617d6c8a6c
security/advancedtls: add test for crl cache expiration behavior ( #5749 )
...
* Add test for cache reloading
* cleanup
* swap to using nil for no revoked certs
* Add description for new test
2022-12-01 14:09:57 -05:00
50be6ae2f9
go.mod: update all dependencies ( #5803 )
2022-11-18 10:56:02 -08:00
824f44910d
go.mod: upgrade x/text to v0.4 to address CVE ( #5769 )
2022-11-07 07:51:22 -08:00
778860e606
testing: update Go to 1.19 ( #5717 )
2022-10-17 15:04:34 -07:00
c351f37ddc
chore: remove duplicate word in comments ( #5616 )
2022-08-30 14:01:37 -07:00
4e780933f8
xds: ignore routes with unsupported cluster specifiers ( #5269 )
2022-03-31 11:02:26 -07:00
e63e1230fd
advancedtls: remove the usage of CDP in CRL enforcement ( #5218 )
2022-03-25 09:58:06 -07:00
23cc28fd63
security/authorization: upgrade cel-v0.10.1 and fix breaking API change. ( #5243 )
2022-03-15 14:50:46 -07:00
ebc30b8fc3
reflection: use protobuf/reflect instead of go reflection, fix dynamic messages ( #5180 )
2022-02-15 11:01:42 -08:00
231ca3b24e
security/advancedtls: fix CRL issuer comparison ( #5130 )
...
Fix CRL issuer comparison issue
2022-01-25 13:32:27 -08:00
01ed64857e
update go.mod to point to latest cncf/udpa repo ( #4884 )
2021-10-18 15:12:44 -07:00
3bae5f5b65
xds: use protos from cncf/xds instead of cncf/udpa ( #4866 )
2021-10-14 16:51:55 -07:00
710419d32b
advancedtls: add revocation support to client/server options ( #4781 )
2021-09-27 16:42:32 -07:00
2f3355d224
xds: update go-control-plane to latest ( #4737 )
2021-09-07 11:11:16 -07:00
ed501aa1fd
xds/internal/resolver: update github.com/cespare/xxhash to v2 ( #4671 )
...
github.com/cespare/xxhash/v2 supports Go ≥ 1.11 and this package states
1.11 in its go.mod file. The only symbol used from the xxhash package is the
Sum64String func which still exists and works the same in v2.
This gets rid of two indirect dependencies.
2021-09-01 14:08:00 -04:00
712e8d4f57
Remove support for Go 1.13 and older (cont) ( #4706 )
2021-08-25 14:51:41 -07:00
6bd8e8cf30
multiple: remove support for Go 1.11 ( #4700 )
2021-08-24 14:24:34 -07:00
46ab723bb2
multiple: remove appengine specific build constraints and code ( #4685 )
2021-08-24 12:30:13 -07:00
8ed8dd2655
advancedtls: fix a typo in crl.go ( #4634 )
2021-08-02 13:03:54 -07:00
ce7bdf50ab
advancedtls: CRL checking for golang gRPC ( #4489 )
...
* Code for CRL checking for golang gRPC.
2021-07-15 09:53:31 -07:00
633fbe4dfe
xds: generate per-request hash config selector ( #4525 )
...
* xds: generate per-request hash in config selector
2021-06-17 09:00:05 -04:00
397adad6a0
update go.mod and go.sum to point to latest go-control-plane ( #4425 )
2021-05-12 15:52:15 -07:00
74fe6eaa41
github: testing action workflow improvements and update to test Go1.16 ( #4358 )
2021-04-22 14:59:51 -07:00
7a6ab59115
multiple: go mod tidy to make vet happy ( #4337 )
2021-04-13 11:47:25 -07:00
29bf29e0ed
xds: add HTTP filter is_optional support (gRFC A39) ( #4221 )
2021-03-02 09:11:35 -08:00
666aea1fb3
advancedtls: add IPv6 address to certificate SAN names ( #4101 )
...
