TUN-4063: Cleanup dependencies between packages.

- Move packages the provide generic functionality (such as config) from `cmd` subtree to top level.
- Remove all dependencies on `cmd` subtree from top level packages.
- Consolidate all code dealing with token generation and transfer to a single cohesive package.
This commit is contained in:
Igor Postelnik 2021-03-08 10:46:23 -06:00
parent d83d6d54ed
commit 39065377b5
47 changed files with 246 additions and 236 deletions

20
.gitignore vendored
View File

@ -1,21 +1,17 @@
.GOPATH/ /tmp
bin/
tmp/
guide/public
/.GOPATH
/bin /bin
.idea .idea
.build .build
.vscode .vscode
\#*\# \#*\#
cscope.* cscope.*
cloudflared /cloudflared
cloudflared.pkg /cloudflared.pkg
cloudflared.exe /cloudflared.exe
cloudflared.msi /cloudflared.msi
cloudflared-x86-64* /cloudflared-x86-64*
!cmd/cloudflared/ /packaging
.DS_Store .DS_Store
*-session.log *-session.log
ssh_server_tests/.env ssh_server_tests/.env
.cover /.cover

View File

@ -11,8 +11,8 @@ import (
"os" "os"
"strings" "strings"
"github.com/cloudflare/cloudflared/cmd/cloudflared/token"
"github.com/cloudflare/cloudflared/h2mux" "github.com/cloudflare/cloudflared/h2mux"
"github.com/cloudflare/cloudflared/token"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/rs/zerolog" "github.com/rs/zerolog"

View File

@ -7,9 +7,9 @@ import (
"net/http" "net/http"
"net/http/httputil" "net/http/httputil"
"github.com/cloudflare/cloudflared/cmd/cloudflared/token"
"github.com/cloudflare/cloudflared/ingress" "github.com/cloudflare/cloudflared/ingress"
"github.com/cloudflare/cloudflared/socks" "github.com/cloudflare/cloudflared/socks"
"github.com/cloudflare/cloudflared/token"
cfwebsocket "github.com/cloudflare/cloudflared/websocket" cfwebsocket "github.com/cloudflare/cloudflared/websocket"
"github.com/gorilla/websocket" "github.com/gorilla/websocket"

View File

@ -7,7 +7,7 @@ import (
"strings" "strings"
"github.com/cloudflare/cloudflared/carrier" "github.com/cloudflare/cloudflared/carrier"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/h2mux" "github.com/cloudflare/cloudflared/h2mux"
"github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/logger"
"github.com/cloudflare/cloudflared/validation" "github.com/cloudflare/cloudflared/validation"

View File

@ -2,20 +2,21 @@ package access
import ( import (
"fmt" "fmt"
"io"
"net/http" "net/http"
"net/url" "net/url"
"os" "os"
"os/exec"
"strings" "strings"
"text/template" "text/template"
"time" "time"
"github.com/cloudflare/cloudflared/carrier" "github.com/cloudflare/cloudflared/carrier"
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
"github.com/cloudflare/cloudflared/cmd/cloudflared/shell"
"github.com/cloudflare/cloudflared/cmd/cloudflared/token"
"github.com/cloudflare/cloudflared/h2mux" "github.com/cloudflare/cloudflared/h2mux"
"github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/logger"
"github.com/cloudflare/cloudflared/sshgen" "github.com/cloudflare/cloudflared/sshgen"
"github.com/cloudflare/cloudflared/token"
"github.com/cloudflare/cloudflared/validation" "github.com/cloudflare/cloudflared/validation"
"github.com/getsentry/raven-go" "github.com/getsentry/raven-go"
@ -271,7 +272,7 @@ func curl(c *cli.Context) error {
if err != nil || tok == "" { if err != nil || tok == "" {
if allowRequest { if allowRequest {
log.Info().Msg("You don't have an Access token set. Please run access token <access application> to fetch one.") log.Info().Msg("You don't have an Access token set. Please run access token <access application> to fetch one.")
return shell.Run("curl", cmdArgs...) return run("curl", cmdArgs...)
} }
tok, err = token.FetchToken(appURL, log) tok, err = token.FetchToken(appURL, log)
if err != nil { if err != nil {
@ -282,7 +283,29 @@ func curl(c *cli.Context) error {
cmdArgs = append(cmdArgs, "-H") cmdArgs = append(cmdArgs, "-H")
cmdArgs = append(cmdArgs, fmt.Sprintf("%s: %s", h2mux.CFAccessTokenHeader, tok)) cmdArgs = append(cmdArgs, fmt.Sprintf("%s: %s", h2mux.CFAccessTokenHeader, tok))
return shell.Run("curl", cmdArgs...) return run("curl", cmdArgs...)
}
// run kicks off a shell task and pipe the results to the respective std pipes
func run(cmd string, args ...string) error {
c := exec.Command(cmd, args...)
stderr, err := c.StderrPipe()
if err != nil {
return err
}
go func() {
io.Copy(os.Stderr, stderr)
}()
stdout, err := c.StdoutPipe()
if err != nil {
return err
}
go func() {
io.Copy(os.Stdout, stdout)
}()
return c.Run()
} }
// token dumps provided token to stdout // token dumps provided token to stdout

