Commit Graph

96 Commits

Author SHA1 Message Date
João Oliveirinha 7e47667b08 TUN-5481: Create abstraction for Origin UDP Connection
Creates an abstraction over UDP Conn for origin "connection" which can
be useful for future support of complex protocols that may require
changing ports during protocol negotiation (eg. SIP, TFTP)
In addition, it removes a dependency from ingress on connection package.
2021-12-06 16:37:09 +00:00
cthuang eea3d11e40 TUN-5301: Separate datagram multiplex and session management logic from quic connection logic 2021-12-06 16:37:09 +00:00
cthuang dd32dc1364 TUN-5299: Send/receive QUIC datagram from edge and proxy to origin as UDP 2021-12-06 16:37:09 +00:00
cthuang fc2333c934 TUN-5300: Define RPC to register UDP sessions 2021-12-06 16:37:09 +00:00
Nuno Diegues 6cc7d99e32 TUN-5441: Fix message about available protocols 2021-11-18 14:30:22 +00:00
Nuno Diegues e35f744b36 TUN-5393: Content-length is no longer a control header for non-h2mux transports
- Refactors some h2mux specific logic from connection/header.go to connection/h2mux_header.go
 - Do the same for the unit tests
 - Add a non-h2mux "is control response header" function (we don't need one for the request flow)
 - In that new function, do not consider "content-length" as a control header
 - Use that function in the non-h2mux flow for response (and it will be used also in origintunneld)
2021-11-17 10:56:15 +00:00
Dimitris Apostolou 197a70c9c4
Fix typos 2021-11-12 17:38:06 +02:00
Sudarsan Reddy 0146a8d8ed TUN-5285: Fallback to HTTP2 immediately if connection times out with no network activity 2021-11-04 10:42:53 +00:00
Nuno Diegues 573d410606 Revert "TUN-5184: Make sure outstanding websocket write is finished, and no more writes after shutdown"
This reverts commit f8fbbcd806.
2021-10-25 19:51:52 +01:00
cthuang f8fbbcd806 TUN-5184: Make sure outstanding websocket write is finished, and no more writes after shutdown 2021-10-25 08:27:40 +00:00
cthuang 2ce11a20c4 TUN-5287: Fix misuse of wait group in TestQUICServer that caused the test to exit immediately 2021-10-22 13:40:51 +00:00
Sudarsan Reddy ceb509ee98 TUN-5138: Switch to QUIC on auto protocol based on threshold 2021-10-14 09:18:20 +01:00
Sudarsan Reddy 2822fbe3db TUN-5249: Revert "TUN-5138: Switch to QUIC on auto protocol based on threshold"
This reverts commit e445fd92f7
2021-10-13 19:06:31 +01:00
Sudarsan Reddy e445fd92f7 TUN-5138: Switch to QUIC on auto protocol based on threshold 2021-10-11 11:05:20 +00:00
Sudarsan Reddy bccf4a63dc UN-5213: Increase MaxStreams value for QUIC transport
The default max streams value of 100 is rather small when subject to
high load in terms of connecting QUIC with streams faster than it can
create new ones. This high value allows for more throughput.
2021-10-08 13:48:20 +01:00
Sudarsan Reddy 7059ef8e13 TUN-5195: Do not set empty body if not applicable
Go's client defaults to chunked encoding after a 200ms delay if the following cases are true:
  * the request body blocks
  * the content length is not set (or set to -1)
  * the method doesn't usually have a body (GET, HEAD, DELETE, ...)
  * there is no transfer-encoding=chunked already set.
So for non websocket requests, if transfer-encoding isn't chunked and content length is 0, we dont set a request body.
