-
Notifications
You must be signed in to change notification settings - Fork 845
/
RELEASE_NOTES
1833 lines (1611 loc) · 101 KB
/
RELEASE_NOTES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
2024.12.2
- 2024-12-19 TUN-8822: Prevent concurrent usage of ICMPDecoder
- 2024-12-18 TUN-8818: update changes document to reflect newly added diag subcommand
- 2024-12-17 TUN-8817: Increase close session channel by one since there are two writers
- 2024-12-13 TUN-8797: update CHANGES.md with note about semi-deterministic approach used to bind metrics server
- 2024-12-13 TUN-8724: Add CLI command for diagnostic procedure
- 2024-12-11 TUN-8786: calculate cli flags once for the diagnostic procedure
- 2024-12-11 TUN-8792: Make diag/system endpoint always return a JSON
- 2024-12-10 TUN-8783: fix log collectors for the diagnostic procedure
- 2024-12-10 TUN-8785: include the icmp sources in the diag's tunnel state
- 2024-12-10 TUN-8784: Set JSON encoder options to print formatted JSON when writing diag files
2024.12.1
- 2024-12-10 TUN-8795: update createrepo to createrepo_c to fix the release_pkgs.py script
2024.12.0
- 2024-12-09 TUN-8640: Add ICMP support for datagram V3
- 2024-12-09 TUN-8789: make python package installation consistent
- 2024-12-06 TUN-8781: Add Trixie, drop Buster. Default to Bookworm
- 2024-12-05 TUN-8775: Make sure the session Close can only be called once
- 2024-12-04 TUN-8725: implement diagnostic procedure
- 2024-12-04 TUN-8767: include raw output from network collector in diagnostic zipfile
- 2024-12-04 TUN-8770: add cli configuration and tunnel configuration to diagnostic zipfile
- 2024-12-04 TUN-8768: add job report to diagnostic zipfile
- 2024-12-03 TUN-8726: implement compression routine to be used in diagnostic procedure
- 2024-12-03 TUN-8732: implement port selection algorithm
- 2024-12-03 TUN-8762: fix argument order when invoking tracert and modify network info output parsing.
- 2024-12-03 TUN-8769: fix k8s log collector arguments
- 2024-12-03 TUN-8727: extend client to include function to get cli configuration and tunnel configuration
- 2024-11-29 TUN-8729: implement network collection for diagnostic procedure
- 2024-11-29 TUN-8727: implement metrics, runtime, system, and tunnelstate in diagnostic http client
- 2024-11-27 TUN-8733: add log collection for docker
- 2024-11-27 TUN-8734: add log collection for kubernetes
- 2024-11-27 TUN-8640: Refactor ICMPRouter to support new ICMPResponders
- 2024-11-26 TUN-8735: add managed/local log collection
- 2024-11-25 TUN-8728: implement diag/tunnel endpoint
- 2024-11-25 TUN-8730: implement diag/configuration
- 2024-11-22 TUN-8737: update metrics server port selection
- 2024-11-22 TUN-8731: Implement diag/system endpoint
- 2024-11-21 TUN-8748: Migrated datagram V3 flows to use migrated context
2024.11.1
- 2024-11-18 Add cloudflared tunnel ready command
- 2024-11-14 Make metrics a requirement for tunnel ready command
- 2024-11-12 TUN-8701: Simplify flow registration logs for datagram v3
- 2024-11-11 add: new go-fuzz targets
- 2024-11-07 TUN-8701: Add metrics and adjust logs for datagram v3
- 2024-11-06 TUN-8709: Add session migration for datagram v3
- 2024-11-04 Fixed 404 in README.md to TryCloudflare
- 2024-09-24 Update semgrep.yml
2024.11.0
- 2024-11-05 VULN-66059: remove ssh server tests
- 2024-11-04 TUN-8700: Add datagram v3 muxer
- 2024-11-04 TUN-8646: Allow experimental feature support for datagram v3
- 2024-11-04 TUN-8641: Expose methods to simplify V3 Datagram parsing on the edge
- 2024-10-31 TUN-8708: Bump python min version to 3.10
- 2024-10-31 TUN-8667: Add datagram v3 session manager
- 2024-10-25 TUN-8692: remove dashes from session id
- 2024-10-24 TUN-8694: Rework release script
- 2024-10-24 TUN-8661: Refactor connection methods to support future different datagram muxing methods
- 2024-07-22 TUN-8553: Bump go to 1.22.5 and go-boring 1.22.5-1
2024.10.1
- 2024-10-23 TUN-8694: Fix github release script
- 2024-10-21 Revert "TUN-8592: Use metadata from the edge to determine if request body is empty for QUIC transport"
- 2024-10-18 TUN-8688: Correct UDP bind for IPv6 edge connectivity on macOS
- 2024-10-17 TUN-8685: Bump coredns dependency
- 2024-10-16 TUN-8638: Add datagram v3 serializers and deserializers
- 2024-10-15 chore: Remove h2mux code
- 2024-10-11 TUN-8631: Abort release on version mismatch
2024.10.0
- 2024-10-01 TUN-8646: Add datagram v3 support feature flag
- 2024-09-30 TUN-8621: Fix cloudflared version in change notes to account for release date
- 2024-09-19 Adding semgrep yaml file
- 2024-09-12 TUN-8632: Delay checking auto-update by the provided frequency
- 2024-09-11 TUN-8630: Check checksum of downloaded binary to compare to current for auto-updating
- 2024-09-09 TUN-8629: Cloudflared update on Windows requires running it twice to update
- 2024-09-06 PPIP-2310: Update quick tunnel disclaimer
- 2024-08-30 TUN-8621: Prevent QUIC connection from closing before grace period after unregistering
- 2024-08-09 TUN-8592: Use metadata from the edge to determine if request body is empty for QUIC transport
- 2024-06-26 TUN-8484: Print response when QuickTunnel can't be unmarshalled
2024.9.1
- 2024-09-10 Revert Release 2024.9.0
2024.9.0
- 2024-09-10 TUN-8621: Fix cloudflared version in change notes.
- 2024-09-06 PPIP-2310: Update quick tunnel disclaimer
- 2024-08-30 TUN-8621: Prevent QUIC connection from closing before grace period after unregistering
- 2024-08-09 TUN-8592: Use metadata from the edge to determine if request body is empty for QUIC transport
- 2024-06-26 TUN-8484: Print response when QuickTunnel can't be unmarshalled
2024.8.3
- 2024-08-15 TUN-8591 login command without extra text
- 2024-03-25 remove code that will not be executed
- 2024-03-25 remove code that will not be executed
2024.8.2
- 2024-08-05 TUN-8583: change final directory of artifacts
- 2024-08-05 TUN-8585: Avoid creating GH client when dry-run is true
2024.7.3
- 2024-07-31 TUN-8546: Fix final artifacts paths
2024.7.2
- 2024-07-17 TUN-8546: rework MacOS build script
2024.7.1
- 2024-07-16 TUN-8543: use -p flag to create intermediate directories
2024.7.0
- 2024-07-05 TUN-8520: add macos arm64 build
- 2024-07-05 TUN-8523: refactor makefile and cfsetup
- 2024-07-02 TUN-8504: Use pre-installed python version instead of downloading it on Windows builds
- 2024-06-26 TUN-8489: Add default noop logger for capnprpc
- 2024-06-25 TUN-8487: Add user-agent for quick-tunnel requests
- 2023-12-12 TUN-8057: cloudflared uses new PQ curve ID
2024.6.1
- 2024-06-12 TUN-8461: Don't log Failed to send session payload if the error is EOF
- 2024-06-07 TUN-8456: Update quic-go to 0.45 and collect mtu and congestion control metrics
- 2024-06-06 TUN-8452: Add flag to control QUIC stream-level flow control limit
- 2024-06-06 TUN-8451: Log QUIC flow control frames and transport parameters received
- 2024-06-05 TUN-8449: Add flag to control QUIC connection-level flow control limit and increase default to 30MB
2024.6.0
- 2024-05-30 TUN-8441: Correct UDP total sessions metric to a counter and add new ICMP metrics
- 2024-05-28 TUN-8422: Add metrics for capnp method calls
- 2024-05-24 TUN-8424: Refactor capnp registration server
- 2024-05-23 TUN-8427: Fix BackoffHandler's internally shared clock structure
- 2024-05-21 TUN-8425: Remove ICMP binding for quick tunnels
- 2024-05-20 TUN-8423: Deprecate older legacy tunnel capnp interfaces
- 2024-05-15 TUN-8419: Add capnp safe transport
- 2024-05-13 TUN-8415: Refactor capnp rpc into a single module
2024.5.0
- 2024-05-07 TUN-8407: Upgrade go to version 1.22.2
2024.4.1
- 2024-04-22 TUN-8380: Add sleep before requesting quick tunnel as temporary fix for component tests
- 2024-04-19 TUN-8374: Close UDP socket if registration fails
- 2024-04-18 TUN-8371: Bump quic-go to v0.42.0
- 2024-04-03 TUN-8333: Bump go-jose dependency to v4
- 2024-04-02 TUN-8331: Add unit testing for AccessJWTValidator middleware
2024.4.0
- 2024-04-02 feat: provide short version (#1206)
- 2024-04-02 Format code
- 2024-01-18 feat: auto tls sni
- 2023-12-24 fix checkInPingGroup bugs
- 2023-12-15 Add environment variables for TCP tunnel hostname / destination / URL.
