danzh
danzh
Cert validator is extendable in upstream Envoy. As platforms such as Android and iOS provide their own cert validation APIs, E-M should use these platform provided APIs instead of, as...
Update QUICHE from 3743c9285 to 2381ebbb6 https://github.com/google/quiche/compare/3743c9285..2381ebbb6 $ git log 3743c9285..2381ebbb6 --date=short --no-merges --format="%ad %al %s" 2022-09-22 ianswett Deprecate --gfe2_reloadable_flag_quic_bbr2_startup_extra_acked. 2022-09-22 ianswett Deprecate --gfe2_reloadable_flag_quic_bbr2_ignore_inflight_hi_in_probe_up. 2022-09-22 vasilvv Remove QuicheStreamBufferAllocator platform API...
The test is flaky in various ways: Fails at: ``` EXPECT_THAT(waitForAccessLog(access_log_name_), HasSubstr("upstream_reset_before_response_started{connection_termination}")); ``` with corresponding log observed: [2022-08-12 18:49:00.193][14][critical][assert] [test/integration/base_integration_test.cc:502] assert failure: 0. Details: Timed out waiting for access log....
Description: add engine API to allow user config to use Android cert validation APIs. Risk Level: high Testing: added tests in Http2TestServerTest.java Docs Changes: Release Notes: Fixes #1575 Part of...
[is_issued_by_known_root](https://github.com/envoyproxy/envoy-mobile/blob/main/library/common/jni/android_network_utility.cc#L106) is part of the return result of [jvm_verify_x509_cert_chain()](https://github.com/envoyproxy/envoy-mobile/blob/369c7fb4145b5ac9f9b5a11ebde1b52627dac2f8/library/common/jni/android_network_utility.cc#L116). It is an indicator whether Envoy Mobile is behind any proxy, and it is ignored today in cert validation. In Chrome,...
https://github.com/envoyproxy/envoy-mobile/pull/2525 made cronet and c++ engines be able to use platform provided APIs to asynchronously verify certificates. It is done by creating stand-alone threads to call into platform APIs when...
Commit Message: made 2 interface changes to harden the life time interaction between codec server streams and HCM or between codec client streams and UpstreamRequest. 1) Added `StreamCallbacksRegistry` interface to...
Commit Message: The current Address implementation will create the string representation of an IP address upon construction. This is probably okay for TCP, but for each UDP packet it's a...
Those tests were accidentally changed pass only if that runtime guard is true. Risk Level: low Testing: fixing tests Docs Changes: N/A Release Notes: N/A Platform Specific Features: N/A
Commit Message: Upon default network changes on devices, existing QUIC connections should be closed or drained depending on whether it is idle or not (having in-flight requests). Draining the non-idle...