curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

AUTH-2394 fixed header for websockets. Added TCP alias

This commit is contained in:
Dalton 2020-03-23 10:22:58 -05:00
parent 32df01a9da
commit a368fbbe9b
3 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/cloudflared/access/cmd.go
View File

@ -119,7 +119,7 @@ func Commands() []*cli.Command {
{ {
Name: "ssh", Name: "ssh",
Action: ssh, Action: ssh,
Aliases: []string{"rdp"}, Aliases: []string{"rdp", "tcp"},
Usage: "", Usage: "",
ArgsUsage: "", ArgsUsage: "",
Description: `The ssh subcommand sends data over a proxy to the Cloudflare edge.`, Description: `The ssh subcommand sends data over a proxy to the Cloudflare edge.`,

2
cmd/cloudflared/tunnel/cmd.go
View File

@ -602,6 +602,8 @@ func hostnameFromURI(uri string) string {
return addPortIfMissing(u, 22) return addPortIfMissing(u, 22)
case "rdp": case "rdp":
return addPortIfMissing(u, 3389) return addPortIfMissing(u, 3389)
case "tcp":
return addPortIfMissing(u, 7864) // just a random port since there isn't a default in this case
} }
return "" return ""
} }

17
h2mux/header.go
View File

@ -3,11 +3,12 @@ package h2mux
import ( import (
"encoding/base64" "encoding/base64"
"fmt" "fmt"
"github.com/pkg/errors"
"net/http" "net/http"
"net/url" "net/url"
"strconv" "strconv"
"strings" "strings"
"github.com/pkg/errors"
) )
type Header struct { type Header struct {
@ -71,6 +72,9 @@ func H2RequestHeadersToH1Request(h2 []Header, h1 *http.Request) error {
return fmt.Errorf("unparseable content length") return fmt.Errorf("unparseable content length")
} }
h1.ContentLength = contentLength h1.ContentLength = contentLength
case "connection", "upgrade":
// for websocket header support
h1.Header.Add(http.CanonicalHeaderKey(header.Name), header.Value)
default: default:
// Ignore any other header; // Ignore any other header;
// User headers will be read from `RequestUserHeadersField` // User headers will be read from `RequestUserHeadersField`
@ -109,6 +113,15 @@ func IsControlHeader(headerName string) bool {
strings.HasPrefix(headerName, "cf-") strings.HasPrefix(headerName, "cf-")
} }
// IsWebsocketClientHeader returns true if the header name is required by the client to upgrade properly
func IsWebsocketClientHeader(headerName string) bool {
headerName = strings.ToLower(headerName)
return headerName == "sec-websocket-accept" ||
headerName == "connection" ||
headerName == "upgrade"
}
func H1ResponseToH2ResponseHeaders(h1 *http.Response) (h2 []Header) { func H1ResponseToH2ResponseHeaders(h1 *http.Response) (h2 []Header) {
h2 = []Header{ h2 = []Header{
{Name: ":status", Value: strconv.Itoa(h1.StatusCode)}, {Name: ":status", Value: strconv.Itoa(h1.StatusCode)},
@ -122,7 +135,7 @@ func H1ResponseToH2ResponseHeaders(h1 *http.Response) (h2 []Header) {
// Since these are http2 headers, they're required to be lowercase // Since these are http2 headers, they're required to be lowercase
h2 = append(h2, Header{Name: strings.ToLower(header), Value: value}) h2 = append(h2, Header{Name: strings.ToLower(header), Value: value})
} else if !IsControlHeader(header) { } else if !IsControlHeader(header) || IsWebsocketClientHeader(header) {
// User headers, on the other hand, must all be serialized so that // User headers, on the other hand, must all be serialized so that
// HTTP/2 header validation won't be applied to HTTP/1 header values // HTTP/2 header validation won't be applied to HTTP/1 header values
if _, ok := userHeaders[header]; ok { if _, ok := userHeaders[header]; ok {