View File

@ -2,7 +2,7 @@ package main
import ( import (
"github.com/cloudflare/cloudflared/cmd/cloudflared/access" "github.com/cloudflare/cloudflared/cmd/cloudflared/access"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/rs/zerolog" "github.com/rs/zerolog"
) )

View File

@ -1,7 +1,7 @@
package main package main
import ( import (
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/tunneldns" "github.com/cloudflare/cloudflared/tunneldns"
"github.com/rs/zerolog" "github.com/rs/zerolog"

View File

@ -1,7 +1,7 @@
package main package main
import ( import (
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/overwatch" "github.com/cloudflare/cloudflared/overwatch"
"github.com/rs/zerolog" "github.com/rs/zerolog"

View File

@ -2,6 +2,7 @@ package buildinfo
import ( import (
"github.com/rs/zerolog" "github.com/rs/zerolog"
"fmt"
"runtime" "runtime"
) )
@ -25,3 +26,7 @@ func (bi *BuildInfo) Log(log *zerolog.Logger) {
log.Info().Msgf("Version %s", bi.CloudflaredVersion) log.Info().Msgf("Version %s", bi.CloudflaredVersion)
log.Info().Msgf("GOOS: %s, GOVersion: %s, GoArch: %s", bi.GoOS, bi.GoVersion, bi.GoArch) log.Info().Msgf("GOOS: %s, GOVersion: %s, GoArch: %s", bi.GoOS, bi.GoVersion, bi.GoArch)
} }
func (bi *BuildInfo) OSArch() string {
return fmt.Sprintf("%s_%s", bi.GoOS, bi.GoArch)
}

View File

@ -8,8 +8,8 @@ import (
"path/filepath" "path/filepath"
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
"github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel" "github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel"
"github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/logger"
"github.com/rs/zerolog" "github.com/rs/zerolog"

View File

@ -8,13 +8,13 @@ import (
"github.com/cloudflare/cloudflared/cmd/cloudflared/access" "github.com/cloudflare/cloudflared/cmd/cloudflared/access"
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/cmd/cloudflared/proxydns"
"github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel" "github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel"
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater" "github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
"github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/logger"
"github.com/cloudflare/cloudflared/metrics" "github.com/cloudflare/cloudflared/metrics"
"github.com/cloudflare/cloudflared/overwatch" "github.com/cloudflare/cloudflared/overwatch"
"github.com/cloudflare/cloudflared/tunneldns"
"github.com/cloudflare/cloudflared/watcher" "github.com/cloudflare/cloudflared/watcher"
"github.com/getsentry/raven-go" "github.com/getsentry/raven-go"
@ -130,7 +130,7 @@ To determine if an update happened in a script, check for error code 11.`,
}, },
} }
cmds = append(cmds, tunnel.Commands()...) cmds = append(cmds, tunnel.Commands()...)
cmds = append(cmds, tunneldns.Command(false)) cmds = append(cmds, proxydns.Command(false))
cmds = append(cmds, access.Commands()...) cmds = append(cmds, access.Commands()...)
return cmds return cmds
} }