2024.3.0
- 2024-03-14 TUN-8281: Run cloudflared query list tunnels/routes endpoint in a paginated way
- 2024-03-13 TUN-8297: Improve write timeout logging on safe_stream.go
- 2024-03-07 TUN-8290: Remove `|| true` from postrm.sh
- 2024-03-05 TUN-8275: Skip write timeout log on "no network activity"
- 2024-01-23 Update postrm.sh to fix incomplete uninstall
- 2024-01-05 fix typo in errcheck for response parsing logic in CreateTunnel routine
- 2023-12-23 Update linux_service.go
- 2023-12-07 ci: bump actions/checkout to v4
- 2023-12-07 ci/check: bump actions/setup-go to v5
- 2023-04-28 check.yaml: bump actions/setup-go to v4
2024.2.1
- 2024-02-20 TUN-8242: Update Changes.md file with new remote diagnostics behaviour
- 2024-02-19 TUN-8238: Fix type mismatch introduced by fast-forward
- 2024-02-16 TUN-8243: Collect metrics on the number of QUIC frames sent/received
- 2024-02-15 TUN-8238: Refactor proxy logging
- 2024-02-14 TUN-8242: Enable remote diagnostics by default
- 2024-02-12 TUN-8236: Add write timeout to quic and tcp connections
- 2024-02-09 TUN-8224: Fix safety of TCP stream logging, separate connect and ack log messages
2024.2.0
- 2024-02-07 TUN-8224: Count and collect metrics on stream connect successes/errors
2024.1.5
- 2024-01-22 TUN-8176: Support ARM platforms that don't have an FPU or have it enabled in kernel
- 2024-01-15 TUN-8158: Bring back commit e6537418859afcac29e56a39daa08bcabc09e048 and fixes infinite loop on linux when the socket is closed
2024.1.4
- 2024-01-19 Revert "TUN-8158: Add logging to confirm when ICMP reply is returned to the edge"
2024.1.3
- 2024-01-15 TUN-8161: Fix broken ARM build for armv6
- 2024-01-15 TUN-8158: Add logging to confirm when ICMP reply is returned to the edge
2024.1.2
- 2024-01-11 TUN-8147: Disable ECN usage due to bugs in detecting if supported
- 2024-01-11 TUN-8146: Fix export path for install-go command
- 2024-01-11 TUN-8146: Fix Makefile targets should not be run in parallel and install-go script was missing shebang
- 2024-01-10 TUN-8140: Remove homebrew scripts
2024.1.1
- 2024-01-10 TUN-8134: Revert installed prefix to /usr
- 2024-01-09 TUN-8130: Fix path to install go for mac build
- 2024-01-09 TUN-8129: Use the same build command between branch and release builds
- 2024-01-09 TUN-8130: Install go tool chain in /tmp on build agents
- 2024-01-09 TUN-8134: Install cloudflare go as part of make install
- 2024-01-08 TUN-8118: Disable FIPS module to build with go-boring without CGO_ENABLED
2024.1.0
- 2024-01-01 TUN-7934: Update quic-go to a version that queues datagrams for better throughput and drops large datagram
- 2023-12-20 TUN-8072: Need to set GOCACHE in mac go installation script
- 2023-12-17 TUN-8072: Add script to download cloudflare go for Mac build agents
- 2023-12-15 Fix nil pointer dereference segfault when passing "null" config json to cloudflared tunnel ingress validate (#1070)
- 2023-12-15 configuration.go: fix developerPortal link (#960)
- 2023-12-14 tunnelrpc/pogs: fix dropped test errors (#1106)
- 2023-12-14 cmd/cloudflared/updater: fix dropped error (#1055)
- 2023-12-14 use os.Executable to discover the path to cloudflared (#1040)
- 2023-12-14 Remove extraneous `period` from Path Environment Variable (#1009)
- 2023-12-14 Use CLI context when running tunnel (#597)
- 2023-12-14 TUN-8066: Define scripts to build on Windows agents
- 2023-12-11 TUN-8052: Update go to 1.21.5
- 2023-12-07 TUN-7970: Default to enable post quantum encryption for quic transport
- 2023-12-04 TUN-8006: Update quic-go to latest upstream
- 2023-11-15 VULN-44842 Add a flag that allows users to not send the Access JWT to stdout
- 2023-11-13 TUN-7965: Remove legacy incident status page check
- 2023-11-13 AUTH-5682 Org token flow in Access logins should pass CF_AppSession cookie
2023.10.0
- 2023-10-06 TUN-7864: Document cloudflared versions support
- 2023-10-03 CUSTESC-33731: Make rule match test report rule in 0-index base
- 2023-09-22 TUN-7824: Fix usage of systemctl status to detect which services are installed
- 2023-09-20 TUN-7813: Improve tunnel delete command to use cascade delete
- 2023-09-20 TUN-7787: cloudflared only list ip routes targeted for cfd_tunnel
- 2023-09-15 TUN-7787: Refactor cloudflared to use new route endpoints based on route IDs
- 2023-09-08 TUN-7776: Remove warp-routing flag from cloudflared
- 2023-09-05 TUN-7756: Clarify that QUIC is mandatory to support ICMP proxying
2023.8.2
- 2023-08-25 TUN-7700: Implement feature selector to determine if connections will prefer post quantum cryptography
- 2023-08-22 TUN-7707: Use X25519Kyber768Draft00 curve when post-quantum feature is enabled
2023.8.1
- 2023-08-23 TUN-7718: Update R2 Token to no longer encode secret
2023.8.0
- 2023-07-26 TUN-7584: Bump go 1.20.6
2023.7.3
- 2023-07-25 TUN-7628: Correct Host parsing for Access
- 2023-07-24 TUN-7624: Fix flaky TestBackoffGracePeriod test in cloudflared
2023.7.2
- 2023-07-19 TUN-7599: Onboard cloudflared to Software Dashboard
- 2023-07-19 TUN-7587: Remove junos builds
- 2023-07-18 TUN-7597: Add flag to disable auto-update services to be installed
- 2023-07-17 TUN-7594: Add nightly arm64 cloudflared internal deb publishes
- 2023-07-14 TUN-7586: Upgrade go-jose/go-jose/v3 and core-os/go-oidc/v3
- 2023-07-14 TUN-7589: Remove legacy golang.org/x/crypto/ssh/terminal package usage
- 2023-07-14 TUN-7590: Remove usages of ioutil
- 2023-07-14 TUN-7585: Remove h2mux compression
- 2023-07-14 TUN-7588: Update package coreos/go-systemd
2023.7.1
- 2023-07-13 TUN-7582: Correct changelog wording for --management-diagnostics
- 2023-07-12 TUN-7575: Add option to disable PTMU discovery over QUIC
2023.7.0
- 2023-07-06 TUN-7558: Flush on Writes for StreamBasedOriginProxy
- 2023-07-05 TUN-7553: Add flag to enable management diagnostic services
- 2023-07-05 TUN-7564: Support cf-trace-id for cloudflared access
- 2023-07-05 TUN-7477: Decrement UDP sessions on shutdown
- 2023-07-03 TUN-7545: Add support for full bidirectionally streaming with close signal propagation
- 2023-06-30 TUN-7549: Add metrics route to management service
- 2023-06-30 TUN-7551: Complete removal of raven-go to sentry-go
- 2023-06-30 TUN-7550: Add pprof endpoint to management service
- 2023-06-29 TUN-7543: Add --debug-stream flag to cloudflared access ssh
- 2023-06-26 TUN-6011: Remove docker networks from ICMP Proxy test
- 2023-06-20 AUTH-5328 Pass cloudflared_token_check param when running cloudflared access login
2023.6.1
- 2023-06-19 TUN-7480: Added a timeout for unregisterUDP.
