TUN-4063: Cleanup dependencies between packages.
- Move packages the provide generic functionality (such as config) from `cmd` subtree to top level. - Remove all dependencies on `cmd` subtree from top level packages. - Consolidate all code dealing with token generation and transfer to a single cohesive package.
This commit is contained in:
parent
d83d6d54ed
commit
39065377b5
|
@ -1,21 +1,17 @@
|
||||||
.GOPATH/
|
/tmp
|
||||||
bin/
|
|
||||||
tmp/
|
|
||||||
guide/public
|
|
||||||
/.GOPATH
|
|
||||||
/bin
|
/bin
|
||||||
.idea
|
.idea
|
||||||
.build
|
.build
|
||||||
.vscode
|
.vscode
|
||||||
\#*\#
|
\#*\#
|
||||||
cscope.*
|
cscope.*
|
||||||
cloudflared
|
/cloudflared
|
||||||
cloudflared.pkg
|
/cloudflared.pkg
|
||||||
cloudflared.exe
|
/cloudflared.exe
|
||||||
cloudflared.msi
|
/cloudflared.msi
|
||||||
cloudflared-x86-64*
|
/cloudflared-x86-64*
|
||||||
!cmd/cloudflared/
|
/packaging
|
||||||
.DS_Store
|
.DS_Store
|
||||||
*-session.log
|
*-session.log
|
||||||
ssh_server_tests/.env
|
ssh_server_tests/.env
|
||||||
.cover
|
/.cover
|
||||||
|
|
|
@ -11,8 +11,8 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/token"
|
|
||||||
"github.com/cloudflare/cloudflared/h2mux"
|
"github.com/cloudflare/cloudflared/h2mux"
|
||||||
|
"github.com/cloudflare/cloudflared/token"
|
||||||
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
|
|
|
@ -7,9 +7,9 @@ import (
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httputil"
|
"net/http/httputil"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/token"
|
|
||||||
"github.com/cloudflare/cloudflared/ingress"
|
"github.com/cloudflare/cloudflared/ingress"
|
||||||
"github.com/cloudflare/cloudflared/socks"
|
"github.com/cloudflare/cloudflared/socks"
|
||||||
|
"github.com/cloudflare/cloudflared/token"
|
||||||
cfwebsocket "github.com/cloudflare/cloudflared/websocket"
|
cfwebsocket "github.com/cloudflare/cloudflared/websocket"
|
||||||
|
|
||||||
"github.com/gorilla/websocket"
|
"github.com/gorilla/websocket"
|
||||||
|
|
|
@ -7,7 +7,7 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/carrier"
|
"github.com/cloudflare/cloudflared/carrier"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/h2mux"
|
"github.com/cloudflare/cloudflared/h2mux"
|
||||||
"github.com/cloudflare/cloudflared/logger"
|
"github.com/cloudflare/cloudflared/logger"
|
||||||
"github.com/cloudflare/cloudflared/validation"
|
"github.com/cloudflare/cloudflared/validation"
|
||||||
|
|
|
@ -2,20 +2,21 @@ package access
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"os"
|
"os"
|
||||||
|
"os/exec"
|
||||||
"strings"
|
"strings"
|
||||||
"text/template"
|
"text/template"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/carrier"
|
"github.com/cloudflare/cloudflared/carrier"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/shell"
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/token"
|
|
||||||
"github.com/cloudflare/cloudflared/h2mux"
|
"github.com/cloudflare/cloudflared/h2mux"
|
||||||
"github.com/cloudflare/cloudflared/logger"
|
"github.com/cloudflare/cloudflared/logger"
|
||||||
"github.com/cloudflare/cloudflared/sshgen"
|
"github.com/cloudflare/cloudflared/sshgen"
|
||||||
|
"github.com/cloudflare/cloudflared/token"
|
||||||
"github.com/cloudflare/cloudflared/validation"
|
"github.com/cloudflare/cloudflared/validation"
|
||||||
|
|
||||||
"github.com/getsentry/raven-go"
|
"github.com/getsentry/raven-go"
|
||||||
|
@ -271,7 +272,7 @@ func curl(c *cli.Context) error {
|
||||||
if err != nil || tok == "" {
|
if err != nil || tok == "" {
|
||||||
if allowRequest {
|
if allowRequest {
|
||||||
log.Info().Msg("You don't have an Access token set. Please run access token <access application> to fetch one.")
|
log.Info().Msg("You don't have an Access token set. Please run access token <access application> to fetch one.")
|
||||||
return shell.Run("curl", cmdArgs...)
|
return run("curl", cmdArgs...)
|
||||||
}
|
}
|
||||||
tok, err = token.FetchToken(appURL, log)
|
tok, err = token.FetchToken(appURL, log)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -282,7 +283,29 @@ func curl(c *cli.Context) error {
|
||||||
|
|
||||||
cmdArgs = append(cmdArgs, "-H")
|
cmdArgs = append(cmdArgs, "-H")
|
||||||
cmdArgs = append(cmdArgs, fmt.Sprintf("%s: %s", h2mux.CFAccessTokenHeader, tok))
|
cmdArgs = append(cmdArgs, fmt.Sprintf("%s: %s", h2mux.CFAccessTokenHeader, tok))
|
||||||
return shell.Run("curl", cmdArgs...)
|
return run("curl", cmdArgs...)
