curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

TUN-9998: Don't need to read origin cert to determine if the endpoint is fedramp

This commit is contained in:
chungthuang 2025-11-04 13:46:47 -06:00 committed by João "Pisco" Fernandes
parent 1e907e99b5
commit 3e6d8ed216
2 changed files with 14 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
cmd/cloudflared/tunnel/cmd.go
View File

@ -427,15 +427,16 @@ func StartServer(
return waitToShutdown(&wg, cancel, errC, graceShutdownC, 0, log)
}
if namedTunnel == nil {
return fmt.Errorf("namedTunnel is nil outside of DNS proxy stand-alone mode")
}
logTransport := logger.CreateTransportLoggerFromContext(c, logger.EnableTerminalLog)
observer := connection.NewObserver(log, logTransport)
// Send Quick Tunnel URL to UI if applicable
var quickTunnelURL string
if namedTunnel != nil {
quickTunnelURL = namedTunnel.QuickTunnelUrl
}
quickTunnelURL := namedTunnel.QuickTunnelUrl
if quickTunnelURL != "" {
observer.SendURL(quickTunnelURL)
}
@ -459,14 +460,7 @@ func StartServer(
}
}
userCreds, err := credentials.Read(c.String(cfdflags.OriginCert), log)
var isFEDEndpoint bool
if err != nil {
isFEDEndpoint = false
} else {
isFEDEndpoint = userCreds.IsFEDEndpoint()
}
isFEDEndpoint := namedTunnel.Credentials.Endpoint == credentials.FedEndpoint
var managementHostname string
if isFEDEndpoint {
managementHostname = credentials.FedRampHostname

4
cmd/cloudflared/tunnel/credential_finder.go
View File

@ -63,7 +63,8 @@ func (s searchByID) Path() (string, error) {
Str("originCertPath", originCertPath).
Logger()
// Fallback to look for tunnel credentials in the origin cert directory
if originCertPath != "" {
// Look for tunnel credentials in the origin cert directory if the flag is provided
if originCertPath, err := credentials.FindOriginCert(originCertPath, &originCertLog); err == nil {
originCertDir := filepath.Dir(originCertPath)
if filePath, err := tunnelFilePath(s.id, originCertDir); err == nil {
@ -72,6 +73,7 @@ func (s searchByID) Path() (string, error) {
}
}
}
}
// Last resort look under default config directories
for _, configDir := range config.DefaultConfigSearchDirectories() {