- 2023-06-16 TUN-7477: Add UDP/TCP session metrics
- 2023-06-14 TUN-7468: Increase the limit of incoming streams
2023.6.0
- 2023-06-15 TUN-7471: Fixes cloudflared not closing the quic stream on unregister UDP session
- 2023-06-09 TUN-7463: Add default ingress rule if no ingress rules are provided when updating the configuration
- 2023-05-31 TUN-7447: Add a cover build to report code coverage
2023.5.1
- 2023-05-16 TUN-7424: Add CORS headers to host_details responses
- 2023-05-11 TUN-7421: Add *.cloudflare.com to permitted Origins for management WebSocket requests
- 2023-05-05 TUN-7404: Default configuration version set to -1
- 2023-05-05 TUN-7227: Migrate to devincarr/quic-go
2023.5.0
- 2023-04-27 TUN-7398: Add support for quic safe stream to set deadline
- 2023-04-26 TUN-7394: Retry StartFirstTunnel on quic.ApplicationErrors
- 2023-04-26 TUN-7392: Ignore release checksum upload if asset already uploaded
- 2023-04-25 TUN-7392: Ignore duplicate artifact uploads for github release
- 2023-04-25 TUN-7393: Add json output for cloudflared tail
- 2023-04-24 TUN-7390: Remove Debian stretch builds
2023.4.2
- 2023-04-24 TUN-7133: Add sampling support for streaming logs
- 2023-04-21 TUN-7141: Add component tests for streaming logs
- 2023-04-21 TUN-7373: Streaming logs override for same actor
- 2023-04-20 TUN-7383: Bump requirements.txt
- 2023-04-19 TUN-7361: Add a label to override hostname
- 2023-04-19 TUN-7378: Remove RPC debug logs
- 2023-04-18 TUN-7360: Add Get Host Details handler in management service
- 2023-04-17 AUTH-3122 Verify that Access tokens are still valid in curl command
- 2023-04-17 TUN-7129: Categorize TCP logs for streaming logs
- 2023-04-17 TUN-7130: Categorize UDP logs for streaming logs
- 2023-04-10 AUTH-4887 Add aud parameter to token transfer url
2023.4.1
- 2023-04-13 TUN-7368: Report destination address for TCP requests in logs
- 2023-04-12 TUN-7134: Acquire token for cloudflared tail
- 2023-04-12 TUN-7131: Add cloudflared log event to connection messages and enable streaming logs
- 2023-04-11 TUN-7132 TUN-7136: Add filter support for streaming logs
- 2023-04-06 TUN-7354: Don't warn for empty ingress rules when using --token
- 2023-04-06 TUN-7128: Categorize logs from public hostname locations
- 2023-04-06 TUN-7351: Add streaming logs session ping and timeout
- 2023-04-06 TUN-7335: Fix cloudflared update not working in windows
2023.4.0
- 2023-04-07 TUN-7356: Bump golang.org/x/net package to 0.7.0
- 2023-04-07 TUN-7357: Bump to go 1.19.6
- 2023-04-06 TUN-7127: Disconnect logger level requirement for management
- 2023-04-05 TUN-7332: Remove legacy tunnel force flag
- 2023-04-05 TUN-7135: Add cloudflared tail
- 2023-04-04 Add suport for OpenBSD (#916)
- 2023-04-04 Fix typo (#918)
- 2023-04-04 TUN-7125: Add management streaming logs WebSocket protocol
- 2023-03-30 TUN-9999: Remove classic tunnel component tests
- 2023-03-30 TUN-7126: Add Management logger io.Writer
- 2023-03-29 TUN-7324: Add http.Hijacker to connection.ResponseWriter
- 2023-03-29 TUN-7333: Default features checkable at runtime across all packages
- 2023-03-21 TUN-7124: Add intercept ingress rule for management requests
2023.3.1
- 2023-03-13 TUN-7271: Return 503 status code when no ingress rules configured
- 2023-03-10 TUN-7272: Fix cloudflared returning non supported status service which breaks configuration migration
- 2023-03-09 TUN-7259: Add warning for missing ingress rules
- 2023-03-09 TUN-7268: Default to Program Files as location for win32
- 2023-03-07 TUN-7252: Remove h2mux connection
- 2023-03-07 TUN-7253: Adopt http.ResponseWriter for connection.ResponseWriter
- 2023-03-06 TUN-7245: Add bastion flag to origin service check
- 2023-03-06 EDGESTORE-108: Remove deprecated s3v2 signature
- 2023-03-02 TUN-7226: Fixed a missed rename
2023.3.0
- 2023-03-01 GH-352: Add Tunnel CLI option "edge-bind-address" (#870)
- 2023-03-01 Fixed WIX template to allow MSI upgrades (#838)
- 2023-02-28 TUN-7213: Decode Base64 encoded key before writing it
- 2023-02-28 check.yaml: update actions to v3 (#876)
- 2023-02-27 TUN-7213: Debug homebrew-cloudflare build
- 2023-02-15 RTG-2476 Add qtls override for Go 1.20
2023.2.2
- 2023-02-22 TUN-7197: Add connIndex tag to debug messages of incoming requests
- 2023-02-08 TUN-7167: Respect protocol overrides with --token
- 2023-02-06 TUN-7065: Remove classic tunnel creation
- 2023-02-06 TUN-6938: Force h2mux protocol to http2 for named tunnels
- 2023-02-06 TUN-6938: Provide QUIC as first in protocol list
- 2023-02-03 TUN-7158: Correct TCP tracing propagation
- 2023-02-01 TUN-7151: Update changes file with latest release notices
2023.2.1
- 2023-02-01 TUN-7065: Revert Ingress Rule check for named tunnel configurations
- 2023-02-01 Revert "TUN-7065: Revert Ingress Rule check for named tunnel configurations"
- 2023-02-01 Revert "TUN-7065: Remove classic tunnel creation"
2023.1.0
- 2023-01-10 TUN-7064: RPM digests are now sha256 instead of md5sum
- 2023-01-04 RTG-2418 Update qtls
- 2022-12-24 TUN-7057: Remove dependency github.com/gorilla/mux
- 2022-12-24 TUN-6724: Migrate to sentry-go from raven-go
2022.12.1
- 2022-12-20 TUN-7021: Fix proxy-dns not starting when cloudflared tunnel is run
- 2022-12-15 TUN-7010: Changelog for release 2022.12.0
2022.12.0
- 2022-12-14 TUN-6999: cloudflared should attempt other edge addresses before falling back on protocol
- 2022-12-13 TUN-7004: Dont show local config dirs for remotely configured tuns
- 2022-12-12 TUN-7003: Tempoarily disable erroneous notarize-app
- 2022-12-12 TUN-7003: Add back a missing fi
- 2022-12-07 TUN-7000: Reduce metric cardinality of closedConnections metric by removing error as tag
- 2022-12-07 TUN-6994: Improve logging config file not found
- 2022-12-07 TUN-7002: Randomise first region selection
- 2022-12-07 TUN-6995: Disable quick-tunnels spin up by default
- 2022-12-05 TUN-6984: Add bash set x to improve visibility during builds
- 2022-12-05 TUN-6984: [CI] Ignore security import errors for code_sigining
- 2022-12-05 TUN-6984: [CI] Don't fail on unset.