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// run kicks off a shell task and pipe the results to the respective std pipes
|
||||||
|
func run(cmd string, args ...string) error {
|
||||||
|
c := exec.Command(cmd, args...)
|
||||||
|
stderr, err := c.StderrPipe()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
go func() {
|
||||||
|
io.Copy(os.Stderr, stderr)
|
||||||
|
}()
|
||||||
|
|
||||||
|
stdout, err := c.StdoutPipe()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
go func() {
|
||||||
|
io.Copy(os.Stdout, stdout)
|
||||||
|
}()
|
||||||
|
return c.Run()
|
||||||
}
|
}
|
||||||
|
|
||||||
// token dumps provided token to stdout
|
// token dumps provided token to stdout
|
||||||
|
|
|
@ -2,7 +2,7 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/access"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/access"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
|
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
)
|
)
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/tunneldns"
|
"github.com/cloudflare/cloudflared/tunneldns"
|
||||||
|
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
package main
|
package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/overwatch"
|
"github.com/cloudflare/cloudflared/overwatch"
|
||||||
|
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
|
|
|
@ -2,6 +2,7 @@ package buildinfo
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
|
"fmt"
|
||||||
"runtime"
|
"runtime"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -25,3 +26,7 @@ func (bi *BuildInfo) Log(log *zerolog.Logger) {
|
||||||
log.Info().Msgf("Version %s", bi.CloudflaredVersion)
|
log.Info().Msgf("Version %s", bi.CloudflaredVersion)
|
||||||
log.Info().Msgf("GOOS: %s, GOVersion: %s, GoArch: %s", bi.GoOS, bi.GoVersion, bi.GoArch)
|
log.Info().Msgf("GOOS: %s, GOVersion: %s, GoArch: %s", bi.GoOS, bi.GoVersion, bi.GoArch)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (bi *BuildInfo) OSArch() string {
|
||||||
|
return fmt.Sprintf("%s_%s", bi.GoOS, bi.GoArch)
|
||||||
|
}
|
||||||
|
|
|
@ -8,8 +8,8 @@ import (
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel"
|
||||||
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/logger"
|
"github.com/cloudflare/cloudflared/logger"
|
||||||
|
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
|
|
|
@ -8,13 +8,13 @@ import (
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/access"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/access"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/proxydns"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/tunnel"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
|
||||||
"github.com/cloudflare/cloudflared/logger"
|
"github.com/cloudflare/cloudflared/logger"
|
||||||
"github.com/cloudflare/cloudflared/metrics"
|
"github.com/cloudflare/cloudflared/metrics"
|
||||||
"github.com/cloudflare/cloudflared/overwatch"
|
"github.com/cloudflare/cloudflared/overwatch"
|
||||||
"github.com/cloudflare/cloudflared/tunneldns"
|
|
||||||
"github.com/cloudflare/cloudflared/watcher"
|
"github.com/cloudflare/cloudflared/watcher"
|
||||||
|
|
||||||
"github.com/getsentry/raven-go"
|
"github.com/getsentry/raven-go"
|
||||||
|
@ -130,7 +130,7 @@ To determine if an update happened in a script, check for error code 11.`,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
cmds = append(cmds, tunnel.Commands()...)
|
cmds = append(cmds, tunnel.Commands()...)
|
||||||
cmds = append(cmds, tunneldns.Command(false))
|
cmds = append(cmds, proxydns.Command(false))
|
||||||
cmds = append(cmds, access.Commands()...)
|
cmds = append(cmds, access.Commands()...)
|
||||||
return cmds
|
return cmds
|
||||||
}
|
}
|
||||||
|
|
|
@ -0,0 +1,115 @@
|
||||||
|
package proxydns
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net"
|
||||||
|
"os"
|
||||||
|
"os/signal"
|
||||||
|
"syscall"
|
||||||
|
|
||||||
|
"github.com/urfave/cli/v2"
|
||||||
|
|
||||||
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
||||||
|
"github.com/cloudflare/cloudflared/logger"
|
||||||
|
"github.com/cloudflare/cloudflared/metrics"
|
||||||
|
"github.com/cloudflare/cloudflared/tunneldns"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Command(hidden bool) *cli.Command {
|
||||||
|
return &cli.Command{
|
||||||
|
Name: "proxy-dns",
|
||||||
|
Action: cliutil.ErrorHandler(Run),
|
||||||
|
Usage: "Run a DNS over HTTPS proxy server.",
|
||||||
|
Flags: []cli.Flag{
|
||||||
|
&cli.StringFlag{
|
||||||
|
Name: "metrics",
|
||||||
|
Value: "localhost:",
|
||||||
|
Usage: "Listen address for metrics reporting.",
|
||||||
|
EnvVars: []string{"TUNNEL_METRICS"},
|
||||||
|
},
|
||||||
|
&cli.StringFlag{
|
||||||
|
Name: "address",
|
||||||
|
Usage: "Listen address for the DNS over HTTPS proxy server.",
|
||||||
|
Value: "localhost",
|
||||||
|
EnvVars: []string{"TUNNEL_DNS_ADDRESS"},
|
||||||
|
},
|
||||||
|
// Note TUN-3758 , we use Int because UInt is not supported with altsrc
|
||||||
|
&cli.IntFlag{
|
||||||
|
Name: "port",
|
||||||
|
Usage: "Listen on given port for the DNS over HTTPS proxy server.",
|
||||||
|
Value: 53,
|
||||||
|
EnvVars: []string{"TUNNEL_DNS_PORT"},
|
