From 0d87279b2f545f282cbd1b85c12512869c625fc4 Mon Sep 17 00:00:00 2001 From: Dalton Date: Mon, 8 Jun 2020 17:01:48 -0500 Subject: [PATCH] AUTH-2785 service token flag fix and logger fix --- carrier/websocket.go | 8 ++++++++ cmd/cloudflared/access/carrier.go | 16 +++++++++++++--- cmd/cloudflared/access/cmd.go | 4 ++-- cmd/cloudflared/cliutil/errors.go | 2 ++ cmd/cloudflared/config/model.go | 8 ++++++-- cmd/cloudflared/main.go | 6 ++++-- 6 files changed, 35 insertions(+), 9 deletions(-) diff --git a/carrier/websocket.go b/carrier/websocket.go index e804f7bb..d86cc29a 100644 --- a/carrier/websocket.go +++ b/carrier/websocket.go @@ -5,6 +5,7 @@ import ( "io" "net" "net/http" + "net/http/httputil" "github.com/cloudflare/cloudflared/cmd/cloudflared/token" "github.com/cloudflare/cloudflared/logger" @@ -80,6 +81,9 @@ func createWebsocketStream(options *StartOptions, logger logger.Service) (*cfweb } req.Header = options.Headers + dump, err := httputil.DumpRequest(req, false) + logger.Debugf("Websocket request: %s", string(dump)) + wsConn, resp, err := cfwebsocket.ClientConnect(req, nil) defer closeRespBody(resp) if err != nil && IsAccessResponse(resp) { @@ -133,5 +137,9 @@ func createAccessWebSocketStream(options *StartOptions, logger logger.Service) ( if err != nil { return nil, nil, err } + + dump, err := httputil.DumpRequest(req, false) + logger.Debugf("Access Websocket request: %s", string(dump)) + return cfwebsocket.ClientConnect(req, nil) } diff --git a/cmd/cloudflared/access/carrier.go b/cmd/cloudflared/access/carrier.go index d6717ea1..722cc0c1 100644 --- a/cmd/cloudflared/access/carrier.go +++ b/cmd/cloudflared/access/carrier.go @@ -26,9 +26,19 @@ func StartForwarder(forwarder config.Forwarder, shutdown <-chan struct{}, logger return errors.Wrap(err, "error parsing origin URL") } + // get the headers from the config file and add to the request + headers := make(http.Header) + if forwarder.TokenClientID != "" { + headers.Set(h2mux.CFAccessClientIDHeader, forwarder.TokenClientID) + } + + if forwarder.TokenSecret != "" { + headers.Set(h2mux.CFAccessClientSecretHeader, forwarder.TokenSecret) + } + options := &carrier.StartOptions{ OriginURL: forwarder.URL, - Headers: make(http.Header), //TODO: TUN-2688 support custom headers from config file + Headers: headers, //TODO: TUN-2688 support custom headers from config file } // we could add a cmd line variable for this bool if we want the SOCK5 server to be on the client side @@ -71,10 +81,10 @@ func ssh(c *cli.Context) error { // get the headers from the cmdline and add them headers := buildRequestHeaders(c.StringSlice(sshHeaderFlag)) if c.IsSet(sshTokenIDFlag) { - headers.Add(h2mux.CFAccessClientIDHeader, c.String(sshTokenIDFlag)) + headers.Set(h2mux.CFAccessClientIDHeader, c.String(sshTokenIDFlag)) } if c.IsSet(sshTokenSecretFlag) { - headers.Add(h2mux.CFAccessClientSecretHeader, c.String(sshTokenSecretFlag)) + headers.Set(h2mux.CFAccessClientSecretHeader, c.String(sshTokenSecretFlag)) } destination := c.String(sshDestinationFlag) diff --git a/cmd/cloudflared/access/cmd.go b/cmd/cloudflared/access/cmd.go index a255a662..2b12b5d3 100644 --- a/cmd/cloudflared/access/cmd.go +++ b/cmd/cloudflared/access/cmd.go @@ -146,12 +146,12 @@ func Commands() []*cli.Command { Aliases: []string{"H"}, Usage: "specify additional headers you wish to send.", }, - &cli.StringSliceFlag{ + &cli.StringFlag{ Name: sshTokenIDFlag, Aliases: []string{"id"}, Usage: "specify an Access service token ID you wish to use.", }, - &cli.StringSliceFlag{ + &cli.StringFlag{ Name: sshTokenSecretFlag, Aliases: []string{"secret"}, Usage: "specify an Access service token secret you wish to use.", diff --git a/cmd/cloudflared/cliutil/errors.go b/cmd/cloudflared/cliutil/errors.go index e85e396b..f197c335 100644 --- a/cmd/cloudflared/cliutil/errors.go +++ b/cmd/cloudflared/cliutil/errors.go @@ -3,6 +3,7 @@ package cliutil import ( "fmt" + "github.com/cloudflare/cloudflared/logger" "gopkg.in/urfave/cli.v2" ) @@ -34,6 +35,7 @@ func ErrorHandler(actionFunc cli.ActionFunc) cli.ActionFunc { cli.HandleExitCoder(err) err = cli.Exit(err.Error(), 1) } + logger.SharedWriteManager.Shutdown() return err } } diff --git a/cmd/cloudflared/config/model.go b/cmd/cloudflared/config/model.go index 015afef9..656853e7 100644 --- a/cmd/cloudflared/config/model.go +++ b/cmd/cloudflared/config/model.go @@ -9,8 +9,10 @@ import ( // Forwarder represents a client side listener to forward traffic to the edge type Forwarder struct { - URL string `json:"url"` - Listener string `json:"listener"` + URL string `json:"url"` + Listener string `json:"listener"` + TokenClientID string `json:"service_token_id" yaml:"serviceTokenID"` + TokenSecret string `json:"secret_token_id" yaml:"serviceTokenSecret"` } // Tunnel represents a tunnel that should be started @@ -46,6 +48,8 @@ func (f *Forwarder) Hash() string { h := md5.New() io.WriteString(h, f.URL) io.WriteString(h, f.Listener) + io.WriteString(h, f.TokenClientID) + io.WriteString(h, f.TokenSecret) return fmt.Sprintf("%x", h.Sum(nil)) } diff --git a/cmd/cloudflared/main.go b/cmd/cloudflared/main.go index 4160027d..0f35a421 100644 --- a/cmd/cloudflared/main.go +++ b/cmd/cloudflared/main.go @@ -9,7 +9,7 @@ import ( "github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel" "github.com/cloudflare/cloudflared/cmd/cloudflared/updater" - "github.com/cloudflare/cloudflared/logger" + log "github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/metrics" "github.com/cloudflare/cloudflared/overwatch" "github.com/cloudflare/cloudflared/watcher" @@ -167,12 +167,14 @@ func handleError(err error) { func handleServiceMode(shutdownC chan struct{}) error { logDirectory, logLevel := config.FindLogSettings() - logger, err := logger.New(logger.DefaultFile(logDirectory), logger.LogLevelString(logLevel)) + logger, err := log.New(log.DefaultFile(logDirectory), log.LogLevelString(logLevel)) if err != nil { return errors.Wrap(err, "error setting up logger") } logger.Infof("logging to directory: %s", logDirectory) + defer log.SharedWriteManager.Shutdown() + // start the main run loop that reads from the config file f, err := watcher.NewFile() if err != nil {