2021-10-07 15:47:27 +01:00
Sudarsan Reddy 470a85e65d TUN-5160: Set request.ContentLength when this value is in request header 2021-09-27 14:12:11 +01:00
Sudarsan Reddy d7da74cb9e TUN-5142: defer close rpcconn inside unregister instead of ServeControlStream 2021-09-24 12:56:31 +01:00
Sudarsan Reddy 27e1277a3b TUN-5142: Add asynchronous servecontrolstream for QUIC
ServeControlStream accidentally became non-blocking in the last quic
change causing stream to not be returned until a SIGTERM was received.
This change makes ServeControlStream be non-blocking for QUIC streams.
2021-09-24 10:00:43 +00:00
cthuang 6238fd9022 TUN-5141: Make sure websocket pinger returns before streaming returns 2021-09-23 16:54:55 +01:00
Nuno Diegues f985ed567f TUN-5128: Enforce maximum grace period
This maximum grace period will be honored by Cloudflare edge such that
either side will close the connection after unregistration at most
by this time (3min as of this commit):
 - If the connection is unused, it is already closed as soon as possible.
 - If the connection is still used, it is closed on the cloudflared configured grace-period.

Even if cloudflared does not close the connection by the grace-period time,
the edge will do so.
2021-09-21 16:48:37 +00:00
Sudarsan Reddy fd14bf440b TUN-5118: Quic connection now detects duplicate connections similar to http2 2021-09-21 06:30:09 +00:00
Areg Harutyunyan d04f48d872
TUN-5029: Do not strip cf- prefixed headers 2021-09-02 12:21:01 -05:00
Rishabh Bector a4a9f45b0a TUN-4821: Make quick tunnels the default in cloudflared 2021-08-26 15:53:02 +00:00
Sudarsan Reddy 1da4fbbe0b TUN-4970: Only default to http2 for warp-routing if protocol is h2mux 2021-08-26 15:12:31 +00:00
Sudarsan Reddy b6c85401a5 TUN-4889: Add back appendtagheaders function
TUN-4701 accidentally removed adding tagheaders. This commit adds it
back.
2021-08-23 15:29:48 +00:00
Sudarsan Reddy 12ad264eb3 TUN-4866: Add Control Stream for QUIC
This commit adds support to Register and Unregister Connections via RPC
on the QUIC transport protocol
2021-08-17 14:50:32 +00:00
Sudarsan Reddy e49a7a4389 TUN-4597: Added HTTPProxy for QUIC 2021-08-04 12:50:18 +00:00
Sudarsan Reddy ed024d0741 TUN-4597: Add a QUIC server skeleton
- Added a QUIC server to accept streams
- Unit test for this server also tests ALPN
- Temporary echo capability for HTTP ConnectionType
2021-08-03 10:03:47 +00:00
Nuno Diegues fa8aa02270 TUN-4819: Tolerate protocol TXT record lookup failing 2021-07-29 11:44:39 +00:00
Nuno Diegues 0924549efd TUN-4811: Publish quick tunnels' hostname in /metrics under `userHostname` for backwards-compatibility 2021-07-29 10:20:43 +01:00
Sudarsan Reddy ed1389ef08 TUN-4814: Revert "TUN-4699: Make quick tunnels the default in cloudflared"
This reverts commit 18992efa0c.
2021-07-28 10:02:55 +01:00
Rishabh Bector 18992efa0c TUN-4699: Make quick tunnels the default in cloudflared 2021-07-26 15:57:36 +00:00
Sudarsan Reddy 8f3526289a TUN-4701: Split Proxy into ProxyHTTP and ProxyTCP
http.Request now is only used by ProxyHTTP and not required if the
proxying is TCP. The dest conversion is handled by the transport layer.
2021-07-19 13:43:59 +00:00
Rishabh Bector 3eb9efd9f0 TUN-4521: Modify cloudflared to use zoneless-tunnels-worker for free tunnels 2021-06-29 09:39:18 +01:00
Nuno Diegues b06fe0fc5f TUN-4571: Fix proxying to unix sockets when using HTTP2 transport to Cloudflare Edge 2021-06-21 11:43:14 +01:00
Sudarsan Reddy 951d13d76c TUN-4456: Replaced instances of Tick() with Ticker() in h2mux paths
time.Tick() does not get garbage collected because the channel
underneath never gets deleted and the underlying Ticker can never be
recovered by the garbage collector. We replace this with NewTicker() to
avoid this.
