- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 46 for mTLS (0.09 sec)
-
pilot/pkg/networking/core/peer_authentication_simulation_test.go
{ Name: "mtls on port 8000", Call: mkCall(8000, simulation.MTLS), Result: simulation.Result{ClusterMatched: "inbound|8000||"}, }, { Name: "plaintext port 9000", Call: mkCall(9000, simulation.Plaintext), Result: simulation.Result{ClusterMatched: "InboundPassthroughCluster"}, }, { Name: "mtls port 9000", Call: mkCall(9000, simulation.MTLS),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 16.2K bytes - Viewed (0) -
pilot/pkg/xds/sds_test.go
Cert string CaCert string CaCrl string } allResources := []string{ "kubernetes://generic", "kubernetes://generic-mtls", "kubernetes://generic-mtls-cacert", "kubernetes://generic-mtls-split", "kubernetes://generic-mtls-split-cacert", "kubernetes://generic-mtls-crl", "kubernetes://generic-mtls-crl-cacert", } cases := []struct { name string proxy *model.Proxy
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon May 13 20:55:20 UTC 2024 - 17.7K bytes - Viewed (0) -
pilot/pkg/xds/endpoints/ep_filters_test.go
Mtls: &security.PeerAuthentication_MutualTLS{Mode: security.PeerAuthentication_MutualTLS_STRICT}, }, }, IsMtlsDisabled: false, }, "mtls-off-global": { Config: config.Config{ Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication, Name: "mtls-off", Namespace: "istio-system", }, Spec: &security.PeerAuthentication{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed May 29 01:17:58 UTC 2024 - 26.8K bytes - Viewed (0) -
pilot/pkg/serviceregistry/kube/controller/ambient/authorization.go
}) } return res } func isMtlsModeUnset(mtls *v1beta1.PeerAuthentication_MutualTLS) bool { return mtls == nil || mtls.Mode == v1beta1.PeerAuthentication_MutualTLS_UNSET } func isMtlsModeStrict(mtls *v1beta1.PeerAuthentication_MutualTLS) bool { return mtls != nil && mtls.Mode == v1beta1.PeerAuthentication_MutualTLS_STRICT } func isMtlsModeDisable(mtls *v1beta1.PeerAuthentication_MutualTLS) bool {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Apr 15 16:23:36 UTC 2024 - 18.4K bytes - Viewed (0) -
pilot/pkg/model/authentication_test.go
GroupVersionKind: gvk.PeerAuthentication, CreationTimestamp: baseTimestamp, Name: "default", Namespace: "foo", }, Spec: &securityBeta.PeerAuthentication{ Mtls: &securityBeta.PeerAuthentication_MutualTLS{ Mode: securityBeta.PeerAuthentication_MutualTLS_STRICT, }, }, }, { Meta: config.Meta{ GroupVersionKind: gvk.PeerAuthentication,
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 45.1K bytes - Viewed (0) -
pilot/pkg/model/authentication.go
MTLSUnknown MutualTLSMode = iota // MTLSDisable if authentication policy disable mTLS. MTLSDisable // MTLSPermissive if authentication policy enable mTLS in permissive mode. MTLSPermissive // MTLSStrict if authentication policy enable mTLS in strict mode. MTLSStrict ) // In Ambient, we convert k8s PeerAuthentication resources to the same type as AuthorizationPolicies
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 10.1K bytes - Viewed (0) -
tests/integration/security/reachability_test.go
expectCrossCluster: notFromNaked, expectCrossNetwork: never, expectSuccess: always, }, // --------start of auto mtls partial test cases --------------- // The follow three consecutive test together ensures the auto mtls works as intended // for sidecar migration scenario. { name: "migration no tls", configs: config.Sources{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 02 21:29:40 UTC 2024 - 20.6K bytes - Viewed (0) -
pilot/pkg/serviceregistry/serviceentry/conversion_test.go
makeInstance(httpStatic, "2.2.2.2", 18080, httpStatic.Spec.(*networking.ServiceEntry).Ports[1], nil, MTLS), makeInstance(httpStatic, "3.3.3.3", 1080, httpStatic.Spec.(*networking.ServiceEntry).Ports[0], nil, MTLS), makeInstance(httpStatic, "3.3.3.3", 8080, httpStatic.Spec.(*networking.ServiceEntry).Ports[1], nil, MTLS),
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu May 23 21:07:03 UTC 2024 - 39K bytes - Viewed (0) -
pilot/pkg/networking/core/listener_inbound.go
opts = getTLSFilterChainMatchOptions(lp) mtls.TCP = BuildListenerTLSContext(cc.tlsSettings, lb.node, lb.push.Mesh, istionetworking.TransportProtocolTCP, false) mtls.HTTP = mtls.TCP } else { lp := istionetworking.ModelProtocolToListenerProtocol(cc.port.Protocol) opts = getFilterChainMatchOptions(mtls, lp) } // Build the actual chain chains := lb.inboundChainForOpts(cc, mtls, opts) if cc.bindToPort {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 35.1K bytes - Viewed (0) -
pilot/pkg/simulation/traffic.go
} mTLSSecretConfigName := "default" if input.MtlsSecretConfigName != "" { mTLSSecretConfigName = input.MtlsSecretConfigName } // mTLS listener will only accept mTLS traffic if fc.TransportSocket != nil && sim.requiresMTLS(fc, mTLSSecretConfigName) != (input.TLS == MTLS) { // If there is no tls inspector, then result.Error = ErrMTLSError return } if len(input.CustomListenerValidations) > 0 {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Thu Jun 13 01:56:28 UTC 2024 - 19.4K bytes - Viewed (0)