forked from envoyproxy/envoy-openssl
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request envoyproxy#287 from dcillera/revert-and-update
Revert some commits and update to latest upstream 1.32
- Loading branch information
Showing
53 changed files
with
476 additions
and
116 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -286,6 +286,10 @@ jobs: | |
BAZEL_BUILD_EXTRA_OPTIONS="--google_credentials=/build/${GCP_SERVICE_ACCOUNT_KEY_FILE} --config=remote-ci --config=rbe-google" | ||
echo "BAZEL_BUILD_EXTRA_OPTIONS=${BAZEL_BUILD_EXTRA_OPTIONS}" >> "$GITHUB_ENV" | ||
- run: | | ||
echo "${{ vars.ENVOY_CI_BAZELRC }}" > repo.bazelrc | ||
if: ${{ vars.ENVOY_CI_BAZELRC }} | ||
- uses: envoyproxy/toolshed/gh-actions/github/[email protected] | ||
name: Run CI ${{ inputs.command }} ${{ inputs.target }} | ||
with: | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,7 @@ | ||
on: | ||
pull_request: | ||
branches: | ||
- main | ||
workflow_dispatch: | ||
schedule: | ||
- cron: '0 5 * * 1,2,3,4,5' | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
1.32.1-dev | ||
1.32.3-dev |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
# Patch for c-ares CVE-2024-25629 | ||
diff --git a/src/lib/ares__read_line.c b/src/lib/ares__read_line.c | ||
index d65ac1fcf8..018f55e8b2 100644 | ||
--- a/src/lib/ares__read_line.c | ||
+++ b/src/lib/ares__read_line.c | ||
@@ -59,6 +59,14 @@ ares_status_t ares__read_line(FILE *fp, char **buf, size_t *bufsize) | ||
return (offset != 0) ? 0 : (ferror(fp)) ? ARES_EFILE : ARES_EOF; | ||
} | ||
len = offset + ares_strlen(*buf + offset); | ||
+ | ||
+ /* Probably means there was an embedded NULL as the first character in | ||
+ * the line, throw away line */ | ||
+ if (len == 0) { | ||
+ offset = 0; | ||
+ continue; | ||
+ } | ||
+ | ||
if ((*buf)[len - 1] == '\n') { | ||
(*buf)[len - 1] = 0; | ||
break; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
date: October 29, 2024 | ||
|
||
bug_fixes: | ||
- area: tracing | ||
change: | | ||
Fixed a bug where the OpenTelemetry tracer exports the OTLP request even when no spans are present. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
date: December 8, 2024 | ||
|
||
minor_behavior_changes: | ||
- area: dns | ||
change: | | ||
Patched c-ares to address CVE-2024-25629. | ||
bug_fixes: | ||
- area: access_log | ||
change: | | ||
Relaxed the restriction on SNI logging to allow the ``_`` character, even if | ||
``envoy.reloadable_features.sanitize_sni_in_access_log`` is enabled. | ||
- area: validation/tools | ||
change: | | ||
Add back missing extension for ``schema_validator_tool``. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
date: October 29, 2024 | ||
|
||
bug_fixes: | ||
- area: tracing | ||
change: | | ||
Fixed a bug where the OpenTelemetry tracer exports the OTLP request even when no spans are present. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
date: December 8, 2024 | ||
|
||
minor_behavior_changes: | ||
- area: dns | ||
change: | | ||
Patched c-ares to address CVE-2024-25629. | ||
bug_fixes: | ||
- area: access_log | ||
change: | | ||
Relaxed the restriction on SNI logging to allow the ``_`` character, even if | ||
``envoy.reloadable_features.sanitize_sni_in_access_log`` is enabled. | ||
- area: tracers | ||
change: | | ||
Avoid possible overflow when setting span attributes in Dynatrace sampler. | ||
- area: validation/tools | ||
change: | | ||
Add back missing extension for ``schema_validator_tool``. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
date: October 29, 2024 | ||
|
||
bug_fixes: | ||
- area: tracing | ||
change: | | ||
Fixed a bug where the OpenTelemetry tracer exports the OTLP request even when no spans are present. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
date: December 8, 2024 | ||
|
||
minor_behavior_changes: | ||
- area: dns | ||
change: | | ||
Patched c-ares to address CVE-2024-25629. | ||
bug_fixes: | ||
- area: access_log | ||
change: | | ||
Relaxed the restriction on SNI logging to allow the ``_`` character, even if | ||
``envoy.reloadable_features.sanitize_sni_in_access_log`` is enabled. | ||
- area: tracers | ||
change: | | ||
Avoid possible overflow when setting span attributes in Dynatrace sampler. | ||
- area: validation/tools | ||
change: | | ||
Add back missing extension for ``schema_validator_tool``. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
date: October 29, 2024 | ||
|
||
bug_fixes: | ||
- area: release | ||
change: | | ||
Container updates. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
date: December 8, 2024 | ||
|
||
minor_behavior_changes: | ||
- area: dns | ||
change: | | ||
Patched c-ares to address CVE-2024-25629. | ||
bug_fixes: | ||
- area: access_log | ||
change: | | ||
Relaxed the restriction on SNI logging to allow the ``_`` character, even if | ||
``envoy.reloadable_features.sanitize_sni_in_access_log`` is enabled. | ||
- area: original_ip_detection | ||
change: | | ||
Reverted :ref:`custom header | ||
<envoy_v3_api_msg_extensions.http.original_ip_detection.custom_header.v3.CustomHeaderConfig>` extension to its | ||
original behavior by disabling automatic XFF header appending that was inadvertently introduced in PR #31831. | ||
- area: tracers | ||
change: | | ||
Avoid possible overflow when setting span attributes in Dynatrace sampler. | ||
- area: validation/tools | ||
change: | | ||
Add back missing extension for ``schema_validator_tool``. | ||
- area: DNS | ||
change: | | ||
Fixed bug where setting ``dns_jitter <envoy_v3_api_field_config.cluster.v3.Cluster.dns_jitter>`` to large values caused Envoy Bug | ||
to fire. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.