Devin Carr
794e8e622f
TUN-6724: Migrate to sentry-go from raven-go
2023-01-11 15:48:03 +00:00
Bas Westerbaan
de4fd472f3
RTG-2418 Update qtls
2023-01-04 14:52:00 +01:00
Devin Carr
887e486a63
TUN-7057: Remove dependency github.com/gorilla/mux
2022-12-24 21:05:51 -07:00
Bas Westerbaan
d0c10b34dd
RTG-2276 Update qtls and go mod tidy
2022-10-11 02:08:19 +00:00
Sudarsan Reddy
de07da02cd
TUN-6772: Add a JWT Validator as an ingress verifier
...
This adds a new verifier interface that can be attached to ingress.Rule.
This would act as a middleware layer that gets executed at the start of
proxy.ProxyHTTP.
A jwt validator implementation for this verifier is also provided. The
validator downloads the public key from the access teams endpoint and
uses it to verify the JWT sent to cloudflared with the audtag (clientID)
information provided in the config.
2022-09-22 08:42:25 +00:00
Bas Westerbaan
11cbff4ff7
RTG-1339 Support post-quantum hybrid key exchange
...
Func spec: https://wiki.cfops.it/x/ZcBKHw
2022-09-07 19:32:53 +00:00
cthuang
bad2e8e812
TUN-6666: Define packet package
...
This package defines IP and ICMP packet, decoders, encoder and flow
2022-08-24 11:36:57 +01:00
Sudarsan Reddy
065d8355c5
TUN-6637: Upgrade quic-go
2022-08-10 14:13:19 +00:00
Sudarsan Reddy
046a30e3c7
TUN-6637: Upgrade go version and quic-go
2022-08-08 15:49:10 +01:00
Devin Carr
2a177e0fc4
TUN-6583: Remove legacy --ui flag
2022-07-20 16:17:29 -07:00
Nuno Diegues
475939a77f
TUN-6191: Update quic-go to v0.27.1 and with custom patch to allow keep alive period to be configurable
...
The idle period is set to 5sec.
We now also ping every second since last activity.
This makes the quic.Connection less prone to being closed with
no network activity, since we send multiple pings per idle
period, and thus a single packet loss cannot cause the problem.
2022-06-07 12:25:18 +01:00
Nuno Diegues
5e6f606f4e
TUN-6293: Update yaml v3 to latest hotfix
...
This addresses https://security.snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV3-2841557
by updating yaml v3 to latest version.
It also stops using yaml v2 directly (we were using both v2 and v3 mixed).
We still rely on yaml v2 indirectly, via urfave cli, though.
Note that the security vulnerability does not affect v2.
2022-05-30 17:38:55 +00:00
Devin Carr
def8f57dbc
TUN-5989: Add in-memory otlp exporter
2022-04-11 19:38:01 +00:00
Nuno Diegues
b12272529f
TUN-5995: Update prometheus to 1.12.1 to avoid vulnerabilities
2022-04-06 11:13:12 +00:00
João Oliveirinha
9422ea8ed8
CC-796: Remove dependency on unsupported version of go-oidc
2022-03-18 18:16:10 +00:00
João Oliveirinha
05b903a32e
Revert "CC-796: Remove dependency on unsupported version of go-oidc"
...
This reverts commit 0899d6a136
.
2022-03-18 10:03:58 +00:00
emmanuel
0899d6a136
CC-796: Remove dependency on unsupported version of go-oidc
2022-03-07 21:48:30 +00:00
cthuang
8a5343d0a5
TUN-5675: Remove github.com/dgrijalva/jwt-go dependency by upgrading coredns version
2022-01-25 15:24:13 +00:00
João Oliveirinha
74556bcd7d
TUN-5547: Bump golang x/net package to fix http2 transport bugs
2022-01-17 11:13:25 +00:00
cthuang
6fa58aadba
TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms
2022-01-11 14:55:43 +00:00
cthuang
e71b88fcaa
TUN-5408: Update quic package to v0.24.0
2021-11-10 22:10:38 +00:00
cthuang
ff7c48568c
TUN-5261: Collect QUIC metrics about RTT, packets and bytes transfered and log events at tracing level
2021-10-21 15:26:57 +01:00
cthuang
d54c8cc745
TUN-5129: Use go 1.17 and copy .git folder to docker build to compute version
2021-09-21 15:50:35 +00:00
Sudarsan Reddy
414cb12f02
TUN-4961: Update quic-go to latest
...
- Updates fips-go to be the latest on cfsetup.yaml
- Updates sumtype's x/tools to be latest to avoid Internal: nil pkg
errors with fips.
2021-08-27 12:26:00 +01:00
Sudarsan Reddy
1082ac1c36
TUN-4922: Downgrade quic-go library to 0.20.0
2021-08-13 15:45:13 +01:00
Sudarsan Reddy
ed024d0741
TUN-4597: Add a QUIC server skeleton
...
