linkerd
/
linkerd2-proxy
mirror of https://github.com/linkerd/linkerd2-proxy.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linkerd2-proxy/proxy/src/transport/tls
History
Brian Smith 19d92e9ad2 Proxy: Map Kubernetes Pod Namespace/Name to TLS identity. (#1074) 
* Proxy: Map Kubernetes Pod Namespace/Name to TLS identity.

Map the Kubernetes identity into a DNS name that can be used to
validate the peer's certificate. The final mapping is TBD; the
important thing for now is that the mapped name doesn't collide
with any real DNS name.

Encapsulate the mapping logic within the TLS submodule.

Minimize `Arc`ing and `Clone`ing of TLS identities.

This has no effect in default configurations since the settings that
enable the functionality are not set by default.

Signed-off-by: Brian Smith <brian@briansmith.org>
 		2018-06-07 11:14:57 -10:00
..
cert_resolver.rs Add initial infrastructure for optionally accepting TLS connections (#1047) 2018-05-31 12:20:57 -10:00
config.rs proxy: Canonicalize TLS config paths before polling filesystem metadata (#1076) 2018-06-06 13:43:17 -07:00
connection.rs Add initial infrastructure for optionally accepting TLS connections (#1047) 2018-05-31 12:20:57 -10:00
dns_name.rs Implement `dns::Name` using webpki's `DNSName`. (#1071) 2018-06-05 14:23:08 -10:00
identity.rs Proxy: Map Kubernetes Pod Namespace/Name to TLS identity. (#1074) 2018-06-07 11:14:57 -10:00
mod.rs Proxy: Map Kubernetes Pod Namespace/Name to TLS identity. (#1074) 2018-06-07 11:14:57 -10:00