pomerium

mirror of https://github.com/pomerium/pomerium.git synced 2025-05-03 20:36:03 +02:00

History

Kenneth Jenkins c95f1695ec authorize: check CRLs only for leaf certificates (#4480 ) Set the Envoy option only_verify_leaf_cert_crl, to avoid a bug where CRLs cannot be used in combination with an intermediate CA trust root. Update the client certificate validation logic in the authorize service to match this behavior.		2023-08-23 09:07:32 -07:00
..
opa	authorize: rework token substitution in headers (#4456 )	2023-08-14 15:28:10 -07:00
config.go	config: support client certificate SAN match (#4453 )	2023-08-11 13:27:12 -07:00
evaluator.go	config: add support for max_verify_depth (#4452 )	2023-08-10 10:05:48 -07:00
evaluator_test.go	config: add new mTLS enforcement setting (#4443 )	2023-08-09 07:53:11 -07:00
functions.go	authorize: check CRLs only for leaf certificates (#4480 )	2023-08-23 09:07:32 -07:00
functions_test.go	authorize: check CRLs only for leaf certificates (#4480 )	2023-08-23 09:07:32 -07:00
gen-test-certs.go	config: support client certificate SAN match (#4453 )	2023-08-11 13:27:12 -07:00
google_cloud_serverless.go	config: remove source, remove deadcode, fix linting issues (#4118 )	2023-04-21 17:25:11 -06:00
google_cloud_serverless_test.go	authorize: move headers and jwt signing to rego (#1856 )	2021-02-08 10:53:21 -07:00
headers_evaluator.go	authorize: rework token substitution in headers (#4456 )	2023-08-14 15:28:10 -07:00
headers_evaluator_test.go	authorize: rework token substitution in headers (#4456 )	2023-08-14 15:28:10 -07:00
policy_evaluator.go	config: add new mTLS enforcement setting (#4443 )	2023-08-09 07:53:11 -07:00
policy_evaluator_test.go	config: add new mTLS enforcement setting (#4443 )	2023-08-09 07:53:11 -07:00