xds: Check name of transport socket received in Cluster response. (#3988

)
grpc · Oct 30, 2020 · c8ef9bc · c8ef9bc
1 parent 89faf1c
commit c8ef9bc
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 0 deletions.
diff --git a/xds/internal/client/client_cds_test.go b/xds/internal/client/client_cds_test.go
@@ -201,6 +201,30 @@ func (s) TestValidateClusterWithSecurityConfig(t *testing.T) {
 		wantUpdate ClusterUpdate
 		wantErr    bool
 	}{
+		{
+			name: "transport-socket-unsupported-name",
+			cluster: &v3clusterpb.Cluster{
+				ClusterDiscoveryType: &v3clusterpb.Cluster_Type{Type: v3clusterpb.Cluster_EDS},
+				EdsClusterConfig: &v3clusterpb.Cluster_EdsClusterConfig{
+					EdsConfig: &v3corepb.ConfigSource{
+						ConfigSourceSpecifier: &v3corepb.ConfigSource_Ads{
+							Ads: &v3corepb.AggregatedConfigSource{},
+						},
+					},
+					ServiceName: serviceName,
+				},
+				LbPolicy: v3clusterpb.Cluster_ROUND_ROBIN,
+				TransportSocket: &v3corepb.TransportSocket{
+					Name: "unsupported-foo",
+					ConfigType: &v3corepb.TransportSocket_TypedConfig{
+						TypedConfig: &anypb.Any{
+							TypeUrl: version.V3UpstreamTLSContextURL,
+						},
+					},
+				},
+			},
+			wantErr: true,
+		},
 		{
 			name: "transport-socket-unsupported-typeURL",
 			cluster: &v3clusterpb.Cluster{
@@ -298,6 +322,7 @@ func (s) TestValidateClusterWithSecurityConfig(t *testing.T) {
 				},
 				LbPolicy: v3clusterpb.Cluster_ROUND_ROBIN,
 				TransportSocket: &v3corepb.TransportSocket{
+					Name: "envoy.transport_sockets.tls",
 					ConfigType: &v3corepb.TransportSocket_TypedConfig{
 						TypedConfig: &anypb.Any{
 							TypeUrl: version.V3UpstreamTLSContextURL,
@@ -342,6 +367,7 @@ func (s) TestValidateClusterWithSecurityConfig(t *testing.T) {
 				},
 				LbPolicy: v3clusterpb.Cluster_ROUND_ROBIN,
 				TransportSocket: &v3corepb.TransportSocket{
+					Name: "envoy.transport_sockets.tls",
 					ConfigType: &v3corepb.TransportSocket_TypedConfig{
 						TypedConfig: &anypb.Any{
 							TypeUrl: version.V3UpstreamTLSContextURL,
@@ -392,6 +418,7 @@ func (s) TestValidateClusterWithSecurityConfig(t *testing.T) {
 				},
 				LbPolicy: v3clusterpb.Cluster_ROUND_ROBIN,
 				TransportSocket: &v3corepb.TransportSocket{
+					Name: "envoy.transport_sockets.tls",
 					ConfigType: &v3corepb.TransportSocket_TypedConfig{
 						TypedConfig: &anypb.Any{
 							TypeUrl: version.V3UpstreamTLSContextURL,

diff --git a/xds/internal/client/client_xds.go b/xds/internal/client/client_xds.go
@@ -259,6 +259,10 @@ func routesProtoToSlice(routes []*v3routepb.Route, logger *grpclog.PrefixLogger)
 	return routesRet, nil
 }
 
+// TransportSocket proto message has a `name` field which is expected to be set
+// to this value by the management server.
+const transportSocketName = "envoy.transport_sockets.tls"
+
 // UnmarshalCluster processes resources received in an CDS response, validates
 // them, and transforms them into a native struct which contains only fields we
 // are interested in.
@@ -322,6 +326,9 @@ func securityConfigFromCluster(cluster *v3clusterpb.Cluster) (*SecurityConfig, e
 	if ts == nil {
 		return nil, nil
 	}
+	if name := ts.GetName(); name != transportSocketName {
+		return nil, fmt.Errorf("xds: transport_socket field has unexpected name: %s", name)
+	}
 	any := ts.GetTypedConfig()
 	if any == nil || any.TypeUrl != version.V3UpstreamTLSContextURL {
 		return nil, fmt.Errorf("xds: transport_socket field has unexpected typeURL: %s", any.TypeUrl)