TUN-6938: Force h2mux protocol to http2 for named tunnels

Going forward, the only protocols supported will be QUIC and HTTP2, defaulting to QUIC for "auto". Selecting h2mux protocol will be forcibly upgraded to http2 internally.
2025-07-28 08:19:58 +00:00 · 2023-02-06 11:06:02 -08:00
parent ae46af9236
commit 0f95f8bae5
9 changed files with 139 additions and 419 deletions
--- a/cmd/cloudflared/tunnel/configuration.go
+++ b/cmd/cloudflared/tunnel/configuration.go
@@ -21,11 +21,10 @@ import (
 	"golang.org/x/crypto/ssh/terminal"

 	"github.com/cloudflare/cloudflared/cmd/cloudflared/cliutil"
-	"github.com/cloudflare/cloudflared/edgediscovery/allregions"
-
 	"github.com/cloudflare/cloudflared/config"
 	"github.com/cloudflare/cloudflared/connection"
 	"github.com/cloudflare/cloudflared/edgediscovery"
+	"github.com/cloudflare/cloudflared/edgediscovery/allregions"
 	"github.com/cloudflare/cloudflared/h2mux"
 	"github.com/cloudflare/cloudflared/ingress"
 	"github.com/cloudflare/cloudflared/orchestration"
@@ -218,34 +217,13 @@ func prepareTunnelConfig(
 		transportProtocol = connection.QUIC.String()
 	}

-	protocolFetcher := edgediscovery.ProtocolPercentage
-
-	features := append(c.StringSlice("features"), defaultFeatures...)
+	features := dedup(append(c.StringSlice("features"), defaultFeatures...))
 	if needPQ {
 		features = append(features, supervisor.FeaturePostQuantum)
 	}
-	if c.IsSet(TunnelTokenFlag) {
-		if transportProtocol == connection.AutoSelectFlag {
-			protocolFetcher = func() (edgediscovery.ProtocolPercents, error) {
-				// If the Tunnel is remotely managed and no protocol is set, we prefer QUIC, but still allow fall-back.
-				preferQuic := []edgediscovery.ProtocolPercent{
-					{
-						Protocol:   connection.QUIC.String(),
-						Percentage: 100,
-					},
-					{
-						Protocol:   connection.HTTP2.String(),
-						Percentage: 100,
-					},
-				}
-				return preferQuic, nil
-			}
-		}
-		log.Info().Msg("Will be fetching remotely managed configuration from Cloudflare API. Defaulting to protocol: quic")
-	}
 	namedTunnel.Client = tunnelpogs.ClientInfo{
 		ClientID: clientID[:],
-		Features: dedup(features),
+		Features: features,
 		Version:  info.Version(),
 		Arch:     info.OSArch(),
 	}
@@ -268,7 +246,7 @@ func prepareTunnelConfig(
 		}
 	}

-	protocolSelector, err := connection.NewProtocolSelector(transportProtocol, cfg.WarpRouting.Enabled, namedTunnel, protocolFetcher, supervisor.ResolveTTL, log, c.Bool("post-quantum"))
+	protocolSelector, err := connection.NewProtocolSelector(transportProtocol, namedTunnel.Credentials.AccountTag, c.IsSet(TunnelTokenFlag), c.Bool("post-quantum"), edgediscovery.ProtocolPercentage, connection.ResolveTTL, log)
 	if err != nil {
 		return nil, nil, err
 	}