João Oliveirinha
19106cd609
TUN-6935: Cloudflared should use APIToken instead of serviceKey
...
This commit makes cloudflared use the API token provided during login
instead of service key.
In addition, it eliminates some of the old formats since those are
legacy and we only support cloudflared versions newer than 6 months.
2022-11-16 17:07:16 +00:00
João Oliveirinha
b50f172bdb
Revert "TUN-6935: Cloudflared should use APIToken instead of serviceKey"
...
This reverts commit 1c6316c1c9
.
2022-11-16 12:05:09 +00:00
João Oliveirinha
1c6316c1c9
TUN-6935: Cloudflared should use APIToken instead of serviceKey
...
This commit makes cloudflared use the API token provided during login
instead of service key.
In addition, it eliminates some of the old formats since those are
legacy and we only support cloudflared versions newer than 6 months.
2022-11-16 10:04:17 +00:00
n0k0m3
1b5313cc28
Issue #574 : Better ssh config for short-lived cert ( #763 )
...
This PR is made using suggestion from #574 . The pros for this config is that it will work both Windows and Linux (tested), as well as in VSCode, which normally can't be done with the current generated ssh config (refers to #734 )
2022-11-02 10:44:34 +00:00
João Oliveirinha
e6c9ec0b39
TUN-6871: Add default feature to cloudflared to support EOF on QUIC connections
2022-10-24 13:14:47 +01:00
cthuang
495f9fb8bd
TUN-6856: Refactor to lay foundation for tracing ICMP
...
Remove send and return methods from Funnel interface. Users of Funnel can provide their own send and return methods without wrapper to comply with the interface.
Move packet router to ingress package to avoid circular dependency
2022-10-17 19:48:35 +01:00
Jamie Nguyen
9904929b83
Fix typo in help text for `cloudflared tunnel route lb`
2022-10-12 11:45:13 +01:00
Bas Westerbaan
f4ae8d1446
Add post-quantum flag to quick tunnel
...
Github #773
2022-10-05 01:33:17 +02:00
cthuang
be0305ec58
TUN-6741: ICMP proxy tries to listen on specific IPv4 & IPv6 when possible
...
If it cannot determine the correct interface IP, it will fallback to all interfaces.
This commit also introduces the icmpv4-src and icmpv6-src flags
2022-09-26 11:37:08 +01:00
cthuang
3d345d3748
TUN-6595: Enable datagramv2 and icmp proxy by default
2022-09-20 14:02:02 +00:00
Bas Westerbaan
11cbff4ff7
RTG-1339 Support post-quantum hybrid key exchange
...
Func spec: https://wiki.cfops.it/x/ZcBKHw
2022-09-07 19:32:53 +00:00
Devin Carr
cfef0e737f
TUN-6720: Remove forcibly closing connection during reconnect signal
...
Previously allowing the reconnect signal forcibly close the connection
caused a race condition on which error was returned by the errgroup
in the tunnel connection. Allowing the signal to return and provide
a context cancel to the connection provides a safer shutdown of the
tunnel for this test-only scenario.
2022-08-31 21:50:02 +00:00
Anton Kozlov
e63ec34503
cURL supports stdin and uses os pipes directly without copying
2022-07-21 16:23:02 +00:00
Devin Carr
2a177e0fc4
TUN-6583: Remove legacy --ui flag
2022-07-20 16:17:29 -07:00
Nuno Diegues
7607ead143
TUN-6503: Fix transport fallback from QUIC in face of dial error "no network activity"
2022-07-06 13:05:45 +01:00
Stephen Heckler
efd4556546
Ensure service install directories are created before writing file
2022-06-28 12:31:18 -05:00
Devin Carr
2e2718b7e3
TUN-6459: Add cloudflared user-agent to access calls
2022-06-24 11:51:53 -07:00
Devin Carr
ae7fbc14f3
TUN-6373: Add edge-ip-version to remotely pushed configuration
...
(cherry picked from commit 8e9091cc48
)
2022-06-23 16:55:03 +00:00
Silver
ee87c43eb9
Merge pull request #656 from nikr-canva/http2-origins
...
Add Http2Origin option to force HTTP/2 origin connections
2022-06-16 12:23:07 -05:00
Devin Carr
b9453b84bb
Revert "TUN-6373: Add edge-ip-version to remotely pushed configuration"
...
This reverts commit 8e9091cc48
.
2022-06-14 16:07:37 -07:00
Igor Postelnik
f2339a7244
TUN-6380: Enforce connect and keep-alive timeouts for TCP connections in both WARP routing and websocket based TCP proxy.
...
For WARP routing the defaults for these new settings are 5 seconds for connect timeout and 30 seconds for keep-alive timeout. These values can be configured either remotely or locally. Local config lives under "warp-routing" section in config.yaml.
For websocket-based proxy, the defaults come from originConfig settings (either global or per-service) and use the same defaults as HTTP proxying.
