Dalton
2f70b05c64
AUTH-2169 make access login page more generic
2020-06-08 11:20:30 -05:00
Dalton
9e76e42e3c
AUTH-2687 don't copy config unnecessarily
2020-06-08 15:24:36 +00:00
Dalton
e376a13025
AUTH-2645 protect against user mistaken flag input
2020-06-05 15:10:09 -05:00
cthuang
fb82b2ced5
TUN-3019: Remove declarative tunnel entry code
2020-05-30 05:54:17 +08:00
Michael Fornaro
be0514c5c9
Adding support for multi-architecture images and binaries ( #184 )
...
* Allow Dockerfile --build-args to override GOOS and GOARCH defaults
Allow Dockerfile --build-args to override GOOS and GOARCH defaults
Support building multi architecture binaries
remove default OS and ARCH to avoid tag confusion when compiling image through Makefile
Tag image with corrosponding OS and ARCH build variables
updating Makefile
Signed-off-by: Michael Fornaro <20387402+xUnholy@users.noreply.github.com>
* remove duplicate import on windows_service.go
Signed-off-by: Michael Fornaro <20387402+xUnholy@users.noreply.github.com>
2020-05-29 02:06:27 +01:00
Dalton
046be63253
AUTH-2596 added new logger package and replaced logrus
2020-05-27 17:07:19 -05:00
Igor Postelnik
a908453aa4
TUN-2928, TUN-2929, TUN-2930: Add tunnel subcommands to interact with tunnel store service
2020-05-21 15:36:49 -05:00
Michael Borkenstein
b89cc22896
AUTH-2369: RDP Bastion prototype
2020-05-19 21:10:50 -05:00
Michael Borkenstein
6a7418e1af
AUTH-2686: Added error handling to tunnel subcommand
2020-05-18 15:36:25 -05:00
Dalton
df3ad2b223
AUTH-2529 added deprecation text to db-connect command
2020-05-14 10:26:09 -05:00
Dalton
8c870c19a6
AUTH-2505 added aliases
2020-05-13 15:15:08 -05:00
Dalton
2b7fbbb7b7
AUTH-2588 add DoH to service mode
2020-05-11 17:09:16 +00:00
Michael Borkenstein
2c878c47ed
AUTH-2564: error handling and minor fixes
2020-05-11 15:42:35 +00:00
Igor Postelnik
8cc69f2a95
TUN-2860: Enable quick reconnect feature by default
2020-05-07 14:41:55 -05:00
cthuang
c3fa4552aa
TUN-2872: Exit with non-0 status code when the binary is updated so launchd will restart the service
2020-05-06 05:53:14 +08:00
Igor Postelnik
dd0881f32b
TUN-2940: Added delay parameter to stdin reconnect command.
2020-05-01 15:58:19 +00:00
Dalton
41c358147c
AUTH-2587 add config watcher and reload logic for access client forwarder
2020-04-29 11:07:35 -05:00
Austin Cherry
f18209af7d
ARES-899: Fixes DoH client as system resolver. Fixes #91
2020-04-14 12:37:59 -05:00
Elvin Tan
6d63f84a75
AUTH-2235 GetTokenIfExists now parses JWT payload for json expiry field to detect if the cached access token is expired
2020-04-14 15:29:30 +00:00
Dalton
a37da2b165
AUTH-2394 added socks5 proxy
2020-04-07 13:30:28 -05:00
Areg Harutyunyan
ae374c0463
TUN-2846: Trigger debug reconnects from stdin commands, not SIGUSR1
2020-03-27 17:04:21 +00:00
Dalton
a368fbbe9b
AUTH-2394 fixed header for websockets. Added TCP alias
2020-03-23 10:27:53 -05:00
Adam Chalmers
6dcf3a4cbc
TUN-2819: cloudflared should close its connections when a signal is sent
2020-03-19 21:02:15 +00:00
Adam Chalmers
1b2a96f96b
TUN-2755: ReconnectTunnel RPC now transmits ConnectionDigest
2020-03-06 14:48:16 -06:00
Adam Chalmers
6b3e2b020b
TUN-2785: Use reconnect token by default
2020-03-05 16:12:49 +00:00
Roman Iuvshyn
29f4650e25
do not terminate tunnel if origin is not reachable on start-up ( #177 )
2020-02-27 23:03:00 +00:00
Adam Chalmers
a83b6a2155
TUN-2725: Specify in code that --edge is for internal testing only
2020-02-19 16:18:48 -06:00
Adam Chalmers
a60c0273f5
TUN-2714: New edge discovery. Connections try to reconnect to the same edge IP.