View File

@ -0,0 +1,115 @@
package proxydns
import (
"net"
"os"
"os/signal"
"syscall"
"github.com/urfave/cli/v2"
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
"github.com/cloudflare/cloudflared/logger"
"github.com/cloudflare/cloudflared/metrics"
"github.com/cloudflare/cloudflared/tunneldns"
)
func Command(hidden bool) *cli.Command {
return &cli.Command{
Name: "proxy-dns",
Action: cliutil.ErrorHandler(Run),
Usage: "Run a DNS over HTTPS proxy server.",
Flags: []cli.Flag{
&cli.StringFlag{
Name: "metrics",
Value: "localhost:",
Usage: "Listen address for metrics reporting.",
EnvVars: []string{"TUNNEL_METRICS"},
},
&cli.StringFlag{
Name: "address",
Usage: "Listen address for the DNS over HTTPS proxy server.",
Value: "localhost",
EnvVars: []string{"TUNNEL_DNS_ADDRESS"},
},
// Note TUN-3758 , we use Int because UInt is not supported with altsrc
&cli.IntFlag{
Name: "port",
Usage: "Listen on given port for the DNS over HTTPS proxy server.",
Value: 53,
EnvVars: []string{"TUNNEL_DNS_PORT"},
},
&cli.StringSliceFlag{
Name: "upstream",
Usage: "Upstream endpoint URL, you can specify multiple endpoints for redundancy.",
Value: cli.NewStringSlice("https://1.1.1.1/dns-query", "https://1.0.0.1/dns-query"),
EnvVars: []string{"TUNNEL_DNS_UPSTREAM"},
},
&cli.StringSliceFlag{
Name: "bootstrap",
Usage: "bootstrap endpoint URL, you can specify multiple endpoints for redundancy.",
Value: cli.NewStringSlice("https://162.159.36.1/dns-query", "https://162.159.46.1/dns-query", "https://[2606:4700:4700::1111]/dns-query", "https://[2606:4700:4700::1001]/dns-query"),
EnvVars: []string{"TUNNEL_DNS_BOOTSTRAP"},
},
&cli.IntFlag{
Name: "max-upstream-conns",
Usage: "Maximum concurrent connections to upstream. Setting to 0 means unlimited.",
Value: tunneldns.MaxUpstreamConnsDefault,
EnvVars: []string{"TUNNEL_DNS_MAX_UPSTREAM_CONNS"},
},
},
ArgsUsage: " ", // can't be the empty string or we get the default output
Hidden: hidden,
}
}
// Run implements a foreground runner
func Run(c *cli.Context) error {
log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog)
metricsListener, err := net.Listen("tcp", c.String("metrics"))
if err != nil {
log.Fatal().Err(err).Msg("Failed to open the metrics listener")
}
go metrics.ServeMetrics(metricsListener, nil, nil, log)
listener, err := tunneldns.CreateListener(
c.String("address"),
// Note TUN-3758 , we use Int because UInt is not supported with altsrc
uint16(c.Int("port")),
c.StringSlice("upstream"),
c.StringSlice("bootstrap"),
c.Int("max-upstream-conns"),
log,
)
if err != nil {
log.Err(err).Msg("Failed to create the listeners")
return err
}
// Try to start the server
readySignal := make(chan struct{})
err = listener.Start(readySignal)
if err != nil {
log.Err(err).Msg("Failed to start the listeners")
return listener.Stop()
}
<-readySignal
// Wait for signal
signals := make(chan os.Signal, 10)
signal.Notify(signals, syscall.SIGTERM, syscall.SIGINT)
defer signal.Stop(signals)
<-signals
// Shut down server
err = listener.Stop()
if err != nil {
log.Err(err).Msg("failed to stop")
}
return err
}

View File

@ -12,7 +12,7 @@ import (
"github.com/mitchellh/go-homedir" "github.com/mitchellh/go-homedir"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
) )
type ServiceTemplate struct { type ServiceTemplate struct {

View File

@ -1,33 +0,0 @@
package shell
import (
"io"
"os"
"os/exec"
)
// OpenBrowser opens the specified URL in the default browser of the user
func OpenBrowser(url string) error {
return getBrowserCmd(url).Start()
}
// Run will kick off a shell task and pipe the results to the respective std pipes
func Run(cmd string, args ...string) error {
c := exec.Command(cmd, args...)
stderr, err := c.StderrPipe()
if err != nil {
return err
}
go func() {
io.Copy(os.Stderr, stderr)
}()
stdout, err := c.StdoutPipe()
if err != nil {
return err
}
go func() {
io.Copy(os.Stdout, stdout)
}()
return c.Run()
}

View File

@ -15,9 +15,10 @@ import (
"github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo" "github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo"
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/cmd/cloudflared/proxydns"
"github.com/cloudflare/cloudflared/cmd/cloudflared/ui" "github.com/cloudflare/cloudflared/cmd/cloudflared/ui"
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater" "github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
"github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/connection"
"github.com/cloudflare/cloudflared/ingress" "github.com/cloudflare/cloudflared/ingress"
"github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/logger"
@ -104,7 +105,7 @@ func Commands() []*cli.Command {
buildDeleteCommand(), buildDeleteCommand(),
buildCleanupCommand(), buildCleanupCommand(),
// for compatibility, allow following as tunnel subcommands // for compatibility, allow following as tunnel subcommands
tunneldns.Command(true), proxydns.Command(true),
cliutil.RemovedCommand("db-connect"), cliutil.RemovedCommand("db-connect"),
} }

View File

@ -9,7 +9,7 @@ import (
"strings" "strings"
"github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo" "github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/connection"
"github.com/cloudflare/cloudflared/edgediscovery" "github.com/cloudflare/cloudflared/edgediscovery"
"github.com/cloudflare/cloudflared/h2mux" "github.com/cloudflare/cloudflared/h2mux"
@ -207,7 +207,7 @@ func prepareTunnelConfig(
ClientID: clientUUID[:], ClientID: clientUUID[:],
Features: dedup(features), Features: dedup(features),
Version: version, Version: version,
Arch: fmt.Sprintf("%s_%s", buildInfo.GoOS, buildInfo.GoArch), Arch: buildInfo.OSArch(),
} }
ingressRules, err = ingress.ParseIngress(cfg) ingressRules, err = ingress.ParseIngress(cfg)
if err != nil && err != ingress.ErrNoIngressRules { if err != nil && err != ingress.ErrNoIngressRules {
@ -272,7 +272,7 @@ func prepareTunnelConfig(
return &origin.TunnelConfig{ return &origin.TunnelConfig{
ConnectionConfig: connectionConfig, ConnectionConfig: connectionConfig,
BuildInfo: buildInfo, OSArch: buildInfo.OSArch(),
ClientID: clientID, ClientID: clientID,
EdgeAddrs: c.StringSlice("edge"), EdgeAddrs: c.StringSlice("edge"),
HAConnections: c.Int("ha-connections"), HAConnections: c.Int("ha-connections"),

