Adam Chalmers
dfe61fda88
TUN-2645: Revert "TUN-2645: Turn on reconnect tokens"
...
This reverts commit 053b2c17f1
.
2020-01-27 14:59:07 -06:00
Adam Chalmers
053b2c17f1
TUN-2645: Turn on reconnect tokens
2020-01-13 15:23:42 -06:00
Tyler Cook
87102a2646
Fix timer scheduling for systemd update service ( #159 )
2019-12-19 20:53:06 +04:00
Rueian
cc2a1d1204
bug(cloudflared): Set the MaxIdleConnsPerHost of http.Transport to proxy-keepalive-connections ( #155 )
...
Setting the MaxIdleConns is not enough, the MaxIdleConnsPerHost must be set as well.
Otherwise, http.Transport will use the DefaultMaxIdleConnsPerHost, which is 2,
and then the connection pool will have only 2 connection hold.
2019-12-17 05:02:28 +04:00
Nick Vollmar
5e7ca14412
TUN-2555: origin/supervisor.go calls Authenticate
2019-12-06 11:26:54 -06:00
Ashcon Partovi
43babbc2f9
Fix "happy eyeballs" not being disabled since Golang 1.12 upgrade
...
* The Dialer.DualStack setting is now ignored and deprecated; RFC 6555 Fast Fallback ("Happy Eyeballs") is now enabled by default. To disable, set Dialer.FallbackDelay to a negative value.
2019-11-25 17:54:20 +00:00
Ashcon Partovi
759cd019be
Add db-connect, a SQL over HTTPS server
2019-11-12 20:34:39 +00:00
Michael Borkenstein
ad9559c66a
AUTH-2173: Prepends access login url with scheme if one doesnt exist
2019-10-23 20:35:12 +00:00
Michael Borkenstein
28cc1c65af
AUTH-2167: Adds CLI option for host key directory
2019-10-17 16:31:43 -05:00
Michael Borkenstein
8b6e3bc1d1
AUTH-2159: Moves shutdownC close into error handling
...
AUTH-2161: Lowers size of preamble length
AUTH-2160: Fixes url parsing logic
2019-10-16 11:41:51 -05:00
Michael Borkenstein
95704b11fb
AUTH-2114: Uses short lived cert auth for outgoing client connection
2019-10-15 14:35:15 -05:00
Michael Borkenstein
a4b3ee5959
AUTH-2105: Dont require --destination arg
2019-10-11 12:26:23 -05:00
Michael Borkenstein
91d9dca34e
AUTH-2105: Adds support for local forwarding. Refactor auditlogger creation.
...
AUTH-2088: Adds dynamic destination routing
2019-10-10 15:25:03 -05:00
Michael Borkenstein
dbde3870da
AUTH-2089: Revise ssh server to function as a proxy
2019-10-07 13:04:04 -05:00
Michael Borkenstein
133e6fdc88
AUTH-2077: Quotes open browser command in windows
2019-09-24 18:27:37 +00:00
Michael Borkenstein
1d5cc45ac7
AUTH-2055: Verifies token at edge on access login
2019-09-24 18:22:33 +00:00
Michael Borkenstein
979e5be8ab
AUTH-2067: Log commands correctly
2019-09-23 20:42:41 +00:00
Adam Chalmers
4f23da2a6d
TUN-2315: Replace Scope with IntentLabel
2019-09-18 15:11:46 -05:00
Michael Borkenstein
ff795a7beb
AUTH-2056: Writes stderr to its own stream for non-pty connections
2019-09-16 14:43:05 -05:00
Michael Borkenstein
c2a71c5a51
AUTH-2037: Adds support for ssh port forwarding
2019-09-11 10:41:09 -05:00
Michael Borkenstein
d3b254f9ae
AUTH-2036: Refactor user retrieval, shutdown after ssh server stops, add custom version string
2019-09-09 17:31:23 +00:00
Dalton
ee588eeeaa
AUTH-1943 hooked up uploader to logger, added timestamp to session logs, add tests
2019-09-06 15:57:32 -05:00
Adam Chalmers
dd521aba29
TUN-2280: Revert "TUN-2260: add name/group to CapnpConnectParameters, remove Scope"
...
This reverts commit 817c3be9da5465043c2a2fda6c48f7ada760682e.
2019-09-06 15:59:32 +00:00
Adam Chalmers
a06390a078
TUN-2201: change SRV records used by cloudflared
...
This changes cloudflarewarp.com to argotunnel.com and _warp to
_origintunneld. We've changed which zone we host the SRV records
for Argo Tunnel on.