||||||
|
},
|
||||||
|
&cli.StringSliceFlag{
|
||||||
|
Name: "upstream",
|
||||||
|
Usage: "Upstream endpoint URL, you can specify multiple endpoints for redundancy.",
|
||||||
|
Value: cli.NewStringSlice("https://1.1.1.1/dns-query", "https://1.0.0.1/dns-query"),
|
||||||
|
EnvVars: []string{"TUNNEL_DNS_UPSTREAM"},
|
||||||
|
},
|
||||||
|
&cli.StringSliceFlag{
|
||||||
|
Name: "bootstrap",
|
||||||
|
Usage: "bootstrap endpoint URL, you can specify multiple endpoints for redundancy.",
|
||||||
|
Value: cli.NewStringSlice("https://162.159.36.1/dns-query", "https://162.159.46.1/dns-query", "https://[2606:4700:4700::1111]/dns-query", "https://[2606:4700:4700::1001]/dns-query"),
|
||||||
|
EnvVars: []string{"TUNNEL_DNS_BOOTSTRAP"},
|
||||||
|
},
|
||||||
|
&cli.IntFlag{
|
||||||
|
Name: "max-upstream-conns",
|
||||||
|
Usage: "Maximum concurrent connections to upstream. Setting to 0 means unlimited.",
|
||||||
|
Value: tunneldns.MaxUpstreamConnsDefault,
|
||||||
|
EnvVars: []string{"TUNNEL_DNS_MAX_UPSTREAM_CONNS"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
ArgsUsage: " ", // can't be the empty string or we get the default output
|
||||||
|
Hidden: hidden,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Run implements a foreground runner
|
||||||
|
func Run(c *cli.Context) error {
|
||||||
|
log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog)
|
||||||
|
|
||||||
|
metricsListener, err := net.Listen("tcp", c.String("metrics"))
|
||||||
|
if err != nil {
|
||||||
|
log.Fatal().Err(err).Msg("Failed to open the metrics listener")
|
||||||
|
}
|
||||||
|
|
||||||
|
go metrics.ServeMetrics(metricsListener, nil, nil, log)
|
||||||
|
|
||||||
|
listener, err := tunneldns.CreateListener(
|
||||||
|
c.String("address"),
|
||||||
|
// Note TUN-3758 , we use Int because UInt is not supported with altsrc
|
||||||
|
uint16(c.Int("port")),
|
||||||
|
c.StringSlice("upstream"),
|
||||||
|
c.StringSlice("bootstrap"),
|
||||||
|
c.Int("max-upstream-conns"),
|
||||||
|
log,
|
||||||
|
)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
log.Err(err).Msg("Failed to create the listeners")
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
// Try to start the server
|
||||||
|
readySignal := make(chan struct{})
|
||||||
|
err = listener.Start(readySignal)
|
||||||
|
if err != nil {
|
||||||
|
log.Err(err).Msg("Failed to start the listeners")
|
||||||
|
return listener.Stop()
|
||||||
|
}
|
||||||
|
<-readySignal
|
||||||
|
|
||||||
|
// Wait for signal
|
||||||
|
signals := make(chan os.Signal, 10)
|
||||||
|
signal.Notify(signals, syscall.SIGTERM, syscall.SIGINT)
|
||||||
|
defer signal.Stop(signals)
|
||||||
|
<-signals
|
||||||
|
|
||||||
|
// Shut down server
|
||||||
|
err = listener.Stop()
|
||||||
|
if err != nil {
|
||||||
|
log.Err(err).Msg("failed to stop")
|
||||||
|
}
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
|
|
@ -12,7 +12,7 @@ import (
|
||||||
|
|
||||||
"github.com/mitchellh/go-homedir"
|
"github.com/mitchellh/go-homedir"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
type ServiceTemplate struct {
|
type ServiceTemplate struct {
|
||||||
|
|
|
@ -1,33 +0,0 @@
|
||||||
package shell
|
|
||||||
|
|
||||||
import (
|
|
||||||
"io"
|
|
||||||
"os"
|
|
||||||
"os/exec"
|
|
||||||
)
|
|
||||||
|
|
||||||
// OpenBrowser opens the specified URL in the default browser of the user
|
|
||||||
func OpenBrowser(url string) error {
|
|
||||||
return getBrowserCmd(url).Start()
|
|
||||||
}
|
|
||||||
|
|
||||||
// Run will kick off a shell task and pipe the results to the respective std pipes
|
|
||||||
func Run(cmd string, args ...string) error {
|
|
||||||
c := exec.Command(cmd, args...)
|
|
||||||
stderr, err := c.StderrPipe()
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
go func() {
|
|
||||||
io.Copy(os.Stderr, stderr)
|
|
||||||
}()
|
|
||||||
|
|
||||||
stdout, err := c.StdoutPipe()
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
go func() {
|
|
||||||
io.Copy(os.Stdout, stdout)
|
|
||||||
}()
|
|
||||||
return c.Run()
|
|
||||||
}
|
|
|
@ -15,9 +15,10 @@ import (
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/proxydns"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/ui"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/ui"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
|
||||||
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/connection"
|
"github.com/cloudflare/cloudflared/connection"
|
||||||
"github.com/cloudflare/cloudflared/ingress"
|
"github.com/cloudflare/cloudflared/ingress"
|
||||||
"github.com/cloudflare/cloudflared/logger"
|
"github.com/cloudflare/cloudflared/logger"
|
||||||
|
@ -104,7 +105,7 @@ func Commands() []*cli.Command {
|
||||||
buildDeleteCommand(),
|
buildDeleteCommand(),
|
||||||
buildCleanupCommand(),
|
buildCleanupCommand(),
|
||||||
// for compatibility, allow following as tunnel subcommands
|
// for compatibility, allow following as tunnel subcommands
|
||||||
tunneldns.Command(true),
|
proxydns.Command(true),
|
||||||
cliutil.RemovedCommand("db-connect"),
|
cliutil.RemovedCommand("db-connect"),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,7 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/connection"
