pomerium

mirror of https://github.com/pomerium/pomerium.git synced 2025-07-07 03:48:17 +02:00

History

Kenneth Jenkins e8509c50b4 config: add support for max_verify_depth Add a new max_verify_depth option to the downstream_mtls settings group, with a default value of 1 (to match the behavior of current Pomerium releases). Populate the corresponding setting within Envoy, and also implement a depth check within isValidClientCertificate() in the authorize service.		2023-08-10 09:34:35 -07:00
..
opa	authorize: client cert fingerprint in set_request_headers (#4447 )	2023-08-09 08:34:51 -07:00
config.go	config: add support for max_verify_depth	2023-08-10 09:34:35 -07:00
evaluator.go	config: add support for max_verify_depth	2023-08-10 09:34:35 -07:00
evaluator_test.go	config: add new mTLS enforcement setting (#4443 )	2023-08-09 07:53:11 -07:00
functions.go	config: add support for max_verify_depth	2023-08-10 09:34:35 -07:00
functions_test.go	config: add support for max_verify_depth	2023-08-10 09:34:35 -07:00
gen-test-certs.go	authorize: allow client certificate intermediates (#4451 )	2023-08-10 09:33:29 -07:00
google_cloud_serverless.go	config: remove source, remove deadcode, fix linting issues (#4118 )	2023-04-21 17:25:11 -06:00
google_cloud_serverless_test.go	authorize: move headers and jwt signing to rego (#1856 )	2021-02-08 10:53:21 -07:00
headers_evaluator.go	authorize: client cert fingerprint in set_request_headers (#4447 )	2023-08-09 08:34:51 -07:00
headers_evaluator_test.go	authorize: allow client certificate intermediates (#4451 )	2023-08-10 09:33:29 -07:00
policy_evaluator.go	config: add new mTLS enforcement setting (#4443 )	2023-08-09 07:53:11 -07:00
policy_evaluator_test.go	config: add new mTLS enforcement setting (#4443 )	2023-08-09 07:53:11 -07:00