View File

@ -4,7 +4,7 @@ import (
"fmt" "fmt"
"path/filepath" "path/filepath"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/google/uuid" "github.com/google/uuid"
"github.com/rs/zerolog" "github.com/rs/zerolog"

View File

@ -5,7 +5,7 @@ import (
"net/url" "net/url"
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/ingress" "github.com/cloudflare/cloudflared/ingress"
"github.com/pkg/errors" "github.com/pkg/errors"

View File

@ -13,9 +13,9 @@ import (
"github.com/urfave/cli/v2" "github.com/urfave/cli/v2"
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/cmd/cloudflared/transfer"
"github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/logger"
"github.com/cloudflare/cloudflared/token"
) )
const ( const (
@ -56,7 +56,7 @@ func login(c *cli.Context) error {
return err return err
} }
resourceData, err := transfer.Run( resourceData, err := token.RunTransfer(
loginURL, loginURL,
"cert", "cert",
"callback", "callback",

View File

@ -13,7 +13,6 @@ import (
"text/tabwriter" "text/tabwriter"
"time" "time"
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
"github.com/google/uuid" "github.com/google/uuid"
"github.com/mitchellh/go-homedir" "github.com/mitchellh/go-homedir"
"github.com/pkg/errors" "github.com/pkg/errors"
@ -23,7 +22,8 @@ import (
"gopkg.in/yaml.v2" "gopkg.in/yaml.v2"
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil" "github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
"github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/connection"
"github.com/cloudflare/cloudflared/tunnelstore" "github.com/cloudflare/cloudflared/tunnelstore"
) )

View File

@ -8,12 +8,13 @@ import (
"runtime" "runtime"
"time" "time"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
"github.com/cloudflare/cloudflared/logger"
"github.com/facebookgo/grace/gracenet" "github.com/facebookgo/grace/gracenet"
"github.com/rs/zerolog" "github.com/rs/zerolog"
"github.com/urfave/cli/v2" "github.com/urfave/cli/v2"
"golang.org/x/crypto/ssh/terminal" "golang.org/x/crypto/ssh/terminal"
"github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/logger"
) )
const ( const (

View File

@ -11,11 +11,11 @@ import (
"github.com/mitchellh/go-homedir" "github.com/mitchellh/go-homedir"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/rs/zerolog"
"github.com/urfave/cli/v2" "github.com/urfave/cli/v2"
"gopkg.in/yaml.v2" "gopkg.in/yaml.v2"
"github.com/cloudflare/cloudflared/validation" "github.com/cloudflare/cloudflared/validation"
"github.com/rs/zerolog"
) )
var ( var (

View File

@ -9,7 +9,7 @@ import (
"strings" "strings"
"sync" "sync"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/rs/zerolog" "github.com/rs/zerolog"

View File

@ -14,7 +14,7 @@ import (
"github.com/urfave/cli/v2" "github.com/urfave/cli/v2"
"gopkg.in/yaml.v2" "gopkg.in/yaml.v2"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/tlsconfig" "github.com/cloudflare/cloudflared/tlsconfig"
) )

View File

@ -3,9 +3,10 @@ package ingress
import ( import (
"time" "time"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
"github.com/cloudflare/cloudflared/tlsconfig"
"github.com/urfave/cli/v2" "github.com/urfave/cli/v2"
"github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/tlsconfig"
) )
const ( const (

View File

@ -5,7 +5,7 @@ import (
"testing" "testing"
"time" "time"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
"github.com/urfave/cli/v2" "github.com/urfave/cli/v2"
"gopkg.in/yaml.v2" "gopkg.in/yaml.v2"

View File

@ -1,17 +1,17 @@
package buffer package origin
import ( import (
"sync" "sync"
) )
type Pool struct { type bufferPool struct {
// A Pool must not be copied after first use. // A bufferPool must not be copied after first use.
// https://golang.org/pkg/sync/#Pool // https://golang.org/pkg/sync/#Pool
buffers sync.Pool buffers sync.Pool
} }
func NewPool(bufferSize int) *Pool { func newBufferPool(bufferSize int) *bufferPool {
return &Pool{ return &bufferPool{
buffers: sync.Pool{ buffers: sync.Pool{
New: func() interface{} { New: func() interface{} {
return make([]byte, bufferSize) return make([]byte, bufferSize)
@ -20,10 +20,10 @@ func NewPool(bufferSize int) *Pool {
} }
} }
func (p *Pool) Get() []byte { func (p *bufferPool) Get() []byte {
return p.buffers.Get().([]byte) return p.buffers.Get().([]byte)
} }
func (p *Pool) Put(buf []byte) { func (p *bufferPool) Put(buf []byte) {
p.buffers.Put(buf) p.buffers.Put(buf)
} }

