grpc-go

Commit Graph

Author	SHA1	Message	Date
erm-g	cb430bed4d	Delete deprecated CRL functionality (#6721 )	2023-10-16 11:47:44 -04:00
Gina Yeh	afaf31aeeb	deps: update dependencies for all modules (#6698 ) * deps: update dependencies for all modules * deps: update more dependencies	2023-10-06 12:02:06 -07:00
Doug Fawley	18059002a5	deps: update dependencies for all modules (#6582 )	2023-08-29 13:46:27 -07:00
Doug Fawley	fbff2abb0f	*: update `interface{}` to `any` and `go.mod` version to `go 1.19` (#6544 )	2023-08-14 09:04:46 -07:00
Easwar Swaminathan	d524b40946	multiple: update dependencies after 1.57 branch cut (#6452 )	2023-07-18 14:09:46 -07:00
Chris Smith	c9d3ea5673	deps: google.golang.org/genproto to latest in all modules (#6319 )	2023-06-02 10:38:02 -07:00
Arvind Bright	16651f60dd	go.mod: update all dependencies (#6214 )	2023-04-18 17:02:56 -07:00
Joel Jeske	81b30924fc	security/advancedtls: add TlsVersionOption to select desired min/max TLS versions (#6007 ) Co-authored-by: ZhenLian <zhenlian.cs@gmail.com>	2023-04-10 12:27:04 -07:00
Easwar Swaminathan	415ccdf154	go.mod: update all dependencies after 1.54 branch cut (#6132 )	2023-03-28 16:03:41 -07:00
Gregory Cooke	1d20f1b500	security/advancedtls: swap from deprecated pkix.CertificateList to x509.RevocationList (#6054 ) Swap from deprecated pkix.CertificateList to x509.RevocationList pkix.CertificateList is deprecated. We have an internal wrapper around this for representing CRLs. This PR updates that wrapper to use the preferred x509.RevocationList. This also replaces x509.ParseCRL (deprecated) with x509.ParseRevocationList. The former supported PEM input, while the latter requires DER, so I added a utility function parseRevocationList that does the PEM -> DER conversion if needed, taken from the x509.ParseCRL implementation. The one issue here is that x509.RevocationList was introduced in golang 1.19. We are still supporting 1.18. To solve this, I've put build restrictions on crl.go and crl_test.go to only build on 1.19+. Also, I also added the files crl_deprecated.go and crl_deprecated_test.go, which are identical copies to the crl.go and crl_test.go files before this PR. They have the build restriction of <go1.19, so they will be used in the 1.18 build. This change is luckily very isolated and these are the only 2 files that needed the build restrictions.	2023-03-23 13:34:01 -04:00
Easwar Swaminathan	22608213b8	go.mod: upgrade golang.org/x/net to address CVE-2022-41723 (#6106 )	2023-03-09 16:30:30 -08:00
Luwei Ge	d02039b685	Deflake the integration test. (#6093 ) The short test timeout was causing the DialContext to return an error even if it was non-blocking when a large number of tests are executed simultaneously. The way I think we should do with is to stick with the normal time out but cancel the context promptly, instead of deferring it at the end to release resources.	2023-03-09 12:28:57 -08:00
Mikhail Mazurskiy	379a2f676c	*: add missing colon to errorf messages to improve readability (#5911 )	2023-01-17 16:11:47 -08:00
Doug Fawley	bf3ad35240	*: update all dependencies (#5924 )	2023-01-11 13:49:41 -08:00
Theodore Salvo	f2fbb0e07e	Deprecate use of `ioutil` package (#5906 ) Resolves https://github.com/grpc/grpc-go/issues/5897	2023-01-03 11:20:20 -08:00
Doug Fawley	22c1fd2e10	deps: update golang.org/x/net to latest in all modules (#5847 )	2022-12-07 10:52:31 -08:00
Gregory Cooke	617d6c8a6c	security/advancedtls: add test for crl cache expiration behavior (#5749 ) * Add test for cache reloading * cleanup * swap to using nil for no revoked certs * Add description for new test	2022-12-01 14:09:57 -05:00
Doug Fawley	50be6ae2f9	go.mod: update all dependencies (#5803 )	2022-11-18 10:56:02 -08:00
Doug Fawley	824f44910d	go.mod: upgrade x/text to v0.4 to address CVE (#5769 )	2022-11-07 07:51:22 -08:00
Doug Fawley	778860e606	testing: update Go to 1.19 (#5717 )	2022-10-17 15:04:34 -07:00
Abirdcfly	c351f37ddc	chore: remove duplicate word in comments (#5616 )	2022-08-30 14:01:37 -07:00
Zach Reyes	4e780933f8	xds: ignore routes with unsupported cluster specifiers (#5269 )	2022-03-31 11:02:26 -07:00