|
"github.com/cloudflare/cloudflared/connection"
|
||||||
"github.com/cloudflare/cloudflared/edgediscovery"
|
"github.com/cloudflare/cloudflared/edgediscovery"
|
||||||
"github.com/cloudflare/cloudflared/h2mux"
|
"github.com/cloudflare/cloudflared/h2mux"
|
||||||
|
@ -207,7 +207,7 @@ func prepareTunnelConfig(
|
||||||
ClientID: clientUUID[:],
|
ClientID: clientUUID[:],
|
||||||
Features: dedup(features),
|
Features: dedup(features),
|
||||||
Version: version,
|
Version: version,
|
||||||
Arch: fmt.Sprintf("%s_%s", buildInfo.GoOS, buildInfo.GoArch),
|
Arch: buildInfo.OSArch(),
|
||||||
}
|
}
|
||||||
ingressRules, err = ingress.ParseIngress(cfg)
|
ingressRules, err = ingress.ParseIngress(cfg)
|
||||||
if err != nil && err != ingress.ErrNoIngressRules {
|
if err != nil && err != ingress.ErrNoIngressRules {
|
||||||
|
@ -272,7 +272,7 @@ func prepareTunnelConfig(
|
||||||
|
|
||||||
return &origin.TunnelConfig{
|
return &origin.TunnelConfig{
|
||||||
ConnectionConfig: connectionConfig,
|
ConnectionConfig: connectionConfig,
|
||||||
BuildInfo: buildInfo,
|
OSArch: buildInfo.OSArch(),
|
||||||
ClientID: clientID,
|
ClientID: clientID,
|
||||||
EdgeAddrs: c.StringSlice("edge"),
|
EdgeAddrs: c.StringSlice("edge"),
|
||||||
HAConnections: c.Int("ha-connections"),
|
HAConnections: c.Int("ha-connections"),
|
||||||
|
|
|
@ -4,7 +4,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
|
|
||||||
"github.com/google/uuid"
|
"github.com/google/uuid"
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
|
|
|
@ -5,7 +5,7 @@ import (
|
||||||
"net/url"
|
"net/url"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/ingress"
|
"github.com/cloudflare/cloudflared/ingress"
|
||||||
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
|
|
@ -13,9 +13,9 @@ import (
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/transfer"
|
|
||||||
"github.com/cloudflare/cloudflared/logger"
|
"github.com/cloudflare/cloudflared/logger"
|
||||||
|
"github.com/cloudflare/cloudflared/token"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -56,7 +56,7 @@ func login(c *cli.Context) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
resourceData, err := transfer.Run(
|
resourceData, err := token.RunTransfer(
|
||||||
loginURL,
|
loginURL,
|
||||||
"cert",
|
"cert",
|
||||||
"callback",
|
"callback",
|
||||||
|
|
|
@ -13,7 +13,6 @@ import (
|
||||||
"text/tabwriter"
|
"text/tabwriter"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
|
|
||||||
"github.com/google/uuid"
|
"github.com/google/uuid"
|
||||||
"github.com/mitchellh/go-homedir"
|
"github.com/mitchellh/go-homedir"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
@ -23,7 +22,8 @@ import (
|
||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/cmd/cloudflared/updater"
|
||||||
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/connection"
|
"github.com/cloudflare/cloudflared/connection"
|
||||||
"github.com/cloudflare/cloudflared/tunnelstore"
|
"github.com/cloudflare/cloudflared/tunnelstore"
|
||||||
)
|
)
|
||||||
|
|
|
@ -8,12 +8,13 @@ import (
|
||||||
"runtime"
|
"runtime"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
|
||||||
"github.com/cloudflare/cloudflared/logger"
|
|
||||||
"github.com/facebookgo/grace/gracenet"
|
"github.com/facebookgo/grace/gracenet"
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
"golang.org/x/crypto/ssh/terminal"
|
"golang.org/x/crypto/ssh/terminal"
|
||||||
|
|
||||||
|
"github.com/cloudflare/cloudflared/config"
|
||||||
|
"github.com/cloudflare/cloudflared/logger"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
|
|
@ -11,11 +11,11 @@ import (
|
||||||
|
|
||||||
"github.com/mitchellh/go-homedir"
|
"github.com/mitchellh/go-homedir"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
"github.com/rs/zerolog"
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/validation"
|
"github.com/cloudflare/cloudflared/validation"
|
||||||
"github.com/rs/zerolog"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
|
@ -9,7 +9,7 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
|
|
|
@ -14,7 +14,7 @@ import (
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/tlsconfig"
|
"github.com/cloudflare/cloudflared/tlsconfig"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -3,9 +3,10 @@ package ingress
|
||||||
import (
|
import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
|
||||||
"github.com/cloudflare/cloudflared/tlsconfig"
|
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
|
|
||||||
|
"github.com/cloudflare/cloudflared/config"
|
||||||
|
"github.com/cloudflare/cloudflared/tlsconfig"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
|
|
@ -5,7 +5,7 @@ import (
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
"github.com/urfave/cli/v2"
|
"github.com/urfave/cli/v2"
|
||||||
"gopkg.in/yaml.v2"
|
"gopkg.in/yaml.v2"
|
||||||
|
|
|
@ -1,17 +1,17 @@
|
||||||
package buffer
|
package origin
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"sync"
|
"sync"
|
||||||
)
|
)
|
||||||
|
|
||||||
type Pool struct {
|
type bufferPool struct {
|
||||||
// A Pool must not be copied after first use.
|
// A bufferPool must not be copied after first use.
