pomerium

mirror of https://github.com/pomerium/pomerium.git synced 2025-06-02 10:52:49 +02:00

Author	SHA1	Message	Date
Caleb Doxsey	20a9be891f	envoyconfig: cleanup (#5350 ) * envoyconfig: cleanup * remove listener access log for mtls for insecure server which can't use mtls * use new functions * rename method * refactor common code	2024-11-18 09:50:23 -07:00
Kenneth Jenkins	d2e8ecc7da	envoy: configure upstream IP SAN match as needed (#4380 ) When building an upstream validation context for a particular URL, check whether the hostname is an IP address. If so, configure the SAN match to use type IP_ADDRESS rather than DNS.	2023-07-21 12:02:51 -07:00
Caleb Doxsey	d2b732243a	cryptutil: generate certificates from deriveca (#3992 )	2023-02-23 08:38:56 -07:00
Caleb Doxsey	d6bd2d06ef	envoy: upgrade to 1.21.1 (#3186 ) * envoy: upgrade to 1.21.1 * envoy: upgrade to 1.21.1	2022-03-24 10:16:07 -06:00
Caleb Doxsey	49fb00c895	envoy: check certificates for must-staple flag and drop them if they are missing the response (#2909 ) * envoy: check certificates for must-staple flag and drop them if they are missing the response * Update config/envoyconfig/tls_test.go Co-authored-by: Denis Mishin <dmishin@pomerium.com> Co-authored-by: Denis Mishin <dmishin@pomerium.com>	2022-01-10 10:51:56 -07:00
Caleb Doxsey	bbec2cae9f	grpc: send client traffic through envoy (#2469 ) * wip * wip * handle wildcards in override name * remove wait for ready, add comment about sync, force initial sync complete in test * address comments	2021-08-16 16:12:22 -06:00