ZhenLian	e63e1230fd	advancedtls: remove the usage of CDP in CRL enforcement (#5218 )	2022-03-25 09:58:06 -07:00
Eric Butler	ebc30b8fc3	reflection: use protobuf/reflect instead of go reflection, fix dynamic messages (#5180 )	2022-02-15 11:01:42 -08:00
Roland Bracewell Shoemaker	231ca3b24e	security/advancedtls: fix CRL issuer comparison (#5130 ) Fix CRL issuer comparison issue	2022-01-25 13:32:27 -08:00
Easwar Swaminathan	01ed64857e	update go.mod to point to latest cncf/udpa repo (#4884 )	2021-10-18 15:12:44 -07:00
Easwar Swaminathan	3bae5f5b65	xds: use protos from cncf/xds instead of cncf/udpa (#4866 )	2021-10-14 16:51:55 -07:00
ZhenLian	710419d32b	advancedtls: add revocation support to client/server options (#4781 )	2021-09-27 16:42:32 -07:00
Easwar Swaminathan	2f3355d224	xds: update go-control-plane to latest (#4737 )	2021-09-07 11:11:16 -07:00
Tobias Klauser	ed501aa1fd	xds/internal/resolver: update github.com/cespare/xxhash to v2 (#4671 ) github.com/cespare/xxhash/v2 supports Go ≥ 1.11 and this package states 1.11 in its go.mod file. The only symbol used from the xxhash package is the Sum64String func which still exists and works the same in v2. This gets rid of two indirect dependencies.	2021-09-01 14:08:00 -04:00
Easwar Swaminathan	712e8d4f57	Remove support for Go 1.13 and older (cont) (#4706 )	2021-08-25 14:51:41 -07:00
Easwar Swaminathan	6bd8e8cf30	multiple: remove support for Go 1.11 (#4700 )	2021-08-24 14:24:34 -07:00
Easwar Swaminathan	46ab723bb2	multiple: remove appengine specific build constraints and code (#4685 )	2021-08-24 12:30:13 -07:00
ZhenLian	8ed8dd2655	advancedtls: fix a typo in crl.go (#4634 )	2021-08-02 13:03:54 -07:00
Matt Jones	ce7bdf50ab	advancedtls: CRL checking for golang gRPC (#4489 ) * Code for CRL checking for golang gRPC.	2021-07-15 09:53:31 -07:00
Zach Reyes	633fbe4dfe	xds: generate per-request hash config selector (#4525 ) * xds: generate per-request hash in config selector	2021-06-17 09:00:05 -04:00
Easwar Swaminathan	397adad6a0	update go.mod and go.sum to point to latest go-control-plane (#4425 )	2021-05-12 15:52:15 -07:00
Doug Fawley	74fe6eaa41	github: testing action workflow improvements and update to test Go1.16 (#4358 )	2021-04-22 14:59:51 -07:00
Doug Fawley	29bf29e0ed	xds: add HTTP filter is_optional support (gRFC A39) (#4221 )	2021-03-02 09:11:35 -08:00
ZhenLian	666aea1fb3	advancedtls: add IPv6 address to certificate SAN names (#4101 ) * advancedtls: add IPv6 address to certificate SAN names	2020-12-18 11:05:59 -08:00
Doug Fawley	668e3ae6d5	testing: stop listening on externally-visible devices (#4112 )	2020-12-15 15:56:06 -08:00
Easwar Swaminathan	c638ab8ccd	Update envoyproxy/go-control-plane (#4098 )	2020-12-11 09:14:07 -08:00
ZhenLian	9db56a08b4	advancedtls: add examples demonstrating reloading behaviors (#4018 ) * advancedtls: add examples demonstrating reloading behaviors	2020-12-04 15:47:27 -08:00
ZhenLian	2efef8fd12	advancedtls: fix default host name check issue (#4069 ) * advancedtls: fix default hostname check issue	2020-12-03 09:52:30 -08:00
ZhenLian	8238a33b57	advancedtls: make sni test check common name only (#4055 ) * advancedtls: make sni test check common name only	2020-11-24 09:13:08 -08:00
Easwar Swaminathan	2af65e80c6	advancedtls: Make test happy on Go1.15 (#4053 )	2020-11-19 11:57:06 -08:00
Easwar Swaminathan	fa59d20167	pemfile: Implement certprovider config parsing API (#4023 )	2020-11-17 15:36:28 -08:00
ZhenLian	5d7f8c9ae4	advancedtls: make example to use new pemfile API (#4012 ) * advancedtls: make example to use new pemfile API	2020-11-05 23:51:15 -08:00
Easwar Swaminathan	4e179b8d3e	pemfile: Move file watcher plugin from advancedtls to gRPC (#3981 )	2020-10-30 15:52:55 -07:00
ZhenLian	829af019ba	advancedtls: add examples for reloading from file system (#3976 ) * add examples for reloading from file system	2020-10-27 09:58:31 -07:00
ZhenLian	ce5e366556	advancedtls: add PemFileProvider integration tests (#3934 ) * advancedtls: add PemFileProvider integration tests	2020-10-19 13:54:02 -07:00