View File

@ -9,12 +9,12 @@ import (
"strconv" "strconv"
"strings" "strings"
"github.com/cloudflare/cloudflared/buffer" "github.com/pkg/errors"
"github.com/rs/zerolog"
"github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/connection"
"github.com/cloudflare/cloudflared/ingress" "github.com/cloudflare/cloudflared/ingress"
tunnelpogs "github.com/cloudflare/cloudflared/tunnelrpc/pogs" tunnelpogs "github.com/cloudflare/cloudflared/tunnelrpc/pogs"
"github.com/pkg/errors"
"github.com/rs/zerolog"
) )
const ( const (
@ -26,7 +26,7 @@ type proxy struct {
warpRouting *ingress.WarpRoutingService warpRouting *ingress.WarpRoutingService
tags []tunnelpogs.Tag tags []tunnelpogs.Tag
log *zerolog.Logger log *zerolog.Logger
bufferPool *buffer.Pool bufferPool *bufferPool
} }
func NewOriginProxy( func NewOriginProxy(
@ -40,7 +40,7 @@ func NewOriginProxy(
warpRouting: warpRouting, warpRouting: warpRouting,
tags: tags, tags: tags,
log: log, log: log,
bufferPool: buffer.NewPool(512 * 1024), bufferPool: newBufferPool(512 * 1024),
} }
} }

View File

@ -15,7 +15,7 @@ import (
"github.com/cloudflare/cloudflared/logger" "github.com/cloudflare/cloudflared/logger"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/connection"
"github.com/cloudflare/cloudflared/hello" "github.com/cloudflare/cloudflared/hello"
"github.com/cloudflare/cloudflared/ingress" "github.com/cloudflare/cloudflared/ingress"

View File

@ -15,7 +15,6 @@ import (
"github.com/rs/zerolog" "github.com/rs/zerolog"
"golang.org/x/sync/errgroup" "golang.org/x/sync/errgroup"
"github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo"
"github.com/cloudflare/cloudflared/connection" "github.com/cloudflare/cloudflared/connection"
"github.com/cloudflare/cloudflared/edgediscovery" "github.com/cloudflare/cloudflared/edgediscovery"
"github.com/cloudflare/cloudflared/h2mux" "github.com/cloudflare/cloudflared/h2mux"
@ -40,7 +39,7 @@ const (
type TunnelConfig struct { type TunnelConfig struct {
ConnectionConfig *connection.Config ConnectionConfig *connection.Config
BuildInfo *buildinfo.BuildInfo OSArch string
ClientID string ClientID string
CloseConnOnce *sync.Once // Used to close connectedSignal no more than once CloseConnOnce *sync.Once // Used to close connectedSignal no more than once
EdgeAddrs []string EdgeAddrs []string
@ -72,7 +71,7 @@ func (c *TunnelConfig) RegistrationOptions(connectionID uint8, OriginLocalIP str
return &tunnelpogs.RegistrationOptions{ return &tunnelpogs.RegistrationOptions{
ClientID: c.ClientID, ClientID: c.ClientID,
Version: c.ReportedVersion, Version: c.ReportedVersion,
OS: fmt.Sprintf("%s_%s", c.BuildInfo.GoOS, c.BuildInfo.GoArch), OS: c.OSArch,
ExistingTunnelPolicy: policy, ExistingTunnelPolicy: policy,
PoolName: c.LBPool, PoolName: c.LBPool,
Tags: c.Tags, Tags: c.Tags,

View File

@ -15,12 +15,13 @@ import (
"net/url" "net/url"
"time" "time"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
cfpath "github.com/cloudflare/cloudflared/cmd/cloudflared/path"
"github.com/coreos/go-oidc/jose" "github.com/coreos/go-oidc/jose"
homedir "github.com/mitchellh/go-homedir" homedir "github.com/mitchellh/go-homedir"
"github.com/pkg/errors" "github.com/pkg/errors"
gossh "golang.org/x/crypto/ssh" gossh "golang.org/x/crypto/ssh"
"github.com/cloudflare/cloudflared/config"
cfpath "github.com/cloudflare/cloudflared/token"
) )
const ( const (

View File

@ -14,10 +14,11 @@ import (
"testing" "testing"
"time" "time"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
cfpath "github.com/cloudflare/cloudflared/cmd/cloudflared/path"
"github.com/coreos/go-oidc/jose" "github.com/coreos/go-oidc/jose"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/cloudflare/cloudflared/config"
cfpath "github.com/cloudflare/cloudflared/token"
) )
const ( const (

