envoyconfig: fix tls_downstream_client_ca for non-standard ports (#2802)

2025-06-21 20:18:06 +02:00 · 2021-12-08 10:48:52 -07:00 · 2021-12-08 10:48:52 -07:00 · d0890d399c
commit d0890d399c
parent 8331db9a26
2 changed files with 2 additions and 2 deletions
--- a/config/envoyconfig/listeners.go
+++ b/config/envoyconfig/listeners.go
@ -853,7 +853,7 @@ func hostMatchesDomain(u *url.URL, host string) bool {
 func getPoliciesForDomain(options *config.Options, domain string) []config.Policy {
 	var policies []config.Policy
 	for _, p := range options.GetAllPolicies() {
-		if p.Source != nil && hostMatchesDomain(p.Source.URL, domain) {
+		if p.Source != nil && p.Source.URL.Hostname() == domain {
 			policies = append(policies, p)
 		}
 	}
--- a/config/envoyconfig/listeners_test.go
+++ b/config/envoyconfig/listeners_test.go
@ -604,7 +604,7 @@ func Test_buildDownstreamTLSContext(t *testing.T) {
 			Key:  aExampleComKey,
 			Policies: []config.Policy{
 				{
-					Source:                &config.StringURL{URL: mustParseURL(t, "https://a.example.com")},
+					Source:                &config.StringURL{URL: mustParseURL(t, "https://a.example.com:1234")},
 					TLSDownstreamClientCA: "TEST",
 				},
 			},