75 Commits (3b9578d7ebf5a259779568a3013376588935e0ea)

Author SHA1 Message Date
Hans Hasselberg 13238dbab6
tls: consider presented intermediates during server connection tls handshake. (#10964) 3 years ago
Evan Culver 79c7e73618
rpc: authorize raft requests (#10925) 3 years ago
Daniel Nephin 7d73fd7ae5 rename GRPC->XDS where appropriate 3 years ago
Daniel Nephin dce59d9277 fix 64-bit aligment for 32-bit platforms 3 years ago
R.B. Boyer a2876453a5
connect/ca: cease including the common name field in generated certs (#10424) 3 years ago
Daniel Nephin dc67042eac Invert the logic of outgoingRPCTLSDisabled 3 years ago
Daniel Nephin 39f282c425 tlsutil: inline verifyIncomingHTTPS 3 years ago
Daniel Nephin a25c817478 tlsutil: remove indirection and duplication 3 years ago
Daniel Nephin 13e5448c17 tlsutil: remove unnecessary getter functions 3 years ago
Daniel Nephin 66ba2e2463 tlsutil: unexport and remove indirection 3 years ago
Daniel Nephin d09027caf6 tlsutils: more test cases for OutgoingTLSConfigForCheck 3 years ago
Daniel Nephin 486b97e2c9 tlsutil: fix default server name for health checks 3 years ago
Daniel Nephin a920936c86 tlsutil: convert tests for OutgoingTLSConfigForCheck to a table 3 years ago
Daniel Nephin 2aad3f80fb tlsutil: reduce interface provided to auto-config 3 years ago
Daniel Nephin 1ba5acb284 tlsutil: un-ptr and document the manual struct 3 years ago
Daniel Nephin 6289b68247 tlsutil: document Configurator and some of its fields 3 years ago
Daniel Nephin a4432bb0b4 tlsutil: un-ptr and add godoc to autoTLs struct 3 years ago
Daniel Nephin 08cd772626 tlsutil: remove unused method 3 years ago
Daniel Nephin 8d9d6c6a09 tlsutil: unexport two types 3 years ago
Daniel Nephin bca33d818f tlsutil: remove the RLock from log 3 years ago
Daniel Nephin bcf23cd1b4 tlsutil: Un-method Configurator.check 3 years ago
Daniel Nephin b3fa778d91 tlsutil: fix a panic 3 years ago
Daniel Nephin 6f51984313 tlsutil: un-embed the RWMutex 3 years ago
Daniel Nephin bbb9a73d9b tlsutil: fix a test for go1.16 4 years ago
Hans Hasselberg 53e9c134af
introduce certopts (#9606) 4 years ago
Christopher Broglie f0307c73e5 Add support for configuring TLS ServerName for health checks 4 years ago
Daniel Nephin f744e03c05 Fix main build failing 4 years ago
Hans Hasselberg 444cdeb8fb
Add flags to support CA generation for Connect (#9585) 4 years ago
jsosulska fe33527412 Add RSA Test case for generating CA Cert 4 years ago
jsosulska 3a1bbf93af Reuse Connect.parseSigner.Adds change from #8898 4 years ago
William e9630ea263 Add RSA Support to KeyID 4 years ago
William c1d6505fe3 Add support for RSA private key to TLS utils. 4 years ago
Mike Morris 7af643ac37
ci: update to Go 1.15.4 and alpine:3.12 (#9036) 4 years ago
Daniel Nephin e9479175a4 tlsutil: remove unused UseTLS field 4 years ago
Tim Arenz a1fe711390
Add support for -ca-path option in the connect envoy command (#8606) 4 years ago
Matt Keeler dbb461a5d3
Allow setting verify_incoming* when using auto_encrypt or auto_config (#8394) 4 years ago
Matt Keeler 6e7acfa618
Add an AutoEncrypt “integration” test 4 years ago
Matt Keeler 9b01f9423c
Implement the insecure version of the Cluster.AutoConfig RPC endpoint 4 years ago
Daniel Nephin cb050b280c ci: enable SA4006 staticcheck check 5 years ago
Daniel Nephin c88fae0aac ci: Add staticcheck and fix most errors 5 years ago
Hans Hasselberg 51549bd232
rpc: oss changes for network area connection pooling (#7735) 5 years ago
Hans Hasselberg 7777891aa6
tls: remove old ciphers (#7282) 5 years ago
R.B. Boyer 6adad71125
wan federation via mesh gateways (#6884) 5 years ago
Hans Hasselberg e05ac57e8f
tls: support tls 1.3 (#7325) 5 years ago
Chris Piraino 401221de58
Allow users to configure either unstructured or JSON logging (#7130) 5 years ago
Hans Hasselberg 11a571de95
agent: setup grpc server with auto_encrypt certs and add -https-port (#7086) 5 years ago
Hans Hasselberg edcc64da74
tests: switch to WithinDuration to improve test (#6860) 5 years ago
Hans Hasselberg 9ff69194a2
tls: auto_encrypt and verify_incoming (#6811) (#6899) 5 years ago
Hans Hasselberg a3f49109e6 tls: return auto_encrypt cert for listeners (#6489) 5 years ago
R.B. Boyer af01d397a5
connect: don't colon-hex-encode the AuthorityKeyId and SubjectKeyId fields in connect certs (#6492) 5 years ago