mirror of
https://github.com/cloudflare/cloudflared.git
synced 2025-07-27 20:39:57 +00:00
TUN-9291: Remove dynamic reloading of features for datagram v3
During a refresh of the supported features via the DNS TXT record, cloudflared would update the internal feature list, but would not propagate this information to the edge during a new connection. This meant that a situation could occur in which cloudflared would think that the client's connection could support datagram V3, and would setup that muxer locally, but would not propagate that information to the edge during a register connection in the `ClientInfo` of the `ConnectionOptions`. This meant that the edge still thought that the client was setup to support datagram V2 and since the protocols are not backwards compatible, the local muxer for datagram V3 would reject the incoming RPC calls. To address this, the feature list will be fetched only once during client bootstrapping and will persist as-is until the client is restarted. This helps reduce the complexity involved with different connections having possibly different sets of features when connecting to the edge. The features will now be tied to the client and never diverge across connections. Also, retires the use of `support_datagram_v3` in-favor of `support_datagram_v3_1` to reduce the risk of reusing the feature key. The `dv3` TXT feature key is also deprecated. Closes TUN-9291
This commit is contained in:
Devin Carr
@@ -3,9 +3,7 @@ package features
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/rs/zerolog"
|
||||
"github.com/stretchr/testify/require"
|
||||
@@ -14,33 +12,23 @@ import (
|
||||
func TestUnmarshalFeaturesRecord(t *testing.T) {
|
||||
tests := []struct {
|
||||
record []byte
|
||||
expectedPercentage int32
|
||||
expectedPercentage uint32
|
||||
}{
|
||||
{
|
||||
record: []byte(`{"dv3":0}`),
|
||||
expectedPercentage: 0,
|
||||
},
|
||||
{
|
||||
record: []byte(`{"dv3":39}`),
|
||||
expectedPercentage: 39,
|
||||
},
|
||||
{
|
||||
record: []byte(`{"dv3":100}`),
|
||||
expectedPercentage: 100,
|
||||
},
|
||||
{
|
||||
record: []byte(`{}`), // Unmarshal to default struct if key is not present
|
||||
},
|
||||
{
|
||||
record: []byte(`{"kyber":768}`), // Unmarshal to default struct if key is not present
|
||||
},
|
||||
{
|
||||
record: []byte(`{"pq": 101,"dv3":100}`), // Expired keys don't unmarshal to anything
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range tests {
|
||||
var features featuresRecord
|
||||
err := json.Unmarshal(test.record, &features)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, test.expectedPercentage, features.DatagramV3Percentage, test)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -61,7 +49,7 @@ func TestFeaturePrecedenceEvaluationPostQuantum(t *testing.T) {
|
||||
{
|
||||
name: "user_specified",
|
||||
cli: true,
|
||||
expectedFeatures: Dedup(append(defaultFeatures, FeaturePostQuantum)),
|
||||
expectedFeatures: dedupAndRemoveFeatures(append(defaultFeatures, FeaturePostQuantum)),
|
||||
expectedVersion: PostQuantumStrict,
|
||||
},
|
||||
}
|
||||
@@ -69,7 +57,7 @@ func TestFeaturePrecedenceEvaluationPostQuantum(t *testing.T) {
|
||||
for _, test := range tests {
|
||||
t.Run(test.name, func(t *testing.T) {
|
||||
resolver := &staticResolver{record: featuresRecord{}}
|
||||
selector, err := newFeatureSelector(context.Background(), test.name, &logger, resolver, []string{}, test.cli, time.Second)
|
||||
selector, err := newFeatureSelector(context.Background(), test.name, &logger, resolver, []string{}, test.cli)
|
||||
require.NoError(t, err)
|
||||
require.ElementsMatch(t, test.expectedFeatures, selector.ClientFeatures())
|
||||
require.Equal(t, test.expectedVersion, selector.PostQuantumMode())
|
||||
@@ -102,44 +90,17 @@ func TestFeaturePrecedenceEvaluationDatagramVersion(t *testing.T) {
|
||||
},
|
||||
{
|
||||
name: "user_specified_v3",
|
||||
cli: []string{FeatureDatagramV3},
|
||||
cli: []string{FeatureDatagramV3_1},
|
||||
remote: featuresRecord{},
|
||||
expectedFeatures: Dedup(append(defaultFeatures, FeatureDatagramV3)),
|
||||
expectedVersion: FeatureDatagramV3,
|
||||
},
|
||||
{
|
||||
name: "remote_specified_v3",
|
||||
cli: []string{},
|
||||
remote: featuresRecord{
|
||||
DatagramV3Percentage: 100,
|
||||
},
|
||||
expectedFeatures: Dedup(append(defaultFeatures, FeatureDatagramV3)),
|
||||
expectedVersion: FeatureDatagramV3,
|
||||
},
|
||||
{
|
||||
name: "remote_and_user_specified_v3",
|
||||
cli: []string{FeatureDatagramV3},
|
||||
remote: featuresRecord{
|
||||
DatagramV3Percentage: 100,
|
||||
},
|
||||
expectedFeatures: Dedup(append(defaultFeatures, FeatureDatagramV3)),
|
||||
expectedVersion: FeatureDatagramV3,
|
||||
},
|
||||
{
|
||||
name: "remote_v3_and_user_specified_v2",
|
||||
cli: []string{FeatureDatagramV2},
|
||||