ZhenLian	c6cfaba14d	advancedtls: Get Instant Updates Before Ticker Runs (#3959 ) * get instant updates before ticker runs	2020-10-15 11:47:34 -07:00
ZhenLian	bc36dc2cbd	advancedtls: fix build on version prior to 1.14 (#3950 ) * advancedtls: fix build on version prior to 1.14	2020-10-13 12:30:16 -07:00
ZhenLian	3c400e7fcc	advancedtls: clean up test files and shared code (#3897 ) * advancedtls: clean up test files and shared code	2020-10-10 13:47:49 -07:00
Easwar Swaminathan	06c094c3ab	xds/client: Process security configuration from Cluster resource (#3931 )	2020-10-08 15:50:51 -07:00
Easwar Swaminathan	866de13d56	meshca: CertificateProvider plugin implementation. (#3871 )	2020-09-29 17:40:30 -07:00
Doug Fawley	02cd07d9bb	cmd/protoc-gen-go-grpc: revert to interface-based service registration (#3911 )	2020-09-29 15:17:06 -07:00
ZhenLian	0f7e218c2c	advancedtls: add fields for root and identity providers in API (#3863 ) * add provider in advancedtls API for pem file reloading	2020-09-17 12:08:03 -07:00
Doug Fawley	ff9dd65c90	protoc-gen-go-grpc: generate interfaces optionally; remove NewFooService (#3876 )	2020-09-16 10:15:56 -07:00
ZhenLian	9a132e444f	advancedtls: add PEMFileProvider implementation for on-file-change credential reloading (#3826 ) * add provider for pem file reloading	2020-09-02 00:01:40 -07:00
Menghan Li	d8ef479ab7	internal: fix build for gae (#3852 )	2020-08-28 09:59:40 -07:00
cindyxue	b830b5f361	advancedtls: fixed SNI testing and put SNI functions back in advancedtls.go (#3774 ) * Fixed sni unit test	2020-08-06 11:10:47 -07:00
cindyxue	446b4dba54	advancedtls: add spiffe support in aTLS (#3777 ) * Add SPIFFE ID in TLSInfo	2020-08-06 10:40:31 -07:00
Easwar Swaminathan	5f7b337d95	Add some appengine build constraints. (#3787 ) Support for Go1.9 and appengine was removed in https://github.com/grpc/grpc-go/pull/3767. But it looks like we still need some way to do things differently for certain appengine builds.	2020-08-04 17:46:48 -07:00
Doug Fawley	bc714cd8ae	Remove Go 1.9 / AppEngine support; assume go1.12 build tag (#3767 )	2020-07-30 16:15:35 -07:00
cindyxue	b72d07f816	advancedtls: migrate testing to grpctest (#3773 ) advancedtls: migrate tests to use grpctest	2020-07-30 13:48:30 -07:00
cindyxue	dfc0c05b2d	advancedtls: Add SNI logic to ServerOptions.GetCertificate (#3697 ) * Add SNI support in the user-provided GetCertificate callback	2020-07-27 23:50:43 -07:00
cindyxue	68098483a7	advancedtls: Add system default CAs to config function (#3663 ) * Add system default CAs to config function	2020-06-27 16:05:33 -07:00
Doug Fawley	38aafd89f8	vet.sh: require ALL modules are tidy; tidy some that are not (#3709 )	2020-06-24 12:44:51 -07:00
ZhenLian	479df5ea81	advancedtls: check error before deferring close (#3659 )	2020-06-05 12:22:55 -07:00
ZhenLian	c8482678eb	advancedtls: remove test.Fatal() from child goroutine (#3595 )	2020-05-04 10:01:09 -07:00
ZhenLian	eedec2c1c3	advancedtls: add leaf cert in verify params (#3571 )	2020-04-29 11:00:02 -07:00
ZhenLian	d70354e6e2	advancedtls: add field names for unit tests (#3570 ) * advancedtls: add field names for unit tests	2020-04-28 16:00:26 -07:00
ZhenLian	f313ade84c	advancedtls: add fine-grained verification levels in XXXOptions (#3454 )	2020-04-22 13:44:18 -07:00
ZhenLian	648cf9b00e	advancedtls: use grpc 1.27.0 and small fixes (#3360 )	2020-02-04 12:46:21 -08:00
ZhenLian	f97821dd2f	advancedtls: add end to end tests (#3318 )	2020-01-28 14:24:27 -08:00
ZhenLian	d670c2dcc8	advancedtls: fix internal tests (#3322 ) fix an internal error in advanced_tls.test. Previous check is to check against the prefix of the ServerName, which might be different in various environments. We'd better not rely on checking that.	2020-01-15 14:03:38 -08:00
Easwar Swaminathan	62d4bd73ba	security: Add a package level comment to testdata package in advancedtls (#3317 )	2020-01-14 14:10:59 -08:00
Menghan Li	20bce9a0c6	advancedtls: add package for testdata (#3306 )	2020-01-10 14:33:38 -08:00
ZhenLian	4a4d179f28	advancedtls: add new module for advanced TLS handshaker (#3187 )	2020-01-07 15:47:01 -08:00

1 2 3

130 Commits