2021-05-25 18:07:06 +01:00
Igor Postelnik 8ca0d86c85 TUN-3863: Consolidate header handling logic in the connection package; move headers definitions from h2mux to packages that manage them; cleanup header conversions
All header transformation code from h2mux has been consolidated in the connection package since it's used by both h2mux and http2 logic.
Exported headers used by proxying between edge and cloudflared so then can be shared by tunnel service on the edge.
Moved access-related headers to corresponding packages that have the code that sets/uses these headers.
Removed tunnel hostname tracking from h2mux since it wasn't used by anything. We will continue to set the tunnel hostname header from the edge for backward compatibilty, but it's no longer used by cloudflared.
Move bastion-related logic into carrier package, untangled dependencies between carrier, origin, and websocket packages.
2021-03-29 21:57:56 +00:00
Igor Postelnik da4d0b2bae TUN-4067: Reformat code for consistent import order, grouping, and fix formatting. Added goimports target to the Makefile to make this easier in the future. 2021-03-24 10:53:29 -05:00
Nuno Diegues 89b738f8fa TUN-4026: Fix regression where HTTP2 edge transport was no longer propagating control plane errors 2021-03-04 18:45:39 +00:00
Sudarsan Reddy e20c4f8752 TUN-3838: ResponseWriter no longer reads and origin error tests 2021-02-23 14:19:47 +00:00
cthuang ab4dda5427 TUN-3868: Refactor singleTCPService and bridgeService to tcpOverWSService and rawTCPService 2021-02-23 14:19:47 +00:00
cthuang 2146f71b45 TUN-3753: Select http2 protocol when warp routing is enabled 2021-02-23 14:19:47 +00:00
cthuang 3b93914612 TUN-3764: Actively flush data for TCP streams 2021-02-23 14:19:47 +00:00
Sudarsan Reddy 368066a966 TUN-3615: added support to proxy tcp streams
added ingress.DefaultStreamHandler and a basic test for tcp stream proxy
moved websocket.Stream to ingress
cloudflared no longer picks tcpstream host from header
2021-02-23 14:19:47 +00:00
cthuang e2262085e5 TUN-3617: Separate service from client, and implement different client for http vs. tcp origins
- extracted ResponseWriter from proxyConnection
 - added bastion tests over websocket
 - removed HTTPResp()
 - added some docstrings
 - Renamed some ingress clients as proxies
 - renamed instances of client to proxy in connection and origin
 - Stream no longer takes a context and logger.Service
2021-02-23 14:19:44 +00:00
Igor Postelnik cf562ef8c8 TUN-3635: Send event when unregistering tunnel for gracful shutdown so /ready endpoint reports down status befoe connections finish handling pending requests. 2021-02-08 15:38:42 +00:00
Igor Postelnik 0b16a473da TUN-3869: Improve reliability of graceful shutdown.
- Don't rely on edge to close connection on graceful shutdown in h2mux, start muxer shutdown from cloudflared.
- Don't retry failed connections after graceful shutdown has started.
- After graceful shutdown channel is closed we stop waiting for retry timer and don't try to restart tunnel loop.
- Use readonly channel for graceful shutdown in functions that only consume the signal
2021-02-08 14:30:32 +00:00
Adam Chalmers 0d22106416 TUN-3848: Use transport logger for h2mux 2021-02-03 17:31:16 -06:00
Igor Postelnik a945518404 TUN-3811: Better error reporting on http2 connection termination. Registration errors from control loop are now propagated out of the connection server code. Unified error handling between h2mux and http2 connections so we log and retry errors the same way, regardless of underlying transport. 2021-01-28 10:38:30 -06:00