remote: featuresRecord{
|
||||
DatagramV3Percentage: 100,
|
||||
},
|
||||
expectedFeatures: defaultFeatures,
|
||||
expectedVersion: DatagramV2,
|
||||
expectedFeatures: dedupAndRemoveFeatures(append(defaultFeatures, FeatureDatagramV3_1)),
|
||||
expectedVersion: FeatureDatagramV3_1,
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range tests {
|
||||
t.Run(test.name, func(t *testing.T) {
|
||||
resolver := &staticResolver{record: test.remote}
|
||||
selector, err := newFeatureSelector(context.Background(), test.name, &logger, resolver, test.cli, false, time.Second)
|
||||
selector, err := newFeatureSelector(context.Background(), test.name, &logger, resolver, test.cli, false)
|
||||
require.NoError(t, err)
|
||||
require.ElementsMatch(t, test.expectedFeatures, selector.ClientFeatures())
|
||||
require.Equal(t, test.expectedVersion, selector.DatagramVersion())
|
||||
@@ -147,75 +108,59 @@ func TestFeaturePrecedenceEvaluationDatagramVersion(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestRefreshFeaturesRecord(t *testing.T) {
|
||||
// The hash of the accountTag is 82
|
||||
accountTag := t.Name()
|
||||
threshold := switchThreshold(accountTag)
|
||||
|
||||
percentages := []int32{0, 10, 81, 82, 83, 100, 101, 1000}
|
||||
refreshFreq := time.Millisecond * 10
|
||||
selector := newTestSelector(t, percentages, false, refreshFreq)
|
||||
|
||||
// Starting out should default to DatagramV2
|
||||
require.Equal(t, DatagramV2, selector.DatagramVersion())
|
||||
|
||||
for _, percentage := range percentages {
|
||||
if percentage > threshold {
|
||||
require.Equal(t, DatagramV3, selector.DatagramVersion())
|
||||
} else {
|
||||
require.Equal(t, DatagramV2, selector.DatagramVersion())
|
||||
}
|
||||
|
||||
time.Sleep(refreshFreq + time.Millisecond)
|
||||
func TestDeprecatedFeaturesRemoved(t *testing.T) {
|
||||
logger := zerolog.Nop()
|
||||
tests := []struct {
|
||||
name string
|
||||
cli []string
|
||||
remote featuresRecord
|
||||
expectedFeatures []string
|
||||
}{
|
||||
{
|
||||
name: "no_removals",
|
||||
cli: []string{},
|
||||
remote: featuresRecord{},
|
||||
expectedFeatures: defaultFeatures,
|
||||
},
|
||||
{
|
||||
name: "support_datagram_v3",
|
||||
cli: []string{DeprecatedFeatureDatagramV3},
|
||||
remote: featuresRecord{},
|
||||
expectedFeatures: defaultFeatures,
|
||||
},
|
||||
}
|
||||
|
||||
// Make sure error doesn't override the last fetched features
|
||||
require.Equal(t, DatagramV3, selector.DatagramVersion())
|
||||
for _, test := range tests {
|
||||
t.Run(test.name, func(t *testing.T) {
|
||||
resolver := &staticResolver{record: test.remote}
|
||||
selector, err := newFeatureSelector(context.Background(), test.name, &logger, resolver, test.cli, false)
|
||||
require.NoError(t, err)
|
||||
require.ElementsMatch(t, test.expectedFeatures, selector.ClientFeatures())
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestStaticFeatures(t *testing.T) {
|
||||
percentages := []int32{0}
|
||||
percentages := []uint32{0}
|
||||
// PostQuantum Enabled from user flag
|
||||
selector := newTestSelector(t, percentages, true, time.Millisecond*10)
|
||||
selector := newTestSelector(t, percentages, true)
|
||||
require.Equal(t, PostQuantumStrict, selector.PostQuantumMode())
|
||||
|
||||
// PostQuantum Disabled (or not set)
|
||||
selector = newTestSelector(t, percentages, false, time.Millisecond*10)
|
||||
selector = newTestSelector(t, percentages, false)
|
||||
require.Equal(t, PostQuantumPrefer, selector.PostQuantumMode())
|
||||
}
|
||||
|
||||
func newTestSelector(t *testing.T, percentages []int32, pq bool, refreshFreq time.Duration) *FeatureSelector {
|
||||
func newTestSelector(t *testing.T, percentages []uint32, pq bool) *FeatureSelector {
|
||||
accountTag := t.Name()
|
||||
logger := zerolog.Nop()
|
||||
|
||||
resolver := &mockResolver{
|
||||
percentages: percentages,
|
||||
}
|
||||
|
||||
selector, err := newFeatureSelector(context.Background(), accountTag, &logger, resolver, []string{}, pq, refreshFreq)
|
||||
selector, err := newFeatureSelector(context.Background(), accountTag, &logger, &staticResolver{}, []string{}, pq)
|
||||
require.NoError(t, err)
|
||||
|
||||
return selector
|
||||
}
|
||||
|
||||
type mockResolver struct {
|
||||
nextIndex int
|
||||
percentages []int32
|
||||
}
|
||||
|
||||
func (mr *mockResolver) lookupRecord(ctx context.Context) ([]byte, error) {
|
||||
if mr.nextIndex >= len(mr.percentages) {
|
||||
return nil, fmt.Errorf("no more record to lookup")
|
||||
}
|
||||
|
||||
record, err := json.Marshal(featuresRecord{
|
||||
DatagramV3Percentage: mr.percentages[mr.nextIndex],
|
||||
})
|
||||
mr.nextIndex++
|
||||
|
||||
return record, err
|
||||
}
|
||||
|
||||
type staticResolver struct {
|
||||
record featuresRecord
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user