consul/troubleshoot/proxy
Michael Zalimeni b8d2640429
Disable remote proxy patching except AWS Lambda (#17415)
To avoid unintended tampering with remote downstreams via service
config, refactor BasicEnvoyExtender and RuntimeConfig to disallow
typical Envoy extensions from being applied to non-local proxies.

Continue to allow this behavior for AWS Lambda and the read-only
Validate builtin extensions.

Addresses CVE-2023-2816.
2023-05-23 11:55:06 +00:00
..
testdata get clusters from route if listener uses RDS (#16243) 2023-02-13 12:50:32 -08:00
certs.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
certs_test.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
stats.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
troubleshoot_proxy.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
upstreams.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
upstreams_test.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
utils.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
validateupstream.go Disable remote proxy patching except AWS Lambda (#17415) 2023-05-23 11:55:06 +00:00
validateupstream_test.go Copyright headers for missing files/folders (#16708) 2023-03-28 18:48:58 -04:00
z_xds_packages.go refactor: remove troubleshoot module dependency on consul top level module (#16162) 2023-02-06 09:14:35 -08:00