Add TLS protocol support #383
Conversation
Signed-off-by: Zahari Dichev <[email protected]>
this advisory is only two days old, so i suspect it's unrelated to your changes here. |
|
https://github.com/rustsec/advisory-db/pull/2094/files patched the advisory db, so we can probably re-run ci now for a ✔️ |
|
|
||
| message Distribution { | ||
| oneof kind { | ||
| Empty empty = 1; |
There was a problem hiding this comment.
Is an empty variant strictly necessary here? We should be able to use presence of the other variants to indicate empty.
There was a problem hiding this comment.
This has been the pattern followed through the rest of the API
There was a problem hiding this comment.
https://github.com/linkerd/linkerd2-proxy-api/blob/main/proto/outbound.proto#L139 i was curious myself, so here's an existing example of that pattern, just to demonstrate. there are a few more in that file if you grep for empty = 1.
There was a problem hiding this comment.
This is so that this state is explicit and can't be ambiguous i.e. if a field is unset.
Cargo.toml
Outdated
| @@ -16,6 +16,7 @@ default = [] | |||
| arbitrary = ["quickcheck"] | |||
| destination = ["http-types", "net", "prost-types", "tonic/codegen"] | |||
| grpc-route = ["http-route"] | |||
| tls-route = [] | |||
Signed-off-by: Zahari Dichev <[email protected]>
#383 introduced support for route and backend level errors. This commit changes the structure of these types in order to make the route error optional (protobuf enums are non-optional values unless an experimental feature is specified). Signed-off-by: Zahari Dichev <[email protected]>
This change adds support for TLS in the
ProxyProtocolenum. For the time being we can only use SNIsto do do TLS routing.
Signed-off-by: Zahari Dichev [email protected]