Derek Menteer
3e8ec8d18e
Fix SAN matching on terminating gateways ( #20417 )
...
Fixes issue: hashicorp/consul#20360
A regression was introduced in hashicorp/consul#19954 where the SAN validation
matching was reduced from 4 potential types down to just the URI.
Terminating gateways will need to match on many fields depending on user
configuration, since they make egress calls outside of the cluster. Having more
than one matcher behaves like an OR operation, where any match is sufficient to
pass the certificate validation. To maintain backwards compatibility with the
old untyped `match_subject_alt_names` Envoy behavior, we should match on all 4
enum types.
https://www.envoyproxy.io/docs/envoy/latest/api-v3/extensions/transport_sockets/tls/v3/common.proto#enum-extensions-transport-sockets-tls-v3-subjectaltnamematcher-santype
2024-01-31 12:17:45 -06:00
John Murret
d925e4b812
NET-6946 / NET-6941 - Replace usage of deprecated Envoy fields envoy.config.route.v3.HeaderMatcher.safe_regex_match and envoy.type.matcher.v3.RegexMatcher.google_re2 ( #20013 )
...
* NET-6946 - Replace usage of deprecated Envoy field envoy.config.route.v3.HeaderMatcher.safe_regex_match
* removing unrelated changes
* update golden files
* do not set engine type
2024-01-03 09:53:39 -07:00
John Murret
90cd56c5c3
NET-4774 - replace usage of deprecated Envoy field match_subject_alt_names ( #19954 )
2023-12-22 18:34:44 +00:00
R.B. Boyer
a69e901660
xds: update golden tests to be deterministic ( #18707 )
2023-09-11 11:40:19 -05:00
DanStough
169ff71132
fix: ipv4 destination dns resolution
2022-08-01 16:45:57 -04:00
Dhia Ayachi
256694b603
inject gateway addons to destination clusters ( #13951 )
2022-07-28 15:17:35 -04:00
DanStough
2da8949d78
feat: convert destination address to slice
2022-07-25 12:31:58 -04:00
Dan Stough
49f3dadb8f
feat: connect proxy xDS for destinations
...
Signed-off-by: Dhia Ayachi <dhia@hashicorp.com>
2022-07-14 15:27:02 -04:00
DanStough
4b402e3119
feat: tgtwy xDS generation for destinations
...
Signed-off-by: Dhia Ayachi <dhia@hashicorp.com>
2022-06-16 16:17:49 -04:00