Accepting request 1319787 from network

- Update version to 2025.11.1 * bump coredns to solve CVE * add vulncheck to cloudflared * Remove references to cloudflare-go * Add logging format as JSON * Centralize UDP origin proxy dialing as ingress service * Add virtual DNS service * Add OriginDialerService to include TCP * Add --dns-resolver-addrs flag * Remove P256Kyber768Draft00PQKex curve from nonFips curve preferences * Bump go-boring from 1.24.2 to 1.24.4 * Add metrics for virtual DNS origin * set proper url and hostname for cloudflared tail command * Add support for login interstitial auto closure * update fed callback url for login helper * Correct QUIC connection management for datagram handlers * Set endpoint in tunnel credentials when generating locally managed tunnel with a Fed token * Migrate cloudflared-ci pipelines to Gitlab CI * Add support for FedRAMP in originRequest Access config * Add buffers for UDP and ICMP datagrams in datagram v3 * Add write deadline for UDP origin writes * Improve metrics for datagram v3 * Force usage of go-boring 1.24 * Fix import of GPG keys when two keys are provided * Fix parameter order when uploading RPM .repo file to R2 * Add new datagram v3 feature flag * Bump datagram v3 write channel capacity * Fix upload of RPM repo file during double signing * Fix the cloudflared binary path used in the component test (forwarded request 1319785 from hillwood) OBS-URL: https://build.opensuse.org/request/show/1319787 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cloudflared?expand=0&rev=11
- Update version to 2025.11.1
2025-11-25 14:53:24 +00:00 · 2025-11-24 14:57:40 +00:00 · 2025-06-11 16:34:37 +00:00 · 2025-06-11 12:15:23 +00:00 · 2025-05-05 20:26:38 +00:00 · 2025-05-04 11:58:44 +00:00
9 changed files with 257 additions and 71 deletions
--- a/001-skip-test.patch
+++ b/001-skip-test.patch
@@ -1,8 +1,8 @@
-diff -Nur cloudflared-2024.6.0/Makefile cloudflared-2024.6.0-new/Makefile
--- cloudflared-2024.6.0/Makefile	2024-06-04 02:29:11.000000000 +0800
-+++ cloudflared-2024.6.0-new/Makefile	2024-07-04 16:47:13.388734689 +0800
-@@ -119,7 +119,7 @@
- RPM_DIGEST := --rpm-digest sha256
+diff -Nur cloudflared-2025.11.1/Makefile cloudflared-2025.11.1-new/Makefile
+--- cloudflared-2025.11.1/Makefile	2025-11-08 00:30:58.000000000 +0800
+++ cloudflared-2025.11.1-new/Makefile	2025-11-24 22:32:14.257700682 +0800
+@@ -131,7 +131,7 @@
+ GO_TEST_LOG_OUTPUT = /tmp/gotest.log
 
 .PHONY: all
 -all: cloudflared test
@@ -10,24 +10,3 @@ diff -Nur cloudflared-2024.6.0/Makefile cloudflared-2024.6.0-new/Makefile
 
 .PHONY: clean
 clean:
-@@ -171,8 +171,8 @@
- 
- .PHONY: install-go
- install-go:
-	rm -rf ${CF_GO_PATH}
-	./.teamcity/install-cloudflare-go.sh
-+#	rm -rf ${CF_GO_PATH}
-+#	./.teamcity/install-cloudflare-go.sh
- 
- .PHONY: cleanup-go
- cleanup-go:
-@@ -181,7 +181,7 @@
- cloudflared.1: cloudflared_man_template
- 	sed -e 's/\$${VERSION}/$(VERSION)/; s/\$${DATE}/$(DATE)/' cloudflared_man_template > cloudflared.1
- 
-install: install-go cloudflared cloudflared.1 cleanup-go
-+install: cloudflared cloudflared.1 cleanup-go
- 	mkdir -p $(DESTDIR)$(INSTALL_BINDIR) $(DESTDIR)$(INSTALL_MANDIR)
- 	install -m755 cloudflared $(DESTDIR)$(INSTALL_BINDIR)/cloudflared
- 	install -m644 cloudflared.1 $(DESTDIR)$(INSTALL_MANDIR)/cloudflared.1
