Brian Smith f82d16f50e Proxy: Make TLS server aware of its own identity. (#1148) ... * Proxy: Make TLS server aware of its own identity. When validating the TLS configuration, make sure the certificate is valid for the current pod. Make the pod's identity available at that point in time so it can do so. Since the identity is available now, simplify the validation of our own certificate by using Rustls's API instead of dropping down to the lower-level webpli API. This is a step towards the server differentiating between TLS handshakes it is supposed to terminate vs. TLS handshakes it is supposed to pass through. This is also a step toward the client side (connect) of TLS, which will reuse much of the configuration logic. Signed-off-by: Brian Smith <brian@briansmith.org>		2018-06-18 12:53:10 -10:00
..
background.rs	Proxy: Make TLS server aware of its own identity. (#1148)	2018-06-18 12:53:10 -10:00
endpoint.rs	Proxy: Map Kubernetes Pod Namespace/Name to TLS identity. (#1074)	2018-06-07 11:14:57 -10:00
mod.rs	Proxy: Make the control plane completely optional. (#1132)	2018-06-16 08:09:12 -10:00