2020-02-14 19:49:54 +00:00
Adam Chalmers
dfe61fda88
TUN-2645: Revert "TUN-2645: Turn on reconnect tokens"
...
This reverts commit 053b2c17f1
.
2020-01-27 14:59:07 -06:00
Adam Chalmers
053b2c17f1
TUN-2645: Turn on reconnect tokens
2020-01-13 15:23:42 -06:00
Tyler Cook
87102a2646
Fix timer scheduling for systemd update service ( #159 )
2019-12-19 20:53:06 +04:00
Rueian
cc2a1d1204
bug(cloudflared): Set the MaxIdleConnsPerHost of http.Transport to proxy-keepalive-connections ( #155 )
...
Setting the MaxIdleConns is not enough, the MaxIdleConnsPerHost must be set as well.
Otherwise, http.Transport will use the DefaultMaxIdleConnsPerHost, which is 2,
and then the connection pool will have only 2 connection hold.
2019-12-17 05:02:28 +04:00
Nick Vollmar
5e7ca14412
TUN-2555: origin/supervisor.go calls Authenticate
2019-12-06 11:26:54 -06:00
Ashcon Partovi
43babbc2f9
Fix "happy eyeballs" not being disabled since Golang 1.12 upgrade
...
* The Dialer.DualStack setting is now ignored and deprecated; RFC 6555 Fast Fallback ("Happy Eyeballs") is now enabled by default. To disable, set Dialer.FallbackDelay to a negative value.
2019-11-25 17:54:20 +00:00
Ashcon Partovi
759cd019be
Add db-connect, a SQL over HTTPS server
2019-11-12 20:34:39 +00:00
Michael Borkenstein
ad9559c66a
AUTH-2173: Prepends access login url with scheme if one doesnt exist
2019-10-23 20:35:12 +00:00
Michael Borkenstein
28cc1c65af
AUTH-2167: Adds CLI option for host key directory
2019-10-17 16:31:43 -05:00
Michael Borkenstein
8b6e3bc1d1
AUTH-2159: Moves shutdownC close into error handling
...
AUTH-2161: Lowers size of preamble length
AUTH-2160: Fixes url parsing logic
2019-10-16 11:41:51 -05:00
Michael Borkenstein
95704b11fb
AUTH-2114: Uses short lived cert auth for outgoing client connection
2019-10-15 14:35:15 -05:00
Michael Borkenstein
a4b3ee5959
AUTH-2105: Dont require --destination arg
2019-10-11 12:26:23 -05:00
Michael Borkenstein
91d9dca34e
AUTH-2105: Adds support for local forwarding. Refactor auditlogger creation.
...
AUTH-2088: Adds dynamic destination routing
2019-10-10 15:25:03 -05:00
Michael Borkenstein
dbde3870da
AUTH-2089: Revise ssh server to function as a proxy
2019-10-07 13:04:04 -05:00
Michael Borkenstein
133e6fdc88
AUTH-2077: Quotes open browser command in windows
2019-09-24 18:27:37 +00:00
Michael Borkenstein
1d5cc45ac7
AUTH-2055: Verifies token at edge on access login
2019-09-24 18:22:33 +00:00
Michael Borkenstein
979e5be8ab
AUTH-2067: Log commands correctly
2019-09-23 20:42:41 +00:00
Adam Chalmers
4f23da2a6d
TUN-2315: Replace Scope with IntentLabel
2019-09-18 15:11:46 -05:00
Michael Borkenstein
ff795a7beb
AUTH-2056: Writes stderr to its own stream for non-pty connections
2019-09-16 14:43:05 -05:00
Michael Borkenstein
c2a71c5a51
AUTH-2037: Adds support for ssh port forwarding
2019-09-11 10:41:09 -05:00
Michael Borkenstein
d3b254f9ae
AUTH-2036: Refactor user retrieval, shutdown after ssh server stops, add custom version string
2019-09-09 17:31:23 +00:00
Dalton
ee588eeeaa
AUTH-1943 hooked up uploader to logger, added timestamp to session logs, add tests
2019-09-06 15:57:32 -05:00
Adam Chalmers
dd521aba29
TUN-2280: Revert "TUN-2260: add name/group to CapnpConnectParameters, remove Scope"
...