|
||||||
// https://golang.org/pkg/sync/#Pool
|
// https://golang.org/pkg/sync/#Pool
|
||||||
buffers sync.Pool
|
buffers sync.Pool
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewPool(bufferSize int) *Pool {
|
func newBufferPool(bufferSize int) *bufferPool {
|
||||||
return &Pool{
|
return &bufferPool{
|
||||||
buffers: sync.Pool{
|
buffers: sync.Pool{
|
||||||
New: func() interface{} {
|
New: func() interface{} {
|
||||||
return make([]byte, bufferSize)
|
return make([]byte, bufferSize)
|
||||||
|
@ -20,10 +20,10 @@ func NewPool(bufferSize int) *Pool {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *Pool) Get() []byte {
|
func (p *bufferPool) Get() []byte {
|
||||||
return p.buffers.Get().([]byte)
|
return p.buffers.Get().([]byte)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (p *Pool) Put(buf []byte) {
|
func (p *bufferPool) Put(buf []byte) {
|
||||||
p.buffers.Put(buf)
|
p.buffers.Put(buf)
|
||||||
}
|
}
|
|
@ -9,12 +9,12 @@ import (
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/buffer"
|
"github.com/pkg/errors"
|
||||||
|
"github.com/rs/zerolog"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/connection"
|
"github.com/cloudflare/cloudflared/connection"
|
||||||
"github.com/cloudflare/cloudflared/ingress"
|
"github.com/cloudflare/cloudflared/ingress"
|
||||||
tunnelpogs "github.com/cloudflare/cloudflared/tunnelrpc/pogs"
|
tunnelpogs "github.com/cloudflare/cloudflared/tunnelrpc/pogs"
|
||||||
"github.com/pkg/errors"
|
|
||||||
"github.com/rs/zerolog"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -26,7 +26,7 @@ type proxy struct {
|
||||||
warpRouting *ingress.WarpRoutingService
|
warpRouting *ingress.WarpRoutingService
|
||||||
tags []tunnelpogs.Tag
|
tags []tunnelpogs.Tag
|
||||||
log *zerolog.Logger
|
log *zerolog.Logger
|
||||||
bufferPool *buffer.Pool
|
bufferPool *bufferPool
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewOriginProxy(
|
func NewOriginProxy(
|
||||||
|
@ -40,7 +40,7 @@ func NewOriginProxy(
|
||||||
warpRouting: warpRouting,
|
warpRouting: warpRouting,
|
||||||
tags: tags,
|
tags: tags,
|
||||||
log: log,
|
log: log,
|
||||||
bufferPool: buffer.NewPool(512 * 1024),
|
bufferPool: newBufferPool(512 * 1024),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -15,7 +15,7 @@ import (
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/logger"
|
"github.com/cloudflare/cloudflared/logger"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/connection"
|
"github.com/cloudflare/cloudflared/connection"
|
||||||
"github.com/cloudflare/cloudflared/hello"
|
"github.com/cloudflare/cloudflared/hello"
|
||||||
"github.com/cloudflare/cloudflared/ingress"
|
"github.com/cloudflare/cloudflared/ingress"
|
||||||
|
|
|
@ -15,7 +15,6 @@ import (
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
"golang.org/x/sync/errgroup"
|
"golang.org/x/sync/errgroup"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/buildinfo"
|
|
||||||
"github.com/cloudflare/cloudflared/connection"
|
"github.com/cloudflare/cloudflared/connection"
|
||||||
"github.com/cloudflare/cloudflared/edgediscovery"
|
"github.com/cloudflare/cloudflared/edgediscovery"
|
||||||
"github.com/cloudflare/cloudflared/h2mux"
|
"github.com/cloudflare/cloudflared/h2mux"
|
||||||
|
@ -40,7 +39,7 @@ const (
|
||||||
|
|
||||||
type TunnelConfig struct {
|
type TunnelConfig struct {
|
||||||
ConnectionConfig *connection.Config
|
ConnectionConfig *connection.Config
|
||||||
BuildInfo *buildinfo.BuildInfo
|
OSArch string
|
||||||
ClientID string
|
ClientID string
|
||||||
CloseConnOnce *sync.Once // Used to close connectedSignal no more than once
|
CloseConnOnce *sync.Once // Used to close connectedSignal no more than once
|
||||||
EdgeAddrs []string
|
EdgeAddrs []string
|
||||||
|
@ -72,7 +71,7 @@ func (c *TunnelConfig) RegistrationOptions(connectionID uint8, OriginLocalIP str
|
||||||
return &tunnelpogs.RegistrationOptions{
|
return &tunnelpogs.RegistrationOptions{
|
||||||
ClientID: c.ClientID,
|
ClientID: c.ClientID,
|
||||||
Version: c.ReportedVersion,
|
Version: c.ReportedVersion,
|
||||||
OS: fmt.Sprintf("%s_%s", c.BuildInfo.GoOS, c.BuildInfo.GoArch),
|
OS: c.OSArch,
|
||||||
ExistingTunnelPolicy: policy,
|
ExistingTunnelPolicy: policy,
|
||||||
PoolName: c.LBPool,
|
PoolName: c.LBPool,
|
||||||
Tags: c.Tags,
|
Tags: c.Tags,
|
||||||
|
|
|
@ -15,12 +15,13 @@ import (
|
||||||
"net/url"
|
"net/url"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
|
||||||
cfpath "github.com/cloudflare/cloudflared/cmd/cloudflared/path"
|
|
||||||
"github.com/coreos/go-oidc/jose"
|
"github.com/coreos/go-oidc/jose"
|
||||||
homedir "github.com/mitchellh/go-homedir"
|
homedir "github.com/mitchellh/go-homedir"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
gossh "golang.org/x/crypto/ssh"
|
gossh "golang.org/x/crypto/ssh"
|
||||||
|
|
||||||
|
"github.com/cloudflare/cloudflared/config"
|
||||||
|
cfpath "github.com/cloudflare/cloudflared/token"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
|
|
@ -14,10 +14,11 @@ import (
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
|
||||||
cfpath "github.com/cloudflare/cloudflared/cmd/cloudflared/path"
|
|
||||||
"github.com/coreos/go-oidc/jose"
|
"github.com/coreos/go-oidc/jose"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
|
|
||||||
|
"github.com/cloudflare/cloudflared/config"
|
||||||
|
cfpath "github.com/cloudflare/cloudflared/token"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
|
|
@ -4,12 +4,12 @@
|
||||||
// You can read more here https://godoc.org/golang.org/x/crypto/nacl/box.
|
// You can read more here https://godoc.org/golang.org/x/crypto/nacl/box.
|
||||||
//
|
//
|
||||||
// msg := []byte("super safe message.")
|
// msg := []byte("super safe message.")
