Skip to content

xds: Introduce flag for fallback to use the xds channel authority if no SNI is determined to be used. #12422

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 21, 2025
Merged

xds: Introduce flag for fallback to use the xds channel authority if no SNI is determined to be used. #12422

merged 2 commits into from
Oct 21, 2025

Conversation

kannanjgithub
Copy link
Contributor

@kannanjgithub kannanjgithub commented Oct 16, 2025
edited
Loading

This is to allow the previous behavior if needed, and when the xds channel authority is used as the SNI, it won't be used for the SAN validation.

kannanjgithub
kannanjgithub commented Oct 16, 2025
View reviewed changes
xds/src/main/java/io/grpc/xds/internal/security/DynamicSslContextProvider.java
@Nullable protected final CertificateValidationContext staticCertificateValidationContext;
@Nullable protected AbstractMap.SimpleImmutableEntry<SslContext, X509TrustManager>
sslContextAndTrustManager;
protected boolean autoSniSanValidationDoesNotApply;
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made this a settable field that is set separately instead of making it a final field in CertProviderClientSslContextProvider where it ideally belongs, in order to avoid having to propagate the boolean via the cert provider factory methods and having to add the boolean to the cache key as well.

@kannanjgithub kannanjgithub requested a review from ejona86 October 16, 2025 17:41
@kannanjgithub kannanjgithub force-pushed the xdsAuthorityFallbackFlag branch from bc2699a to 79ebe40 Compare October 17, 2025 15:05
@kannanjgithub kannanjgithub merged commit 7ea4744 into grpc:master Oct 21, 2025
26 of 30 checks passed
@kannanjgithub kannanjgithub deleted the xdsAuthorityFallbackFlag branch October 21, 2025 16:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ejona86 ejona86 ejona86 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kannanjgithub @ejona86