This reverts commit 817c3be9da5465043c2a2fda6c48f7ada760682e.
2019-09-06 15:59:32 +00:00
Adam Chalmers
a06390a078
TUN-2201: change SRV records used by cloudflared
...
This changes cloudflarewarp.com to argotunnel.com and _warp to
_origintunneld. We've changed which zone we host the SRV records
for Argo Tunnel on.
2019-09-06 15:01:58 +00:00
Nick Vollmar
dc730615f2
TUN-2260: add name/group to CapnpConnectParameters, remove Scope
2019-09-05 15:36:16 +00:00
Austin Cherry
5e85a8bd16
AUTH-1943: Adds session logging
2019-09-03 13:54:29 -05:00
Michael Borkenstein
7abbe91d41
AUTH-2030: Support both authorized_key and short lived cert authentication simultaniously without specifiying at start time
2019-08-30 19:23:10 +00:00
Areg Harutyunyan
ff97fb6dc8
Merge branch 'master' of github.com:cloudflare/cloudflared
2019-08-30 13:45:40 -05:00
David Barr
dc48cdce1a
Fix #111 : Add support for specifying a specific HTTP Host: header on the origin. ( #114 )
2019-08-29 22:55:54 -05:00
Dalton
f130e6d4d7
AUTH-2021 - s3 bucket uploading for SSH logs
2019-08-29 16:54:54 -05:00
Michael Borkenstein
858ef29868
AUTH-2022: Adds ssh timeout configuration
2019-08-28 15:22:35 -05:00
Michael Borkenstein
baec3e289e
AUTH-2018: Adds support for authorized keys and short lived certs
2019-08-28 09:58:42 -05:00
Adam Chalmers
df25ed9bde
TUN-2244: Add NO_AUTOUPDATE env var
2019-08-27 15:53:28 -05:00
Adam Chalmers
4e1df1a211
TUN-2243: Revert "STOR-519: Add db-connect, a SQL over HTTPS server"
...
This reverts commit 5da2109811
.
2019-08-26 16:50:12 -05:00
Austin Cherry
30c9e2af9b
AUTH-1941: Adds initial SSH server implementation
2019-08-21 15:49:03 -05:00
Michael Borkenstein
47254113ee
Revert "AUTH-1941: Adds initial SSH server implementation"
...
This reverts commit e9c9bf3cbd
.
2019-08-20 17:20:48 -05:00
Austin Cherry
e9c9bf3cbd
AUTH-1941: Adds initial SSH server implementation
2019-08-20 16:18:37 -05:00
Ashcon Partovi
5da2109811
STOR-519: Add db-connect, a SQL over HTTPS server
2019-08-20 13:13:29 -05:00
Michael Borkenstein
8d1ea7202a
Merge branch 'mike/AUTH-1972-delete-token-lockfile' of ssh://bitbucket.cfdata.org:7999/tun/cloudflared
2019-08-06 08:12:02 -05:00
Michael Borkenstein
9adbab96af
AUTH-1972: Deletes token lock file if backoff retry attempts exceeded and intercepts signals until lock is released
2019-08-06 08:07:48 -05:00
Chung-Ting Huang
bdd70e798a
TUN-2110: Implement custom deserialization logic for OriginConfig
2019-08-05 19:28:51 -05:00
Nick Vollmar
74f3a55c57
TUN-2117: read group/system-name from CLI, send it to edge
2019-08-01 22:04:05 +00:00
Austin Cherry
8f25704a90
AUTH-1736: Better handling of token revocation
...
We removed all token validation from cloudflared and now rely on
the edge to do the validation. This is better because the edge is
the only thing that fully knows about token revocation. So if a user
logs out or the application revokes all it's tokens cloudflared will
now handle that process instead of barfing on it.
When we go to fetch a token we will check for the existence of a
lock file. If the lock file exists, we stop and poll every half
second to see if the lock is still there. Once the lock file is
removed, it will restart the function to (hopefully) go pick up
the valid token that was just created.