|
||||||
// alice, err := New("alice_priv_key.pem", "alice_pub_key.pem")
|
// alice, err := NewEncrypter("alice_priv_key.pem", "alice_pub_key.pem")
|
||||||
// if err != nil {
|
// if err != nil {
|
||||||
// log.Fatal(err)
|
// log.Fatal(err)
|
||||||
// }
|
// }
|
||||||
//
|
//
|
||||||
// bob, err := New("bob_priv_key.pem", "bob_pub_key.pem")
|
// bob, err := NewEncrypter("bob_priv_key.pem", "bob_pub_key.pem")
|
||||||
// if err != nil {
|
// if err != nil {
|
||||||
// log.Fatal(err)
|
// log.Fatal(err)
|
||||||
// }
|
// }
|
||||||
|
@ -23,7 +23,7 @@
|
||||||
// log.Fatal(err)
|
// log.Fatal(err)
|
||||||
// }
|
// }
|
||||||
// fmt.Println(string(data))
|
// fmt.Println(string(data))
|
||||||
package encrypter
|
package token
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
@ -44,8 +44,8 @@ type Encrypter struct {
|
||||||
publicKey *[32]byte
|
publicKey *[32]byte
|
||||||
}
|
}
|
||||||
|
|
||||||
// New returns a new encrypter with initialized keypair
|
// NewEncrypter returns a new encrypter with initialized keypair
|
||||||
func New(privateKey, publicKey string) (*Encrypter, error) {
|
func NewEncrypter(privateKey, publicKey string) (*Encrypter, error) {
|
||||||
e := &Encrypter{}
|
e := &Encrypter{}
|
||||||
pubKey, key, err := e.fetchOrGenerateKeys(privateKey, publicKey)
|
pubKey, key, err := e.fetchOrGenerateKeys(privateKey, publicKey)
|
||||||
if err != nil {
|
if err != nil {
|
|
@ -1,6 +1,6 @@
|
||||||
//+build darwin
|
//+build darwin
|
||||||
|
|
||||||
package shell
|
package token
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"os/exec"
|
"os/exec"
|
|
@ -1,6 +1,6 @@
|
||||||
//+build !windows,!darwin,!linux,!netbsd,!freebsd,!openbsd
|
//+build !windows,!darwin,!linux,!netbsd,!freebsd,!openbsd
|
||||||
|
|
||||||
package shell
|
package token
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"os/exec"
|
"os/exec"
|
|
@ -1,6 +1,6 @@
|
||||||
//+build linux freebsd openbsd netbsd
|
//+build linux freebsd openbsd netbsd
|
||||||
|
|
||||||
package shell
|
package token
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"os/exec"
|
"os/exec"
|
|
@ -1,6 +1,6 @@
|
||||||
//+build windows
|
//+build windows
|
||||||
|
|
||||||
package shell
|
package token
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
|
@ -1,4 +1,4 @@
|
||||||
package path
|
package token
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
@ -7,8 +7,9 @@ import (
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
|
||||||
"github.com/mitchellh/go-homedir"
|
"github.com/mitchellh/go-homedir"
|
||||||
|
|
||||||
|
"github.com/cloudflare/cloudflared/config"
|
||||||
)
|
)
|
||||||
|
|
||||||
// GenerateAppTokenFilePathFromURL will return a filepath for given Access org token
|
// GenerateAppTokenFilePathFromURL will return a filepath for given Access org token
|
||||||
|
@ -21,8 +22,8 @@ func GenerateAppTokenFilePathFromURL(url *url.URL, suffix string) (string, error
|
||||||
return filepath.Join(configPath, name), nil
|
return filepath.Join(configPath, name), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// GenerateOrgTokenFilePathFromURL will return a filepath for given Access application token
|
// generateOrgTokenFilePathFromURL will return a filepath for given Access application token
|
||||||
func GenerateOrgTokenFilePathFromURL(authDomain string) (string, error) {
|
func generateOrgTokenFilePathFromURL(authDomain string) (string, error) {
|
||||||
configPath, err := getConfigPath()
|
configPath, err := getConfigPath()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
|
@ -0,0 +1,7 @@
|
||||||
|
package token
|
||||||
|
|
||||||
|
// OpenBrowser opens the specified URL in the default browser of the user
|
||||||
|
func OpenBrowser(url string) error {
|
||||||
|
return getBrowserCmd(url).Start()
|
||||||
|
}
|
||||||
|
|
|
@ -13,9 +13,7 @@ import (
|
||||||
"syscall"
|
"syscall"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/config"
|
"github.com/cloudflare/cloudflared/config"
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/path"
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/transfer"
|
|
||||||
"github.com/cloudflare/cloudflared/origin"
|
"github.com/cloudflare/cloudflared/origin"
|
||||||
|
|
||||||
"github.com/coreos/go-oidc/jose"
|
"github.com/coreos/go-oidc/jose"
|
||||||
|
@ -102,7 +100,7 @@ func (l *lock) Acquire() error {
|
||||||
os.Exit(0)
|
os.Exit(0)
|
||||||
})
|
})
|
||||||
|
|
||||||
// Check for a path.lock file
|
// Check for a lock file
|
||||||
// if the lock file exists; start polling
|
// if the lock file exists; start polling
|
||||||
// if not, create the lock file and go through the normal flow.
|
// if not, create the lock file and go through the normal flow.