* advancedtls: add IPv6 address to certificate SAN names
2020-12-18 11:05:59 -08:00
668e3ae6d5
testing: stop listening on externally-visible devices ( #4112 )
2020-12-15 15:56:06 -08:00
c638ab8ccd
Update envoyproxy/go-control-plane ( #4098 )
2020-12-11 09:14:07 -08:00
9db56a08b4
advancedtls: add examples demonstrating reloading behaviors ( #4018 )
...
* advancedtls: add examples demonstrating reloading behaviors
2020-12-04 15:47:27 -08:00
2efef8fd12
advancedtls: fix default host name check issue ( #4069 )
...
* advancedtls: fix default hostname check issue
2020-12-03 09:52:30 -08:00
8238a33b57
advancedtls: make sni test check common name only ( #4055 )
...
* advancedtls: make sni test check common name only
2020-11-24 09:13:08 -08:00
2af65e80c6
advancedtls: Make test happy on Go1.15 ( #4053 )
2020-11-19 11:57:06 -08:00
fa59d20167
pemfile: Implement certprovider config parsing API ( #4023 )
2020-11-17 15:36:28 -08:00
5d7f8c9ae4
advancedtls: make example to use new pemfile API ( #4012 )
...
* advancedtls: make example to use new pemfile API
2020-11-05 23:51:15 -08:00
4e179b8d3e
pemfile: Move file watcher plugin from advancedtls to gRPC ( #3981 )
2020-10-30 15:52:55 -07:00
829af019ba
advancedtls: add examples for reloading from file system ( #3976 )
...
* add examples for reloading from file system
2020-10-27 09:58:31 -07:00
ce5e366556
advancedtls: add PemFileProvider integration tests ( #3934 )
...
* advancedtls: add PemFileProvider integration tests
2020-10-19 13:54:02 -07:00
c6cfaba14d
advancedtls: Get Instant Updates Before Ticker Runs ( #3959 )
...
* get instant updates before ticker runs
2020-10-15 11:47:34 -07:00
bc36dc2cbd
advancedtls: fix build on version prior to 1.14 ( #3950 )
...
* advancedtls: fix build on version prior to 1.14
2020-10-13 12:30:16 -07:00
3c400e7fcc
advancedtls: clean up test files and shared code ( #3897 )
...
* advancedtls: clean up test files and shared code
2020-10-10 13:47:49 -07:00
06c094c3ab
xds/client: Process security configuration from Cluster resource ( #3931 )
2020-10-08 15:50:51 -07:00
866de13d56
meshca: CertificateProvider plugin implementation. ( #3871 )
2020-09-29 17:40:30 -07:00
02cd07d9bb
cmd/protoc-gen-go-grpc: revert to interface-based service registration ( #3911 )
2020-09-29 15:17:06 -07:00
0f7e218c2c
advancedtls: add fields for root and identity providers in API ( #3863 )
...
* add provider in advancedtls API for pem file reloading
2020-09-17 12:08:03 -07:00
ff9dd65c90
protoc-gen-go-grpc: generate interfaces optionally; remove NewFooService ( #3876 )
2020-09-16 10:15:56 -07:00
9a132e444f
advancedtls: add PEMFileProvider implementation for on-file-change credential reloading ( #3826 )
...
* add provider for pem file reloading
2020-09-02 00:01:40 -07:00
d8ef479ab7
internal: fix build for gae ( #3852 )
2020-08-28 09:59:40 -07:00
cc8e63cae1
security/authorization: add integration tests ( #3809 )
...
* security/authorization: integration tests for using CEL engine library
2020-08-26 11:44:05 -07:00
f640ae6a4f
security/authorization: util function for converting CEL expression string ( #3822 )
...
* security/authorization: add the util function to compile string cel expr
2020-08-19 12:01:00 -07:00
d3e3e7a46f
security/authorization: Added CEL-based authorization engine ( #3707 )
...
* Add CEL-based authorization engine in a new module under security/authorization
2020-08-07 09:49:45 -07:00
