Fix Gateway API TLS TCP Route

2025-08-05 17:16:59 +02:00 · 2024-01-27 00:41:15 +01:00 · 2024-01-27 00:41:15 +01:00 · 4d99b7db2d
commit 4d99b7db2d
parent 1bc685774e
2 changed files with 61 additions and 0 deletions
--- a/source/gateway.go
+++ b/source/gateway.go
@ -476,6 +476,7 @@ func uniqueTargets(targets endpoint.Targets) endpoint.Targets {

 // gwProtocolMatches returns whether a and b are the same protocol,
 // where HTTP and HTTPS are considered the same.
+// and TLS and TCP are considered the same.
 func gwProtocolMatches(a, b v1.ProtocolType) bool {
 	if a == v1.HTTPSProtocolType {
 		a = v1.HTTPProtocolType
@ -483,6 +484,10 @@ func gwProtocolMatches(a, b v1.ProtocolType) bool {
 	if b == v1.HTTPSProtocolType {
 		b = v1.HTTPProtocolType
 	}
+	// if Listener is TLS and Route is TCP, then we'll treat the Listener as TCP.
+	if a == v1.TCPProtocolType && b == v1.TLSProtocolType {
+		b = v1.TCPProtocolType
+	}
 	return a == b
 }

--- a/source/gateway_test.go
+++ b/source/gateway_test.go
@ -19,6 +19,8 @@ package source
 import (
 	"strings"
 	"testing"
+
+	v1 "sigs.k8s.io/gateway-api/apis/v1"
 )

 func TestGatewayMatchingHost(t *testing.T) {
@ -105,6 +107,60 @@ func TestGatewayMatchingHost(t *testing.T) {
 	}
 }

+func TestGatewayMatchingProtocol(t *testing.T) {
+	tests := []struct {
+		route, lis string
+		desc       string
+		ok         bool
+	}{
+		{
+			desc:  "protocol-matches-lis-https-route-http",
+			route: "HTTP",
+			lis:   "HTTPS",
+			ok:    true,
+		},
+		{
+			desc:  "protocol-match-invalid-list-https-route-tcp",
+			route: "TCP",
+			lis:   "HTTPS",
+			ok:    false,
+		},
+		{
+			desc:  "protocol-match-valid-lis-tls-route-tls",
+			route: "TLS",
+			lis:   "TLS",
+			ok:    true,
+		},
+		{
+			desc:  "protocol-match-valid-lis-TLS-route-TCP",
+			route: "TCP",
+			lis:   "TLS",
+			ok:    true,
+		},
+		{
+			desc:  "protocol-match-valid-lis-TLS-route-TCP",
+			route: "TLS",
+			lis:   "TCP",
+			ok:    false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.desc, func(t *testing.T) {
+			for i := 0; i < 2; i++ {
+				if ok := gwProtocolMatches(v1.ProtocolType(tt.route), v1.ProtocolType(tt.lis)); ok != tt.ok {
+					t.Errorf(
+						"gwProtocolMatches(%q, %q); got: %v; want: %v",
+						tt.route, tt.lis, ok, tt.ok,
+					)
+				}
+				//tt.a, tt.b = tt.b, tt.a
+			}
+		})
+
+	}
+}
+
 func TestIsDNS1123Domain(t *testing.T) {
 	tests := []struct {
 		desc string