- 2022-11-30 TUN-6984: Set euo pipefile for homebrew builds
2022.11.1
- 2022-11-29 TUN-6981: We should close UDP socket if failed to connecto to edge
- 2022-11-25 CUSTESC-23757: Fix a bug where a wildcard ingress rule would match an host without starting with a dot
- 2022-11-24 TUN-6970: Print newline when printing tunnel token
- 2022-11-22 TUN-6963: Refactor Metrics service setup
2022.11.0
- 2022-11-16 Revert "TUN-6935: Cloudflared should use APIToken instead of serviceKey"
- 2022-11-16 TUN-6929: Use same protocol for other connections as first one
- 2022-11-14 TUN-6941: Reduce log level to debug when failing to proxy ICMP reply
- 2022-11-14 TUN-6935: Cloudflared should use APIToken instead of serviceKey
- 2022-11-14 TUN-6935: Cloudflared should use APIToken instead of serviceKey
- 2022-11-11 TUN-6937: Bump golang.org/x/* packages to new release tags
- 2022-11-10 ZTC-234: macOS tests
- 2022-11-09 TUN-6927: Refactor validate access configuration to allow empty audTags only
- 2022-11-08 ZTC-234: Replace ICMP funnels when ingress connection changes
- 2022-11-04 TUN-6917: Bump go to 1.19.3
- 2022-11-02 Issue #574: Better ssh config for short-lived cert (#763)
- 2022-10-28 TUN-6898: Fix bug handling IPv6 based ingresses with missing port
- 2022-10-28 TUN-6898: Refactor addPortIfMissing
2022.10.3
- 2022-10-24 TUN-6871: Add default feature to cloudflared to support EOF on QUIC connections
- 2022-10-19 TUN-6876: Fix flaky TestTraceICMPRouterEcho by taking account request span can return before reply
- 2022-10-18 TUN-6867: Clear spans right after they are serialized to avoid returning duplicate spans
2022.10.2
- 2022-10-18 TUN-6869: Fix Makefile complaining about missing GO packages
- 2022-10-18 TUN-6864: Don't reuse port in quic unit tests
- 2022-10-18 TUN-6868: Return left padded tracing ID when tracing identity is converted to string
2022.10.1
- 2022-10-16 TUN-6861: Trace ICMP on Windows
- 2022-10-15 TUN-6860: Send access configuration keys to the edge
- 2022-10-14 TUN-6858: Trace ICMP reply
- 2022-10-13 TUN-6855: Add DatagramV2Type for IP packet with trace and tracing spans
- 2022-10-13 TUN-6856: Refactor to lay foundation for tracing ICMP
- 2022-10-13 TUN-6604: Trace icmp echo request on Linux and Darwin
- 2022-10-12 Fix log message (#591)
- 2022-10-12 TUN-6853: Reuse source port when connecting to the edge for quic connections
- 2022-10-11 TUN-6829: Allow user of datagramsession to control logging level of errors
- 2022-10-10 RTG-2276 Update qtls and go mod tidy
- 2022-10-05 Add post-quantum flag to quick tunnel
- 2022-10-05 TUN-6823: Update github release message to pull from KV
- 2022-10-04 TUN-6825: Fix cloudflared:version images require arch hyphens
- 2022-10-03 TUN-6806: Add ingress rule number to log when filtering due to middlware handler
- 2022-08-17 Label correct container
- 2022-08-16 Fix typo in help text for `cloudflared tunnel route lb`
- 2022-07-18 drop usage of cat when sed is invoked to generate the manpage
- 2021-03-15 update-build-readme
- 2021-03-15 fix link
2022.10.0
- 2022-09-30 TUN-6755: Remove unused publish functions
- 2022-09-30 TUN-6813: Only proxy ICMP packets when warp-routing is enabled
- 2022-09-29 TUN-6811: Ping group range should be parsed as int32
- 2022-09-29 TUN-6812: Drop IP packets if ICMP proxy is not initialized
- 2022-09-28 TUN-6716: Document limitation of Windows ICMP proxy
- 2022-09-28 TUN-6810: Add component test for post-quantum
- 2022-09-27 TUN-6715: Provide suggestion to add cloudflared to ping_group_range if it failed to open ICMP socket
- 2022-09-22 TUN-6792: Fix brew core release by not auditing the formula
- 2022-09-22 TUN-6774: Validate OriginRequest.Access to add Ingress.Middleware
- 2022-09-22 TUN-6775: Add middleware.Handler verification to ProxyHTTP
- 2022-09-22 TUN-6791: Calculate ICMPv6 checksum
- 2022-09-22 TUN-6801: Add punycode alternatives for ingress rules
- 2022-09-21 TUN-6772: Add a JWT Validator as an ingress verifier
- 2022-09-21 TUN-6772: Add a JWT Validator as an ingress verifier
- 2022-09-21 TUN-6774: Validate OriginRequest.Access to add Ingress.Middleware
- 2022-09-21 TUN-6772: Add a JWT Validator as an ingress verifier
- 2022-09-20 TUN-6741: ICMP proxy tries to listen on specific IPv4 & IPv6 when possible
2022.9.1
- 2022-09-20 TUN-6777: Fix race condition in TestFunnelIdleTimeout
- 2022-09-20 TUN-6595: Enable datagramv2 and icmp proxy by default
- 2022-09-20 TUN-6773: Add access based configuration to ingress.OriginRequestConfig
- 2022-09-19 TUN-6778: Cleanup logs about ICMP
- 2022-09-19 TUN-6779: cloudflared should also use the root CAs from system pool to validate edge certificate
- 2022-09-19 TUN-6780: Add support for certReload to also include support for client certificates
- 2022-09-16 TUN-6767: Build ICMP proxy for Windows only when CGO is enabled
- 2022-09-15 TUN-6590: Use Windows Teamcity agent to build binary
- 2022-09-13 TUN-6592: Decrement TTL and return ICMP time exceed if it's 0
- 2022-09-09 TUN-6749: Fix icmp_generic build
- 2022-09-09 TUN-6744: On posix platforms, assign unique echo ID per (src, dst, echo ID)
- 2022-09-08 TUN-6743: Support ICMPv6 echo on Windows
- 2022-09-08 TUN-6689: Utilize new RegisterUDPSession to begin tracing
- 2022-09-07 TUN-6688: Update RegisterUdpSession capnproto to include trace context
- 2022-09-06 TUN-6740: Detect no UDP packets allowed and fallback from QUIC in that case
- 2022-09-06 TUN-6654: Support ICMPv6 on Linux and Darwin
- 2022-09-02 TUN-6696: Refactor flow into funnel and close idle funnels
- 2022-09-02 TUN-6718: Bump go and go-boring 1.18.6
- 2022-08-29 TUN-6531: Implement ICMP proxy for Windows using IcmpSendEcho
- 2022-08-24 RTG-1339 Support post-quantum hybrid key exchange
2022.9.0
- 2022-09-05 TUN-6737: Fix datagramV2Type should be declared in its own block so it starts at 0
- 2022-09-01 TUN-6725: Fix testProxySSEAllData
- 2022-09-01 TUN-6726: Fix maxDatagramPayloadSize for Windows QUIC datagrams
- 2022-09-01 TUN-6729: Fix flaky TestClosePreviousProxies
- 2022-09-01 TUN-6728: Verify http status code ingress rule
- 2022-08-25 TUN-6695: Implement ICMP proxy for linux
2022.8.4
- 2022-08-31 TUN-6717: Update Github action to run with Go 1.19
- 2022-08-31 TUN-6720: Remove forcibly closing connection during reconnect signal
- 2022-08-29 Release 2022.8.3
2022.8.3
- 2022-08-26 TUN-6708: Fix replace flow logic
- 2022-08-25 TUN-6705: Tunnel should retry connections forever
- 2022-08-25 TUN-6704: Honor protocol flag when edge discovery is unreachable
- 2022-08-25 TUN-6699: Add metric for packet too big dropped
- 2022-08-24 TUN-6691: Properly error check for net.ErrClosed
- 2022-08-22 TUN-6679: Allow client side of quic request to close body
- 2022-08-22 TUN-6586: Change ICMP proxy to only build for Darwin and use echo ID to track flows
- 2022-08-18 TUN-6530: Implement ICMPv4 proxy
- 2022-08-17 TUN-6666: Define packet package
- 2022-08-17 TUN-6667: DatagramMuxerV2 provides a method to receive RawPacket
- 2022-08-16 TUN-6657: Ask for Tunnel ID and Configuration on Bug Report
- 2022-08-16 TUN-6676: Add suport for trailers in http2 connections
- 2022-08-11 TUN-6575: Consume cf-trace-id from incoming http2 TCP requests
2022.8.2
- 2022-08-16 TUN-6656: Docker for arm64 should not be deployed in an amd64 container
2022.8.1
- 2022-08-15 TUN-6617: Updated CHANGES.md for protocol stickiness
- 2022-08-12 EDGEPLAT-3918: bump go and go-boring to 1.18.5
- 2022-08-12 TUN-6652: Publish dockerfile for both amd64 and arm64
- 2022-08-11 TUN-6617: Dont fallback to http2 if QUIC conn was successful.