View File

@ -4,12 +4,12 @@
// You can read more here https://godoc.org/golang.org/x/crypto/nacl/box. // You can read more here https://godoc.org/golang.org/x/crypto/nacl/box.
// //
// msg := []byte("super safe message.") // msg := []byte("super safe message.")
// alice, err := New("alice_priv_key.pem", "alice_pub_key.pem") // alice, err := NewEncrypter("alice_priv_key.pem", "alice_pub_key.pem")
// if err != nil { // if err != nil {
// log.Fatal(err) // log.Fatal(err)
// } // }
// //
// bob, err := New("bob_priv_key.pem", "bob_pub_key.pem") // bob, err := NewEncrypter("bob_priv_key.pem", "bob_pub_key.pem")
// if err != nil { // if err != nil {
// log.Fatal(err) // log.Fatal(err)
// } // }
@ -23,7 +23,7 @@
// log.Fatal(err) // log.Fatal(err)
// } // }
// fmt.Println(string(data)) // fmt.Println(string(data))
package encrypter package token
import ( import (
"bytes" "bytes"
@ -44,8 +44,8 @@ type Encrypter struct {
publicKey *[32]byte publicKey *[32]byte
} }
// New returns a new encrypter with initialized keypair // NewEncrypter returns a new encrypter with initialized keypair
func New(privateKey, publicKey string) (*Encrypter, error) { func NewEncrypter(privateKey, publicKey string) (*Encrypter, error) {
e := &Encrypter{} e := &Encrypter{}
pubKey, key, err := e.fetchOrGenerateKeys(privateKey, publicKey) pubKey, key, err := e.fetchOrGenerateKeys(privateKey, publicKey)
if err != nil { if err != nil {

View File

@ -1,6 +1,6 @@
//+build darwin //+build darwin
package shell package token
import ( import (
"os/exec" "os/exec"

View File

@ -1,6 +1,6 @@
//+build !windows,!darwin,!linux,!netbsd,!freebsd,!openbsd //+build !windows,!darwin,!linux,!netbsd,!freebsd,!openbsd
package shell package token
import ( import (
"os/exec" "os/exec"

View File

@ -1,6 +1,6 @@
//+build linux freebsd openbsd netbsd //+build linux freebsd openbsd netbsd
package shell package token
import ( import (
"os/exec" "os/exec"

View File

@ -1,6 +1,6 @@
//+build windows //+build windows
package shell package token
import ( import (
"fmt" "fmt"

View File

@ -1,4 +1,4 @@
package path package token
import ( import (
"fmt" "fmt"
@ -7,8 +7,9 @@ import (
"path/filepath" "path/filepath"
"strings" "strings"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
"github.com/mitchellh/go-homedir" "github.com/mitchellh/go-homedir"
"github.com/cloudflare/cloudflared/config"
) )
// GenerateAppTokenFilePathFromURL will return a filepath for given Access org token // GenerateAppTokenFilePathFromURL will return a filepath for given Access org token
@ -21,8 +22,8 @@ func GenerateAppTokenFilePathFromURL(url *url.URL, suffix string) (string, error
return filepath.Join(configPath, name), nil return filepath.Join(configPath, name), nil
} }
// GenerateOrgTokenFilePathFromURL will return a filepath for given Access application token // generateOrgTokenFilePathFromURL will return a filepath for given Access application token
func GenerateOrgTokenFilePathFromURL(authDomain string) (string, error) { func generateOrgTokenFilePathFromURL(authDomain string) (string, error) {
configPath, err := getConfigPath() configPath, err := getConfigPath()
if err != nil { if err != nil {
return "", err return "", err

7
token/shell.go Normal file
View File

@ -0,0 +1,7 @@
package token
// OpenBrowser opens the specified URL in the default browser of the user
func OpenBrowser(url string) error {
return getBrowserCmd(url).Start()
}

