diff --git a/.gitignore b/.gitignore index ac8a8d4d..12fc33db 100644 --- a/.gitignore +++ b/.gitignore @@ -1,21 +1,17 @@ -.GOPATH/ -bin/ -tmp/ -guide/public -/.GOPATH +/tmp /bin .idea .build .vscode \#*\# cscope.* -cloudflared -cloudflared.pkg -cloudflared.exe -cloudflared.msi -cloudflared-x86-64* -!cmd/cloudflared/ +/cloudflared +/cloudflared.pkg +/cloudflared.exe +/cloudflared.msi +/cloudflared-x86-64* +/packaging .DS_Store *-session.log ssh_server_tests/.env -.cover +/.cover diff --git a/carrier/carrier.go b/carrier/carrier.go index 771dab9e..67f50a1e 100644 --- a/carrier/carrier.go +++ b/carrier/carrier.go @@ -11,8 +11,8 @@ import ( "os" "strings" - "github.com/cloudflare/cloudflared/cmd/cloudflared/token" "github.com/cloudflare/cloudflared/h2mux" + "github.com/cloudflare/cloudflared/token" "github.com/pkg/errors" "github.com/rs/zerolog" diff --git a/carrier/websocket.go b/carrier/websocket.go index d13ad0a8..04fdce7b 100644 --- a/carrier/websocket.go +++ b/carrier/websocket.go @@ -7,9 +7,9 @@ import ( "net/http" "net/http/httputil" - "github.com/cloudflare/cloudflared/cmd/cloudflared/token" "github.com/cloudflare/cloudflared/ingress" "github.com/cloudflare/cloudflared/socks" + "github.com/cloudflare/cloudflared/token" cfwebsocket "github.com/cloudflare/cloudflared/websocket" "github.com/gorilla/websocket" diff --git a/cmd/cloudflared/access/carrier.go b/cmd/cloudflared/access/carrier.go index f8ff4d80..fc169818 100644 --- a/cmd/cloudflared/access/carrier.go +++ b/cmd/cloudflared/access/carrier.go @@ -7,7 +7,7 @@ import ( "strings" "github.com/cloudflare/cloudflared/carrier" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/h2mux" "github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/validation" diff --git a/cmd/cloudflared/access/cmd.go b/cmd/cloudflared/access/cmd.go index e622aad8..960f1a6d 100644 --- a/cmd/cloudflared/access/cmd.go +++ b/cmd/cloudflared/access/cmd.go @@ -2,20 +2,21 @@ package access import ( "fmt" + "io" "net/http" "net/url" "os" + "os/exec" "strings" "text/template" "time" "github.com/cloudflare/cloudflared/carrier" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" - "github.com/cloudflare/cloudflared/cmd/cloudflared/shell" - "github.com/cloudflare/cloudflared/cmd/cloudflared/token" "github.com/cloudflare/cloudflared/h2mux" "github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/sshgen" + "github.com/cloudflare/cloudflared/token" "github.com/cloudflare/cloudflared/validation" "github.com/getsentry/raven-go" @@ -271,7 +272,7 @@ func curl(c *cli.Context) error { if err != nil || tok == "" { if allowRequest { log.Info().Msg("You don't have an Access token set. Please run access token to fetch one.") - return shell.Run("curl", cmdArgs...) + return run("curl", cmdArgs...) } tok, err = token.FetchToken(appURL, log) if err != nil { @@ -282,7 +283,29 @@ func curl(c *cli.Context) error { cmdArgs = append(cmdArgs, "-H") cmdArgs = append(cmdArgs, fmt.Sprintf("%s: %s", h2mux.CFAccessTokenHeader, tok)) - return shell.Run("curl", cmdArgs...) + return run("curl", cmdArgs...) +} + + +// run kicks off a shell task and pipe the results to the respective std pipes +func run(cmd string, args ...string) error { + c := exec.Command(cmd, args...) + stderr, err := c.StderrPipe() + if err != nil { + return err + } + go func() { + io.Copy(os.Stderr, stderr) + }() + + stdout, err := c.StdoutPipe() + if err != nil { + return err + } + go func() { + io.Copy(os.Stdout, stdout) + }() + return c.Run() } // token dumps provided token to stdout diff --git a/cmd/cloudflared/app_forward_service.go b/cmd/cloudflared/app_forward_service.go index 4ea42dd6..0842c161 100644 --- a/cmd/cloudflared/app_forward_service.go +++ b/cmd/cloudflared/app_forward_service.go @@ -2,7 +2,7 @@ package main import ( "github.com/cloudflare/cloudflared/cmd/cloudflared/access" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/rs/zerolog" ) diff --git a/cmd/cloudflared/app_resolver_service.go b/cmd/cloudflared/app_resolver_service.go index 86155556..383eb5e5 100644 --- a/cmd/cloudflared/app_resolver_service.go +++ b/cmd/cloudflared/app_resolver_service.go @@ -1,7 +1,7 @@ package main import ( - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/tunneldns" "github.com/rs/zerolog" diff --git a/cmd/cloudflared/app_service.go b/cmd/cloudflared/app_service.go index 8289959e..407352c0 100644 --- a/cmd/cloudflared/app_service.go +++ b/cmd/cloudflared/app_service.go @@ -1,7 +1,7 @@ package main import ( - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/overwatch" "github.com/rs/zerolog" diff --git a/cmd/cloudflared/buildinfo/build_info.go b/cmd/cloudflared/buildinfo/build_info.go index 05d38fda..c818f194 100644 --- a/cmd/cloudflared/buildinfo/build_info.go +++ b/cmd/cloudflared/buildinfo/build_info.go @@ -2,6 +2,7 @@ package buildinfo import ( "github.com/rs/zerolog" + "fmt" "runtime" ) @@ -25,3 +26,7 @@ func (bi *BuildInfo) Log(log *zerolog.Logger) { log.Info().Msgf("Version %s", bi.CloudflaredVersion) log.Info().Msgf("GOOS: %s, GOVersion: %s, GoArch: %s", bi.GoOS, bi.GoVersion, bi.GoArch) } + +func (bi *BuildInfo) OSArch() string { + return fmt.Sprintf("%s_%s", bi.GoOS, bi.GoArch) +} diff --git a/cmd/cloudflared/linux_service.go b/cmd/cloudflared/linux_service.go index d015c5cf..8f1eb873 100644 --- a/cmd/cloudflared/linux_service.go +++ b/cmd/cloudflared/linux_service.go @@ -8,8 +8,8 @@ import ( "path/filepath" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/logger" "github.com/rs/zerolog" diff --git a/cmd/cloudflared/main.go b/cmd/cloudflared/main.go index fc112c49..f9522cbc 100644 --- a/cmd/cloudflared/main.go +++ b/cmd/cloudflared/main.go @@ -8,13 +8,13 @@ import ( "github.com/cloudflare/cloudflared/cmd/cloudflared/access" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" + "github.com/cloudflare/cloudflared/cmd/cloudflared/proxydns" "github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel" "github.com/cloudflare/cloudflared/cmd/cloudflared/updater" "github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/metrics" "github.com/cloudflare/cloudflared/overwatch" - "github.com/cloudflare/cloudflared/tunneldns" "github.com/cloudflare/cloudflared/watcher" "github.com/getsentry/raven-go" @@ -130,7 +130,7 @@ To determine if an update happened in a script, check for error code 11.`, }, } cmds = append(cmds, tunnel.Commands()...) - cmds = append(cmds, tunneldns.Command(false)) + cmds = append(cmds, proxydns.Command(false)) cmds = append(cmds, access.Commands()...) return cmds } diff --git a/cmd/cloudflared/proxydns/cmd.go b/cmd/cloudflared/proxydns/cmd.go new file mode 100644 index 00000000..0b264c2d --- /dev/null +++ b/cmd/cloudflared/proxydns/cmd.go @@ -0,0 +1,115 @@ +package proxydns + +import ( + "net" + "os" + "os/signal" + "syscall" + + "github.com/urfave/cli/v2" + + "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" + "github.com/cloudflare/cloudflared/logger" + "github.com/cloudflare/cloudflared/metrics" + "github.com/cloudflare/cloudflared/tunneldns" +) + +func Command(hidden bool) *cli.Command { + return &cli.Command{ + Name: "proxy-dns", + Action: cliutil.ErrorHandler(Run), + Usage: "Run a DNS over HTTPS proxy server.", + Flags: []cli.Flag{ + &cli.StringFlag{ + Name: "metrics", + Value: "localhost:", + Usage: "Listen address for metrics reporting.", + EnvVars: []string{"TUNNEL_METRICS"}, + }, + &cli.StringFlag{ + Name: "address", + Usage: "Listen address for the DNS over HTTPS proxy server.", + Value: "localhost", + EnvVars: []string{"TUNNEL_DNS_ADDRESS"}, + }, + // Note TUN-3758 , we use Int because UInt is not supported with altsrc + &cli.IntFlag{ + Name: "port", + Usage: "Listen on given port for the DNS over HTTPS proxy server.", + Value: 53, + EnvVars: []string{"TUNNEL_DNS_PORT"}, + }, + &cli.StringSliceFlag{ + Name: "upstream", + Usage: "Upstream endpoint URL, you can specify multiple endpoints for redundancy.", + Value: cli.NewStringSlice("https://1.1.1.1/dns-query", "https://1.0.0.1/dns-query"), + EnvVars: []string{"TUNNEL_DNS_UPSTREAM"}, + }, + &cli.StringSliceFlag{ + Name: "bootstrap", + Usage: "bootstrap endpoint URL, you can specify multiple endpoints for redundancy.", + Value: cli.NewStringSlice("https://162.159.36.1/dns-query", "https://162.159.46.1/dns-query", "https://[2606:4700:4700::1111]/dns-query", "https://[2606:4700:4700::1001]/dns-query"), + EnvVars: []string{"TUNNEL_DNS_BOOTSTRAP"}, + }, + &cli.IntFlag{ + Name: "max-upstream-conns", + Usage: "Maximum concurrent connections to upstream. Setting to 0 means unlimited.", + Value: tunneldns.MaxUpstreamConnsDefault, + EnvVars: []string{"TUNNEL_DNS_MAX_UPSTREAM_CONNS"}, + }, + }, + ArgsUsage: " ", // can't be the empty string or we get the default output + Hidden: hidden, + } +} + +// Run implements a foreground runner +func Run(c *cli.Context) error { + log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog) + + metricsListener, err := net.Listen("tcp", c.String("metrics")) + if err != nil { + log.Fatal().Err(err).Msg("Failed