curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

TUN-2788: cloudflared should store one ConnDigest per HA connection

This commit is contained in:
Adam Chalmers 2020-03-06 17:25:34 -06:00
parent db9b6541d0
commit 5376df5439
2 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
origin/supervisor.go
View File

@ -39,7 +39,6 @@ const (
var ( var (
errJWTUnset = errors.New("JWT unset") errJWTUnset = errors.New("JWT unset")
errEventDigestUnset = errors.New("event digest unset") errEventDigestUnset = errors.New("event digest unset")
errConnDigestUnset = errors.New("conn digest unset")
) )
// Supervisor manages non-declarative tunnels. Establishes TCP connections with the edge, and // Supervisor manages non-declarative tunnels. Establishes TCP connections with the edge, and
@ -66,7 +65,7 @@ type Supervisor struct {
eventDigest []byte eventDigest []byte
connDigestLock sync.RWMutex connDigestLock sync.RWMutex
connDigest []byte connDigest map[uint8][]byte
bufferPool *buffer.Pool bufferPool *buffer.Pool
} }
@ -101,6 +100,7 @@ func NewSupervisor(config *TunnelConfig, u uuid.UUID) (*Supervisor, error) {
tunnelErrors: make(chan tunnelError), tunnelErrors: make(chan tunnelError),
tunnelsConnecting: map[int]chan struct{}{}, tunnelsConnecting: map[int]chan struct{}{},
logger: config.Logger.WithField("subsystem", "supervisor"), logger: config.Logger.WithField("subsystem", "supervisor"),
connDigest: make(map[uint8][]byte),
bufferPool: buffer.NewPool(512 * 1024), bufferPool: buffer.NewPool(512 * 1024),
}, nil }, nil
} }
@ -334,19 +334,20 @@ func (s *Supervisor) SetEventDigest(eventDigest []byte) {
s.eventDigest = eventDigest s.eventDigest = eventDigest
} }
func (s *Supervisor) ConnDigest() ([]byte, error) { func (s *Supervisor) ConnDigest(connID uint8) ([]byte, error) {
s.connDigestLock.RLock() s.connDigestLock.RLock()
defer s.connDigestLock.RUnlock() defer s.connDigestLock.RUnlock()
if s.connDigest == nil { digest, ok := s.connDigest[connID]
return nil, errConnDigestUnset if !ok {
return nil, fmt.Errorf("no connection digest for connection %v", connID)
} }
return s.connDigest, nil return digest, nil
} }
func (s *Supervisor) SetConnDigest(connDigest []byte) { func (s *Supervisor) SetConnDigest(connID uint8, connDigest []byte) {
s.connDigestLock.Lock() s.connDigestLock.Lock()
defer s.connDigestLock.Unlock() defer s.connDigestLock.Unlock()
s.connDigest = connDigest s.connDigest[connID] = connDigest
} }
func (s *Supervisor) refreshAuth( func (s *Supervisor) refreshAuth(

8
origin/tunnel.go
View File

@ -95,8 +95,8 @@ type ReconnectTunnelCredentialManager interface {
ReconnectToken() ([]byte, error) ReconnectToken() ([]byte, error)
EventDigest() ([]byte, error) EventDigest() ([]byte, error)
SetEventDigest(eventDigest []byte) SetEventDigest(eventDigest []byte)
ConnDigest() ([]byte, error) ConnDigest(connID uint8) ([]byte, error)
SetConnDigest(connDigest []byte) SetConnDigest(connID uint8, connDigest []byte)
} }
type dupConnRegisterTunnelError struct{} type dupConnRegisterTunnelError struct{}
@ -286,7 +286,7 @@ func ServeTunnel(
// check if we can use Quick Reconnects // check if we can use Quick Reconnects
if config.UseQuickReconnects { if config.UseQuickReconnects {
if digest, connDigestErr := credentialManager.ConnDigest(); connDigestErr == nil { if digest, connDigestErr := credentialManager.ConnDigest(connectionID); connDigestErr == nil {
connDigest = digest connDigest = digest
} }
} }
@ -392,7 +392,7 @@ func RegisterTunnel(
return processRegisterTunnelError(registrationErr, config.Metrics, register) return processRegisterTunnelError(registrationErr, config.Metrics, register)
} }
credentialManager.SetEventDigest(registration.EventDigest) credentialManager.SetEventDigest(registration.EventDigest)
credentialManager.SetConnDigest(registration.ConnDigest) credentialManager.SetConnDigest(connectionID, registration.ConnDigest)
return processRegistrationSuccess(config, logger, connectionID, registration, register) return processRegistrationSuccess(config, logger, connectionID, registration, register)
} }