Jeshua Lin
653bf87197
Fix ssh-config short-lived-cert for subpath-ed hostnames
...
Fixes https://github.com/cloudflare/cloudflared/issues/923
2023-04-04 13:25:27 +08:00
Devin Carr
794e8e622f
TUN-6724: Migrate to sentry-go from raven-go
2023-01-11 15:48:03 +00:00
n0k0m3
1b5313cc28
Issue #574 : Better ssh config for short-lived cert ( #763 )
...
This PR is made using suggestion from #574 . The pros for this config is that it will work both Windows and Linux (tested), as well as in VSCode, which normally can't be done with the current generated ssh config (refers to #734 )
2022-11-02 10:44:34 +00:00
Anton Kozlov
e63ec34503
cURL supports stdin and uses os pipes directly without copying
2022-07-21 16:23:02 +00:00
Devin Carr
2e2718b7e3
TUN-6459: Add cloudflared user-agent to access calls
2022-06-24 11:51:53 -07:00
Dimitris Apostolou
197a70c9c4
Fix typos
2021-11-12 17:38:06 +02:00
Martin Cuesta
a11c64b091
🎨 Prefix env var parameters with TUNNEL
...
This is for TokenID and TokenSecret in the cloudflare access CLI.
2021-05-31 15:38:46 -03:00
Martin Cuesta
e404c29edb
🖌️ Allow providing TokenID and TokenSecret as env vars when calling cloudflared access
...
Implements #232
2021-05-31 13:04:39 -03:00
Igor Postelnik
8ca0d86c85
TUN-3863: Consolidate header handling logic in the connection package; move headers definitions from h2mux to packages that manage them; cleanup header conversions
...
All header transformation code from h2mux has been consolidated in the connection package since it's used by both h2mux and http2 logic.
Exported headers used by proxying between edge and cloudflared so then can be shared by tunnel service on the edge.
Moved access-related headers to corresponding packages that have the code that sets/uses these headers.
Removed tunnel hostname tracking from h2mux since it wasn't used by anything. We will continue to set the tunnel hostname header from the edge for backward compatibilty, but it's no longer used by cloudflared.
Move bastion-related logic into carrier package, untangled dependencies between carrier, origin, and websocket packages.
2021-03-29 21:57:56 +00:00
Michael Borkenstein
63833b07dd
AUTH-3455: Generate short-lived ssh cert per hostname
2021-03-25 10:38:43 -05:00
Igor Postelnik
da4d0b2bae
TUN-4067: Reformat code for consistent import order, grouping, and fix formatting. Added goimports target to the Makefile to make this easier in the future.
2021-03-24 10:53:29 -05:00
Michael Borkenstein
2c75326021
AUTH-3394: Ensure scheme on token command
2021-03-17 10:50:03 -05:00
Igor Postelnik
a34099724e
TUN-4094: Don't read configuration file for access commands
2021-03-16 17:36:46 -05:00
Igor Postelnik
8c5498fad1
TUN-3715: Only read config file once, right before invoking the command
2021-03-16 17:22:13 -05:00
Adam Chalmers
2c746b3361
TUN-4081: Update log severities to use Zerolog's levels
2021-03-16 19:04:49 +00:00
Michael Borkenstein
841344f1e7
AUTH-3394: Creates a token per app instead of per path - with fix for
...
free tunnels
2021-03-12 15:49:47 +00:00
Adam Chalmers
b0e69c4b8a
Revert "AUTH-3394: Creates a token per app instead of per path"
...
This reverts commit 8e340d9598
.
2021-03-10 13:54:38 -06:00
Michael Borkenstein
8e340d9598
AUTH-3394: Creates a token per app instead of per path
2021-03-10 17:15:16 +00:00
Igor Postelnik
39065377b5
TUN-4063: Cleanup dependencies between packages.
...
- Move packages the provide generic functionality (such as config) from `cmd` subtree to top level.
- Remove all dependencies on `cmd` subtree from top level packages.
- Consolidate all code dealing with token generation and transfer to a single cohesive package.
2021-03-09 14:02:59 +00:00
cthuang
63a29f421a
TUN-3895: Tests for socks stream handler
2021-02-23 14:19:47 +00:00
Igor Postelnik
9c298e4851
TUN-3855: Add ability to override target of 'access ssh' command to a different host for testing
2021-02-23 14:19:47 +00:00
Security Generation
a4f185fd28
Update error message to use login command
...
