AUTH-2785 service token flag fix and logger fix

This commit is contained in:
Dalton 2020-06-08 17:01:48 -05:00
parent f8638839c0
commit 0d87279b2f
6 changed files with 35 additions and 9 deletions

View File

@ -5,6 +5,7 @@ import (
"io" "io"
"net" "net"
"net/http" "net/http"
"net/http/httputil"
"github.com/cloudflare/cloudflared/cmd/cloudflared/token" "github.com/cloudflare/cloudflared/cmd/cloudflared/token"
"github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/logger"
@ -80,6 +81,9 @@ func createWebsocketStream(options *StartOptions, logger logger.Service) (*cfweb
} }
req.Header = options.Headers req.Header = options.Headers
dump, err := httputil.DumpRequest(req, false)
logger.Debugf("Websocket request: %s", string(dump))
wsConn, resp, err := cfwebsocket.ClientConnect(req, nil) wsConn, resp, err := cfwebsocket.ClientConnect(req, nil)
defer closeRespBody(resp) defer closeRespBody(resp)
if err != nil && IsAccessResponse(resp) { if err != nil && IsAccessResponse(resp) {
@ -133,5 +137,9 @@ func createAccessWebSocketStream(options *StartOptions, logger logger.Service) (
if err != nil { if err != nil {
return nil, nil, err return nil, nil, err
} }
dump, err := httputil.DumpRequest(req, false)
logger.Debugf("Access Websocket request: %s", string(dump))
return cfwebsocket.ClientConnect(req, nil) return cfwebsocket.ClientConnect(req, nil)
} }

View File

@ -26,9 +26,19 @@ func StartForwarder(forwarder config.Forwarder, shutdown <-chan struct{}, logger
return errors.Wrap(err, "error parsing origin URL") return errors.Wrap(err, "error parsing origin URL")
} }
// get the headers from the config file and add to the request
headers := make(http.Header)
if forwarder.TokenClientID != "" {
headers.Set(h2mux.CFAccessClientIDHeader, forwarder.TokenClientID)
}
if forwarder.TokenSecret != "" {
headers.Set(h2mux.CFAccessClientSecretHeader, forwarder.TokenSecret)
}
options := &carrier.StartOptions{ options := &carrier.StartOptions{
OriginURL: forwarder.URL, OriginURL: forwarder.URL,
Headers: make(http.Header), //TODO: TUN-2688 support custom headers from config file Headers: headers, //TODO: TUN-2688 support custom headers from config file
} }
// we could add a cmd line variable for this bool if we want the SOCK5 server to be on the client side // we could add a cmd line variable for this bool if we want the SOCK5 server to be on the client side
@ -71,10 +81,10 @@ func ssh(c *cli.Context) error {
// get the headers from the cmdline and add them // get the headers from the cmdline and add them
headers := buildRequestHeaders(c.StringSlice(sshHeaderFlag)) headers := buildRequestHeaders(c.StringSlice(sshHeaderFlag))
if c.IsSet(sshTokenIDFlag) { if c.IsSet(sshTokenIDFlag) {
headers.Add(h2mux.CFAccessClientIDHeader, c.String(sshTokenIDFlag)) headers.Set(h2mux.CFAccessClientIDHeader, c.String(sshTokenIDFlag))
} }
if c.IsSet(sshTokenSecretFlag) { if c.IsSet(sshTokenSecretFlag) {
headers.Add(h2mux.CFAccessClientSecretHeader, c.String(sshTokenSecretFlag)) headers.Set(h2mux.CFAccessClientSecretHeader, c.String(sshTokenSecretFlag))
} }
destination := c.String(sshDestinationFlag) destination := c.String(sshDestinationFlag)

