Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update plugin proto to send tls.ConnectionState (Op.2) #12581

Merged
merged 4 commits into from
Oct 7, 2021
Merged

Update plugin proto to send tls.ConnectionState (Op.2) #12581

merged 4 commits into from
Oct 7, 2021

Conversation

tep
Copy link
Contributor

@tep tep commented Sep 19, 2021

This is a resubmission of #9240; it still fixes #9213

In order for external plugins to examine the client certificate(s)
presented during the original request into Vault, we need to marshal
that request's tls.ConnectionState across the gRPC boundary from the
Vault server to the external plugin process.

To that end, this change updates the protocol buffer (and associated
translation logic) used for communicating with external plugins to
include the logical.Connection's "ConnState" value -- thus making it
available to the logical.Request passed to callbacks defined by
external plugins.

@vercel vercel bot temporarily deployed to Preview – vault September 19, 2021 17:28 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook September 19, 2021 17:28 Inactive
@tep tep mentioned this pull request Sep 19, 2021
Closed
@vercel vercel bot temporarily deployed to Preview – vault September 19, 2021 22:02 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook September 19, 2021 22:02 Inactive
@tep tep mentioned this pull request Sep 20, 2021
Closed
@heatherezell
Copy link
Contributor

Hi @tep! It looks like there's some merge conflicts. Can you resolve those? Then, the tests all look good and we can do a deeper dive on the review.

@tep
Copy link
Contributor Author

tep commented Oct 7, 2021

@hsimon-hashicorp -- Conflicts resolved

@ncabatoff ncabatoff merged commit 7bd2be5 into hashicorp:main Oct 7, 2021
@ncabatoff
Copy link
Collaborator

Nice work, thanks @tep!

@tep tep mentioned this pull request Jan 3, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ncabatoff ncabatoff ncabatoff approved these changes

@hghaf099 hghaf099 Awaiting requested review from hghaf099

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Make TLS ConnectionState available to external plugins
3 participants
@tep @heatherezell @ncabatoff