- 2022-08-11 TUN-6617: Dont fallback to http2 if QUIC conn was successful.
- 2022-08-11 Revert "TUN-6617: Dont fallback to http2 if QUIC conn was successful."
- 2022-08-11 TUN-6617: Dont fallback to http2 if QUIC conn was successful.
- 2022-08-01 TUN-6584: Define QUIC datagram v2 format to support proxying IP packets
2022.8.0
- 2022-08-10 TUN-6637: Upgrade quic-go
- 2022-08-10 TUN-6646: Add support to SafeStreamCloser to close only write side of stream
- 2022-08-09 TUN-6642: Fix unexpected close of quic stream triggered by upstream origin close
- 2022-08-09 TUN-6639: Validate cyclic ingress configuration
- 2022-08-08 TUN-6637: Upgrade go version and quic-go
- 2022-08-08 TUN-6639: Validate cyclic ingress configuration
- 2022-08-04 EDGEPLAT-3918: build cloudflared for Bookworm
- 2022-08-02 Revert "TUN-6576: Consume cf-trace-id from incoming TCP requests to create root span"
- 2022-07-27 TUN-6601: Update gopkg.in/yaml.v3 references in modules
- 2022-07-26 TUN-6576: Consume cf-trace-id from incoming TCP requests to create root span
- 2022-07-26 TUN-6576: Consume cf-trace-id from incoming TCP requests to create root span
- 2022-07-25 TUN-6598: Remove auto assignees on github issues
- 2022-07-20 TUN-6583: Remove legacy --ui flag
- 2022-07-20 cURL supports stdin and uses os pipes directly without copying
- 2022-07-07 TUN-6517: Use QUIC stream context while proxying HTTP requests and TCP connections
2022.7.1
- 2022-07-06 TUN-6503: Fix transport fallback from QUIC in face of dial error "no network activity"
2022.7.0
- 2022-07-05 TUN-6499: Remove log that is per datagram
- 2022-06-24 TUN-6460: Rename metric label location to edge_location
- 2022-06-24 TUN-6459: Add cloudflared user-agent to access calls
- 2022-06-17 TUN-6427: Differentiate between upstream request closed/canceled and failed origin requests
- 2022-06-17 TUN-6388: Fix first tunnel connection not retrying
- 2022-06-13 TUN-6384: Correct duplicate connection error to fetch new IP first
- 2022-06-13 TUN-6373: Add edge-ip-version to remotely pushed configuration
- 2022-06-07 TUN-6010: Add component tests for --edge-ip-version
- 2022-05-20 TUN-6007: Implement new edge discovery algorithm
- 2022-02-18 Ensure service install directories are created before writing file
2022.6.3
- 2022-06-20 TUN-6362: Add armhf support to cloudflare packaging
2022.6.2
- 2022-06-13 TUN-6381: Write error data on QUIC stream when we fail to talk to the origin; separate logging for protocol errors vs. origin errors.
- 2022-06-17 TUN-6414: Remove go-sumtype from cloudflared build process
- 2022-06-01 Add Http2Origin option to force HTTP/2 origin connections
- 2022-06-02 fix ingress rules unit test
- 2022-06-09 Update remaining OriginRequestConfig functions for Http2Origins
- 2022-05-31 Add image source label to docker container.
- 2022-05-10 Warp Private Network link updated
2022.6.1
- 2022-06-14 TUN-6395: Fix writing RPM repo data
2022.6.0
- 2022-06-14 Revert "TUN-6010: Add component tests for --edge-ip-version"
- 2022-06-14 Revert "TUN-6373: Add edge-ip-version to remotely pushed configuration"
- 2022-06-14 Revert "TUN-6384: Correct duplicate connection error to fetch new IP first"
- 2022-06-14 Revert "TUN-6007: Implement new edge discovery algorithm"
- 2022-06-13 TUN-6385: Don't share err between acceptStream loop and per-stream goroutines
- 2022-06-13 TUN-6384: Correct duplicate connection error to fetch new IP first
- 2022-06-13 TUN-6373: Add edge-ip-version to remotely pushed configuration
- 2022-06-13 TUN-6380: Enforce connect and keep-alive timeouts for TCP connections in both WARP routing and websocket based TCP proxy.
- 2022-06-11 Update issue templates
- 2022-06-11 Amendment to previous PR
- 2022-06-09 TUN-6347: Add TCP stream logs with FlowID
- 2022-06-08 TUN-6361: Add cloudflared arm builds to pkging as well
- 2022-06-07 TUN-6357: Add connector id to ready check endpoint
- 2022-06-07 TUN-6010: Add component tests for --edge-ip-version
- 2022-06-06 TUN-6191: Update quic-go to v0.27.1 and with custom patch to allow keep alive period to be configurable
- 2022-06-03 TUN-6343: Fix QUIC->HTTP2 fallback
- 2022-06-02 TUN-6339: Add config for IPv6 support
- 2022-06-02 TUN-6341: Fix default config value for edge-ip-version
- 2022-06-01 TUN-6323: Add Xenial and Trusty for Ubuntu pkging
- 2022-05-31 TUN-6210: Add cloudflared.repo to make it easy for yum installs
- 2022-05-30 TUN-6293: Update yaml v3 to latest hotfix
- 2022-05-20 TUN-6007: Implement new edge discovery algorithm
2022.5.3
- 2022-05-30 TUN-6308: Add debug logs to see if packets are sent/received from edge
- 2022-05-30 TUN-6301: Allow to update logger used by UDP session manager
2022.5.2
- 2022-05-23 TUN-6270: Import gpg keys from environment variables
- 2022-05-24 TUN-6209: Improve feedback process if release_pkgs to deb and rpm fail
- 2022-05-24 TUN-6280: Don't wrap qlog connection tracer for gatethering QUIC metrics since we're not writing qlog files.
- 2022-05-25 TUN-6209: Sign RPM packages
- 2022-05-25 TUN-6285: Upload pkg assets to repos when cloudflared is released.
