open-consul

Commit Graph

Author	SHA1	Message	Date
freddygv	b1050e4229	Update prepared query cluster SAN validation Previously SAN validation for prepared queries was broken because we validated against the name, namespace, and datacenter for prepared queries. However, prepared queries can target: - Services with a name that isn't their own - Services in multiple datacenters This means that the SpiffeID to validate needs to be based on the prepared query endpoints, and not the prepared query's upstream definition. This commit updates prepared query clusters to account for that.	2021-08-20 17:40:33 -06:00
freddygv	a6f7d806f6	Update golden files to account for SAN validation	2021-07-14 22:21:55 -06:00
Mark Anderson	b9fc9ddc01	Add simple test for downstream sockets Signed-off-by: Mark Anderson <manderson@hashicorp.com>	2021-05-04 12:41:43 -07:00

Author

SHA1

Message

Date

freddygv

b1050e4229

Update prepared query cluster SAN validation

Previously SAN validation for prepared queries was broken because we
validated against the name, namespace, and datacenter for prepared
queries.

However, prepared queries can target:

- Services with a name that isn't their own
- Services in multiple datacenters

This means that the SpiffeID to validate needs to be based on the
prepared query endpoints, and not the prepared query's upstream
definition.

This commit updates prepared query clusters to account for that.

2021-08-20 17:40:33 -06:00

freddygv

a6f7d806f6

Update golden files to account for SAN validation

2021-07-14 22:21:55 -06:00

Mark Anderson

b9fc9ddc01

Add simple test for downstream sockets

Signed-off-by: Mark Anderson <manderson@hashicorp.com>

2021-05-04 12:41:43 -07:00

3 Commits