grpc: send client traffic through envoy (#2469)

* wip * wip * handle wildcards in override name * remove wait for ready, add comment about sync, force initial sync complete in test * address comments
2025-06-05 20:32:57 +02:00 · 2021-08-16 16:12:22 -06:00 · 2021-08-16 16:12:22 -06:00 · bbec2cae9f
commit bbec2cae9f
parent 87c3c675d2
26 changed files with 391 additions and 480 deletions
--- a/config/envoyconfig/tls_test.go
+++ b/config/envoyconfig/tls_test.go
@ -0,0 +1,33 @@
+package envoyconfig
+
+import (
+	"net/url"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+
+	"github.com/pomerium/pomerium/internal/testutil"
+)
+
+func TestBuildSubjectAlternativeNameMatcher(t *testing.T) {
+	b := new(Builder)
+	testutil.AssertProtoJSONEqual(t, `
+		{ "exact": "example.com" }
+	`, b.buildSubjectAlternativeNameMatcher(&url.URL{Host: "example.com:1234"}, ""))
+	testutil.AssertProtoJSONEqual(t, `
+		{ "exact": "example.org" }
+	`, b.buildSubjectAlternativeNameMatcher(&url.URL{Host: "example.com:1234"}, "example.org"))
+	testutil.AssertProtoJSONEqual(t, `
+		{ "safeRegex": {
+			"googleRe2": {},
+			"regex": ".*\\.example\\.org"
+		} }
+	`, b.buildSubjectAlternativeNameMatcher(&url.URL{Host: "example.com:1234"}, "*.example.org"))
+}
+
+func TestBuildSubjectNameIndication(t *testing.T) {
+	b := new(Builder)
+	assert.Equal(t, "example.com", b.buildSubjectNameIndication(&url.URL{Host: "example.com:1234"}, ""))
+	assert.Equal(t, "example.org", b.buildSubjectNameIndication(&url.URL{Host: "example.com:1234"}, "example.org"))
+	assert.Equal(t, "example.example.org", b.buildSubjectNameIndication(&url.URL{Host: "example.com:1234"}, "*.example.org"))
+}