diff --git a/e b/e index 41bca8b99d3ae..bef544252a504 160000 --- a/e +++ b/e @@ -1 +1 @@ -Subproject commit 41bca8b99d3ae9ab6f910ac1c9180b43ece93df8 +Subproject commit bef544252a50498a0232998bb942150268fc5efe diff --git a/lib/service/service.go b/lib/service/service.go index d1e92c40675dc..e60f9d082e9c9 100644 --- a/lib/service/service.go +++ b/lib/service/service.go @@ -4607,7 +4607,6 @@ func (process *TeleportProcess) initProxyEndpoint(conn *Connector) error { webConfig := web.Config{ Proxy: tsrv, AuthServers: cfg.AuthServerAddresses()[0], - DomainName: cfg.Hostname, ProxyClient: conn.Client, ProxySSHAddr: proxySSHAddr, ProxyWebAddr: cfg.Proxy.WebAddr, diff --git a/lib/web/apiserver.go b/lib/web/apiserver.go index fb8794c1272e6..e63035dfcd759 100644 --- a/lib/web/apiserver.go +++ b/lib/web/apiserver.go @@ -151,13 +151,12 @@ type Handler struct { sync.Mutex httprouter.Router - cfg Config - auth *sessionCache - sessionStreamPollPeriod time.Duration - clock clockwork.Clock - limiter *limiter.RateLimiter - highLimiter *limiter.RateLimiter - healthCheckAppServer healthCheckAppServerFunc + cfg Config + auth *sessionCache + clock clockwork.Clock + limiter *limiter.RateLimiter + highLimiter *limiter.RateLimiter + healthCheckAppServer healthCheckAppServerFunc // sshPort specifies the SSH proxy port extracted // from configuration sshPort string @@ -175,11 +174,6 @@ type Handler struct { // tracer is used to create spans. tracer oteltrace.Tracer - // wsIODeadline is used to set a deadline for receiving a message from - // an authenticated websocket so unauthenticated sockets dont get left - // open. - wsIODeadline time.Duration - // findEndpointCache is used to cache the find endpoint answer. As this endpoint is unprotected and has high // rate-limits, each call must cause minimal work. The cached answer can be modulated after, for example if the // caller specified its Automatic Updates UUID or group. @@ -190,17 +184,6 @@ type Handler struct { // to NewHandler function type HandlerOption func(h *Handler) error -// SetSessionStreamPollPeriod sets polling period for session streams -func SetSessionStreamPollPeriod(period time.Duration) HandlerOption { - return func(h *Handler) error { - if period < 0 { - return trace.BadParameter("period should be non zero") - } - h.sessionStreamPollPeriod = period - return nil - } -} - // SetClock sets the clock on a handler func SetClock(clock clockwork.Clock) HandlerOption { return func(h *Handler) error { @@ -213,7 +196,7 @@ type ProxySettingsGetter interface { GetProxySettings(ctx context.Context) (*webclient.ProxySettings, error) } -// PresenceChecker is a function that executes an mfa prompt to enforce +// PresenceChecker is a function that executes an MFA prompt to enforce // that a user is present. type PresenceChecker = func(ctx context.Context, term io.Writer, maintainer client.PresenceMaintainer, sessionID string, mfaCeremony *mfa.Ceremony, opts ...client.PresenceOption) error @@ -226,8 +209,6 @@ type Config struct { Proxy reversetunnelclient.Tunnel // AuthServers is a list of auth servers this proxy talks to AuthServers utils.NetAddr - // DomainName is a domain name served by web handler - DomainName string // ProxyClient is a client that authenticated as proxy ProxyClient authclient.ClientI // ProxySSHAddr points to the SSH address of the proxy @@ -472,7 +453,6 @@ func NewHandler(cfg Config, opts ...HandlerOption) (*APIHandler, error) { clusterFeatures: cfg.ClusterFeatures, healthCheckAppServer: cfg.HealthCheckAppServer, tracer: cfg.TracerProvider.Tracer(teleport.ComponentWeb), - wsIODeadline: wsIODeadline, } if automaticUpgrades(cfg.ClusterFeatures) && h.cfg.AutomaticUpgradesChannels == nil { diff --git a/lib/web/apiserver_test.go b/lib/web/apiserver_test.go index ff0f12fdc20cb..b94cbf091b5cf 100644 --- a/lib/web/apiserver_test.go +++ b/lib/web/apiserver_test.go @@ -482,7 +482,6 @@ func newWebSuiteWithConfig(t *testing.T, cfg webSuiteConfig) *WebSuite { ClusterFeatures: features, Proxy: revTunServer, AuthServers: utils.FromAddr(s.server.TLS.Addr()), - DomainName: s.server.ClusterName(), ProxyClient: s.proxyClient, CipherSuites: utils.DefaultCipherSuites(), AccessPoint: s.proxyClient, @@ -515,7 +514,7 @@ func newWebSuiteWithConfig(t *testing.T, cfg webSuiteConfig) *WebSuite { handlerConfig.HealthCheckAppServer = func(context.Context, string, string) error { return nil } } - handler, err := NewHandler(handlerConfig, SetSessionStreamPollPeriod(200*time.Millisecond), SetClock(s.clock)) + handler, err := NewHandler(handlerConfig, SetClock(s.clock)) require.NoError(t, err) s.webServer = httptest.NewUnstartedServer(handler) @@ -8364,7 +8363,6 @@ func createProxy(ctx context.Context, t *testing.T, proxyID string, node *regula handler, err := NewHandler(Config{ Proxy: revTunServer, AuthServers: utils.FromAddr(authServer.Addr()), - DomainName: authServer.ClusterName(), ProxyClient: client, ProxyPublicAddrs: utils.MustParseAddrList("proxy-1.example.com", "proxy-2.example.com"), CipherSuites: utils.DefaultCipherSuites(), @@ -8390,7 +8388,7 @@ func createProxy(ctx context.Context, t *testing.T, proxyID string, node *regula return &proxyClientCert, nil }, IntegrationAppHandler: &mockIntegrationAppHandler{}, - }, SetSessionStreamPollPeriod(200*time.Millisecond), SetClock(clock)) + }, SetClock(clock)) require.NoError(t, err) webServer := httptest.NewTLSServer(handler) @@ -9643,7 +9641,6 @@ func TestWebSocketAuthenticateRequest(t *testing.T) { ctx := context.Background() env := newWebPack(t, 1) proxy := env.proxies[0] - proxy.handler.handler.wsIODeadline = time.Second pack := proxy.authPack(t, "test-user@example.com", nil) for _, tc := range []struct { name string