to open the metrics listener") + } + + go metrics.ServeMetrics(metricsListener, nil, nil, log) + + listener, err := tunneldns.CreateListener( + c.String("address"), + // Note TUN-3758 , we use Int because UInt is not supported with altsrc + uint16(c.Int("port")), + c.StringSlice("upstream"), + c.StringSlice("bootstrap"), + c.Int("max-upstream-conns"), + log, + ) + + if err != nil { + log.Err(err).Msg("Failed to create the listeners") + return err + } + + // Try to start the server + readySignal := make(chan struct{}) + err = listener.Start(readySignal) + if err != nil { + log.Err(err).Msg("Failed to start the listeners") + return listener.Stop() + } + <-readySignal + + // Wait for signal + signals := make(chan os.Signal, 10) + signal.Notify(signals, syscall.SIGTERM, syscall.SIGINT) + defer signal.Stop(signals) + <-signals + + // Shut down server + err = listener.Stop() + if err != nil { + log.Err(err).Msg("failed to stop") + } + return err +} + + diff --git a/cmd/cloudflared/service_template.go b/cmd/cloudflared/service_template.go index 79576ed0..089dd4e2 100644 --- a/cmd/cloudflared/service_template.go +++ b/cmd/cloudflared/service_template.go @@ -12,7 +12,7 @@ import ( "github.com/mitchellh/go-homedir" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" ) type ServiceTemplate struct { diff --git a/cmd/cloudflared/shell/shell.go b/cmd/cloudflared/shell/shell.go deleted file mode 100644 index 84779b40..00000000 --- a/cmd/cloudflared/shell/shell.go +++ /dev/null @@ -1,33 +0,0 @@ -package shell - -import ( - "io" - "os" - "os/exec" -) - -// OpenBrowser opens the specified URL in the default browser of the user -func OpenBrowser(url string) error { - return getBrowserCmd(url).Start() -} - -// Run will kick off a shell task and pipe the results to the respective std pipes -func Run(cmd string, args ...string) error { - c := exec.Command(cmd, args...) - stderr, err := c.StderrPipe() - if err != nil { - return err - } - go func() { - io.Copy(os.Stderr, stderr) - }() - - stdout, err := c.StdoutPipe() - if err != nil { - return err - } - go func() { - io.Copy(os.Stdout, stdout) - }() - return c.Run() -} diff --git a/cmd/cloudflared/tunnel/cmd.go b/cmd/cloudflared/tunnel/cmd.go index 38b4560a..0b11c4c2 100644 --- a/cmd/cloudflared/tunnel/cmd.go +++ b/cmd/cloudflared/tunnel/cmd.go @@ -15,9 +15,10 @@ import ( "github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/cmd/cloudflared/proxydns" "github.com/cloudflare/cloudflared/cmd/cloudflared/ui" "github.com/cloudflare/cloudflared/cmd/cloudflared/updater" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/ingress" "github.com/cloudflare/cloudflared/logger" @@ -104,7 +105,7 @@ func Commands() []*cli.Command { buildDeleteCommand(), buildCleanupCommand(), // for compatibility, allow following as tunnel subcommands - tunneldns.Command(true), + proxydns.Command(true), cliutil.RemovedCommand("db-connect"), } diff --git a/cmd/cloudflared/tunnel/configuration.go b/cmd/cloudflared/tunnel/configuration.go index ad1e9051..2e82904d 100644 --- a/cmd/cloudflared/tunnel/configuration.go +++ b/cmd/cloudflared/tunnel/configuration.go @@ -9,7 +9,7 @@ import ( "strings" "github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/edgediscovery" "github.com/cloudflare/cloudflared/h2mux" @@ -207,7 +207,7 @@ func prepareTunnelConfig( ClientID: clientUUID[:], Features: dedup(features), Version: version, - Arch: fmt.Sprintf("%s_%s", buildInfo.GoOS, buildInfo.GoArch), + Arch: buildInfo.OSArch(), } ingressRules, err = ingress.ParseIngress(cfg) if err != nil && err != ingress.ErrNoIngressRules { @@ -272,7 +272,7 @@ func prepareTunnelConfig( return &origin.TunnelConfig{ ConnectionConfig: connectionConfig, - BuildInfo: buildInfo, + OSArch: buildInfo.OSArch(), ClientID: clientID, EdgeAddrs: c.StringSlice("edge"), HAConnections: c.Int("ha-connections"), diff --git a/cmd/cloudflared/tunnel/credential_finder.go b/cmd/cloudflared/tunnel/credential_finder.go index 7fc2a26d..a2320af4 100644 --- a/cmd/cloudflared/tunnel/credential_finder.go +++ b/cmd/cloudflared/tunnel/credential_finder.go @@ -4,7 +4,7 @@ import ( "fmt" "path/filepath" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/google/uuid" "github.com/rs/zerolog" diff --git a/cmd/cloudflared/tunnel/ingress_subcommands.go b/cmd/cloudflared/tunnel/ingress_subcommands.go index 5d820081..46b5d193 100644 --- a/cmd/cloudflared/tunnel/ingress_subcommands.go +++ b/cmd/cloudflared/tunnel/ingress_subcommands.go @@ -5,7 +5,7 @@ import ( "net/url" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/ingress" "github.com/pkg/errors" diff --git a/cmd/cloudflared/tunnel/login.go b/cmd/cloudflared/tunnel/login.go index 8d357798..09b19730 100644 --- a/cmd/cloudflared/tunnel/login.go +++ b/cmd/cloudflared/tunnel/login.go @@ -13,9 +13,9 @@ import ( "github.com/urfave/cli/v2" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" - "github.com/cloudflare/cloudflared/cmd/cloudflared/transfer" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/logger" + "github.com/cloudflare/cloudflared/token" ) const ( @@ -56,7 +56,7 @@ func login(c *cli.Context) error { return err } - resourceData, err := transfer.Run( + resourceData, err := token.RunTransfer( loginURL, "cert", "callback", diff --git a/cmd/cloudflared/tunnel/subcommands.go b/cmd/cloudflared/tunnel/subcommands.go index b18c7137..a750d988 100644 --- a/cmd/cloudflared/tunnel/subcommands.go +++ b/cmd/cloudflared/tunnel/subcommands.go @@ -13,7 +13,6 @@ import ( "text/tabwriter" "time" - "github.com/cloudflare/cloudflared/cmd/cloudflared/updater" "github.com/google/uuid" "github.com/mitchellh/go-homedir" "github.com/pkg/errors" @@ -23,7 +22,8 @@ import ( "gopkg.in/yaml.v2" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/cmd/cloudflared/updater" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/tunnelstore" ) diff --git a/cmd/cloudflared/updater/update.go b/cmd/cloudflared/updater/update.go index e2406760..b93d84e5 100644 --- a/cmd/cloudflared/updater/update.go +++ b/cmd/cloudflared/updater/update.go @@ -8,12 +8,13 @@ import ( "runtime" "time" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" - "github.com/cloudflare/cloudflared/logger" "github.com/facebookgo/grace/gracenet" "github.com/rs/zerolog" "github.com/urfave/cli/v2" "golang.org/x/crypto/ssh/terminal" + + "github.com/cloudflare/cloudflared/config" + "github.com/cloudflare/cloudflared/logger" ) const ( diff --git a/cmd/cloudflared/config/configuration.go b/config/configuration.go similarity index 100% rename from cmd/cloudflared/config/configuration.go rename to config/configuration.go index af43996b..a65dd6cd 100644 --- a/cmd/cloudflared/config/configuration.go +++ b/config/configuration.go @@ -11,11 +11,11 @@ import ( "github.com/mitchellh/go-homedir" "github.com/pkg/errors" + "github.com/rs/zerolog" "github.com/urfave/cli/v2" "gopkg.in/yaml.v2" "github.com/cloudflare/cloudflared/validation" - "github.com/rs/zerolog" ) var ( diff --git a/cmd/cloudflared/config/configuration_test.go b/config/configuration_test.go similarity index 100% rename from cmd/cloudflared/config/configuration_test.go rename to config/configuration_test.go diff --git a/cmd/cloudflared/config/manager.go b/config/manager.go similarity index 100% rename from cmd/cloudflared/config/manager.go rename to config/manager.go diff --git a/cmd/cloudflared/config/manager_test.go b/config/manager_test.go similarity index 100% rename from cmd/cloudflared/config/manager_test.go rename to config/manager_test.go diff --git a/cmd/cloudflared/config/model.go b/config/model.go similarity index 100% rename from cmd/cloudflared/config/model.go rename to config/model.go diff --git a/ingress/ingress.go b/ingress/ingress.go index c9463a89..10aeabfa 100644 --- a/ingress/ingress.go +++ b/ingress/ingress.go @@ -9,7 +9,7 @@ import ( "strings" "sync" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/pkg/errors" "github.com/rs/zerolog" diff --git a/ingress/ingress_test.go b/ingress/ingress_test.go index bd23acb1..7b87a35b 100644 --- a/ingress/ingress_test.go +++ b/ingress/ingress_test.go @@ -14,7 +14,7 @@ import ( "github.com/urfave/cli/v2" "gopkg.in/yaml.v2" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/tlsconfig" ) diff --git a/ingress/origin_request_config.go b/ingress/origin_request_config.go index 7486a799..575e2170 100644 --- a/ingress/origin_request_config.go +++ b/ingress/origin_request_config.go @@ -3,9 +3,10 @@ package ingress import ( "time" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" - "github.com/cloudflare/cloudflared/tlsconfig" "github.com/urfave/cli/v2" + + "github.com/cloudflare/cloudflared/config" + "github.com/cloudflare/cloudflared/tlsconfig" ) const ( diff --git a/ingress/origin_request_config_test.go b/ingress/origin_request_config_test.go index 524b9857..23a4b788 100644 --- a/ingress/origin_request_config_test.go +++ b/ingress/origin_request_config_test.go @@ -5,7 +5,7 @@ import ( "testing" "time" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/stretchr/testify/require" "github.com/urfave/cli/v2" "gopkg.in/yaml.v2" diff --git a/buffer/pool.go b/origin/pool.go similarity index 50% rename from buffer/pool.go rename to origin/pool.go index 3265283f..396a4a76 100644 --- a/buffer/pool.go +++ b/origin/pool.go @@ -1,17 +1,17 @@ -package buffer +package origin import ( "sync" ) -type Pool struct { - // A Pool must not be copied after first use. +type bufferPool struct { + // A bufferPool must not be copied after first use. // https://golang.org/pkg/sync/#Pool buffers sync.Pool } -func NewPool(bufferSize int) *Pool { - return &Pool{ +func newBufferPool(bufferSize int) *bufferPool { + return &bufferPool{ buffers: sync.Pool{ New: func() interface{} { return make([]byte, bufferSize) @@ -20,10 +20,10 @@ func NewPool(bufferSize int) *Pool { } } -func (p *Pool) Get() []byte { +func (p *bufferPool) Get() []byte { return p.buffers.Get().([]byte) } -func (p *Pool) Put(buf []byte) { +func (p *bufferPool) Put(buf []byte) { p.buffers.Put(buf) } diff --git a/origin/proxy.go b/origin/proxy.go index e919b66d..0e114ab0 100644 --- a/origin/proxy.go +++ b/origin/proxy.go @@ -9,12 +9,12 @@ import ( "strconv" "strings" - "github.com/cloudflare/cloudflared/buffer" + "github.com/pkg/errors" + "github.com/rs/zerolog" + "github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/ingress" tunnelpogs "github.com/cloudflare/cloudflared/tunnelrpc/pogs" - "github.com/pkg/errors" - "github.com/rs/zerolog" ) const ( @@ -26,7 +26,7 @@ type proxy struct { warpRouting *ingress.WarpRoutingService tags []tunnelpogs.Tag log *zerolog.Logger - bufferPool *buffer.Pool + bufferPool *bufferPool } func NewOriginProxy( @@ -40,7 +40,7 @@ func NewOriginProxy( warpRouting: warpRouting, tags: tags, log: log, - bufferPool: buffer.NewPool(512 * 1024), + bufferPool: newBufferPool(512 * 1024), } } diff --git a/origin/proxy_test.go b/origin/proxy_test.go index 594eec8b..e29874bd 100644 --- a/origin/proxy_test.go +++ b/origin/proxy_test.go @@ -15,7 +15,7 @@ import ( "github.com/cloudflare/cloudflared/logger" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/hello" "github.com/cloudflare/cloudflared/ingress" diff --git a/origin/tunnel.go b/origin/tunnel.go index 3d5b64c0..4e221449 100644 --- a/origin/tunnel.go +++ b/origin/tunnel.go @@ -15,7 +15,6 @@ import ( "github.com/rs/zerolog" "golang.org/x/sync/errgroup" - "github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo" "github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/edgediscovery" "github.com/cloudflare/cloudflared/h2mux" @@ -40,7 +39,7 @@ const ( type TunnelConfig struct { ConnectionConfig *connection.Config - BuildInfo *buildinfo.BuildInfo + OSArch string ClientID string CloseConnOnce *sync.Once // Used to close connectedSignal no more than once EdgeAddrs []string @@ -72,7 +71,7 @@ func (c *TunnelConfig) RegistrationOptions(connectionID uint8, OriginLocalIP str return &tunnelpogs.RegistrationOptions{ ClientID: c.ClientID, Version: c.ReportedVersion, - OS: fmt.Sprintf("%s_%s", c.BuildInfo.GoOS, c.BuildInfo.GoArch), + OS: c.OSArch, ExistingTunnelPolicy: policy, PoolName: c.LBPool, Tags: c.Tags, diff --git a/sshgen/sshgen.go b/sshgen/sshgen.go index 22b6ec60..2be87444 100644 --- a/sshgen/sshgen.go +++ b/sshgen/sshgen.go @@ -15,12 +15,13 @@ import ( "net/url" "time" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" - cfpath "github.com/cloudflare/cloudflared/cmd/cloudflared/path" "github.com/coreos/go-oidc/jose" homedir "github.com/mitchellh/go-homedir" "github.com/pkg/errors" gossh "golang.org/x/crypto/ssh" + + "github.com/cloudflare/cloudflared/config" + cfpath "github.com/cloudflare/cloudflared/token" ) const ( diff --git a/sshgen/sshgen_test.go b/sshgen/sshgen_test.go index 8d1ada0f..09f83328 100644 --- a/sshgen/sshgen_test.go +++ b/sshgen/sshgen_test.go @@ -14,10 +14,11 @@ import ( "testing" "time" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" - cfpath "github.com/cloudflare/cloudflared/cmd/cloudflared/path" "github.com/coreos/go-oidc/jose" "github.com/stretchr/testify/assert" + + "github.com/cloudflare/cloudflared/config" + cfpath "github.com/cloudflare/cloudflared/token" ) const ( diff --git a/cmd/cloudflared/encrypter/encrypt.go b/token/encrypt.go similarity index 94% rename from cmd/cloudflared/encrypter/encrypt.go rename to token/encrypt.go index a9c4725b..793dc93a 100644 --- a/cmd/cloudflared/encrypter/encrypt.go +++ b/token/encrypt.go @@ -4,12 +4,12 @@ // You can read more here https://godoc.org/golang.org/x/crypto/nacl/box. // // msg := []byte("super safe message.") -// alice, err := New("alice_priv_key.pem", "alice_pub_key.pem") +// alice, err := NewEncrypter("alice_priv_key.pem", "alice_pub_key.pem") // if err != nil { // log.Fatal(err) // } // -// bob, err := New("bob_priv_key.pem", "bob_pub_key.pem") +// bob, err := NewEncrypter("bob_priv_key.pem", "bob_pub_key.pem") // if err != nil { // log.Fatal(err) // } @@ -23,7 +23,7 @@ // log.Fatal(err) // } // fmt.Println(string(data)) -package encrypter +package token import ( "bytes" @@ -44,8 +44,8 @@ type Encrypter struct { publicKey *[32]byte } -// New returns a new encrypter with initialized keypair -func New(privateKey, publicKey string) (*Encrypter, error) { +// NewEncrypter returns a new encrypter with initialized keypair +func NewEncrypter(privateKey, publicKey string) (*Encrypter, error) { e := &Encrypter{} pubKey, key, err := e.fetchOrGenerateKeys(privateKey, publicKey) if err != nil { diff --git a/cmd/cloudflared/shell/launch_browser_darwin.go b/token/launch_browser_darwin.go similarity index 89% rename from cmd/cloudflared/shell/launch_browser_darwin.go rename to token/launch_browser_darwin.go index 064d892d..b5b2ff53 100644 --- a/cmd/cloudflared/shell/launch_browser_darwin.go +++ b/token/launch_browser_darwin.go @@ -1,6 +1,6 @@ //+build darwin -package shell +package token import ( "os/exec" diff --git a/cmd/cloudflared/shell/launch_browser_other.go b/token/launch_browser_other.go similarity index 90% rename from cmd/cloudflared/shell/launch_browser_other.go rename to token/launch_browser_other.go index 9c78b959..ac4cc319 100644 --- a/cmd/cloudflared/shell/launch_browser_other.go +++ b/token/launch_browser_other.go @@ -1,6 +1,6 @@ //+build !windows,!darwin,!linux,!netbsd,!freebsd,!openbsd -package shell +package token import ( "os/exec" diff --git a/cmd/cloudflared/shell/launch_browser_unix.go b/token/launch_browser_unix.go similarity index 91% rename from cmd/cloudflared/shell/launch_browser_unix.go rename to token/launch_browser_unix.go index d9824214..2b15a0ff 100644 --- a/cmd/cloudflared/shell/launch_browser_unix.go +++ b/token/launch_browser_unix.go @@ -1,6 +1,6 @@ //+build linux freebsd openbsd netbsd -package shell +package token import ( "os/exec" diff --git a/cmd/cloudflared/shell/launch_browser_windows.go b/token/launch_browser_windows.go similarity index 97% rename from cmd/cloudflared/shell/launch_browser_windows.go rename to token/launch_browser_windows.go index ab300403..a49b99f3 100644 --- a/cmd/cloudflared/shell/launch_browser_windows.go +++ b/token/launch_browser_windows.go @@ -1,6 +1,6 @@ //+build windows -package shell +package token import ( "fmt" diff --git a/cmd/cloudflared/path/path.go b/token/path.go similarity index 84% rename from cmd/cloudflared/path/path.go rename to token/path.go index b3ad1497..b3d42015 100644 --- a/cmd/cloudflared/path/path.go +++ b/token/path.go @@ -1,4 +1,4 @@ -package path +package token import ( "fmt" @@ -7,8 +7,9 @@ import ( "path/filepath" "strings" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/mitchellh/go-homedir" + + "github.com/cloudflare/cloudflared/config" ) // GenerateAppTokenFilePathFromURL will return a filepath for given Access org token @@ -21,8 +22,8 @@ func GenerateAppTokenFilePathFromURL(url *url.URL, suffix string) (string, error return filepath.Join(configPath, name), nil } -// GenerateOrgTokenFilePathFromURL will return a filepath for given Access application token -func GenerateOrgTokenFilePathFromURL(authDomain string) (string, error) { +// generateOrgTokenFilePathFromURL will return a filepath for given Access application token +func generateOrgTokenFilePathFromURL(authDomain string) (string, error) { configPath, err := getConfigPath() if err != nil { return "", err diff --git a/token/shell.go b/token/shell.go new file mode 100644 index 00000000..7cfe1a78 --- /dev/null +++ b/token/shell.go @@ -0,0 +1,7 @@ +package token + +// OpenBrowser opens the specified URL in the default browser of the user +func OpenBrowser(url string) error { + return getBrowserCmd(url).Start() +} + diff --git a/cmd/cloudflared/token/token.go b/token/token.go similarity index 94% rename from cmd/cloudflared/token/token.go rename to token/token.go index df64f054..cbcd9f97 100644 --- a/cmd/cloudflared/token/token.go +++ b/token/token.go @@ -13,9 +13,7 @@ import ( "syscall" "time" - "github.com/cloudflare/cloudflared/cmd/cloudflared/config" - "github.com/cloudflare/cloudflared/cmd/cloudflared/path" - "github.com/cloudflare/cloudflared/cmd/cloudflared/transfer" + "github.com/cloudflare/cloudflared/config" "github.com/cloudflare/cloudflared/origin" "github.com/coreos/go-oidc/jose" @@ -102,7 +100,7 @@ func (l *lock) Acquire() error { os.Exit(0) }) - // Check for a path.lock file + // Check for a lock file // if the lock file exists; start polling // if not, create the lock file and go through the normal flow. // See AUTH-1736 for the reason why we do all this @@ -160,7 +158,7 @@ func getToken(appURL *url.URL, useHostOnly bool, log *zerolog.Logger) (string, e return token, nil } - appTokenPath, err := path.GenerateAppTokenFilePathFromURL(appURL, keyName) + appTokenPath, err := GenerateAppTokenFilePathFromURL(appURL, keyName) if err != nil { return "", errors.Wrap(err, "failed to generate app token file path") } @@ -184,7 +182,7 @@ func getToken(appURL *url.URL, useHostOnly bool, log *zerolog.Logger) (string, e } else { orgToken, err := GetOrgTokenIfExists(authDomain) if err != nil { - orgTokenPath, err = path.GenerateOrgTokenFilePathFromURL(authDomain) + orgTokenPath, err = generateOrgTokenFilePathFromURL(authDomain) if err != nil { return "", errors.Wrap(err, "failed to generate org token file path") } @@ -220,7 +218,7 @@ func getTokensFromEdge(appURL *url.URL, appTokenPath, orgTokenPath string, useHo // this weird parameter is the resource name (token) and the key/value // we want to send to the transfer service. the key is token and the value // is blank (basically just the id generated in the transfer service) - resourceData, err := transfer.Run(appURL, keyName, keyName, "", true, useHostOnly, log) + resourceData, err := RunTransfer(appURL, keyName, keyName, "", true, useHostOnly, log) if err != nil { return "", errors.Wrap(err, "failed to run transfer service") } @@ -316,7 +314,7 @@ func exchangeOrgToken(appURL *url.URL, orgToken string) (string, error) { } func GetOrgTokenIfExists(authDomain string) (string, error) { - path, err := path.GenerateOrgTokenFilePathFromURL(authDomain) + path, err := generateOrgTokenFilePathFromURL(authDomain) if err != nil { return "", err } @@ -338,7 +336,7 @@ func GetOrgTokenIfExists(authDomain string) (string, error) { } func GetAppTokenIfExists(url *url.URL) (string, error) { - path, err := path.GenerateAppTokenFilePathFromURL(url, keyName) + path, err := GenerateAppTokenFilePathFromURL(url, keyName) if err != nil { return "", err } @@ -376,7 +374,7 @@ func getTokenIfExists(path string) (*jose.JWT, error) { // RemoveTokenIfExists removes the a token from local storage if it exists func RemoveTokenIfExists(url *url.URL) error { - path, err := path.GenerateAppTokenFilePathFromURL(url, keyName) + path, err := GenerateAppTokenFilePathFromURL(url, keyName) if err != nil { return err } diff --git a/cmd/cloudflared/token/token_test.go b/token/token_test.go similarity index 98% rename from cmd/cloudflared/token/token_test.go rename to token/token_test.go index c3457343..38e71fd0 100644 --- a/cmd/cloudflared/token/token_test.go +++ b/token/token_test.go @@ -1,3 +1,5 @@ +//+build linux + package token import ( diff --git a/cmd/cloudflared/transfer/transfer.go b/token/transfer.go similarity index 90% rename from cmd/cloudflared/transfer/transfer.go rename to token/transfer.go index 3772da3a..3ee7a467 100644 --- a/cmd/cloudflared/transfer/transfer.go +++ b/token/transfer.go @@ -1,4 +1,4 @@ -package transfer +package token import ( "bytes" @@ -10,8 +10,6 @@ import ( "os" "time" - "github.com/cloudflare/cloudflared/cmd/cloudflared/encrypter" - "github.com/cloudflare/cloudflared/cmd/cloudflared/shell" "github.com/pkg/errors" "github.com/rs/zerolog" ) @@ -21,14 +19,14 @@ const ( clientTimeout = time.Second * 60 ) -// Run does the transfer "dance" with the end result downloading the supported resource. +// RunTransfer does the transfer "dance" with the end result downloading the supported resource. // The expanded description is run is encapsulation of shared business logic needed // to request a resource (token/cert/etc) from the transfer service (loginhelper). // The "dance" we refer to is building a HTTP request, opening that in a browser waiting for // the user to complete an action, while it long polls in the background waiting for an // action to be completed to download the resource. -func Run(transferURL *url.URL, resourceName, key, value string, shouldEncrypt bool, useHostOnly bool, log *zerolog.Logger) ([]byte, error) { - encrypterClient, err := encrypter.New("cloudflared_priv.pem", "cloudflared_pub.pem") +func