2022-06-14 21:36:40 +00:00
Devin Carr
8e9091cc48
TUN-6373: Add edge-ip-version to remotely pushed configuration
2022-06-14 15:41:16 +00:00
Devin Carr
e3aad7799e
TUN-6357: Add connector id to ready check endpoint
2022-06-08 17:35:23 +00:00
Devin Carr
2b0d704777
TUN-6341: Fix default config value for edge-ip-version
2022-06-02 20:12:15 -07:00
Devin Carr
ee80e55833
TUN-6339: Add config for IPv6 support
2022-06-02 16:04:26 -07:00
Niklas Rehfeld
7d4afd4ae0
Add Http2Origin option to force HTTP/2 origin connections
...
If `http2Origin` is set, it will set `ForceAttemptHTTP2` in the transport config of the `OriginService`.
2022-06-01 12:57:29 +12:00
Nuno Diegues
5e6f606f4e
TUN-6293: Update yaml v3 to latest hotfix
...
This addresses https://security.snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV3-2841557
by updating yaml v3 to latest version.
It also stops using yaml v2 directly (we were using both v2 and v3 mixed).
We still rely on yaml v2 indirectly, via urfave cli, though.
Note that the security vulnerability does not affect v2.
2022-05-30 17:38:55 +00:00
João Oliveirinha
99d4e48656
TUN-6016: Push local managed tunnels configuration to the edge
2022-05-06 15:43:24 +00:00
João Oliveirinha
3254d08173
TUN-6014: Add remote config flag as default feature
2022-04-28 12:00:47 +01:00
Devin Carr
a97233bb3e
TUN-6030: Add ttfb span for origin http request
2022-04-21 15:49:22 +00:00
Nuno Diegues
7a6ab54fcb
TUN-6043: Allow UI-managed Tunnels to fallback from QUIC but warn about that
2022-04-12 09:46:07 +01:00
Nuno Diegues
a0f6eb9d5e
TUN-5992: Use QUIC protocol for remotely managed tunnels when protocol is unspecified
2022-04-05 23:07:10 +01:00
Nuno Diegues
c5d1662244
TUN-5960: Do not log the tunnel token or json credentials
2022-03-28 10:54:39 +01:00
Nuno Diegues
092e76eb55
TUN-5954: Start cloudflared service in Linux too similarly to other OSs
2022-03-25 13:57:47 +00:00
Nuno Diegues
62e1330e45
TUN-5933: Better messaging to help user when installing service if it is already installed
2022-03-24 17:19:23 +00:00
Nuno Diegues
98736a03e1
TUN-5915: New cloudflared command to allow to retrieve the token credentials for a Tunnel
2022-03-23 10:35:16 +00:00
Nuno Diegues
470e6c35c5
TUN-5918: Clean up text in cloudflared tunnel --help
2022-03-22 18:52:28 +00:00
Devin Carr
e2a8302bbc
TUN-5869: Add configuration endpoint in metrics server
2022-03-22 08:11:59 -07:00
Nuno Diegues
1b511b2d25
TUN-5881: Clarify success (or lack thereof) of (un)installing cloudflared service
2022-03-18 18:10:02 +00:00
Igor Postelnik
398cc8b134
TUN-5893: Start windows service on install, stop on uninstall. Previously user had to manually start the service after running 'cloudflared tunnel install' and stop the service before running uninstall command.
2022-03-17 17:52:39 -05:00
Nuno Diegues
057a0cc758
TUN-5833: Send feature `allow_remote_config` if Tunnel is run with --token
2022-03-16 14:07:03 +00:00
cthuang
ca43b0357f
TUN-5867: Return error if service was already installed
2022-03-16 11:33:44 +00:00
Piper McCorkle
9552bb7bc7
TUN-5853 Add "install" make target and build package manager info into executable
2022-03-08 15:31:14 -06:00
Nuno Diegues
c54e8cd8e6
TUN-5851: Update all references to point to Apache License 2.0
2022-03-08 17:35:31 +00:00
João Oliveirinha
706523389c
TUN-5679: Add support for service install using Tunnel Token
2022-03-03 18:59:03 +00:00
Nuno Diegues
a1d485eca5
TUN-5823: Warn about legacy flags that are ignored when ingress rules are used
2022-03-02 10:48:03 +00:00
Devin Carr
8a1ba1f8ca
TUN-5824: Update updater no-update-in-shell link
2022-02-28 15:06:18 -06:00
João Oliveirinha
b6d7076400
TUN-5681: Add support for running tunnel using Token
2022-02-23 10:09:45 +00:00
João Oliveirinha
22cd8ceb8c
TUN-5682: Remove name field from credentials
2022-02-23 10:08:29 +00:00
Sudarsan Reddy
9909e9d63c
TUN-5754: Allow ingress validate to take plaintext option
...
Ingress validate currently validates config from a file. This PR adds a
new --json/-j flag to provide the ingress/config data as a plaintext
command line argument.
2022-02-22 16:56:22 +00:00