-二进制文件 cloudflared-2024.6.0/vendor.tar.gz 和 cloudflared-2024.6.0-new/vendor.tar.gz 不同
--- a/002-use-pie.patch
+++ b/002-use-pie.patch
@@ -1,12 +1,12 @@
-diff -Nur cloudflared-2024.6.0/Makefile cloudflared-2024.6.0-new/Makefile
--- cloudflared-2024.6.0/Makefile	2024-07-04 16:51:47.504973737 +0800
-+++ cloudflared-2024.6.0-new/Makefile	2024-07-04 16:52:14.844931090 +0800
-@@ -131,7 +131,7 @@
+diff -Nur cloudflared-2025.4.2/Makefile cloudflared-2025.4.2-new/Makefile
+--- cloudflared-2025.4.2/Makefile	2025-04-30 21:15:20.000000000 +0800
+++ cloudflared-2025.4.2-new/Makefile	2025-05-04 16:59:06.748522662 +0800
+@@ -134,7 +134,7 @@
+ ifeq ($(FIPS), true)
 	$(info Building cloudflared with go-fips)
- 	cp -f fips/fips.go.linux-amd64 cmd/cloudflared/fips.go
 endif
 -	GOOS=$(TARGET_OS) GOARCH=$(TARGET_ARCH) $(ARM_COMMAND) go build -mod=vendor $(GO_BUILD_TAGS) $(LDFLAGS) $(IMPORT_PATH)/cmd/cloudflared
 +	GOOS=$(TARGET_OS) GOARCH=$(TARGET_ARCH) $(ARM_COMMAND) go build -mod=vendor -buildmode=pie $(GO_BUILD_TAGS) $(LDFLAGS) $(IMPORT_PATH)/cmd/cloudflared
 ifeq ($(FIPS), true)
- 	rm -f cmd/cloudflared/fips.go
 	./check-fips.sh cloudflared
+ endif
--- a/cloudflared-2024.9.1.tar.gz
+++ b/cloudflared-2024.9.1.tar.gz
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f96b703ea848bc538322eb957749b0b2395e0cf83213cf310cbde0a3f598eac4
-size 7057169
--- a/cloudflared-2025.11.1.tar.gz
+++ b/cloudflared-2025.11.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1a52c1d09e844f947736bb4215c9cdb411954f53c5c31aa420a2435dbe336714
+size 7235259
--- a/cloudflared.changes
+++ b/cloudflared.changes
@@ -1,3 +1,133 @@
+-------------------------------------------------------------------
+Mon Nov 24 14:37:53 UTC 2025 - Hillwood Yang <hillwood@opensuse.org>
+
+- Update version to 2025.11.1
+  * bump coredns to solve CVE
+  * add vulncheck to cloudflared
+  * Remove references to cloudflare-go
+  * Add logging format as JSON
+  * Centralize UDP origin proxy dialing as ingress service
+  * Add virtual DNS service
+  * Add OriginDialerService to include TCP
+  * Add --dns-resolver-addrs flag
+  * Remove P256Kyber768Draft00PQKex curve from nonFips curve preferences
+  * Bump go-boring from 1.24.2 to 1.24.4
+  * Add metrics for virtual DNS origin
+  * set proper url and hostname for cloudflared tail command
+  * Add support for login interstitial auto closure
+  * update fed callback url for login helper
+  * Correct QUIC connection management for datagram handlers
+  * Set endpoint in tunnel credentials when generating locally managed tunnel
+    with a Fed token
+  * Migrate cloudflared-ci pipelines to Gitlab CI
+  * Add support for FedRAMP in originRequest Access config
+  * Add buffers for UDP and ICMP datagrams in datagram v3
+  * Add write deadline for UDP origin writes
+  * Improve metrics for datagram v3
+  * Force usage of go-boring 1.24
+  * Fix import of GPG keys when two keys are provided
+  * Fix parameter order when uploading RPM .repo file to R2
+  * Add new datagram v3 feature flag
+  * Bump datagram v3 write channel capacity
+  * Fix upload of RPM repo file during double signing
+  * Fix the cloudflared binary path used in the component test
+  * Fix typo causing r2-release-next deployment to fail
+  * Update from go1.24.6 to go1.24.9