|
||||||
// See AUTH-1736 for the reason why we do all this
|
// See AUTH-1736 for the reason why we do all this
|
||||||
|
@ -160,7 +158,7 @@ func getToken(appURL *url.URL, useHostOnly bool, log *zerolog.Logger) (string, e
|
||||||
return token, nil
|
return token, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
appTokenPath, err := path.GenerateAppTokenFilePathFromURL(appURL, keyName)
|
appTokenPath, err := GenerateAppTokenFilePathFromURL(appURL, keyName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", errors.Wrap(err, "failed to generate app token file path")
|
return "", errors.Wrap(err, "failed to generate app token file path")
|
||||||
}
|
}
|
||||||
|
@ -184,7 +182,7 @@ func getToken(appURL *url.URL, useHostOnly bool, log *zerolog.Logger) (string, e
|
||||||
} else {
|
} else {
|
||||||
orgToken, err := GetOrgTokenIfExists(authDomain)
|
orgToken, err := GetOrgTokenIfExists(authDomain)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
orgTokenPath, err = path.GenerateOrgTokenFilePathFromURL(authDomain)
|
orgTokenPath, err = generateOrgTokenFilePathFromURL(authDomain)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", errors.Wrap(err, "failed to generate org token file path")
|
return "", errors.Wrap(err, "failed to generate org token file path")
|
||||||
}
|
}
|
||||||
|
@ -220,7 +218,7 @@ func getTokensFromEdge(appURL *url.URL, appTokenPath, orgTokenPath string, useHo
|
||||||
// this weird parameter is the resource name (token) and the key/value
|
// this weird parameter is the resource name (token) and the key/value
|
||||||
// we want to send to the transfer service. the key is token and the value
|
// we want to send to the transfer service. the key is token and the value
|
||||||
// is blank (basically just the id generated in the transfer service)
|
// is blank (basically just the id generated in the transfer service)
|
||||||
resourceData, err := transfer.Run(appURL, keyName, keyName, "", true, useHostOnly, log)
|
resourceData, err := RunTransfer(appURL, keyName, keyName, "", true, useHostOnly, log)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", errors.Wrap(err, "failed to run transfer service")
|
return "", errors.Wrap(err, "failed to run transfer service")
|
||||||
}
|
}
|
||||||
|
@ -316,7 +314,7 @@ func exchangeOrgToken(appURL *url.URL, orgToken string) (string, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func GetOrgTokenIfExists(authDomain string) (string, error) {
|
func GetOrgTokenIfExists(authDomain string) (string, error) {
|
||||||
path, err := path.GenerateOrgTokenFilePathFromURL(authDomain)
|
path, err := generateOrgTokenFilePathFromURL(authDomain)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
@ -338,7 +336,7 @@ func GetOrgTokenIfExists(authDomain string) (string, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func GetAppTokenIfExists(url *url.URL) (string, error) {
|
func GetAppTokenIfExists(url *url.URL) (string, error) {
|
||||||
path, err := path.GenerateAppTokenFilePathFromURL(url, keyName)
|
path, err := GenerateAppTokenFilePathFromURL(url, keyName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
@ -376,7 +374,7 @@ func getTokenIfExists(path string) (*jose.JWT, error) {
|
||||||
|
|
||||||
// RemoveTokenIfExists removes the a token from local storage if it exists
|
// RemoveTokenIfExists removes the a token from local storage if it exists
|
||||||
func RemoveTokenIfExists(url *url.URL) error {
|
func RemoveTokenIfExists(url *url.URL) error {
|
||||||
path, err := path.GenerateAppTokenFilePathFromURL(url, keyName)
|
path, err := GenerateAppTokenFilePathFromURL(url, keyName)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
|
@ -1,3 +1,5 @@
|
||||||
|
//+build linux
|
||||||
|
|
||||||
package token
|
package token
|
||||||
|
|
||||||
import (
|
import (
|
|
@ -1,4 +1,4 @@
|
||||||
package transfer
|
package token
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
|
@ -10,8 +10,6 @@ import (
|
||||||
"os"
|
"os"
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/encrypter"
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/shell"
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
)
|
)
|
||||||
|
@ -21,14 +19,14 @@ const (
|
||||||
clientTimeout = time.Second * 60
|
clientTimeout = time.Second * 60
|
||||||
)
|
)
|
||||||
|
|
||||||
// Run does the transfer "dance" with the end result downloading the supported resource.
|
// RunTransfer does the transfer "dance" with the end result downloading the supported resource.
|
||||||
// The expanded description is run is encapsulation of shared business logic needed
|
// The expanded description is run is encapsulation of shared business logic needed
|
||||||
// to request a resource (token/cert/etc) from the transfer service (loginhelper).
|
// to request a resource (token/cert/etc) from the transfer service (loginhelper).
|
||||||
// The "dance" we refer to is building a HTTP request, opening that in a browser waiting for
|
// The "dance" we refer to is building a HTTP request, opening that in a browser waiting for
|
||||||
// the user to complete an action, while it long polls in the background waiting for an
|
// the user to complete an action, while it long polls in the background waiting for an
|
||||||
// action to be completed to download the resource.
|
// action to be completed to download the resource.
|
||||||
func Run(transferURL *url.URL, resourceName, key, value string, shouldEncrypt bool, useHostOnly bool, log *zerolog.Logger) ([]byte, error) {
|
func RunTransfer(transferURL *url.URL, resourceName, key, value string, shouldEncrypt bool, useHostOnly bool, log *zerolog.Logger) ([]byte, error) {
|
||||||
encrypterClient, err := encrypter.New("cloudflared_priv.pem", "cloudflared_pub.pem")
|
encrypterClient, err := NewEncrypter("cloudflared_priv.pem", "cloudflared_pub.pem")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -38,7 +36,7 @@ func Run(transferURL *url.URL, resourceName, key, value string, shouldEncrypt bo