- 2022-05-24 TUN-6282: Upgrade golang to 1.17.10, go-boring to 1.17.9
- 2022-05-26 TUN-6292: Debug builds for cloudflared
- 2022-05-28 TUN-6304: Fixed some file permission issues
- 2022-05-11 TUN-6197: Publish to brew core should not try to open the browser
- 2022-05-12 TUN-5943: Add RPM support
- 2022-05-18 TUN-6248: Fix panic in cloudflared during tracing when origin doesn't provide header map
- 2022-05-18 TUN-6250: Add upstream response status code to tracing span attributes
2022.5.1
- 2022-05-06 TUN-6146: Release_pkgs is now a generic command line script
- 2022-05-06 TUN-6185: Fix tcpOverWSOriginService not using original scheme for String representation
- 2022-05-05 TUN-6175: Simply debian packaging by structural upload
- 2022-05-05 TUN-5945: Added support for Ubuntu releases
- 2022-05-04 TUN-6054: Create and upload deb packages to R2
- 2022-05-03 TUN-6161: Set git user/email for brew core release
- 2022-05-03 TUN-6166: Fix mocked QUIC transport for UDP proxy manager to return expected error
- 2022-04-27 TUN-6016: Push local managed tunnels configuration to the edge
2022.5.0
- 2022-05-02 TUN-6158: Update golang.org/x/crypto
- 2022-04-20 VULN-8383 Bump yaml.v2 to yaml.v3
- 2022-04-21 TUN-6123: For a given connection with edge, close all datagram sessions through this connection when it's closed
- 2022-04-20 TUN-6015: Add RPC method for pushing local config
- 2022-04-21 TUN-6130: Fix vendoring due to case sensitive typo in package
- 2022-04-27 TUN-6142: Add tunnel details support to RPC
- 2022-04-28 TUN-6014: Add remote config flag as default feature
- 2022-04-12 TUN-6000: Another fix for publishing to brew core
- 2022-04-11 TUN-5990: Add otlp span export to response header
- 2022-04-19 TUN-6070: First connection retries other edge IPs if the error is quic timeout(likely due to firewall blocking UDP)
- 2022-04-11 TUN-6030: Add ttfb span for origin http request
2022.4.1
- 2022-04-11 TUN-6035: Reduce buffer size when proxying data
- 2022-04-11 TUN-6038: Reduce buffer size used for proxying data
- 2022-04-11 TUN-6043: Allow UI-managed Tunnels to fallback from QUIC but warn about that
- 2022-04-07 TUN-6000 add version argument to bump-formula-pr
- 2022-04-06 TUN-5989: Add in-memory otlp exporter
2022.4.0
- 2022-04-01 TUN-5973: Add backoff for non-recoverable errors as well
- 2022-04-05 TUN-5992: Use QUIC protocol for remotely managed tunnels when protocol is unspecified
- 2022-04-06 Update Makefile
- 2022-04-06 TUN-5995: Update prometheus to 1.12.1 to avoid vulnerabilities
- 2022-04-07 TUN-5995: Force prometheus v1.12.1 usage
- 2022-04-07 TUN-4130: cloudflared docker images now have a latest tag
- 2022-03-30 TUN-5842: Fix flaky TestConcurrentUpdateAndRead by making sure resources are released
- 2022-03-30 carrier: fix dropped errors
- 2022-03-25 TUN-5959: tidy go.mod
- 2022-03-25 TUN-5958: Fix release to homebrew core
- 2022-03-28 TUN-5960: Do not log the tunnel token or json credentials
- 2022-03-28 TUN-5956: Add timeout to session manager APIs
2022.3.4
- 2022-03-22 TUN-5918: Clean up text in cloudflared tunnel --help
- 2022-03-22 TUN-5895 run brew bump-formula-pr on release
- 2022-03-22 TUN-5915: New cloudflared command to allow to retrieve the token credentials for a Tunnel
- 2022-03-24 TUN-5933: Better messaging to help user when installing service if it is already installed
- 2022-03-25 TUN-5954: Start cloudflared service in Linux too similarly to other OSs
- 2022-03-14 TUN-5869: Add configuration endpoint in metrics server
2022.3.3
- 2022-03-17 TUN-5893: Start windows service on install, stop on uninstall. Previously user had to manually start the service after running 'cloudflared tunnel install' and stop the service before running uninstall command.
- 2022-03-17 Revert "CC-796: Remove dependency on unsupported version of go-oidc"
- 2022-03-18 TUN-5881: Clarify success (or lack thereof) of (un)installing cloudflared service
- 2022-03-18 CC-796: Remove dependency on unsupported version of go-oidc
- 2022-03-18 TUN-5907: Change notes for 2022.3.3
2022.3.2
- 2022-03-10 TUN-5833: Create constant for allow-remote-config
- 2022-03-15 TUN-5867: Return error if service was already installed
- 2022-03-16 TUN-5833: Send feature `allow_remote_config` if Tunnel is run with --token
- 2022-03-08 TUN-5849: Remove configuration debug log
- 2022-03-08 TUN-5850: Update CHANGES.md with latest releases
- 2022-03-08 TUN-5851: Update all references to point to Apache License 2.0
- 2022-03-07 TUN-5853 Add "install" make target and build package manager info into executable
- 2022-03-08 TUN-5801: Add custom wrapper for OriginConfig for JSON serde
- 2022-03-09 TUN-5703: Add prometheus metric for current configuration version
- 2022-02-05 CC-796: Remove dependency on unsupported version of go-oidc
2022.3.1
- 2022-03-04 TUN-5837: Log panic recovery in http2 logic with debug level log
- 2022-03-04 TUN-5696: HTTP/2 Configuration Update
- 2022-03-04 TUN-5836: Avoid websocket#Stream function from crashing cloudflared with unexpected memory access
- 2022-03-05 TUN-5836: QUIC transport no longer sets body to nil in any condition
2022.3.0
- 2022-03-02 TUN-5680: Adapt component tests for new service install based on token
- 2022-02-21 TUN-5682: Remove name field from credentials
- 2022-02-21 TUN-5681: Add support for running tunnel using Token
- 2022-02-28 TUN-5824: Update updater no-update-in-shell link
- 2022-02-28 TUN-5823: Warn about legacy flags that are ignored when ingress rules are used
- 2022-02-28 TUN-5737: Support https protocol over unix socket origin
- 2022-02-23 TUN-5679: Add support for service install using Tunnel Token
2022.2.2
- 2022-02-22 TUN-5754: Allow ingress validate to take plaintext option
- 2022-02-17 TUN-5678: Cloudflared uses typed tunnel API
2022.2.1
- 2022-02-10 TUN-5184: Handle errors in bidrectional streaming (websocket#Stream) gracefully when 1 side has ended
- 2022-02-14 Update issue templates
- 2022-02-14 Update issue templates
- 2022-02-11 TUN-5768: Update cloudflared license file
- 2022-02-11 TUN-5698: Make ingress rules and warp routing dynamically configurable
- 2022-02-14 TUN-5678: Adapt cloudflared to use new typed APIs
- 2022-02-17 Revert "TUN-5678: Adapt cloudflared to use new typed APIs"
- 2022-02-11 TUN-5697: Listen for UpdateConfiguration RPC in quic transport
- 2022-02-04 TUN-5744: Add a test to make sure cloudflared uses scheme defined in ingress rule, not X-Forwarded-Proto header
- 2022-02-07 TUN-5749: Refactor cloudflared to pave way for reconfigurable ingress - Split origin into supervisor and proxy packages - Create configManager to handle dynamic config
- 2021-10-19 TUN-5184: Make sure outstanding websocket write is finished, and no more writes after shutdown
2022.2.0
- 2022-02-02 TUN-4947: Use http when talking to Unix sockets origins
- 2022-02-02 TUN-5695: Define RPC method to update configuration
- 2022-01-27 TUN-5621: Correctly manage QUIC stream closing
- 2022-01-28 TUN-5702: Allow to deserialize config from JSON
2022.1.3
- 2022-01-21 TUN-5477: Unhide vnet commands
- 2022-01-24 TUN-5669: Change network command to vnet
- 2022-01-25 TUN-5675: Remove github.com/dgrijalva/jwt-go dependency by upgrading coredns version
- 2022-01-27 TUN-5719: Re-attempt connection to edge with QUIC despite network error when there is no fallback
- 2022-01-28 TUN-5724: Fix SSE streaming by guaranteeing we write everything we read
- 2022-01-17 TUN-5547: Bump golang x/net package to fix http2 transport bugs
- 2022-01-19 TUN-5659: Proxy UDP with zero-byte payload
- 2021-10-22 Add X-Forwarded-Host for http proxy
2022.1.2
- 2022-01-13 TUN-5650: Fix pynacl version to 1.4.0 and pygithub version to 1.55 so release doesn't break unexpectedly
2022.1.1
- 2022-01-10 TUN-5631: Build everything with go 1.17.5
- 2022-01-06 TUN-5623: Configure quic max datagram frame size to 1350 bytes for none Windows platforms
2022.1.0
- 2022-01-03 TUN-5612: Add support for specifying TLS min/max version
- 2022-01-03 TUN-5612: Make tls min/max version public visible
- 2022-01-03 TUN-5551: Internally published debian artifacts are now named just cloudflared even though they are FIPS compliant
- 2022-01-04 TUN-5600: Close QUIC transports as soon as possible while respecting graceful shutdown
- 2022-01-05 TUN-5616: Never fallback transport if user chooses it on purpose
- 2022-01-05 TUN-5204: Unregister QUIC transports on disconnect
- 2022-01-04 TUN-5600: Add coverage to component tests for various transports
2021.12.4
- 2021-12-27 TUN-5482: Refactor tunnelstore client related packages for more coherent package
- 2021-12-27 TUN-5551: Change internally published debian package to be FIPS compliant
- 2021-12-27 TUN-5551: Show whether the binary was built for FIPS compliance
2021.12.3
- 2021-12-22 TUN-5584: Changes for release 2021.12.2
- 2021-12-22 TUN-5590: QUIC datagram max user payload is 1217 bytes
- 2021-12-22 TUN-5593: Read full packet from UDP connection, even if it exceeds MTU of the transport. When packet length is greater than the MTU of the transport, we will silently drop packets (for now).