2019-09-06 15:01:58 +00:00
Nick Vollmar
dc730615f2
TUN-2260: add name/group to CapnpConnectParameters, remove Scope
2019-09-05 15:36:16 +00:00
Austin Cherry
5e85a8bd16
AUTH-1943: Adds session logging
2019-09-03 13:54:29 -05:00
Michael Borkenstein
7abbe91d41
AUTH-2030: Support both authorized_key and short lived cert authentication simultaniously without specifiying at start time
2019-08-30 19:23:10 +00:00
Areg Harutyunyan
ff97fb6dc8
Merge branch 'master' of github.com:cloudflare/cloudflared
2019-08-30 13:45:40 -05:00
David Barr
dc48cdce1a
Fix #111 : Add support for specifying a specific HTTP Host: header on the origin. ( #114 )
2019-08-29 22:55:54 -05:00
Dalton
f130e6d4d7
AUTH-2021 - s3 bucket uploading for SSH logs
2019-08-29 16:54:54 -05:00
Michael Borkenstein
858ef29868
AUTH-2022: Adds ssh timeout configuration
2019-08-28 15:22:35 -05:00
Michael Borkenstein
baec3e289e
AUTH-2018: Adds support for authorized keys and short lived certs
2019-08-28 09:58:42 -05:00
Adam Chalmers
df25ed9bde
TUN-2244: Add NO_AUTOUPDATE env var
2019-08-27 15:53:28 -05:00
Adam Chalmers
4e1df1a211
TUN-2243: Revert "STOR-519: Add db-connect, a SQL over HTTPS server"
...
This reverts commit 5da2109811
.
2019-08-26 16:50:12 -05:00
Austin Cherry
30c9e2af9b
AUTH-1941: Adds initial SSH server implementation
2019-08-21 15:49:03 -05:00
Michael Borkenstein
47254113ee
Revert "AUTH-1941: Adds initial SSH server implementation"
...
This reverts commit e9c9bf3cbd
.
2019-08-20 17:20:48 -05:00
Austin Cherry
e9c9bf3cbd
AUTH-1941: Adds initial SSH server implementation
2019-08-20 16:18:37 -05:00
Ashcon Partovi
5da2109811
STOR-519: Add db-connect, a SQL over HTTPS server
2019-08-20 13:13:29 -05:00
Michael Borkenstein
8d1ea7202a
Merge branch 'mike/AUTH-1972-delete-token-lockfile' of ssh://bitbucket.cfdata.org:7999/tun/cloudflared
2019-08-06 08:12:02 -05:00
Michael Borkenstein
9adbab96af
AUTH-1972: Deletes token lock file if backoff retry attempts exceeded and intercepts signals until lock is released
2019-08-06 08:07:48 -05:00
Chung-Ting Huang
bdd70e798a
TUN-2110: Implement custom deserialization logic for OriginConfig
2019-08-05 19:28:51 -05:00
Nick Vollmar
74f3a55c57
TUN-2117: read group/system-name from CLI, send it to edge
2019-08-01 22:04:05 +00:00
Austin Cherry
8f25704a90
AUTH-1736: Better handling of token revocation
...
We removed all token validation from cloudflared and now rely on
the edge to do the validation. This is better because the edge is
the only thing that fully knows about token revocation. So if a user
logs out or the application revokes all it's tokens cloudflared will
now handle that process instead of barfing on it.
When we go to fetch a token we will check for the existence of a
lock file. If the lock file exists, we stop and poll every half
second to see if the lock is still there. Once the lock file is
removed, it will restart the function to (hopefully) go pick up
the valid token that was just created.
2019-07-10 21:35:46 +00:00
Chung-Ting Huang
4858ce79d0
TUN-1977: Validate OriginConfig has valid URL, and use scheme to determine if a HTTPOriginService is expecting HTTP or Unix
2019-07-01 15:31:58 -05:00
Chung-Ting Huang
0a742feb98
TUN-1885: Reconfigure cloudflared on receiving new ClientConfig
2019-06-20 19:07:59 -05:00
Chung-Ting Huang
80a15547e3
TUN-1961: Create EdgeConnectionManager to maintain outbound connections to the edge
2019-06-18 16:37:38 -05:00
Chung-Ting Huang
d32fb8e82c
TUN-1913: Define OriginService for each type of origin
2019-06-04 17:02:34 -05:00
Austin Cherry
1ca841d220
AUTH-1811: ssh-gen config fixes
2019-06-04 16:25:34 +00:00
Austin Cherry
713a2d689e
AUTH-1802: Fixed ssh-config templating
2019-05-30 15:25:08 +00:00
Christoph Blecker
a1403fe968
Handle exit code on err
...
fixes #96 .
This change checks the err returned from the StartServer function, and
if it exists, passes a non-zero error code through to the urfave/cli
framework. This should allow processes like launchd to detect if
cloudflared exited gracefully or with an error.
2019-05-29 12:59:19 -05:00