+  * Fix systemd service installation hanging
+  * Add cf-proxy-* to control response headers
+  * Add pipelines for linux packaging
+  * Prefix gitlab steps with operating system
+  * Fix docker hub push step
+- Add update-crypto.patch, update crypto to 0.45 to fix CVE issues
+  * Fix CVE-2025-58181 boo#1253918
+  * Fix CVE-2025-22869 boo#1239422
+
+-------------------------------------------------------------------
+Wed Jun 11 12:10:55 UTC 2025 - Hillwood Yang <hillwood@opensuse.org>
+
+- Update version to 2025.6.0
+  * Remove dynamic reloading of features for datagram v3
+  * Add metric for unsupported RPC commands for datagram v3
+  * Add dynamic loading of features to connections via ConnectionOptionsSnapshot
+  * Use is_default_network instead of is_default to create vnet's
+  * Update go to 1.24
+
+-------------------------------------------------------------------
+Sun May  4 11:37:40 UTC 2025 - Hillwood Yang <hillwood@opensuse.org>
+
+- Update version to 2025.4.2
+  * emit explicit errors for the service command on unsupported OSes
+  * Fix some issues
+- Drop update-vendor.patch and reproducible.patch
+
+-------------------------------------------------------------------
+Sat Dec 14 11:40:38 UTC 2024 - Hillwood Yang <hillwood@opensuse.org>
+
+- Update version to 2024.12.1
+  * TUN-8748: Migrated datagram V3 flows to use migrated context
+  * TUN-8737: update metrics server port selection
+  * TUN-8731: Implement diag/system endpoint
+  * TUN-8728: implement diag/tunnel endpoint
+  * TUN-8730: implement diag/configuration
+  * TUN-8735: add managed/local log collection 
+  * TUN-8733: add log collection for docker 
+  * TUN-8734: add log collection for kubernetes 
+  * TUN-8640: Refactor ICMPRouter to support new ICMPResponders 
+  * TUN-8729: implement network collection for diagnostic procedure 
+  * TUN-8727: implement metrics, runtime, system, and tunnelstate in diagnostic
+    http client
+  * TUN-8726: implement compression routine to be used in diagnostic procedure
+  * TUN-8732: implement port selection algorithm
+  * TUN-8762: fix argument order when invoking tracert and modify network info
+    output parsing
+  * TUN-8769: fix k8s log collector arguments
+  * TUN-8727: extend client to include function to get cli configuration
+    and tunnel configuration
+  * TUN-8725: implement diagnostic procedure
+  * TUN-8767: include raw output from network collector in diagnostic zip file
+  * TUN-8770: add cli configuration and tunnel configuration to diagnostic zipfile
+  * TUN-8768: add job report to diagnostic zipfile
+  * TUN-8775: Make sure the session Close can only be called once
+  * TUN-8781: Add Trixie, drop Buster. Default to Bookworm
+  * TUN-8640: Add ICMP support for datagram V3
+  * TUN-8789: make python package installation consistent
+  * TUN-8795: update createrepo to createrepo_c to fix the release_pkgs.py
+    script
+- Add update-vendor.patch, fix CVE-2024-45337 and boo#1234582
+
+-------------------------------------------------------------------
+Mon Nov 25 14:30:18 UTC 2024 - Hillwood Yang <hillwood@opensuse.org>
+
+- Update version to 2024.11.1
+  * Add cloudflared tunnel health command
+  * PPIP-2310: Update quick tunnel disclaimer
+  * TUN-8621: Prevent QUIC connection from closing before grace period
