TUN-2754: Add ConnDigest to cloudflared and its RPCs

origin/supervisor.go

@@ -39,6 +39,7 @@ const (
 var (
 	errJWTUnset         = errors.New("JWT unset")
 	errEventDigestUnset = errors.New("event digest unset")
+	errConnDigestUnset  = errors.New("conn digest unset")
 )
 
 // Supervisor manages non-declarative tunnels. Establishes TCP connections with the edge, and
@@ -64,6 +65,9 @@ type Supervisor struct {
 	eventDigestLock *sync.RWMutex
 	eventDigest     []byte
 
+	connDigestLock *sync.RWMutex
+	connDigest     []byte
+
 	bufferPool *buffer.Pool
 }
 
@@ -332,6 +336,21 @@ func (s *Supervisor) SetEventDigest(eventDigest []byte) {
 	s.eventDigest = eventDigest
 }
 
+func (s *Supervisor) ConnDigest() ([]byte, error) {
+	s.connDigestLock.RLock()
+	defer s.connDigestLock.RUnlock()
+	if s.connDigest == nil {
+		return nil, errConnDigestUnset
+	}
+	return s.connDigest, nil
+}
+
+func (s *Supervisor) SetConnDigest(connDigest []byte) {
+	s.connDigestLock.Lock()
+	defer s.connDigestLock.Unlock()
+	s.connDigest = connDigest
+}
+
 func (s *Supervisor) refreshAuth(
 	ctx context.Context,
 	backoff *BackoffHandler,

origin/tunnel.go

@@ -93,6 +93,8 @@ type ReconnectTunnelCredentialManager interface {
 	ReconnectToken() ([]byte, error)
 	EventDigest() ([]byte, error)
 	SetEventDigest(eventDigest []byte)
+	ConnDigest() ([]byte, error)
+	SetConnDigest(connDigest []byte)
 }
 
 type dupConnRegisterTunnelError struct{}
@@ -380,6 +382,7 @@ func RegisterTunnel(
 		return processRegisterTunnelError(registrationErr, config.Metrics, register)
 	}
 	credentialManager.SetEventDigest(registration.EventDigest)
+	credentialManager.SetConnDigest(registration.ConnDigest)
 	return processRegistrationSuccess(config, logger, connectionID, registration, register)
 }