Unless I'm mistaken, when there is no existing token for an app, the `login` command needs to be run to obtain a token (not the `token` command, which itself doesn't generate a token).
2021-02-09 17:15:13 +00:00
Igor Postelnik
6cdd20e820
TUN-3792: Handle graceful shutdown correctly when running as a windows service. Only expose one shutdown channel globally, which now triggers the graceful shutdown sequence across all modes. Removed separate handling of zero-duration grace period, instead it's checked only when we need to wait for exit.
2021-01-27 07:21:34 -06:00
Areg Harutyunyan
55bf904689
TUN-3471: Add structured log context to logs
2021-01-05 20:21:16 +00:00
Areg Harutyunyan
870f5fa907
TUN-3470: Replace in-house logger calls with zerolog
2020-12-23 14:15:17 -06:00
Michael Borkenstein
fcc393e2f0
AUTH-3221: Saves org token to disk and uses it to refresh the app token
2020-11-24 21:38:59 +00:00
Areg Harutyunyan
cad58b9b57
TUN-3561: Unified logger configuration
2020-11-23 16:49:07 +00:00
cthuang
9ac40dcf04
TUN-3462: Refactor cloudflared to separate origin from connection
2020-11-11 15:11:42 +00:00
cthuang
a7562dff68
TUN-3233: List tunnels support filtering by deleted, name, existed at and id
2020-08-07 10:09:26 +01:00
Igor Postelnik
2a3d486126
TUN-3007: Implement named tunnel connection registration and unregistration.
...
Removed flag for using quick reconnect, this logic is now always enabled.
2020-07-01 04:19:30 +00:00
Dalton
1a6403b2fd
AUTH-2694 added destination header support to config file
2020-06-15 10:10:22 -05:00
Dalton
55acf7283c
AUTH-2810 added warn for backwards compatibility sake
2020-06-12 22:15:28 +00:00
Dalton
ae8d784e36
AUTH-2763 don't redirect from curl command
2020-06-11 15:38:11 -05:00
Dalton
0d87279b2f
AUTH-2785 service token flag fix and logger fix
2020-06-09 11:00:56 -05:00
Dalton
f8638839c0
AUTH-2729 added log file and level to cmd flags to match config file settings
2020-06-08 19:42:34 +00:00
Dalton
2f70b05c64
AUTH-2169 make access login page more generic
2020-06-08 11:20:30 -05:00
Dalton
046be63253
AUTH-2596 added new logger package and replaced logrus
2020-05-27 17:07:19 -05:00
Michael Borkenstein
b89cc22896
AUTH-2369: RDP Bastion prototype
2020-05-19 21:10:50 -05:00
Michael Borkenstein
6a7418e1af
AUTH-2686: Added error handling to tunnel subcommand
2020-05-18 15:36:25 -05:00
Dalton
df3ad2b223
AUTH-2529 added deprecation text to db-connect command
2020-05-14 10:26:09 -05:00
Dalton
8c870c19a6
AUTH-2505 added aliases
2020-05-13 15:15:08 -05:00
Michael Borkenstein
2c878c47ed
AUTH-2564: error handling and minor fixes
2020-05-11 15:42:35 +00:00
Dalton
41c358147c
AUTH-2587 add config watcher and reload logic for access client forwarder
2020-04-29 11:07:35 -05:00
Dalton
a37da2b165
AUTH-2394 added socks5 proxy
2020-04-07 13:30:28 -05:00
Dalton
a368fbbe9b
AUTH-2394 fixed header for websockets. Added TCP alias
2020-03-23 10:27:53 -05:00
Michael Borkenstein
ad9559c66a
AUTH-2173: Prepends access login url with scheme if one doesnt exist
2019-10-23 20:35:12 +00:00
Michael Borkenstein
a4b3ee5959
AUTH-2105: Dont require --destination arg
2019-10-11 12:26:23 -05:00
Michael Borkenstein
91d9dca34e
AUTH-2105: Adds support for local forwarding. Refactor auditlogger creation.
...
AUTH-2088: Adds dynamic destination routing
2019-10-10 15:25:03 -05:00
Michael Borkenstein
1d5cc45ac7
AUTH-2055: Verifies token at edge on access login
2019-09-24 18:22:33 +00:00
Austin Cherry
1ca841d220
AUTH-1811: ssh-gen config fixes
2019-06-04 16:25:34 +00:00