+    after unregistering
+  * TUN-8484: Print response when QuickTunnel can't be unmarshalled
+  * TUN-8592: Use metadata from the edge to determine if request body is
+    empty for QUIC transport
+  * TUN-8621: Fix cloudflared version in change notes to account for 
+    release date
+  * TUN-8638: Add datagram v3 serializers and deserializers
+  * TUN-8685: Bump coredns dependency
+  * TUN-8688: Correct UDP bind for IPv6 edge connectivity on macOS
+  * TUN-8694: Fix github release script
+  * TUN-8694: Rework release script
+  * TUN-8661: Refactor connection methods to support future different
+    datagram muxing methods
+  * TUN-8692: remove dashes from session id
+  * TUN-8708: Bump python min version to 3.10
+  * TUN-8667: Add datagram v3 session manager
+  * TUN-8553: Bump go to 1.22.5 and go-boring 1.22.5-1
+  * TUN-8700: Add datagram v3 muxer
+  * TUN-8646: Allow experimental feature support for datagram v3
+  * TUN-8641: Expose methods to simplify V3 Datagram parsing on the edge
+  * VULN-66059: remove ssh server tests
+  * TUN-8709: Add session migration for datagram v3
+  * TUN-8701: Add metrics and adjust logs for datagram v3
+  * add: new go-fuzz targets
+  * TUN-8701: Simplify flow registration logs for datagram v3
+
 -------------------------------------------------------------------
 Fri Sep 13 12:22:21 UTC 2024 - Hillwood Yang <hillwood@opensuse.org>

--- a/cloudflared.spec
+++ b/cloudflared.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package cloudflared
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@


 Name:           cloudflared
-Version:        2024.9.1
+Version:        2025.11.1
 Release:        0
 Summary:        Cloudflare Tunnel client
 License:        Apache-2.0
@@ -29,11 +29,12 @@ Source1:        vendor.tar.gz
 Patch0:         001-skip-test.patch
 # PATCH-FIX-OPENSUSE 002-use-pie.patch hillwood@opensuse.org
 Patch1:         002-use-pie.patch
-Patch2:         reproducible.patch
+# PATCH-FIX-UPSTREAM update-crypto.patch hillwood@opensuse.org - Fix CVE-2025-58181 and CVE-2025-22869
+Patch2:         update-crypto.patch
 BuildRequires:  fdupes
 BuildRequires:  git-core
 BuildRequires:  golang-packaging
-BuildRequires:  golang(API) >= 1.22
+BuildRequires:  golang(API) >= 1.24
 AutoReqProv:    Off
 %{go_provides}

@@ -48,9 +49,11 @@ Tunnel section of the Cloudflare Docs. All usages related with proxying to your
 origins are available under cloudflared tunnel help.

 %prep
-%autosetup -p1 -a1 -n %{name}-%{version}
+%autosetup -p1 -n %{name}-%{version}

 %build
+rm -rf vendor
+tar -zxf %{SOURCE1}
 %make_build GOARCH=$(go env GOARCH)

 %install
--- a/reproducible.patch
+++ b/reproducible.patch
@@ -1,29 +0,0 @@
-From b2d93673dacbb9426467853d79c929b8a580301e Mon Sep 17 00:00:00 2001
-From: "Bernhard M. Wiedemann" <bwiedemann@suse.de>
-Date: Mon, 8 Jul 2024 10:24:19 +0200
-Subject: [PATCH] Use ChangeLog date instead of build date
-
-to make builds reproducible.
-See https://reproducible-builds.org/ for why this is good
-and https://reproducible-builds.org/specs/source-date-epoch/
-for the definition of this variable.
-This date call only works with GNU date and BSD date.
-
-This patch was done while working on reproducible builds for openSUSE, sponsored by the NLnet NGI0 fund.
