TUN-1637: Free tunnels shouldn't require cert.pem

2019-03-22 12:00:57 -05:00 · 2019-03-22 12:00:57 -05:00 · 8560436487
parent 619bc95501
commit 8560436487
2 changed files with 9 additions and 3 deletions
--- a/cmd/cloudflared/tunnel/configuration.go
+++ b/cmd/cloudflared/tunnel/configuration.go
@ -156,6 +156,7 @@ func prepareTunnelConfig(
 		logger.WithError(err).Error("Invalid hostname")
 		return nil, errors.Wrap(err, "Invalid hostname")
 	}
+	isFreeTunnel := hostname == ""
 	clientID := c.String("id")
 	if !c.IsSet("id") {
 		clientID = generateRandomClientID()
@ -175,9 +176,12 @@ func prepareTunnelConfig(
 		return nil, errors.Wrap(err, "Error validating origin URL")
 	}

-	originCert, err := getOriginCert(c)
-	if err != nil {
-		return nil, errors.Wrap(err, "Error getting origin cert")
+	var originCert []byte
+	if !isFreeTunnel {
+		originCert, err = getOriginCert(c)
+		if err != nil {
+			return nil, errors.Wrap(err, "Error getting origin cert")
+		}
 	}

 	originCertPool, err := loadCertPool(c, logger)
@ -262,6 +266,7 @@ func prepareTunnelConfig(
 		NoChunkedEncoding:  c.Bool("no-chunked-encoding"),
 		CompressionQuality: c.Uint64("compression-quality"),
 		IncidentLookup:     origin.NewIncidentLookup(),
+		IsFreeTunnel:       isFreeTunnel,
 	}, nil
 }

--- a/origin/tunnel.go
+++ b/origin/tunnel.go
@ -69,6 +69,7 @@ type TunnelConfig struct {
 	CompressionQuality uint64
 	IncidentLookup     IncidentLookup
 	CloseConnOnce      *sync.Once // Used to close connectedSignal no more than once
+	IsFreeTunnel       bool
 }

 type dialError struct {