From 0d30ce4ebf70d0d0df5ee82e5c76a341e7aa6d39 Mon Sep 17 00:00:00 2001 From: Burkov Egor Date: Wed, 25 Jun 2025 14:15:16 +0300 Subject: [PATCH 1/5] xdsclient: typed config nil better nil checks --- xds/internal/xdsclient/xdsresource/filter_chain.go | 5 ++++- xds/internal/xdsclient/xdsresource/unmarshal_cds.go | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/xds/internal/xdsclient/xdsresource/filter_chain.go b/xds/internal/xdsclient/xdsresource/filter_chain.go index 3945199133ec..34328f9fb683 100644 --- a/xds/internal/xdsclient/xdsresource/filter_chain.go +++ b/xds/internal/xdsclient/xdsresource/filter_chain.go @@ -542,7 +542,10 @@ func (fcm *FilterChainManager) filterChainFromProto(fc *v3listenerpb.FilterChain return nil, fmt.Errorf("transport_socket field has unexpected name: %s", name) } tc := ts.GetTypedConfig() - if tc == nil || tc.TypeUrl != version.V3DownstreamTLSContextURL { + if tc == nil { + return nil, fmt.Errorf("missing required field: TypedConfig") + } + if tc.TypeUrl != version.V3UpstreamTLSContextURL { return nil, fmt.Errorf("transport_socket field has unexpected typeURL: %s", tc.TypeUrl) } downstreamCtx := &v3tlspb.DownstreamTlsContext{} diff --git a/xds/internal/xdsclient/xdsresource/unmarshal_cds.go b/xds/internal/xdsclient/xdsresource/unmarshal_cds.go index c2ced0d6203f..6f609d5a8017 100644 --- a/xds/internal/xdsclient/xdsresource/unmarshal_cds.go +++ b/xds/internal/xdsclient/xdsresource/unmarshal_cds.go @@ -287,7 +287,10 @@ func securityConfigFromCluster(cluster *v3clusterpb.Cluster) (*SecurityConfig, e return nil, fmt.Errorf("transport_socket field has unexpected name: %s", name) } tc := ts.GetTypedConfig() - if tc == nil || tc.TypeUrl != version.V3UpstreamTLSContextURL { + if tc == nil { + return nil, fmt.Errorf("missing required field: TypedConfig") + } + if tc.TypeUrl != version.V3UpstreamTLSContextURL { return nil, fmt.Errorf("transport_socket field has unexpected typeURL: %s", tc.TypeUrl) } upstreamCtx := &v3tlspb.UpstreamTlsContext{} From 12265bb105f7851a032b60c68eb65a3898e3c534 Mon Sep 17 00:00:00 2001 From: Burkov Egor Date: Mon, 30 Jun 2025 09:40:24 +0300 Subject: [PATCH 2/5] fix typo --- xds/internal/xdsclient/xdsresource/filter_chain.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/xds/internal/xdsclient/xdsresource/filter_chain.go b/xds/internal/xdsclient/xdsresource/filter_chain.go index 34328f9fb683..6d0b13966a55 100644 --- a/xds/internal/xdsclient/xdsresource/filter_chain.go +++ b/xds/internal/xdsclient/xdsresource/filter_chain.go @@ -545,7 +545,7 @@ func (fcm *FilterChainManager) filterChainFromProto(fc *v3listenerpb.FilterChain if tc == nil { return nil, fmt.Errorf("missing required field: TypedConfig") } - if tc.TypeUrl != version.V3UpstreamTLSContextURL { + if tc.TypeUrl != version.V3DownstreamTLSContextURL { return nil, fmt.Errorf("transport_socket field has unexpected typeURL: %s", tc.TypeUrl) } downstreamCtx := &v3tlspb.DownstreamTlsContext{} From 0f7bd03647ed34a197cbdf1744bdadc32961e917 Mon Sep 17 00:00:00 2001 From: Burkov Egor Date: Mon, 14 Jul 2025 09:31:41 +0300 Subject: [PATCH 3/5] Update xds/internal/xdsclient/xdsresource/filter_chain.go Co-authored-by: Doug Fawley --- xds/internal/xdsclient/xdsresource/filter_chain.go | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/xds/internal/xdsclient/xdsresource/filter_chain.go b/xds/internal/xdsclient/xdsresource/filter_chain.go index 6d0b13966a55..46bbcaf4a1f2 100644 --- a/xds/internal/xdsclient/xdsresource/filter_chain.go +++ b/xds/internal/xdsclient/xdsresource/filter_chain.go @@ -542,11 +542,8 @@ func (fcm *FilterChainManager) filterChainFromProto(fc *v3listenerpb.FilterChain return nil, fmt.Errorf("transport_socket field has unexpected name: %s", name) } tc := ts.GetTypedConfig() - if tc == nil { - return nil, fmt.Errorf("missing required field: TypedConfig") - } - if tc.TypeUrl != version.V3DownstreamTLSContextURL { - return nil, fmt.Errorf("transport_socket field has unexpected typeURL: %s", tc.TypeUrl) + if typeURL := tc.GetTypeUrl(); typeURL != version.V3DownstreamTLSContextURL { + return nil, fmt.Errorf("transport_socket missing typed_config or wrong type_url: %q", typeURL) } downstreamCtx := &v3tlspb.DownstreamTlsContext{} if err := proto.Unmarshal(tc.GetValue(), downstreamCtx); err != nil { From 8e947daa78c63cb1d9477b76ebb699ce67923b87 Mon Sep 17 00:00:00 2001 From: Burkov Egor Date: Mon, 14 Jul 2025 09:46:09 +0300 Subject: [PATCH 4/5] Another place --- xds/internal/xdsclient/xdsresource/unmarshal_cds.go | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/xds/internal/xdsclient/xdsresource/unmarshal_cds.go b/xds/internal/xdsclient/xdsresource/unmarshal_cds.go index 6f609d5a8017..43247c5b8d9f 100644 --- a/xds/internal/xdsclient/xdsresource/unmarshal_cds.go +++ b/xds/internal/xdsclient/xdsresource/unmarshal_cds.go @@ -287,11 +287,8 @@ func securityConfigFromCluster(cluster *v3clusterpb.Cluster) (*SecurityConfig, e return nil, fmt.Errorf("transport_socket field has unexpected name: %s", name) } tc := ts.GetTypedConfig() - if tc == nil { - return nil, fmt.Errorf("missing required field: TypedConfig") - } - if tc.TypeUrl != version.V3UpstreamTLSContextURL { - return nil, fmt.Errorf("transport_socket field has unexpected typeURL: %s", tc.TypeUrl) + if typeURL := tc.GetTypeUrl(); typeURL != version.V3UpstreamTLSContextURL { + return nil, fmt.Errorf("transport_socket missing typed_config or wrong type_url: %q", typeURL) } upstreamCtx := &v3tlspb.UpstreamTlsContext{} if err := proto.Unmarshal(tc.GetValue(), upstreamCtx); err != nil { From 17bf5bf8d30ed345213818f459c86bcca8aa3832 Mon Sep 17 00:00:00 2001 From: Burkov Egor Date: Fri, 18 Jul 2025 15:47:42 +0300 Subject: [PATCH 5/5] Update tests --- xds/internal/xdsclient/xdsresource/filter_chain_test.go | 2 +- xds/internal/xdsclient/xdsresource/unmarshal_lds_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/xds/internal/xdsclient/xdsresource/filter_chain_test.go b/xds/internal/xdsclient/xdsresource/filter_chain_test.go index bc4cd8205e3f..67b37dffb836 100644 --- a/xds/internal/xdsclient/xdsresource/filter_chain_test.go +++ b/xds/internal/xdsclient/xdsresource/filter_chain_test.go @@ -348,7 +348,7 @@ func (s) TestNewFilterChainImpl_Failure_BadSecurityConfig(t *testing.T) { }, }, }, - wantErr: "transport_socket field has unexpected typeURL", + wantErr: fmt.Sprintf("transport_socket missing typed_config or wrong type_url: \"%s\"", testutils.MarshalAny(t, &v3tlspb.UpstreamTlsContext{}).TypeUrl), }, { desc: "badly marshaled transport socket", diff --git a/xds/internal/xdsclient/xdsresource/unmarshal_lds_test.go b/xds/internal/xdsclient/xdsresource/unmarshal_lds_test.go index 71eaed058b08..900afdd311b0 100644 --- a/xds/internal/xdsclient/xdsresource/unmarshal_lds_test.go +++ b/xds/internal/xdsclient/xdsresource/unmarshal_lds_test.go @@ -1266,7 +1266,7 @@ func (s) TestUnmarshalListener_ServerSide(t *testing.T) { }, }), wantName: v3LDSTarget, - wantErr: "transport_socket field has unexpected typeURL", + wantErr: fmt.Sprintf("transport_socket missing typed_config or wrong type_url: \"%s\"", testutils.MarshalAny(t, &v3tlspb.UpstreamTlsContext{}).TypeUrl), }, { name: "badly marshaled transport socket",