- 2021-12-23 TUN-5597: Log session ID when session is terminated by edge
2021.12.2
- 2021-12-20 TUN-5571: Remove redundant session manager log, it's already logged in origin/tunnel.ServeQUIC
- 2021-12-20 TUN-5570: Only log RPC server events at error level to reduce noise
- 2021-12-14 TUN-5494: Send a RPC with terminate reason to edge if the session is closed locally
- 2021-11-09 TUN-5551: Reintroduce FIPS compliance for linux amd64 now as separate binaries
2021.12.1
- 2021-12-16 TUN-5549: Revert "TUN-5277: Ensure cloudflared binary is FIPS compliant on linux amd64"
2021.12.0
- 2021-12-13 TUN-5530: Get current time from ticker
- 2021-12-15 TUN-5544: Update CHANGES.md for next release
- 2021-12-07 TUN-5519: Adjust URL for virtual_networks endpoint to match what we will publish
- 2021-12-02 TUN-5488: Close session after it's idle for a period defined by registerUdpSession RPC
- 2021-12-09 TUN-5504: Fix upload of packages to public repo
- 2021-11-30 TUN-5481: Create abstraction for Origin UDP Connection
- 2021-11-30 TUN-5422: Define RPC to unregister session
- 2021-11-26 TUN-5361: Commands for managing virtual networks
- 2021-11-29 TUN-5362: Adjust route ip commands to be aware of virtual networks
- 2021-11-23 TUN-5301: Separate datagram multiplex and session management logic from quic connection logic
- 2021-11-10 TUN-5405: Update net package to v0.0.0-20211109214657-ef0fda0de508
- 2021-11-10 TUN-5408: Update quic package to v0.24.0
- 2021-11-12 Fix typos
- 2021-11-13 Fix for Issue #501: Unexpected User-agent insertion when tunneling http request
- 2021-11-16 TUN-5129: Remove `-dev` suffix when computing version and Git has uncommitted changes
- 2021-11-18 TUN-5441: Fix message about available protocols
- 2021-11-12 TUN-5300: Define RPC to register UDP sessions
- 2021-11-14 TUN-5299: Send/receive QUIC datagram from edge and proxy to origin as UDP
- 2021-11-04 TUN-5387: Updated CHANGES.md for 2021.11.0
- 2021-11-08 TUN-5368: Log connection issues with LogLevel that depends on tunnel state
- 2021-11-09 TUN-5397: Log cloudflared output when it fails to connect tunnel
- 2021-11-09 TUN-5277: Ensure cloudflared binary is FIPS compliant on linux amd64
- 2021-11-08 TUN-5393: Content-length is no longer a control header for non-h2mux transports
2021.11.0
- 2021-11-03 TUN-5285: Fallback to HTTP2 immediately if connection times out with no network activity
- 2021-09-29 Add flag to 'tunnel create' subcommand to specify a base64-encoded secret
2021.10.5
- 2021-10-25 Update change log for release 2021.10.4
- 2021-10-25 Revert "TUN-5184: Make sure outstanding websocket write is finished, and no more writes after shutdown"
2021.10.4
- 2021-10-21 TUN-5287: Fix misuse of wait group in TestQUICServer that caused the test to exit immediately
- 2021-10-21 TUN-5286: Upgrade crypto/ssh package to fix CVE-2020-29652
- 2021-10-18 TUN-5262: Allow to configure max fetch size for listing queries
- 2021-10-19 TUN-5262: Improvements to `max-fetch-size` that allow to deal with large number of tunnels in account
- 2021-10-15 TUN-5261: Collect QUIC metrics about RTT, packets and bytes transfered and log events at tracing level
- 2021-10-19 TUN-5184: Make sure outstanding websocket write is finished, and no more writes after shutdown
2021.10.3
- 2021-10-14 TUN-5255: Fix potential panic if Cloudflare API fails to respond to GetTunnel(id) during delete command
- 2021-10-14 TUN-5257: Fix more cfsetup targets that were broken by recent package changes
2021.10.2
- 2021-10-11 TUN-5138: Switch to QUIC on auto protocol based on threshold
- 2021-10-14 TUN-5250: Add missing packages for cfsetup to succeed in github release pkgs target
2021.10.1
- 2021-10-12 TUN-5246: Use protocol: quic for Quick tunnels if one is not already set
- 2021-10-13 TUN-5249: Revert "TUN-5138: Switch to QUIC on auto protocol based on threshold"
2021.10.0
- 2021-10-11 TUN-5138: Switch to QUIC on auto protocol based on threshold
- 2021-10-07 TUN-5195: Do not set empty body if not applicable
- 2021-10-08 UN-5213: Increase MaxStreams value for QUIC transport
- 2021-09-28 TUN-5169: Release 2021.9.2 CHANGES.md
- 2021-09-28 TUN-5164: Update README and clean up references to Argo Tunnel (using Cloudflare Tunnel instead)
2021.9.2
- 2021-09-21 TUN-5129: Use go 1.17 and copy .git folder to docker build to compute version
- 2021-09-21 TUN-5128: Enforce maximum grace period
- 2021-09-22 TUN-5141: Make sure websocket pinger returns before streaming returns
- 2021-09-24 TUN-5142: Add asynchronous servecontrolstream for QUIC
- 2021-09-24 TUN-5142: defer close rpcconn inside unregister instead of ServeControlStream
- 2021-09-27 TUN-5160: Set request.ContentLength when this value is in request header
2021.9.1
- 2021-09-21 TUN-5118: Quic connection now detects duplicate connections similar to http2
- 2021-09-15 Fix TryCloudflare link
2021.9.0
- 2021-09-02 Fix broken TryCloudflare link
- 2021-09-03 Add support for taking named tunnel credentials from an environment variable
- 2021-08-30 TUN-5012: Use patched go-sumtype
- 2021-08-31 TUN-5011: Use the region parameter in fallback SRV lookup
- 2021-08-31 TUN-5029: Do not strip cf- prefixed headers
- 2021-08-29 TUN-5009: Updated github action to use go 1.17.x for checks
- 2021-08-28 TUN-5010: --region should be a string flag
- 2021-08-10 Allow building on arm64 platforms
- 2021-06-09 Update README.md
- 2021-05-31 🖌️ Allow providing TokenID and TokenSecret as env vars when calling cloudflared access
- 2021-05-31 🎨 Prefix env var parameters with TUNNEL
2021.8.7
- 2021-08-28 Revert "TUN-4926: Implement --region configuration option"
2021.8.6
- 2021-08-27 TUN-5000: De-flake logging to dir component test in Windows by increasing to buffer to cope with more logging
- 2021-08-27 TUN-5003: Fix cfsetup for non-FIPS golang version
2021.8.5
- 2021-08-27 TUN-4961: Update quic-go to latest
- 2021-08-27 Release 2021.8.4
2021.8.4
- 2021-08-26 TUN-4974: Fix regression where we were debug logging by accident
- 2021-08-26 TUN-4970: Only default to http2 for warp-routing if protocol is h2mux
- 2021-08-26 TUN-4981: Improve readability of prepareTunnelConfig method
- 2021-08-26 TUN-4926: Implement --region configuration option
- 2021-07-09 TUN-4821: Make quick tunnels the default in cloudflared
2021.8.3
- 2021-08-23 TUN-4889: Add back appendtagheaders function
- 2021-08-21 TUN-4940: Fix cloudflared not picking up correct NextProtos for quic
- 2021-08-21 TUN-4613: Add a no-op protocol version slot
- 2021-08-13 TUN-4922: Downgrade quic-go library to 0.20.0
- 2021-08-17 TUN-4866: Add Control Stream for QUIC
- 2021-08-17 TUN-4927: Parameterize region in edge discovery code
- 2021-08-06 TUN-4602: Added UDP resolves to Edge discovery
2021.8.2
- 2021-08-03 TUN-4597: Added HTTPProxy for QUIC
- 2021-08-04 TUN-4795: Remove Equinox releases
- 2021-08-09 TUN-4911: Append Environment variable to Path instead of overwriting it
2021.8.1
- 2021-08-02 TUN-4855: Added CHANGES.md for release 2021.8.0
- 2021-08-03 TUN-4597: Add a QUIC server skeleton
- 2021-08-03 TUN-4873: Disable unix domain socket test for windows unit tests
- 2021-08-04 TUN-4875: Added amd64-linux builds back to releases
2021.8.0
- 2021-07-30 TUN-4847: Allow to list tunnels by prefix name or exclusion prefix name
- 2021-07-30 TUN-4772: Release built executables with packages
- 2021-07-30 TUN-4851: Component tests to smoke test that Proxy DNS and Tunnel are only run when expected
- 2021-07-28 TUN-4811: Publish quick tunnels' hostname in /metrics under `userHostname` for backwards-compatibility
- 2021-07-29 TUN-4832: Prevent tunnel from running accidentally when only proxy-dns should run
- 2021-07-28 TUN-4819: Tolerate protocol TXT record lookup failing
2021.7.4
- 2021-07-28 TUN-4814: Revert "TUN-4699: Make quick tunnels the default in cloudflared"
- 2021-07-28 TUN-4812: Disable CGO for cloudflared builds
2021.7.3
- 2021-07-27 TUN-4799: Build deb, msi and rpm packages with fips
2021.7.2
- 2021-07-27 Fixed a syntax error with python logging.