---
- Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/Makefile b/Makefile
-index 1961f03d9c0..a63c800847c 100644
--- a/Makefile
-+++ b/Makefile
-@@ -24,7 +24,7 @@ else
- 	DEB_PACKAGE_NAME := $(BINARY_NAME)
- endif
- 
-DATE          := $(shell date -u '+%Y-%m-%d-%H%M UTC')
-+DATE          := $(shell date -u -r CHANGES.md '+%Y-%m-%d-%H%M UTC')
- VERSION_FLAGS := -X "main.Version=$(VERSION)" -X "main.BuildTime=$(DATE)"
- ifdef PACKAGE_MANAGER
- 	VERSION_FLAGS := $(VERSION_FLAGS) -X "github.com/cloudflare/cloudflared/cmd/cloudflared/updater.BuiltForPackageManager=$(PACKAGE_MANAGER)"
--- a/update-crypto.patch
+++ b/update-crypto.patch
@@ -0,0 +1,103 @@
+diff -Nur cloudflared-2025.11.1/go.mod cloudflared-2025.11.1-new/go.mod
+--- cloudflared-2025.11.1/go.mod	2025-11-08 00:30:58.000000000 +0800
+++ cloudflared-2025.11.1-new/go.mod	2025-11-24 22:05:34.765695296 +0800
+@@ -1,6 +1,8 @@
+ module github.com/cloudflare/cloudflared
+ 
+-go 1.24
+go 1.24.0
+
+toolchain go1.24.10
+ 
+ require (
+ 	github.com/coredns/coredns v1.12.2
+@@ -36,11 +38,11 @@
+ 	go.opentelemetry.io/proto/otlp v1.2.0
+ 	go.uber.org/automaxprocs v1.6.0
+ 	go.uber.org/mock v0.5.1
+-	golang.org/x/crypto v0.38.0
+-	golang.org/x/net v0.40.0
+-	golang.org/x/sync v0.14.0
+-	golang.org/x/sys v0.33.0
+-	golang.org/x/term v0.32.0
+	golang.org/x/crypto v0.45.0
+	golang.org/x/net v0.47.0
+	golang.org/x/sync v0.18.0
+	golang.org/x/sys v0.38.0
+	golang.org/x/term v0.37.0
+ 	google.golang.org/protobuf v1.36.6
+ 	gopkg.in/natefinch/lumberjack.v2 v2.0.0
+ 	gopkg.in/yaml.v3 v3.0.1
+@@ -91,10 +93,10 @@
+ 	go.opentelemetry.io/otel/metric v1.35.0 // indirect
+ 	go.opentelemetry.io/otel/sdk/metric v1.35.0 // indirect
+ 	golang.org/x/arch v0.4.0 // indirect
+-	golang.org/x/mod v0.24.0 // indirect
+	golang.org/x/mod v0.29.0 // indirect
+ 	golang.org/x/oauth2 v0.30.0 // indirect
+-	golang.org/x/text v0.25.0 // indirect
+-	golang.org/x/tools v0.32.0 // indirect
+	golang.org/x/text v0.31.0 // indirect
+	golang.org/x/tools v0.38.0 // indirect
+ 	google.golang.org/genproto/googleapis/api v0.0.0-20250505200425-f936aa4a68b2 // indirect
+ 	google.golang.org/genproto/googleapis/rpc v0.0.0-20250512202823-5a2f75b736a9 // indirect
+ 	google.golang.org/grpc v1.72.2 // indirect
+diff -Nur cloudflared-2025.11.1/go.sum cloudflared-2025.11.1-new/go.sum
+--- cloudflared-2025.11.1/go.sum	2025-11-08 00:30:58.000000000 +0800
+++ cloudflared-2025.11.1-new/go.sum	2025-11-24 22:05:34.767695298 +0800
+@@ -247,20 +247,28 @@
+ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+ golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8=
+ golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw=
+golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
+golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
+ golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
+ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+ golang.org/x/mod v0.24.0 h1:ZfthKaKaT4NrhGVZHO1/WDTwGES4De8KtWO0SIbNJMU=
+ golang.org/x/mod v0.24.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
+golang.org/x/mod v0.29.0 h1:HV8lRxZC4l2cr3Zq1LvtOsi/ThTgWnUk/y64QSs8GwA=
+golang.org/x/mod v0.29.0/go.mod h1:NyhrlYXJ2H4eJiRy/WDBO6HMqZQ6q9nk4JzS3NuCK+w=
+ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+ golang.org/x/net v0.40.0 h1:79Xs7wF06Gbdcg4kdCCIQArK11Z1hr5POQ6+fIYHNuY=
+ golang.org/x/net v0.40.0/go.mod h1:y0hY0exeL2Pku80/zKK7tpntoX23cqL3Oa6njdgRtds=
+golang.org/x/net v0.47.0 h1:Mx+4dIFzqraBXUugkia1OOvlD6LemFo1ALMHjrXDOhY=
+golang.org/x/net v0.47.0/go.mod h1:/jNxtkgq5yWUGYkaZGqo27cfGZ1c5Nen03aYrrKpVRU=
+ golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
+ golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
+ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+ golang.org/x/sync v0.14.0 h1:woo0S4Yywslg6hp4eUFjTVOyKt0RookbpAHG4c1HmhQ=
+ golang.org/x/sync v0.14.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
+golang.org/x/sync v0.18.0 h1:kr88TuHDroi+UVf+0hZnirlk8o8T+4MrK6mr60WkH/I=
+golang.org/x/sync v0.18.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+ golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+@@ -270,18 +278,26 @@
+ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+ golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
+ golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
+golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+ golang.org/x/term v0.32.0 h1:DR4lr0TjUs3epypdhTOkMmuF5CDFJ/8pOnbzMZPQ7bg=
+ golang.org/x/term v0.32.0/go.mod h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
+golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
+golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
+ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+ golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4=
+ golang.org/x/text v0.25.0/go.mod h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA=
+golang.org/x/text v0.31.0 h1:aC8ghyu4JhP8VojJ2lEHBnochRno1sgL6nEi9WGFGMM=
+golang.org/x/text v0.31.0/go.mod h1:tKRAlv61yKIjGGHX/4tP1LTbc13YSec1pxVEWXzfoeM=
+ golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+ golang.org/x/tools v0.0.0-20190828213141-aed303cbaa74/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+ golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+ golang.org/x/tools v0.32.0 h1:Q7N1vhpkQv7ybVzLFtTjvQya2ewbwNDZzUgfXGqtMWU=
+ golang.org/x/tools v0.32.0/go.mod h1:ZxrU41P/wAbZD8EDa6dDCa6XfpkhJ7HFMjHJXfBDu8s=
+golang.org/x/tools v0.38.0 h1:Hx2Xv8hISq8Lm16jvBZ2VQf+RLmbd7wVUsALibYI/IQ=
+golang.org/x/tools v0.38.0/go.mod h1:yEsQ/d/YK8cjh0L6rZlY8tgtlKiBNTL14pGDJPJpYQs=
+ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+ golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+ golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
--- a/vendor.tar.gz
+++ b/vendor.tar.gz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:e8471c88d09fe4a893ca246691bd0b3b51e1a849bbdf92d4e00786727280c1c0
-size 6658212
+oid sha256:943b0f81d567d27375afbb74f395b58b3e53e9be6b11f8264432238f7b0b80bf
+size 6891523
Author	SHA256	Message	Date
Ana Guerrero	f3a43243bd	Accepting request 1319787 from network - Update version to 2025.11.1 * bump coredns to solve CVE * add vulncheck to cloudflared * Remove references to cloudflare-go * Add logging format as JSON * Centralize UDP origin proxy dialing as ingress service * Add virtual DNS service * Add OriginDialerService to include TCP * Add --dns-resolver-addrs flag * Remove P256Kyber768Draft00PQKex curve from nonFips curve preferences * Bump go-boring from 1.24.2 to 1.24.4 * Add metrics for virtual DNS origin * set proper url and hostname for cloudflared tail command * Add support for login interstitial auto closure * update fed callback url for login helper * Correct QUIC connection management for datagram handlers * Set endpoint in tunnel credentials when generating locally managed tunnel with a Fed token * Migrate cloudflared-ci pipelines to Gitlab CI * Add support for FedRAMP in originRequest Access config * Add buffers for UDP and ICMP datagrams in datagram v3 * Add write deadline for UDP origin writes * Improve metrics for datagram v3 * Force usage of go-boring 1.24 * Fix import of GPG keys when two keys are provided * Fix parameter order when uploading RPM .repo file to R2 * Add new datagram v3 feature flag * Bump datagram v3 write channel capacity * Fix upload of RPM repo file during double signing * Fix the cloudflared binary path used in the component test (forwarded request 1319785 from hillwood) OBS-URL: https://build.opensuse.org/request/show/1319787 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cloudflared?expand=0&rev=11	2025-11-25 14:53:24 +00:00
Hillwood Yang	526b965aa9	- Update version to 2025.11.1 * bump coredns to solve CVE * add vulncheck to cloudflared * Remove references to cloudflare-go * Add logging format as JSON * Centralize UDP origin proxy dialing as ingress service * Add virtual DNS service * Add OriginDialerService to include TCP * Add --dns-resolver-addrs flag * Remove P256Kyber768Draft00PQKex curve from nonFips curve preferences * Bump go-boring from 1.24.2 to 1.24.4 * Add metrics for virtual DNS origin * set proper url and hostname for cloudflared tail command * Add support for login interstitial auto closure * update fed callback url for login helper * Correct QUIC