Commit Graph

57 Commits (906aaa227d69713c6d4fb728624a20d7f3dc09ba)

Author SHA1 Message Date
skpratt a35cafa728
update tests for fips (#17592)
2 years ago
Ronald b64674623e
Copyright headers for missing files/folders (#16708)
2 years ago
Dan Stough f1436109ea
[OSS] security: update go to 1.20.1 (#16263)
2 years ago
Kyle Schochenmaier bf0f61a878
removes ioutil usage everywhere which was deprecated in go1.16 (#15297)
2 years ago
Derek Menteer cf114d029f
Regenerate test certificates. (#15218)
2 years ago
freddygv 5fbb26525b Add awareness of server mode to TLS configurator
2 years ago
freddygv 650e1e32e0 Update TLS configurator for peering traffic
2 years ago
Pablo Ruiz García 1f293e5244
Added new auto_encrypt.grpc_server_tls config option to control AutoTLS enabling of GRPC Server's TLS usage
2 years ago
DanStough 95250e7915 Update go version to 1.18.1
3 years ago
Mike Morris f8a2ae2606
agent: convert listener config to TLS types (#12522)
3 years ago
Dan Upton b36d4e16b6
Support per-listener TLS configuration ⚙️ (#12504)
3 years ago
Dhia Ayachi 2801785710
regenerate expired certs (#11462)
3 years ago
Daniel Nephin 4afc24268d tlsutil: only AuthorizerServerConn when VerifyIncomingRPC is true
3 years ago
Daniel Nephin 3f873d2257 rpc: include error for AuthorizeServerConn failures
3 years ago
Evan Culver 79c7e73618
rpc: authorize raft requests (#10925)
3 years ago
Daniel Nephin dc67042eac Invert the logic of outgoingRPCTLSDisabled
3 years ago
Daniel Nephin 39f282c425 tlsutil: inline verifyIncomingHTTPS
3 years ago
Daniel Nephin a25c817478 tlsutil: remove indirection and duplication
3 years ago
Daniel Nephin 66ba2e2463 tlsutil: unexport and remove indirection
3 years ago
Daniel Nephin d09027caf6 tlsutils: more test cases for OutgoingTLSConfigForCheck
3 years ago
Daniel Nephin 486b97e2c9 tlsutil: fix default server name for health checks
3 years ago
Daniel Nephin a920936c86 tlsutil: convert tests for OutgoingTLSConfigForCheck to a table
3 years ago
Daniel Nephin 2aad3f80fb tlsutil: reduce interface provided to auto-config
3 years ago
Daniel Nephin 1ba5acb284 tlsutil: un-ptr and document the manual struct
3 years ago
Daniel Nephin a4432bb0b4 tlsutil: un-ptr and add godoc to autoTLs struct
3 years ago
Daniel Nephin 08cd772626 tlsutil: remove unused method
3 years ago
Daniel Nephin 8d9d6c6a09 tlsutil: unexport two types
3 years ago
Daniel Nephin bca33d818f tlsutil: remove the RLock from log
3 years ago
Daniel Nephin bcf23cd1b4 tlsutil: Un-method Configurator.check
3 years ago
Daniel Nephin b3fa778d91 tlsutil: fix a panic
3 years ago
Christopher Broglie f0307c73e5 Add support for configuring TLS ServerName for health checks
4 years ago
Mike Morris 7af643ac37
ci: update to Go 1.15.4 and alpine:3.12 (#9036)
4 years ago
Tim Arenz a1fe711390
Add support for -ca-path option in the connect envoy command (#8606)
4 years ago
Matt Keeler dbb461a5d3
Allow setting verify_incoming* when using auto_encrypt or auto_config (#8394)
4 years ago
Matt Keeler 6e7acfa618
Add an AutoEncrypt “integration” test
4 years ago
Daniel Nephin cb050b280c ci: enable SA4006 staticcheck check
5 years ago
Hans Hasselberg 51549bd232
rpc: oss changes for network area connection pooling (#7735)
5 years ago
Hans Hasselberg 7777891aa6
tls: remove old ciphers (#7282)
5 years ago
R.B. Boyer 6adad71125
wan federation via mesh gateways (#6884)
5 years ago
Hans Hasselberg e05ac57e8f
tls: support tls 1.3 (#7325)
5 years ago
Chris Piraino 401221de58
Allow users to configure either unstructured or JSON logging (#7130)
5 years ago
Hans Hasselberg a3f49109e6 tls: return auto_encrypt cert for listeners (#6489)
5 years ago
Hans Hasselberg 33a7df3330
tls: auto_encrypt enables automatic RPC cert provisioning for consul clients (#5597)
6 years ago
Hans Hasselberg 7e11dd82aa
agent: enable reloading of tls config (#5419)
6 years ago
Hans Hasselberg eb0895c5fb
tlsutil: don't use `server_name` config for RPC connections (#5394)
6 years ago
Hans Hasselberg 80e7d63fc2
Centralise tls configuration part 2 (#5374)
6 years ago
Hans Hasselberg 786b3b1095
Centralise tls configuration part 1 (#5366)
6 years ago
Hans Hasselberg 787f3f8aa6 agent: honor when ca is set but verify_outgoing is disabled (#4826)
6 years ago
Jack Pearkes b64e8b262f
Documentation and changes for `verify_server_hostname` (#5069)
6 years ago
Devin Canterberry a61abcd931
🐛 Formatting changes only; add missing trailing commas
7 years ago