Bumps quic-go to v0.59.1 (chungthuang fork rebased from upstream v0.45 onto
v0.59.1). Upstream removed the `logging` package and replaced its
callback-based ConnectionTracer with the structured `qlog`/`qlogwriter` event
API, which required migrating cloudflared's QUIC metrics collection.
Migrations:
- quic/tracing.go: connTracer no longer fills a logging.ConnectionTracer
callback struct. It implements qlogwriter.Trace + qlogwriter.Recorder and
dispatches qlog events (PacketSent, PacketReceived, MetricsUpdated, ...) to
the collector through RecordEvent. NewClientTracer now returns a function
compatible with quic.Config.Tracer.
- quic/metrics.go: collector methods take qlog types (qlog.Frame,
qlog.PacketType, qlog.MetricsUpdated, ...) and plain int64 in place of the
removed logging.ByteCount/Frame/RTTStats/TransportParameters.
- quic/conversion.go: PacketType, PacketDropReason and PacketLossReason are
strings upstream rather than numeric iotas, so the converters become
pass-through allowlists. CongestionState is also a string;
congestionStateToFloat maps it back to the numeric gauge values cloudflared
exports.
- quic.Connection/quic.Stream became *quic.Conn/*quic.Stream; updated
ConnWithCloser, SafeStreamCloser and the connection package accordingly.
Tests and generated mocks (mocks/mock_quic_connection.go) were adapted to
the new pointer-based API.
Closes TUN-10557
The bump of the QUIC library introduces a cyclic dependency between the connection and quic modules hence it is necessary to break this coupling.
Right now, the connection module depends on the quic module for the datagram v2/v3 and to which a QUIC connection (currently an interface) is passed.
As it is there is no issue however, under the hood, interface is a wrapper around an UDP connection and a QUIC connection meaning this type must be exposed to the quic module since the QUIC Connection will no longer be a interface but a struct.
Given the above, these changes introduce an interface, QUICConnection, with the surface used today in cloudflared and a struct, ConnWithCloser, that implements said interface within the quic module.
Closes TUN-10563
This PR implements all the dialers and resolvers needed to make pre-checks happen. So this task focuses on the following:
1. Implement the DNS probe: call DNSResolver.Resolve(region)
2. Implement the QUIC probe: call QUICDialer.DialQuic (handshake only, no stream opened) and record the result.
3. Implement the HTTP/2 probe: call TCPDialer.DialEdge (TCP + TLS handshake only, no frames sent) and record the result.
4. Implement the Management API probe: call ManagementDialer.DialContext to api.cloudflare.com:443 and record the result.
5. Export edgeDiscovery as EdgeDiscovery in edgediscovery/allregions/discovery.go so the pre-check can reuse the production DNS path.
This sets up the main components to implement the checker.
## Summary
Session is the concept used for UDP flows. Therefore, to make
the session limiter ambiguous for both TCP and UDP, this commit
renames it to flow limiter.
Closes TUN-8861
## Summary
In order to make cloudflared behavior more predictable and
prevent an exhaustion of resources, we have decided to add
session limits that can be configured by the user. This first
commit introduces the session limiter and adds it to the UDP
handling path. For now the limiter is set to run only in
unlimited mode.
Miguel da Costa Martins Marcelino
lneto
João "Pisco" Fernandes