connection management for datagram handlers * Set endpoint in tunnel credentials when generating locally managed tunnel with a Fed token * Migrate cloudflared-ci pipelines to Gitlab CI * Add support for FedRAMP in originRequest Access config * Add buffers for UDP and ICMP datagrams in datagram v3 * Add write deadline for UDP origin writes * Improve metrics for datagram v3 * Force usage of go-boring 1.24 * Fix import of GPG keys when two keys are provided * Fix parameter order when uploading RPM .repo file to R2 * Add new datagram v3 feature flag * Bump datagram v3 write channel capacity * Fix upload of RPM repo file during double signing * Fix the cloudflared binary path used in the component test OBS-URL: https://build.opensuse.org/package/show/network/cloudflared?expand=0&rev=26	2025-11-24 14:57:40 +00:00
Ana Guerrero	6145eb3a43	Accepting request 1284821 from network - Update version to 2025.6.0 * Remove dynamic reloading of features for datagram v3 * Add metric for unsupported RPC commands for datagram v3 * Add dynamic loading of features to connections via ConnectionOptionsSnapshot * Use is_default_network instead of is_default to create vnet's * Update go to 1.24 (forwarded request 1284820 from hillwood) OBS-URL: https://build.opensuse.org/request/show/1284821 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cloudflared?expand=0&rev=10	2025-06-11 16:34:37 +00:00
Hillwood Yang	84829949a1	Accepting request 1284820 from home:hillwood:branches:network - Update version to 2025.6.0 * Remove dynamic reloading of features for datagram v3 * Add metric for unsupported RPC commands for datagram v3 * Add dynamic loading of features to connections via ConnectionOptionsSnapshot * Use is_default_network instead of is_default to create vnet's * Update go to 1.24 OBS-URL: https://build.opensuse.org/request/show/1284820 OBS-URL: https://build.opensuse.org/package/show/network/cloudflared?expand=0&rev=24	2025-06-11 12:15:23 +00:00
Ana Guerrero	7da10a25d9	Accepting request 1274231 from network OBS-URL: https://build.opensuse.org/request/show/1274231 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cloudflared?expand=0&rev=9	2025-05-05 20:26:38 +00:00
Hillwood Yang	783f5b983a	Accepting request 1274228 from home:hillwood:branches:network - Update version to 2025.4.2 * emit explicit errors for the service command on unsupported OSes * Fix some issues - Drop update-vendor.patch and reproducible.patch OBS-URL: https://build.opensuse.org/request/show/1274228 OBS-URL: https://build.opensuse.org/package/show/network/cloudflared?expand=0&rev=22	2025-05-04 11:58:44 +00:00
Ana Guerrero	0e108075c1	Accepting request 1230993 from network - Add update-vendor.patch, fix CVE-2024-45337 and boo#1234582 (forwarded request 1230992 from hillwood) OBS-URL: https://build.opensuse.org/request/show/1230993 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cloudflared?expand=0&rev=8	2024-12-16 18:09:34 +00:00
Hillwood Yang	1bc5427707	Accepting request 1230992 from home:hillwood:branches:network - Add update-vendor.patch, fix CVE-2024-45337 and boo#1234582 OBS-URL: https://build.opensuse.org/request/show/1230992 OBS-URL: https://build.opensuse.org/package/show/network/cloudflared?expand=0&rev=20	2024-12-14 13:08:11 +00:00
Hillwood Yang	4af2191f85	Accepting request 1230984 from home:hillwood:branches:network - Update version to 2024.12.1 * TUN-8748: Migrated datagram V3 flows to use migrated context * TUN-8737: update metrics server port selection * TUN-8731: Implement diag/system endpoint * TUN-8728: implement diag/tunnel endpoint * TUN-8730: implement diag/configuration * TUN-8735: add managed/local log collection * TUN-8733: add log collection for docker * TUN-8734: add log collection for kubernetes * TUN-8640: Refactor ICMPRouter to support new ICMPResponders * TUN-8729: implement network collection for diagnostic procedure * TUN-8727: implement metrics, runtime, system, and tunnelstate in diagnostic http client * TUN-8726: implement compression routine to be used in diagnostic procedure * TUN-8732: implement port selection algorithm * TUN-8762: fix argument order when invoking