TUN-7543: Add --debug-stream flag to cloudflared access ssh

Allows for debugging the payloads that are sent in client mode to
the ssh server. Required to be run with --log-directory to capture
logging output. Additionally has maximum limit that is provided with
the flag that will only capture the first N number of reads plus
writes through the WebSocket stream. These reads/writes are not directly
captured at the packet boundary so some reconstruction from the
log messages will be required.

Added User-Agent for all out-going cloudflared access
tcp requests in client mode.
Added check to not run terminal logging in cloudflared access tcp
client mode to not obstruct the stdin and stdout.

stream/debug.go

@@ -0,0 +1,64 @@
+package stream
+
+import (
+	"io"
+	"sync/atomic"
+
+	"github.com/rs/zerolog"
+)
+
+// DebugStream will tee each read and write to the output logger as a debug message
+type DebugStream struct {
+	reader io.Reader
+	writer io.Writer
+	log    *zerolog.Logger
+	max    uint64
+	count  atomic.Uint64
+}
+
+func NewDebugStream(stream io.ReadWriter, logger *zerolog.Logger, max uint64) *DebugStream {
+	return &DebugStream{
+		reader: stream,
+		writer: stream,
+		log:    logger,
+		max:    max,
+	}
+}
+
+func (d *DebugStream) Read(p []byte) (n int, err error) {
+	n, err = d.reader.Read(p)
+	if n > 0 && d.max > d.count.Load() {
+		d.count.Add(1)
+		if err != nil {
+			d.log.Err(err).
+				Str("dir", "r").
+				Int("count", n).
+				Msgf("%+q", p[:n])
+		} else {
+			d.log.Debug().
+				Str("dir", "r").
+				Int("count", n).
+				Msgf("%+q", p[:n])
+		}
+	}
+	return
+}
+
+func (d *DebugStream) Write(p []byte) (n int, err error) {
+	n, err = d.writer.Write(p)
+	if n > 0 && d.max > d.count.Load() {
+		d.count.Add(1)
+		if err != nil {
+			d.log.Err(err).
+				Str("dir", "w").
+				Int("count", n).
+				Msgf("%+q", p[:n])
+		} else {
+			d.log.Debug().
+				Str("dir", "w").
+				Int("count", n).
+				Msgf("%+q", p[:n])
+		}
+	}
+	return
+}