b2654318b1
TUN-7586: Upgrade go-jose/go-jose/v3 and core-os/go-oidc/v3
...
Removes usages of gopkg.in/square/go-jose.v2 and gopkg.in/coreos/go-oidc.v2 packages.
2023-10-22 15:09:33 +02:00
a1419a73a5
TUN-7551: Complete removal of raven-go to sentry-go
...
Removes the final usage of raven-go and removes the dependency.
2023-10-22 15:09:33 +02:00
cb97257815
TUN-7424: Add CORS headers to host_details responses
2023-05-16 22:18:57 -07:00
9426b60308
TUN-7227: Migrate to devincarr/quic-go
...
The lucas-clemente/quic-go package moved namespaces and our branch
went stale, this new fork provides support for the new quic-go repo
and applies the max datagram frame size change.
Until the max datagram frame size support gets upstreamed into quic-go,
this can be used to unblock go 1.20 support as the old
lucas-clemente/quic-go will not get go 1.20 support.
2023-05-10 19:44:15 +00:00
38cd455e4d
TUN-7373: Streaming logs override for same actor
...
To help accommodate web browser interactions with websockets, when a
streaming logs session is requested for the same actor while already
serving a session for that user in a separate request, the original
request will be closed and the new request start streaming logs
instead. This should help with rogue sessions holding on for too long
with no client on the other side (before idle timeout or connection
close).
2023-04-21 11:54:37 -07:00
69eb9698b5
TUN-7356: Bump golang.org/x/net package to 0.7.0
2023-04-07 09:41:23 -07:00
93acdaface
TUN-7125: Add management streaming logs WebSocket protocol
2023-04-05 16:25:16 +00:00
be64362fdb
TUN-7124: Add intercept ingress rule for management requests
2023-03-21 11:42:25 -07:00
354281fc6a
RTG-2476 Add qtls override for Go 1.20
2023-03-02 08:34:51 +00:00
207f4e2c8d
TUN-7066: Bump coredns to v1.10.0
...
closes #857
2023-01-26 09:30:08 -08:00
794e8e622f
TUN-6724: Migrate to sentry-go from raven-go
2023-01-11 15:48:03 +00:00
de4fd472f3
RTG-2418 Update qtls
2023-01-04 14:52:00 +01:00
887e486a63
TUN-7057: Remove dependency github.com/gorilla/mux
2022-12-24 21:05:51 -07:00
1fe4878264
TUN-6937: Bump golang.org/x/* packages to new release tags
2022-11-14 17:25:11 +00:00
d0c10b34dd
RTG-2276 Update qtls and go mod tidy
2022-10-11 02:08:19 +00:00
de07da02cd
TUN-6772: Add a JWT Validator as an ingress verifier
...
This adds a new verifier interface that can be attached to ingress.Rule.
This would act as a middleware layer that gets executed at the start of
proxy.ProxyHTTP.
A jwt validator implementation for this verifier is also provided. The
validator downloads the public key from the access teams endpoint and
uses it to verify the JWT sent to cloudflared with the audtag (clientID)
information provided in the config.
2022-09-22 08:42:25 +00:00
013bdbd10c
TUN-6718: Bump go and go-boring 1.18.6
2022-09-19 15:18:59 +00:00
11cbff4ff7
RTG-1339 Support post-quantum hybrid key exchange
...
Func spec: https://wiki.cfops.it/x/ZcBKHw
2022-09-07 19:32:53 +00:00
bad2e8e812
TUN-6666: Define packet package
...
This package defines IP and ICMP packet, decoders, encoder and flow
2022-08-24 11:36:57 +01:00
065d8355c5
TUN-6637: Upgrade quic-go
2022-08-10 14:13:19 +00:00
046a30e3c7
TUN-6637: Upgrade go version and quic-go
2022-08-08 15:49:10 +01:00
d96c39196d
TUN-6601: Update gopkg.in/yaml.v3 references in modules
2022-07-27 10:05:15 +01:00
2a177e0fc4
TUN-6583: Remove legacy --ui flag
2022-07-20 16:17:29 -07:00
475939a77f
TUN-6191: Update quic-go to v0.27.1 and with custom patch to allow keep alive period to be configurable
...
The idle period is set to 5sec.
We now also ping every second since last activity.
This makes the quic.Connection less prone to being closed with
no network activity, since we send multiple pings per idle
period, and thus a single packet loss cannot cause the problem.
2022-06-07 12:25:18 +01:00
5e6f606f4e
TUN-6293: Update yaml v3 to latest hotfix
...
This addresses https://security.snyk.io/vuln/SNYK-GOLANG-GOPKGINYAMLV3-2841557
by updating yaml v3 to latest version.
It also stops using yaml v2 directly (we were using both v2 and v3 mixed).