View File

@ -13,9 +13,7 @@ import (
"syscall" "syscall"
"time" "time"
"github.com/cloudflare/cloudflared/cmd/cloudflared/config" "github.com/cloudflare/cloudflared/config"
"github.com/cloudflare/cloudflared/cmd/cloudflared/path"
"github.com/cloudflare/cloudflared/cmd/cloudflared/transfer"
"github.com/cloudflare/cloudflared/origin" "github.com/cloudflare/cloudflared/origin"
"github.com/coreos/go-oidc/jose" "github.com/coreos/go-oidc/jose"
@ -102,7 +100,7 @@ func (l *lock) Acquire() error {
os.Exit(0) os.Exit(0)
}) })
// Check for a path.lock file // Check for a lock file
// if the lock file exists; start polling // if the lock file exists; start polling
// if not, create the lock file and go through the normal flow. // if not, create the lock file and go through the normal flow.
// See AUTH-1736 for the reason why we do all this // See AUTH-1736 for the reason why we do all this
@ -160,7 +158,7 @@ func getToken(appURL *url.URL, useHostOnly bool, log *zerolog.Logger) (string, e
return token, nil return token, nil
} }
appTokenPath, err := path.GenerateAppTokenFilePathFromURL(appURL, keyName) appTokenPath, err := GenerateAppTokenFilePathFromURL(appURL, keyName)
if err != nil { if err != nil {
return "", errors.Wrap(err, "failed to generate app token file path") return "", errors.Wrap(err, "failed to generate app token file path")
} }
@ -184,7 +182,7 @@ func getToken(appURL *url.URL, useHostOnly bool, log *zerolog.Logger) (string, e
} else { } else {
orgToken, err := GetOrgTokenIfExists(authDomain) orgToken, err := GetOrgTokenIfExists(authDomain)
if err != nil { if err != nil {
orgTokenPath, err = path.GenerateOrgTokenFilePathFromURL(authDomain) orgTokenPath, err = generateOrgTokenFilePathFromURL(authDomain)
if err != nil { if err != nil {
return "", errors.Wrap(err, "failed to generate org token file path") return "", errors.Wrap(err, "failed to generate org token file path")
} }
@ -220,7 +218,7 @@ func getTokensFromEdge(appURL *url.URL, appTokenPath, orgTokenPath string, useHo
// this weird parameter is the resource name (token) and the key/value // this weird parameter is the resource name (token) and the key/value
// we want to send to the transfer service. the key is token and the value // we want to send to the transfer service. the key is token and the value
// is blank (basically just the id generated in the transfer service) // is blank (basically just the id generated in the transfer service)
resourceData, err := transfer.Run(appURL, keyName, keyName, "", true, useHostOnly, log) resourceData, err := RunTransfer(appURL, keyName, keyName, "", true, useHostOnly, log)
if err != nil { if err != nil {
return "", errors.Wrap(err, "failed to run transfer service") return "", errors.Wrap(err, "failed to run transfer service")
} }
@ -316,7 +314,7 @@ func exchangeOrgToken(appURL *url.URL, orgToken string) (string, error) {
} }
func GetOrgTokenIfExists(authDomain string) (string, error) { func GetOrgTokenIfExists(authDomain string) (string, error) {
path, err := path.GenerateOrgTokenFilePathFromURL(authDomain) path, err := generateOrgTokenFilePathFromURL(authDomain)
if err != nil { if err != nil {
return "", err return "", err
} }
@ -338,7 +336,7 @@ func GetOrgTokenIfExists(authDomain string) (string, error) {
} }
func GetAppTokenIfExists(url *url.URL) (string, error) { func GetAppTokenIfExists(url *url.URL) (string, error) {
path, err := path.GenerateAppTokenFilePathFromURL(url, keyName) path, err := GenerateAppTokenFilePathFromURL(url, keyName)
if err != nil { if err != nil {
return "", err return "", err
} }
@ -376,7 +374,7 @@ func getTokenIfExists(path string) (*jose.JWT, error) {
// RemoveTokenIfExists removes the a token from local storage if it exists // RemoveTokenIfExists removes the a token from local storage if it exists
func RemoveTokenIfExists(url *url.URL) error { func RemoveTokenIfExists(url *url.URL) error {
path, err := path.GenerateAppTokenFilePathFromURL(url, keyName) path, err := GenerateAppTokenFilePathFromURL(url, keyName)
if err != nil { if err != nil {
return err return err
} }

View File

@ -1,3 +1,5 @@
//+build linux
package token package token
import ( import (

View File

@ -1,4 +1,4 @@
package transfer package token
import ( import (
"bytes" "bytes"
@ -10,8 +10,6 @@ import (
"os" "os"
"time" "time"
"github.com/cloudflare/cloudflared/cmd/cloudflared/encrypter"
"github.com/cloudflare/cloudflared/cmd/cloudflared/shell"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/rs/zerolog" "github.com/rs/zerolog"
) )
@ -21,14 +19,14 @@ const (
clientTimeout = time.Second * 60 clientTimeout = time.Second * 60
) )
// Run does the transfer "dance" with the end result downloading the supported resource. // RunTransfer does the transfer "dance" with the end result downloading the supported resource.
// The expanded description is run is encapsulation of shared business logic needed // The expanded description is run is encapsulation of shared business logic needed
// to request a resource (token/cert/etc) from the transfer service (loginhelper). // to request a resource (token/cert/etc) from the transfer service (loginhelper).
// The "dance" we refer to is building a HTTP request, opening that in a browser waiting for // The "dance" we refer to is building a HTTP request, opening that in a browser waiting for
// the user to complete an action, while it long polls in the background waiting for an // the user to complete an action, while it long polls in the background waiting for an
// action to be completed to download the resource. // action to be completed to download the resource.
func Run(transferURL *url.URL, resourceName, key, value string, shouldEncrypt bool, useHostOnly bool, log *zerolog.Logger) ([]byte, error) { func RunTransfer(transferURL *url.URL, resourceName, key, value string, shouldEncrypt bool, useHostOnly bool, log *zerolog.Logger) ([]byte, error) {
encrypterClient, err := encrypter.New("cloudflared_priv.pem", "cloudflared_pub.pem") encrypterClient, err := NewEncrypter("cloudflared_priv.pem", "cloudflared_pub.pem")
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -38,7 +36,7 @@ func Run(transferURL *url.URL, resourceName, key, value string, shouldEncrypt bo
} }
// See AUTH-1423 for why we use stderr (the way git wraps ssh) // See AUTH-1423 for why we use stderr (the way git wraps ssh)
err = shell.OpenBrowser(requestURL) err = OpenBrowser(requestURL)
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "Please open the following URL and log in with your Cloudflare account:\n\n%s\n\nLeave cloudflared running to download the %s automatically.\n", requestURL, resourceName) fmt.Fprintf(os.Stderr, "Please open the following URL and log in with your Cloudflare account:\n\n%s\n\nLeave cloudflared running to download the %s automatically.\n", requestURL, resourceName)
} else { } else {

