconfigurable ingress - Split origin into supervisor and proxy packages - Create configManager to handle dynamic config 2022-02-07 09:42:07 +00:00			`config *NamedTunnelProperties,`
TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`options *tunnelpogs.ConnectionOptions,`
			`connIndex uint8,`
TUN-6388: Fix first tunnel connection not retrying 2022-06-18 00:24:37 +00:00			`edgeAddress net.IP,`
TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`observer *Observer,`
TUN-6016: Push local managed tunnels configuration to the edge 2022-04-27 10:51:06 +00:00			`) (*tunnelpogs.ConnectionDetails, error)`
			`SendLocalConfiguration(`
			`c context.Context,`
			`config []byte,`
			`observer *Observer,`
TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`) error`
			`GracefulShutdown(ctx context.Context, gracePeriod time.Duration)`
			`Close()`
			`}`

TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`type registrationServerClient struct {`
			`client tunnelpogs.RegistrationServer_PogsClient`
			`transport rpc.Transport`
			`}`

			`func newRegistrationRPCClient(`
TUN-3427: Define a struct that only implements RegistrationServer in tunnelpogs 2020-09-28 09:10:30 +00:00			`ctx context.Context,`
			`stream io.ReadWriteCloser,`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`log *zerolog.Logger,`
TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`) NamedTunnelRPCClient {`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`transport := tunnelrpc.NewTransportLogger(log, rpc.StreamTransport(stream))`
TUN-3427: Define a struct that only implements RegistrationServer in tunnelpogs 2020-09-28 09:10:30 +00:00			`conn := rpc.NewConn(`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`transport,`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`tunnelrpc.ConnLog(log),`
TUN-3427: Define a struct that only implements RegistrationServer in tunnelpogs 2020-09-28 09:10:30 +00:00			`)`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`return &registrationServerClient{`
			`client: tunnelpogs.RegistrationServer_PogsClient{Client: conn.Bootstrap(ctx), Conn: conn},`
			`transport: transport,`
			`}`
			`}`

TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`func (rsc *registrationServerClient) RegisterConnection(`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`ctx context.Context,`
TUN-5749: Refactor cloudflared to pave way for reconfigurable ingress - Split origin into supervisor and proxy packages - Create configManager to handle dynamic config 2022-02-07 09:42:07 +00:00			`properties *NamedTunnelProperties,`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`options *tunnelpogs.ConnectionOptions,`
			`connIndex uint8,`
TUN-6388: Fix first tunnel connection not retrying 2022-06-18 00:24:37 +00:00			`edgeAddress net.IP,`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`observer *Observer,`
TUN-6016: Push local managed tunnels configuration to the edge 2022-04-27 10:51:06 +00:00			`) (*tunnelpogs.ConnectionDetails, error) {`
TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`conn, err := rsc.client.RegisterConnection(`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`ctx,`
TUN-5749: Refactor cloudflared to pave way for reconfigurable ingress - Split origin into supervisor and proxy packages - Create configManager to handle dynamic config 2022-02-07 09:42:07 +00:00			`properties.Credentials.Auth(),`
			`properties.Credentials.TunnelID,`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`connIndex,`
			`options,`
			`)`
			`if err != nil {`
			`if err.Error() == DuplicateConnectionError {`
			`observer.metrics.regFail.WithLabelValues("dup_edge_conn", "registerConnection").Inc()`
TUN-6016: Push local managed tunnels configuration to the edge 2022-04-27 10:51:06 +00:00			`return nil, errDuplicationConnection`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`}`
			`observer.metrics.regFail.WithLabelValues("server_error", "registerConnection").Inc()`
TUN-6016: Push local managed tunnels configuration to the edge 2022-04-27 10:51:06 +00:00			`return nil, serverRegistrationErrorFromRPC(err)`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`}`

			`observer.metrics.regSuccess.WithLabelValues("registerConnection").Inc()`

TUN-6016: Push local managed tunnels configuration to the edge 2022-04-27 10:51:06 +00:00			`return conn, nil`
			`}`

			`func (rsc registrationServerClient) SendLocalConfiguration(ctx context.Context, config []byte, observer Observer) (err error) {`
			`observer.metrics.localConfigMetrics.pushes.Inc()`
			`defer func() {`
			`if err != nil {`
			`observer.metrics.localConfigMetrics.pushesErrors.Inc()`
			`}`
			`}()`

			`return rsc.client.SendLocalConfiguration(ctx, config)`
TUN-3462: Refactor cloudflared to separate origin from connection 2020-10-08 10:12:26 +00:00			`}`

TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`func (rsc *registrationServerClient) GracefulShutdown(ctx context.Context, gracePeriod time.Duration) {`
			`ctx, cancel := context.WithTimeout(ctx, gracePeriod)`
			`defer cancel()`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`_ = rsc.client.UnregisterConnection(ctx)`
TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`}`

			`func (rsc *registrationServerClient) Close() {`
			`// Closing the client will also close the connection`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`_ = rsc.client.Close()`
TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`// Closing the transport also closes the stream`
TUN-3470: Replace in-house logger calls with zerolog 2020-11-25 06:55:13 +00:00			`_ = rsc.transport.Close()`
TUN-3489: Add unit tests to cover proxy logic in connection package of cloudflared 2020-10-27 22:27:15 +00:00			`}`

			`type rpcName string`

			`const (`
			`register rpcName = "register"`
			`reconnect rpcName = "reconnect"`
			`unregister rpcName = "unregister"`
			`authenticate rpcName = " authenticate"`
			`)`