We still rely on yaml v2 indirectly, via urfave cli, though.
Note that the security vulnerability does not affect v2.
2022-05-30 17:38:55 +00:00
e8fe34773c
TUN-6158: Update golang.org/x/crypto
2022-05-02 09:34:39 +01:00
f3244db861
TUN-6130: Fix vendoring due to case sensitive typo in package
2022-04-21 22:37:16 +01:00
def8f57dbc
TUN-5989: Add in-memory otlp exporter
2022-04-11 19:38:01 +00:00
2f05f969e2
TUN-5995: Force prometheus v1.12.1 usage
2022-04-07 10:51:52 +01:00
b12272529f
TUN-5995: Update prometheus to 1.12.1 to avoid vulnerabilities
2022-04-06 11:13:12 +00:00
9422ea8ed8
CC-796: Remove dependency on unsupported version of go-oidc
2022-03-18 18:16:10 +00:00
05b903a32e
Revert "CC-796: Remove dependency on unsupported version of go-oidc"
...
This reverts commit 0899d6a136
2022-03-18 10:03:58 +00:00
0899d6a136
CC-796: Remove dependency on unsupported version of go-oidc
2022-03-07 21:48:30 +00:00
8a5343d0a5
TUN-5675: Remove github.com/dgrijalva/jwt-go dependency by upgrading coredns version
2022-01-25 15:24:13 +00:00
74556bcd7d
TUN-5547: Bump golang x/net package to fix http2 transport bugs
2022-01-17 11:13:25 +00:00
6fa58aadba
TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms
2022-01-11 14:55:43 +00:00
e71b88fcaa
TUN-5408: Update quic package to v0.24.0
2021-11-10 22:10:38 +00:00
7024d193c9
TUN-5405: Update net package to v0.0.0-20211109214657-ef0fda0de508
...
This version contains fix to https://github.com/golang/go/issues/43989
2021-11-10 17:20:13 +00:00
2ca4633f89
TUN-5286: Upgrade crypto/ssh package to fix CVE-2020-29652
2021-10-22 16:50:35 +00:00
ff7c48568c
TUN-5261: Collect QUIC metrics about RTT, packets and bytes transfered and log events at tracing level
2021-10-21 15:26:57 +01:00
d54c8cc745
TUN-5129: Use go 1.17 and copy .git folder to docker build to compute version
2021-09-21 15:50:35 +00:00
414cb12f02
TUN-4961: Update quic-go to latest
...
- Updates fips-go to be the latest on cfsetup.yaml
- Updates sumtype's x/tools to be latest to avoid Internal: nil pkg
errors with fips.
2021-08-27 12:26:00 +01:00
1082ac1c36
TUN-4922: Downgrade quic-go library to 0.20.0
2021-08-13 15:45:13 +01:00
ed024d0741
TUN-4597: Add a QUIC server skeleton
...
- Added a QUIC server to accept streams
- Unit test for this server also tests ALPN
- Temporary echo capability for HTTP ConnectionType
2021-08-03 10:03:47 +00:00
75c3ca2f4a
TUN-4384: Silence log from automaxprocs
2021-05-13 02:05:19 +01:00
07af2a33b7
TUN-4356: Set AUTOMAXPROCS to the CPU limit when running in a Linux container
2021-05-13 02:05:18 +01:00
9018ee5d5e
TUN-4116: Ingore credentials-file setting in configuration file during tunnel create and delete opeations.
...
This change has two parts:
1. Update to newer version of the urfave/cli fork that correctly sets flag value along the context hierarchy while respecting config file overide behavior of the most specific instance of the flag.
2. Redefine --credentials-file flag so that create and delete subcommand don't use value from the config file.
2021-03-24 08:15:36 -05:00
6db934853d
TUN-3963: Repoint urfave/cli/v2 library at patched branch at github.com/ipostelnik/cli/v2@fixed which correctly handles reading flags declared at multiple levels of subcommands.
2021-02-24 20:04:59 +00:00
b4700a52e3
TUN-3725: Warp-routing is independent of ingress
...
- Changed warp-routing configuration to its own yaml.
- Ingress Rules host matching is indepedent of warp-routing.
2021-02-23 14:19:47 +00:00
9d5bd256be
TUN-3964: Revert "TUN-3922: Repoint urfave/cli/v2 library at patched branch at github.com/ipostelnik/cli/v2@fixed which correctly handles reading flags declared at multiple levels of subcommands."
...
This reverts commit 1670ee87fb
2021-02-23 12:32:07 +00:00
Devin Carr
Bas Westerbaan
Sudarsan Reddy
cthuang
Nuno Diegues
João Oliveirinha
emmanuel
Adam Chalmers
Igor Postelnik