- Added a QUIC server to accept streams
- Unit test for this server also tests ALPN
- Temporary echo capability for HTTP ConnectionType
2021-08-03 10:03:47 +00:00
Igor Postelnik
9018ee5d5e
TUN-4116: Ingore credentials-file setting in configuration file during tunnel create and delete opeations.
...
This change has two parts:
1. Update to newer version of the urfave/cli fork that correctly sets flag value along the context hierarchy while respecting config file overide behavior of the most specific instance of the flag.
2. Redefine --credentials-file flag so that create and delete subcommand don't use value from the config file.
2021-03-24 08:15:36 -05:00
Igor Postelnik
6db934853d
TUN-3963: Repoint urfave/cli/v2 library at patched branch at github.com/ipostelnik/cli/v2@fixed which correctly handles reading flags declared at multiple levels of subcommands.
2021-02-24 20:04:59 +00:00
Sudarsan Reddy
b4700a52e3
TUN-3725: Warp-routing is independent of ingress
...
- Changed warp-routing configuration to its own yaml.
- Ingress Rules host matching is indepedent of warp-routing.
2021-02-23 14:19:47 +00:00
cthuang
9d5bd256be
TUN-3964: Revert "TUN-3922: Repoint urfave/cli/v2 library at patched branch at github.com/ipostelnik/cli/v2@fixed which correctly handles reading flags declared at multiple levels of subcommands."
...
This reverts commit 1670ee87fb
.
2021-02-23 12:32:07 +00:00
Igor Postelnik
1670ee87fb
TUN-3922: Repoint urfave/cli/v2 library at patched branch at github.com/ipostelnik/cli/v2@fixed which correctly handles reading flags declared at multiple levels of subcommands.
2021-02-18 18:12:20 +00:00
Igor Postelnik
a8ae6de213
TUN-3924: Removed db-connect command. Added a placeholder handler for this command that informs users that command is no longer supported.
2021-02-17 20:13:51 -06:00
Nuno Diegues
6852047ef1
TUN-3747: Fix logging in Windows
2021-01-13 23:23:31 +00:00
Areg Harutyunyan
9bc1c0c70b
TUN-3472: Set up rolling logger with zerolog and lumberjack
2020-12-23 14:15:37 -06:00
Areg Harutyunyan
870f5fa907
TUN-3470: Replace in-house logger calls with zerolog
2020-12-23 14:15:17 -06:00
Maxime Guerreiro
06404bf3e8
TUN-3650: Remove unused awsuploader package
2020-12-15 18:02:17 +01:00
cthuang
6b86f81c4a
TUN-3403: Unit test for origin/proxy to test serving HTTP and Websocket
2020-11-11 15:12:15 +00:00
cthuang
6886e5f90a
TUN-3467: Serialize cf-cloudflared-response-meta during package initialization using jsoniter
2020-11-11 15:11:42 +00:00
Rachel Williams
d8ebde37ca
TUN-3201: Create base cloudflared UI structure
2020-09-17 11:52:07 +04:00
Igor Postelnik
741cd66c9e
TUN-3375: Upgrade coredns and prometheus dependencies
2020-09-09 13:14:38 -05:00
Adam Chalmers
7acea1ac99
TUN-3375: Upgrade x/text and gorilla websocket deps
2020-09-09 12:07:35 -05:00
cthuang
a7562dff68
TUN-3233: List tunnels support filtering by deleted, name, existed at and id
2020-08-07 10:09:26 +01:00
Dalton
046be63253
AUTH-2596 added new logger package and replaced logrus
2020-05-27 17:07:19 -05:00
Adam Chalmers
2cf327ba01
TUN-2943: Copy certutil from edge into cloudflared
2020-05-04 17:37:29 -05:00
Dalton
41c358147c
AUTH-2587 add config watcher and reload logic for access client forwarder
2020-04-29 11:07:35 -05:00
Areg Harutyunyan
6624a24040
TUN-2748: Insecure randomness vulnerability in github.com/miekg/dns
2020-03-05 13:52:45 +00:00
Ashcon Partovi
759cd019be
Add db-connect, a SQL over HTTPS server
2019-11-12 20:34:39 +00:00
Chung-Ting Huang
13bf65ce4e
TUN-2506: Expose active streams metrics
2019-11-07 14:09:31 -06:00
Nick Vollmar
e5335b6c1b
TUN-2502: Switch to go modules
2019-11-04 15:05:02 -06:00
Michael Borkenstein
91d9dca34e
AUTH-2105: Adds support for local forwarding. Refactor auditlogger creation.
...
AUTH-2088: Adds dynamic destination routing
2019-10-10 15:25:03 -05:00