Skip to content

xds: Add SNI related field in handshake info#8965

Open
eshitachandwani wants to merge 4 commits intogrpc:masterfrom
eshitachandwani:add_field_in_handshake_info
Open

xds: Add SNI related field in handshake info#8965
eshitachandwani wants to merge 4 commits intogrpc:masterfrom
eshitachandwani:add_field_in_handshake_info

Conversation

@eshitachandwani
Copy link
Member

@eshitachandwani eshitachandwani commented Mar 9, 2026
edited
Loading

This PR is part of A101 implementation.

This PR does the following changes:

  1. Add sni and autoSniSanValidation field to handshake info.
  2. Change the TLS config building to add SNI if env variable is true (currently false by default so will not be set), and sni is present (currently set as empty in handshake so will not be set).
  3. Change verify function to match SANs against SNI if set and env variable and autoSniSanValidation is true (currently set to false by default).
  4. Set sni to empty and autoSniSanValidation to false by default when creating handshake info in clusterimpl
  5. Adds tests to verify the happy and failure cases of handshake.

In the next PR :

  1. Will decide between hostname and SNI from CDS update in clusterimpl balancer.
  2. Add end to end tests to verify the SNI flow.
  3. Change the environment variable to true.

RELEASE NOTES: None

@eshitachandwani eshitachandwani added this to the 1.81 Release milestone Mar 9, 2026
@eshitachandwani eshitachandwani added Type: Feature New features or improvements in behavior Area: xDS Includes everything xDS related, including LB policies used with xDS. labels Mar 9, 2026
@codecov
Copy link

codecov bot commented Mar 9, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 83.34%. Comparing base (fd53961) to head (d42b8ab).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #8965      +/-   ##
==========================================
+ Coverage   83.26%   83.34%   +0.08%     
==========================================
  Files         410      410              
  Lines       32576    32609      +33     
==========================================
+ Hits        27123    27178      +55     
+ Misses       4062     4050      -12     
+ Partials     1391     1381      -10
Files with missing lines Coverage Δ
internal/credentials/xds/handshake_info.go 93.71% <100.00%> (+0.46%) ⬆️
internal/xds/balancer/clusterimpl/clusterimpl.go 87.82% <100.00%> (ø)
internal/xds/server/conn_wrapper.go 76.27% <100.00%> (ø)

... and 31 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Pranjali-2501 Pranjali-2501 Awaiting requested review from Pranjali-2501

@arjan-bal arjan-bal Awaiting requested review from arjan-bal

At least 1 approving review is required to merge this pull request.

Assignees

@Pranjali-2501 Pranjali-2501

Labels

Area: xDS Includes everything xDS related, including LB policies used with xDS. Type: Feature New features or improvements in behavior

Projects

None yet

Milestone

1.81 Release

Development

Successfully merging this pull request may close these issues.

2 participants

@eshitachandwani @Pranjali-2501