View File

@ -2,22 +2,14 @@ package tunneldns
import ( import (
"net" "net"
"os"
"os/signal"
"strconv" "strconv"
"sync" "sync"
"syscall"
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
"github.com/cloudflare/cloudflared/logger"
"github.com/cloudflare/cloudflared/metrics"
"github.com/coredns/coredns/core/dnsserver" "github.com/coredns/coredns/core/dnsserver"
"github.com/coredns/coredns/plugin" "github.com/coredns/coredns/plugin"
"github.com/coredns/coredns/plugin/cache" "github.com/coredns/coredns/plugin/cache"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/rs/zerolog" "github.com/rs/zerolog"
"github.com/urfave/cli/v2"
) )
const ( const (
@ -33,104 +25,6 @@ type Listener struct {
log *zerolog.Logger log *zerolog.Logger
} }
func Command(hidden bool) *cli.Command {
return &cli.Command{
Name: "proxy-dns",
Action: cliutil.ErrorHandler(Run),
Usage: "Run a DNS over HTTPS proxy server.",
Flags: []cli.Flag{
&cli.StringFlag{
Name: "metrics",
Value: "localhost:",
Usage: "Listen address for metrics reporting.",
EnvVars: []string{"TUNNEL_METRICS"},
},
&cli.StringFlag{
Name: "address",
Usage: "Listen address for the DNS over HTTPS proxy server.",
Value: "localhost",
EnvVars: []string{"TUNNEL_DNS_ADDRESS"},
},
// Note TUN-3758 , we use Int because UInt is not supported with altsrc
&cli.IntFlag{
Name: "port",
Usage: "Listen on given port for the DNS over HTTPS proxy server.",
Value: 53,
EnvVars: []string{"TUNNEL_DNS_PORT"},
},
&cli.StringSliceFlag{
Name: "upstream",
Usage: "Upstream endpoint URL, you can specify multiple endpoints for redundancy.",
Value: cli.NewStringSlice("https://1.1.1.1/dns-query", "https://1.0.0.1/dns-query"),
EnvVars: []string{"TUNNEL_DNS_UPSTREAM"},
},
&cli.StringSliceFlag{
Name: "bootstrap",
Usage: "bootstrap endpoint URL, you can specify multiple endpoints for redundancy.",
Value: cli.NewStringSlice("https://162.159.36.1/dns-query", "https://162.159.46.1/dns-query", "https://[2606:4700:4700::1111]/dns-query", "https://[2606:4700:4700::1001]/dns-query"),
EnvVars: []string{"TUNNEL_DNS_BOOTSTRAP"},
},
&cli.IntFlag{
Name: "max-upstream-conns",
Usage: "Maximum concurrent connections to upstream. Setting to 0 means unlimited.",
Value: MaxUpstreamConnsDefault,
EnvVars: []string{"TUNNEL_DNS_MAX_UPSTREAM_CONNS"},
},
},
ArgsUsage: " ", // can't be the empty string or we get the default output
Hidden: hidden,
}
}
// Run implements a foreground runner
func Run(c *cli.Context) error {
log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog)
metricsListener, err := net.Listen("tcp", c.String("metrics"))
if err != nil {
log.Fatal().Err(err).Msg("Failed to open the metrics listener")
}
go metrics.ServeMetrics(metricsListener, nil, nil, log)
listener, err := CreateListener(
c.String("address"),
// Note TUN-3758 , we use Int because UInt is not supported with altsrc
uint16(c.Int("port")),
c.StringSlice("upstream"),
c.StringSlice("bootstrap"),
c.Int("max-upstream-conns"),
log,
)
if err != nil {
log.Err(err).Msg("Failed to create the listeners")
return err
}
// Try to start the server
readySignal := make(chan struct{})
err = listener.Start(readySignal)
if err != nil {
log.Err(err).Msg("Failed to start the listeners")
return listener.Stop()
}
<-readySignal
// Wait for signal
signals := make(chan os.Signal, 10)
signal.Notify(signals, syscall.SIGTERM, syscall.SIGINT)
defer signal.Stop(signals)
<-signals
// Shut down server
err = listener.Stop()
if err != nil {
log.Err(err).Msg("failed to stop")
}
return err
}
// Create a CoreDNS server plugin from configuration // Create a CoreDNS server plugin from configuration
func createConfig(address string, port uint16, p plugin.Handler) *dnsserver.Config { func createConfig(address string, port uint16, p plugin.Handler) *dnsserver.Config {
c := &dnsserver.Config{ c := &dnsserver.Config{