linkerd
/
linkerd2-proxy
mirror of https://github.com/linkerd/linkerd2-proxy.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linkerd2-proxy/proxy
History
Brian Smith 2750ddb77f Proxy: Make TLS server aware of its own identity. (#1148) 
* Proxy: Make TLS server aware of its own identity.

When validating the TLS configuration, make sure the certificate is
valid for the current pod. Make the pod's identity available at that
point in time so it can do so. Since the identity is available now,
simplify the validation of our own certificate by using Rustls's API
instead of dropping down to the lower-level webpli API.

This is a step towards the server differentiating between TLS
handshakes it is supposed to terminate vs. TLS handshakes it is
supposed to pass through.

This is also a step toward the client side (connect) of TLS, which will
reuse much of the configuration logic.

Signed-off-by: Brian Smith <brian@briansmith.org>
 		2018-06-18 12:53:10 -10:00
..
benches Ensure Request IDs are unique & avoid `Arc`ing. (#1066) 2018-06-05 13:42:46 -10:00
futures-mpsc-lossy Prepare for the v0.3.0 release (#406) 2018-02-21 11:14:11 -08:00
router proxy/router: Implement LRU cache eviction (#925) 2018-05-10 19:06:31 -07:00
src Proxy: Make TLS server aware of its own identity. (#1148) 2018-06-18 12:53:10 -10:00
tests proxy: Convert `convert` from crate to module (#1115) 2018-06-13 16:18:51 -07:00
Cargo.toml proxy: Upgrade h2 to 0.1.10 (#1149) 2018-06-18 14:56:54 -07:00