RunTransfer(transferURL *url.URL, resourceName, key, value string, shouldEncrypt bool, useHostOnly bool, log *zerolog.Logger) ([]byte, error) { + encrypterClient, err := NewEncrypter("cloudflared_priv.pem", "cloudflared_pub.pem") if err != nil { return nil, err } @@ -38,7 +36,7 @@ func Run(transferURL *url.URL, resourceName, key, value string, shouldEncrypt bo } // See AUTH-1423 for why we use stderr (the way git wraps ssh) - err = shell.OpenBrowser(requestURL) + err = OpenBrowser(requestURL) if err != nil { fmt.Fprintf(os.Stderr, "Please open the following URL and log in with your Cloudflare account:\n\n%s\n\nLeave cloudflared running to download the %s automatically.\n", requestURL, resourceName) } else { diff --git a/tunneldns/tunnel.go b/tunneldns/tunnel.go index 485277aa..996c84c4 100644 --- a/tunneldns/tunnel.go +++ b/tunneldns/tunnel.go @@ -2,22 +2,14 @@ package tunneldns import ( "net" - "os" - "os/signal" "strconv" "sync" - "syscall" - - "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" - "github.com/cloudflare/cloudflared/logger" - "github.com/cloudflare/cloudflared/metrics" "github.com/coredns/coredns/core/dnsserver" "github.com/coredns/coredns/plugin" "github.com/coredns/coredns/plugin/cache" "github.com/pkg/errors" "github.com/rs/zerolog" - "github.com/urfave/cli/v2" ) const ( @@ -33,104 +25,6 @@ type Listener struct { log *zerolog.Logger } -func Command(hidden bool) *cli.Command { - return &cli.Command{ - Name: "proxy-dns", - Action: cliutil.ErrorHandler(Run), - Usage: "Run a DNS over HTTPS proxy server.", - Flags: []cli.Flag{ - &cli.StringFlag{ - Name: "metrics", - Value: "localhost:", - Usage: "Listen address for metrics reporting.", - EnvVars: []string{"TUNNEL_METRICS"}, - }, - &cli.StringFlag{ - Name: "address", - Usage: "Listen address for the DNS over HTTPS proxy server.", - Value: "localhost", - EnvVars: []string{"TUNNEL_DNS_ADDRESS"}, - }, - // Note TUN-3758 , we use Int because UInt is not supported with altsrc - &cli.IntFlag{ - Name: "port", - Usage: "Listen on given port for the DNS over HTTPS proxy server.", - Value: 53, - EnvVars: []string{"TUNNEL_DNS_PORT"}, - }, - &cli.StringSliceFlag{ - Name: "upstream", - Usage: "Upstream endpoint URL, you can specify multiple endpoints for redundancy.", - Value: cli.NewStringSlice("https://1.1.1.1/dns-query", "https://1.0.0.1/dns-query"), - EnvVars: []string{"TUNNEL_DNS_UPSTREAM"}, - }, - &cli.StringSliceFlag{ - Name: "bootstrap", - Usage: "bootstrap endpoint URL, you can specify multiple endpoints for redundancy.", - Value: cli.NewStringSlice("https://162.159.36.1/dns-query", "https://162.159.46.1/dns-query", "https://[2606:4700:4700::1111]/dns-query", "https://[2606:4700:4700::1001]/dns-query"), - EnvVars: []string{"TUNNEL_DNS_BOOTSTRAP"}, - }, - &cli.IntFlag{ - Name: "max-upstream-conns", - Usage: "Maximum concurrent connections to upstream. Setting to 0 means unlimited.", - Value: MaxUpstreamConnsDefault, - EnvVars: []string{"TUNNEL_DNS_MAX_UPSTREAM_CONNS"}, - }, - }, - ArgsUsage: " ", // can't be the empty string or we get the default output - Hidden: hidden, - } -} - -// Run implements a foreground runner -func Run(c *cli.Context) error { - log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog) - - metricsListener, err := net.Listen("tcp", c.String("metrics")) - if err != nil { - log.Fatal().Err(err).Msg("Failed to open the metrics listener") - } - - go metrics.ServeMetrics(metricsListener, nil, nil, log) - - listener, err := CreateListener( - c.String("address"), - // Note TUN-3758 , we use Int because UInt is not supported with altsrc - uint16(c.Int("port")), - c.StringSlice("upstream"), - c.StringSlice("bootstrap"), - c.Int("max-upstream-conns"), - log, - ) - - if err != nil { - log.Err(err).Msg("Failed to create the listeners") - return err - } - - // Try to start the server - readySignal := make(chan struct{}) - err = listener.Start(readySignal) - if err != nil { - log.Err(err).Msg("Failed to start the listeners") - return listener.Stop() - } - <-readySignal - - // Wait for signal - signals := make(chan os.Signal, 10) - signal.Notify(signals, syscall.SIGTERM, syscall.SIGINT) - defer signal.Stop(signals) - <-signals - - // Shut down server - err = listener.Stop() - if err != nil { - log.Err(err).Msg("failed to stop") - } - return err -} - // Create a CoreDNS server plugin from configuration func createConfig(address string, port uint16, p plugin.Handler) *dnsserver.Config { c := &dnsserver.Config{