|
||||||
}
|
}
|
||||||
|
|
||||||
// See AUTH-1423 for why we use stderr (the way git wraps ssh)
|
// See AUTH-1423 for why we use stderr (the way git wraps ssh)
|
||||||
err = shell.OpenBrowser(requestURL)
|
err = OpenBrowser(requestURL)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Fprintf(os.Stderr, "Please open the following URL and log in with your Cloudflare account:\n\n%s\n\nLeave cloudflared running to download the %s automatically.\n", requestURL, resourceName)
|
fmt.Fprintf(os.Stderr, "Please open the following URL and log in with your Cloudflare account:\n\n%s\n\nLeave cloudflared running to download the %s automatically.\n", requestURL, resourceName)
|
||||||
} else {
|
} else {
|
|
@ -2,22 +2,14 @@ package tunneldns
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"net"
|
"net"
|
||||||
"os"
|
|
||||||
"os/signal"
|
|
||||||
"strconv"
|
"strconv"
|
||||||
"sync"
|
"sync"
|
||||||
"syscall"
|
|
||||||
|
|
||||||
"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
|
|
||||||
"github.com/cloudflare/cloudflared/logger"
|
|
||||||
"github.com/cloudflare/cloudflared/metrics"
|
|
||||||
|
|
||||||
"github.com/coredns/coredns/core/dnsserver"
|
"github.com/coredns/coredns/core/dnsserver"
|
||||||
"github.com/coredns/coredns/plugin"
|
"github.com/coredns/coredns/plugin"
|
||||||
"github.com/coredns/coredns/plugin/cache"
|
"github.com/coredns/coredns/plugin/cache"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/rs/zerolog"
|
"github.com/rs/zerolog"
|
||||||
"github.com/urfave/cli/v2"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
|
@ -33,104 +25,6 @@ type Listener struct {
|
||||||
log *zerolog.Logger
|
log *zerolog.Logger
|
||||||
}
|
}
|
||||||
|
|
||||||
func Command(hidden bool) *cli.Command {
|
|
||||||
return &cli.Command{
|
|
||||||
Name: "proxy-dns",
|
|
||||||
Action: cliutil.ErrorHandler(Run),
|
|
||||||
Usage: "Run a DNS over HTTPS proxy server.",
|
|
||||||
Flags: []cli.Flag{
|
|
||||||
&cli.StringFlag{
|
|
||||||
Name: "metrics",
|
|
||||||
Value: "localhost:",
|
|
||||||
Usage: "Listen address for metrics reporting.",
|
|
||||||
EnvVars: []string{"TUNNEL_METRICS"},
|
|
||||||
},
|
|
||||||
&cli.StringFlag{
|
|
||||||
Name: "address",
|
|
||||||
Usage: "Listen address for the DNS over HTTPS proxy server.",
|
|
||||||
Value: "localhost",
|
|
||||||
EnvVars: []string{"TUNNEL_DNS_ADDRESS"},
|
|
||||||
},
|
|
||||||
// Note TUN-3758 , we use Int because UInt is not supported with altsrc
|
|
||||||
&cli.IntFlag{
|
|
||||||
Name: "port",
|
|
||||||
Usage: "Listen on given port for the DNS over HTTPS proxy server.",
|
|
||||||
Value: 53,
|
|
||||||
EnvVars: []string{"TUNNEL_DNS_PORT"},
|
|
||||||
},
|
|
||||||
&cli.StringSliceFlag{
|
|
||||||
Name: "upstream",
|
|
||||||
Usage: "Upstream endpoint URL, you can specify multiple endpoints for redundancy.",
|
|
||||||
Value: cli.NewStringSlice("https://1.1.1.1/dns-query", "https://1.0.0.1/dns-query"),
|
|
||||||
EnvVars: []string{"TUNNEL_DNS_UPSTREAM"},
|
|
||||||
},
|
|
||||||
&cli.StringSliceFlag{
|
|
||||||
Name: "bootstrap",
|
|
||||||
Usage: "bootstrap endpoint URL, you can specify multiple endpoints for redundancy.",
|
|
||||||
Value: cli.NewStringSlice("https://162.159.36.1/dns-query", "https://162.159.46.1/dns-query", "https://[2606:4700:4700::1111]/dns-query", "https://[2606:4700:4700::1001]/dns-query"),
|
|
||||||
EnvVars: []string{"TUNNEL_DNS_BOOTSTRAP"},
|
|
||||||
},
|
|
||||||
&cli.IntFlag{
|
|
||||||
Name: "max-upstream-conns",
|
|
||||||
Usage: "Maximum concurrent connections to upstream. Setting to 0 means unlimited.",
|
|
||||||
Value: MaxUpstreamConnsDefault,
|
|
||||||
EnvVars: []string{"TUNNEL_DNS_MAX_UPSTREAM_CONNS"},
|
|
||||||
},
|
|
||||||
},
|
|
||||||
ArgsUsage: " ", // can't be the empty string or we get the default output
|
|
||||||
Hidden: hidden,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// Run implements a foreground runner
|
|
||||||
func Run(c *cli.Context) error {
|
|
||||||
log := logger.CreateLoggerFromContext(c, logger.EnableTerminalLog)
|
|
||||||
|
|
||||||
metricsListener, err := net.Listen("tcp", c.String("metrics"))
|
|
||||||
if err != nil {
|
|
||||||
log.Fatal().Err(err).Msg("Failed to open the metrics listener")
|
|
||||||
}
|
|
||||||
|
|
||||||
go metrics.ServeMetrics(metricsListener, nil, nil, log)
|
|
||||||
|
|
||||||
listener, err := CreateListener(
|
|
||||||
c.String("address"),
|
|
||||||
// Note TUN-3758 , we use Int because UInt is not supported with altsrc
|
|
||||||
uint16(c.Int("port")),
|
|
||||||
c.StringSlice("upstream"),
|
|
||||||
c.StringSlice("bootstrap"),
|
|
||||||
c.Int("max-upstream-conns"),
|
|
||||||
log,
|
|
||||||
)
|
|
||||||
|
|
||||||
if err != nil {
|
|
||||||
log.Err(err).Msg("Failed to create the listeners")
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
// Try to start the server
|
|
||||||
readySignal := make(chan struct{})
|
|
||||||
err = listener.Start(readySignal)
|
|
||||||
if err != nil {
|
|
||||||
log.Err(err).Msg("Failed to start the listeners")
|
|
||||||
return listener.Stop()
|
|
||||||
}
|
|
||||||
<-readySignal
|
|
||||||
|
|
||||||
// Wait for signal
|
|
||||||
signals := make(chan os.Signal, 10)
|
|
||||||
signal.Notify(signals, syscall.SIGTERM, syscall.SIGINT)
|
|
||||||
defer signal.Stop(signals)
|
|
||||||
<-signals
|
|
||||||
|
|
||||||
// Shut down server
|
|
||||||
err = listener.Stop()
|
|
||||||
if err != nil {
|
|
||||||
log.Err(err).Msg("failed to stop")
|
|
||||||
}
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
// Create a CoreDNS server plugin from configuration
|
// Create a CoreDNS server plugin from configuration
|
||||||
func createConfig(address string, port uint16, p plugin.Handler) *dnsserver.Config {
|
func createConfig(address string, port uint16, p plugin.Handler) *dnsserver.Config {
|
||||||
c := &dnsserver.Config{
|
c := &dnsserver.Config{
|
||||||
|
|
Loading…
Reference in New Issue