3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 02:16:28 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/internal
History
Joe Kralicky 554e77bc7c
envoy: log mtls failures (#5210) 
envoy: log mtls failures

This implements limited listener-based access logging for downstream
transport failures, only enabled when downstream_mtls.enforcement is
set to 'reject_connection'. Client certificate details and the error
message will be logged.

Additionally, the new key 'client-certificate' can be set in the
access_log_fields list in the configuration, which will add peer
certificate properties (issuer, subject, SANs) to the existing
per-request http logs.

---------

Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>
2024-08-09 14:05:10 -04:00
..
atomicutil atomicutil: use atomicutil.Value wherever possible (#3517) 2022-07-28 15:38:38 -06:00
authenticateflow authenticate: rework session ID token handling (#5178) 2024-07-29 12:43:50 -07:00
autocert core/autocert: fix filter chain, handshake (#5150) 2024-06-26 11:17:35 -06:00
chanutil fileutil: update watcher to use fsnotify and polling (#3663) 2022-10-19 09:13:08 -06:00
contextkeys xds: only tag contexts used for UpdateRecords (#2269) 2021-06-04 14:01:25 -04:00
controlplane envoy: log mtls failures (#5210) 2024-08-09 14:05:10 -04:00
databroker health-check: building config from databroker source (#5104) 2024-05-06 14:47:20 -04:00
deterministicecdsa core/ci: update linting (#4844) 2023-12-14 09:07:54 -08:00
enabler core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
encoding core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
errgrouputil core/go: use max procs (#4766) 2023-12-07 09:14:57 -07:00
events core/events: fix flaky test (#4700) 2023-11-02 11:28:28 -06:00
fileutil core/ci: update linting (#4844) 2023-12-14 09:07:54 -08:00
handlers core/ui: fix cycle in profile data (#5168) 2024-07-09 17:05:12 -06:00
hashutil core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
httputil core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
log envoy: log mtls failures (#5210) 2024-08-09 14:05:10 -04:00
middleware core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
registry core/redis: remove comment (#4843) 2023-12-07 15:55:02 -07:00
retry zero/telemetry: internal envoy stats scraper and metrics producer (#5136) 2024-06-16 20:41:05 -04:00
scheduler feature/databroker: user data and session refactor project (#926) 2020-06-19 07:52:44 -06:00
sessions core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
sets zero/telemetry: calculate DAU and MAU (#4810) 2023-12-11 13:37:01 -05:00
signal log context (#2107) 2021-04-22 10:58:13 -04:00
syncutil config: generate cookie secret if not set in all-in-one mode (#3742) 2022-11-11 14:14:30 -07:00
telemetry zero/telemetry: internal envoy stats scraper and metrics producer (#5136) 2024-06-16 20:41:05 -04:00
tests/xdserr config: remove source, remove deadcode, fix linting issues (#4118) 2023-04-21 17:25:11 -06:00
testutil core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
tripper config: remove source, remove deadcode, fix linting issues (#4118) 2023-04-21 17:25:11 -06:00
urlutil core/lint: upgrade golangci-lint, replace interface{} with any (#5099) 2024-05-02 14:33:52 -06:00
version dev: update linter (#1728) 2020-12-30 09:02:57 -08:00
zero zero/cmd: make it more evident what caused shutdown (#5209) 2024-08-06 15:10:58 -04:00