tracert and modify network info output parsing * TUN-8769: fix k8s log collector arguments * TUN-8727: extend client to include function to get cli configuration and tunnel configuration * TUN-8725: implement diagnostic procedure * TUN-8767: include raw output from network collector in diagnostic zip file * TUN-8770: add cli configuration and tunnel configuration to diagnostic zipfile * TUN-8768: add job report to diagnostic zipfile * TUN-8775: Make sure the session Close can only be called once * TUN-8781: Add Trixie, drop Buster. Default to Bookworm * TUN-8640: Add ICMP support for datagram V3 * TUN-8789: make python package installation consistent * TUN-8795: update createrepo to createrepo_c to fix the release_pkgs.py script OBS-URL: https://build.opensuse.org/request/show/1230984 OBS-URL: https://build.opensuse.org/package/show/network/cloudflared?expand=0&rev=19	2024-12-14 13:04:15 +00:00
Ana Guerrero	03e103ce8c	Accepting request 1226301 from network - Update version to 2024.11.1 * Add cloudflared tunnel health command * PPIP-2310: Update quick tunnel disclaimer * TUN-8621: Prevent QUIC connection from closing before grace period after unregistering * TUN-8484: Print response when QuickTunnel can't be unmarshalled * TUN-8592: Use metadata from the edge to determine if request body is empty for QUIC transport * TUN-8621: Fix cloudflared version in change notes to account for release date * TUN-8638: Add datagram v3 serializers and deserializers * TUN-8685: Bump coredns dependency * TUN-8688: Correct UDP bind for IPv6 edge connectivity on macOS * TUN-8694: Fix github release script * TUN-8694: Rework release script * TUN-8661: Refactor connection methods to support future different datagram muxing methods * TUN-8692: remove dashes from session id * TUN-8708: Bump python min version to 3.10 * TUN-8667: Add datagram v3 session manager * TUN-8553: Bump go to 1.22.5 and go-boring 1.22.5-1 * TUN-8700: Add datagram v3 muxer * TUN-8646: Allow experimental feature support for datagram v3 * TUN-8641: Expose methods to simplify V3 Datagram parsing on the edge * VULN-66059: remove ssh server tests * TUN-8709: Add session migration for datagram v3 * TUN-8701: Add metrics and adjust logs for datagram v3 * add: new go-fuzz targets * TUN-8701: Simplify flow registration logs for datagram v3 (forwarded request 1226300 from hillwood) OBS-URL: https://build.opensuse.org/request/show/1226301 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cloudflared?expand=0&rev=7	2024-11-25 22:23:29 +00:00
Hillwood Yang	6120e7e122	Accepting request 1226300 from home:hillwood:branches:network - Update version to 2024.11.1 * Add cloudflared tunnel health command * PPIP-2310: Update quick tunnel disclaimer * TUN-8621: Prevent QUIC connection from closing before grace period after unregistering * TUN-8484: Print response when QuickTunnel can't be unmarshalled * TUN-8592: Use metadata from the edge to determine if request body is empty for QUIC transport * TUN-8621: Fix cloudflared version in change notes to account for release date * TUN-8638: Add datagram v3 serializers and deserializers * TUN-8685: Bump coredns dependency * TUN-8688: Correct UDP bind for IPv6 edge connectivity on macOS * TUN-8694: Fix github release script * TUN-8694: Rework release script * TUN-8661: Refactor connection methods to support future different datagram muxing methods * TUN-8692: remove dashes from session id * TUN-8708: Bump python min version to 3.10 * TUN-8667: Add datagram v3 session manager * TUN-8553: Bump go to 1.22.5 and go-boring 1.22.5-1 * TUN-8700: Add datagram v3 muxer * TUN-8646: Allow experimental feature support for datagram v3 * TUN-8641: Expose methods to simplify V3 Datagram parsing on the edge * VULN-66059: remove ssh server tests * TUN-8709: Add session migration for datagram v3 * TUN-8701: Add metrics and adjust logs for datagram v3 * add: new go-fuzz targets * TUN-8701: Simplify flow registration logs for datagram v3 OBS-URL: https://build.opensuse.org/request/show/1226300 OBS-URL: https://build.opensuse.org/package/show/network/cloudflared?expand=0&rev=17	2024-11-25 14:44:55 +00:00