2021.7.1
- 2021-07-21 TUN-4755: Add a windows msi release option to Make
- 2021-07-22 TUN-4761: Added a build-all-packages target to cfsetup
- 2021-07-26 TUN-4771: Upload deb, rpm and msi packages to github
- 2021-07-14 TUN-4714: Name nightly package cloudflared-nightly to avoid apt conflict
- 2021-07-16 TUN-4701: Split Proxy into ProxyHTTP and ProxyTCP
- 2021-07-08 TUN-4596: Add QUIC application protocol for QUIC stream handshake
- 2021-07-09 TUN-4699: Make quick tunnels the default in cloudflared
2021.7.0
- 2021-07-01 TUN-4626: Proxy non-stream based origin websockets with http Roundtrip.
- 2021-07-01 TUN-4655: ingress.StreamBasedProxy.EstablishConnection takes dest input
- 2021-07-09 TUN-4698: Add cloudflared metrics endpoint to serve quick tunnel hostname
- 2021-06-21 TUN-4521: Modify cloudflared to use zoneless-tunnels-worker for free tunnels
- 2021-04-05 AUTH-3475: Updated GetAppInfo error message
2021.6.0
- 2021-06-21 TUN-4571: Changelog for 2021.6.0
- 2021-06-18 TUN-4571: Fix proxying to unix sockets when using HTTP2 transport to Cloudflare Edge
- 2021-06-07 TUN-4502: Make `cloudflared tunnel route` subcommands described consistently
- 2021-06-08 TUN-4504: Fix component tests in windows
- 2021-05-27 TUN-4461: Log resulting DNS hostname if one is received from Cloudflare API
2021.5.10
- 2021-05-25 TUN-4456: Replaced instances of Tick() with Ticker() in h2mux paths
2021.5.9
- 2021-05-20 TUN-4426: Fix centos builds
- 2021-05-20 Update changelog
- 2021-04-30 AUTH-3426: Point to new transfer service URL and eliminate PUT /ok
2021.5.8
- 2021-05-14 TUN-4419: Improve error message when cloudflared cannot reach origin
- 2021-05-19 TUN-4425: --overwrite-dns flag for in adhoc and route dns cmds
2021.5.7
- 2021-05-17 Fix typo in Changes.md
- 2021-05-17 TUN-4421: Named Tunnels will automatically select the protocol to connect to Cloudflare's edge network
2021.5.6
- 2021-05-14 TUN-4418: Downgrade to Go 1.16.3
2021.5.5
2021.5.4
- Fix release pipeline
2021.5.1
- 2021-05-10 TUN-4342: Fix false positive warning about unused hostname property
- 2021-05-10 Release 2021.5.0
2021.5.0
- 2021-05-10 TUN-4384: Silence log from automaxprocs
- 2021-05-10 AUTH-3537: AUDs in JWTs are now always arrays
- 2021-05-10 Update changelog for 2021.5.0
- 2021-05-03 TUN-4343: Fix broken build by setting debug field correctly
- 2021-05-06 TUN-4356: Set AUTOMAXPROCS to the CPU limit when running in a Linux container
- 2021-05-06 TUN-4357: Bump Go to 1.16
- 2021-05-06 TUN-4359: Warn about unused keys in 'tunnel ingress validate'
- 2021-04-30 debug: log host / path
- 2021-04-20 AUTH-3513: Checks header for app info in case response is a 403/401 from the edge
- 2021-04-29 TUN-4000: Release notes for cloudflared replica model
- 2021-04-09 TUN-2853: rename STDIN-CONTROL env var to STDIN_CONTROL
- 2021-04-09 TUN-4206: Better error message when user is only using one ingress rule
2021.4.0
- 2021-04-05 TUN-4178: Fix component test for running as a service in MacOS to not assume a named tunnel
- 2021-04-05 TUN-4177: Running with proxy-dns should not prevent running Named Tunnels
- 2021-04-02 TUN-4168: Transparently proxy websocket connections using stdlib HTTP client instead of gorilla/websocket; move websocket client code into carrier package since it's only used by access subcommands now (#345).
- 2021-04-07 Publish change log for 2021.4.0
2021.3.6
- 2021-03-30 TUN-4150: Only show the connector table in 'tunnel info' if there are connectors. Don't show rows with zero connections.
- 2021-03-31 TUN-4153: Revert best-effort HTTP2 usage when talking to origins
- 2021-03-26 TUN-4141: Better error messages for tunnel info subcommand.
- 2021-03-29 TUN-4146: Unhide and document grace-period
- 2021-03-25 TUN-3863: Consolidate header handling logic in the connection package; move headers definitions from h2mux to packages that manage them; cleanup header conversions
2021.3.5
- 2021-03-26 TUN-3896: http-service and tunnelstore client use http2 transport.
- 2021-03-25 TUN-4125: Change component tests to run in CI with its own dedicated resources
- 2021-03-26 Publish change log for 2021.3.5
2021.3.4
2021.3.3
- 2021-03-23 TUN-4111: Warn the user if both properties "tunnel" and "hostname" are used
- 2021-03-23 TUN-4082: Test logging when running as a service
- 2021-03-23 TUN-4112: Skip testing graceful shutdown with SIGINT on Windows
- 2021-03-23 TUN-4116: Ingore credentials-file setting in configuration file during tunnel create and delete opeations.
- 2021-03-23 TUN-4118: Don't overwrite existing file with tunnel credentials. For ad-hoc tunnels, this means tunnel won't start if there's a file in the way.
- 2021-03-24 TUN-4123: Don't capture output in reconnect componet test
- 2021-03-23 TUN-4067: Reformat code for consistent import order, grouping, and fix formatting. Added goimports target to the Makefile to make this easier in the future.
- 2021-03-24 AUTH-3455: Generate short-lived ssh cert per hostname