2019-07-10 21:35:46 +00:00
Chung-Ting Huang
4858ce79d0
TUN-1977: Validate OriginConfig has valid URL, and use scheme to determine if a HTTPOriginService is expecting HTTP or Unix
2019-07-01 15:31:58 -05:00
Chung-Ting Huang
0a742feb98
TUN-1885: Reconfigure cloudflared on receiving new ClientConfig
2019-06-20 19:07:59 -05:00
Chung-Ting Huang
80a15547e3
TUN-1961: Create EdgeConnectionManager to maintain outbound connections to the edge
2019-06-18 16:37:38 -05:00
Chung-Ting Huang
d32fb8e82c
TUN-1913: Define OriginService for each type of origin
2019-06-04 17:02:34 -05:00
Austin Cherry
1ca841d220
AUTH-1811: ssh-gen config fixes
2019-06-04 16:25:34 +00:00
Austin Cherry
713a2d689e
AUTH-1802: Fixed ssh-config templating
2019-05-30 15:25:08 +00:00
Christoph Blecker
a1403fe968
Handle exit code on err
...
fixes #96 .
This change checks the err returned from the StartServer function, and
if it exists, passes a non-zero error code through to the urfave/cli
framework. This should allow processes like launchd to detect if
cloudflared exited gracefully or with an error.
2019-05-29 12:59:19 -05:00
Austin Cherry
25cfffd0d1
AUTH-1781: fixed race condition for short lived certs, doc required config
2019-05-23 10:17:43 -05:00
Chung-Ting Huang
4662e40068
TUN-1880: Save debug and warn level log to logfile
2019-05-22 11:05:24 -05:00
Austin Cherry
fa17b0200f
AUTH-1557: Short Lived Certs
2019-05-07 11:21:11 -05:00
Nick Vollmar
945320880a
TUN-1786: Remove low-level Windows service logging
2019-04-30 11:00:35 -05:00
Nick Vollmar
28f890a701
TUN-1669: Update license message in help text. Also fix test
2019-04-18 10:42:48 -05:00
Chung-Ting Huang
102b364cc9
TUN-1619: Add flag to test declarative tunnels.
2019-04-05 10:35:23 -05:00
Adam Chalmers
6804a5ff9d
TUN-1648: ConnectionID is now a UUID
2019-03-28 15:03:30 -05:00
Adam Chalmers
8560436487
TUN-1637: Free tunnels shouldn't require cert.pem
2019-03-22 14:43:30 -05:00
Areg Harutyunyan
b02718f86b
TUN-1389: Non-scalar flags in a cloudflared config.yml don't get logged
2019-03-08 02:43:07 -06:00
Areg Harutyunyan
5a0b7ecb62
Merge branch 'master' of github.com:cloudflare/cloudflared
2019-03-06 18:34:42 -06:00
Kristian Mide
07a409ffef
Support unix sockets.
2019-03-06 18:33:23 -06:00
Austin Cherry
58e5e9c9a4
AUTH-1531: Named flags for ssh service tokens
2019-03-06 13:09:13 -06:00
Adam Chalmers
073c5bfdaa
TUN-1562: Refactor connectedSignal to be safe to close multiple times
2019-03-05 15:51:35 -06:00
Nick Vollmar
fea3569956
TUN-1451: Make non-interactive, non-service execution possible on Windows
2019-03-04 19:49:57 -06:00
Adam Chalmers
abdbc76a46
TUN-1559: fix nil dereference in TunnelConfig.CloseConnOnce
2019-02-28 16:56:47 -06:00
Adam Chalmers
7475e3e487
TUN-1510: Wrap the close() in sync.Once.Do
2019-02-26 10:32:07 -06:00
Areg Harutyunyan
e3aed15c08
TUN-1381: should tell you if you're on the latest version rather than just exiting silently
2019-02-14 17:11:52 -06:00
Austin Cherry
27c6977746
AUTH-1403: Print the paths in the ssh-config instructions
2019-02-11 10:56:06 -06:00
Austin Cherry
200f9a3786
AUTH-1503: Added RDP support
2019-02-08 14:28:47 -06:00
Austin Cherry
92defa26d4
AUTH-1511: Add custom headers for ssh command
2019-02-07 16:38:52 -06:00
Areg Harutyunyan
c9f1c1ec70
Merge branch 'master' of github.com:cloudflare/cloudflared
2019-02-01 14:57:53 -06:00
Philippe Grégoire
10e4a2940c
cloudflared/linux_service: Add missing /etc/init.d shebang
...
When using sysv init scripts, `cloudflared` fails to start due to the
missing shebang interpreter line.
This patch adds the missing shebang.
2019-02-01 14:55:30 -06:00