View File

@ -146,12 +146,12 @@ func Commands() []*cli.Command {
Aliases: []string{"H"}, Aliases: []string{"H"},
Usage: "specify additional headers you wish to send.", Usage: "specify additional headers you wish to send.",
}, },
&cli.StringSliceFlag{ &cli.StringFlag{
Name: sshTokenIDFlag, Name: sshTokenIDFlag,
Aliases: []string{"id"}, Aliases: []string{"id"},
Usage: "specify an Access service token ID you wish to use.", Usage: "specify an Access service token ID you wish to use.",
}, },
&cli.StringSliceFlag{ &cli.StringFlag{
Name: sshTokenSecretFlag, Name: sshTokenSecretFlag,
Aliases: []string{"secret"}, Aliases: []string{"secret"},
Usage: "specify an Access service token secret you wish to use.", Usage: "specify an Access service token secret you wish to use.",

View File

@ -3,6 +3,7 @@ package cliutil
import ( import (
"fmt" "fmt"
"github.com/cloudflare/cloudflared/logger"
"gopkg.in/urfave/cli.v2" "gopkg.in/urfave/cli.v2"
) )
@ -34,6 +35,7 @@ func ErrorHandler(actionFunc cli.ActionFunc) cli.ActionFunc {
cli.HandleExitCoder(err) cli.HandleExitCoder(err)
err = cli.Exit(err.Error(), 1) err = cli.Exit(err.Error(), 1)
} }
logger.SharedWriteManager.Shutdown()
return err return err
} }
} }

View File

@ -9,8 +9,10 @@ import (
// Forwarder represents a client side listener to forward traffic to the edge // Forwarder represents a client side listener to forward traffic to the edge
type Forwarder struct { type Forwarder struct {
URL string `json:"url"` URL string `json:"url"`
Listener string `json:"listener"` Listener string `json:"listener"`
TokenClientID string `json:"service_token_id" yaml:"serviceTokenID"`
TokenSecret string `json:"secret_token_id" yaml:"serviceTokenSecret"`
} }
// Tunnel represents a tunnel that should be started // Tunnel represents a tunnel that should be started
@ -46,6 +48,8 @@ func (f *Forwarder) Hash() string {
h := md5.New() h := md5.New()
io.WriteString(h, f.URL) io.WriteString(h, f.URL)
io.WriteString(h, f.Listener) io.WriteString(h, f.Listener)
io.WriteString(h, f.TokenClientID)
io.WriteString(h, f.TokenSecret)
return fmt.Sprintf("%x", h.Sum(nil)) return fmt.Sprintf("%x", h.Sum(nil))
} }

View File

@ -9,7 +9,7 @@ import (
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/cmd/cloudflared/config"
"github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel" "github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel"
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater" "github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
"github.com/cloudflare/cloudflared/logger" log "github.com/cloudflare/cloudflared/logger"
"github.com/cloudflare/cloudflared/metrics" "github.com/cloudflare/cloudflared/metrics"
"github.com/cloudflare/cloudflared/overwatch" "github.com/cloudflare/cloudflared/overwatch"
"github.com/cloudflare/cloudflared/watcher" "github.com/cloudflare/cloudflared/watcher"
@ -167,12 +167,14 @@ func handleError(err error) {
func handleServiceMode(shutdownC chan struct{}) error { func handleServiceMode(shutdownC chan struct{}) error {
logDirectory, logLevel := config.FindLogSettings() logDirectory, logLevel := config.FindLogSettings()
logger, err := logger.New(logger.DefaultFile(logDirectory), logger.LogLevelString(logLevel)) logger, err := log.New(log.DefaultFile(logDirectory), log.LogLevelString(logLevel))
if err != nil { if err != nil {
return errors.Wrap(err, "error setting up logger") return errors.Wrap(err, "error setting up logger")
} }
logger.Infof("logging to directory: %s", logDirectory) logger.Infof("logging to directory: %s", logDirectory)
defer log.SharedWriteManager.Shutdown()
// start the main run loop that reads from the config file // start the main run loop that reads from the config file
f, err := watcher.NewFile() f, err := watcher.NewFile()
if err != nil { if err != nil {