matchers: moving network matchers to their own extension (envoyproxy#…

…25981) moving the network utilities Envoy Mobile depends on out of the cronvoy directories and namespaces. Risk Level: medium: JNI typos cause failures Testing: relying on all utilities having existing tests Docs Changes: n/a Release Notes: n/a Signed-off-by: Alyssa Wilk <[email protected]>
lizan · Mar 9, 2023 · 2f16b6e · 2f16b6e
1 parent 1ff9dd4
commit 2f16b6e
Show file tree

Hide file tree

Showing 24 changed files with 443 additions and 314 deletions.
diff --git a/CODEOWNERS b/CODEOWNERS
@@ -295,6 +295,8 @@ extensions/filters/http/oauth2 @derekargueta @snowp
 /*/extensions/load_balancing_policies/maglev @wbpcode @UNOWNED
 # Early header mutation
 /*/extensions/http/early_header_mutation/header_mutation @wbpcode @UNOWNED
+# Network matching extensions
+/*/extensions/matching/network/ @kyessenov @snowp
 # Header mutation
 /*/extensions/filters/http/header_mutation @wbpcode @htuch @soulxu
 

diff --git a/changelogs/current.yaml b/changelogs/current.yaml
@@ -35,6 +35,9 @@ minor_behavior_changes:
 - area: custom response
   change: |
     Changed how the uri for redirect policy is specified. It can now be specified either as a single fully qualified string, or by specifying individual components of the uri.
+- area: matchers
+  change: |
+    Moved all of the network input matchers to extensions. If you use network matchers and override extensions_build_config.bzl you will now need to include them explicitly.
 
 bug_fixes:
 # *Changes expected to improve the state of the world and are unlikely to have negative effects*

diff --git a/mobile/envoy_build_config/BUILD b/mobile/envoy_build_config/BUILD
@@ -13,7 +13,6 @@ envoy_cc_library(
     repository = "@envoy",
     deps = [
         "extension_registry_platform_additions",
-        "@envoy//source/common/network/matching:inputs_lib",
         "@envoy//source/common/http/matching:inputs_lib",
         "@envoy//source/common/network:socket_lib",
         "@envoy//source/common/router:upstream_codec_filter_lib",

diff --git a/mobile/envoy_build_config/extension_registry.cc b/mobile/envoy_build_config/extension_registry.cc
@@ -11,7 +11,6 @@
 #include "source/common/http/match_delegate/config.h"
 #include "source/common/http/matching/inputs.h"
 #include "source/common/network/default_client_connection_factory.h"
-#include "source/common/network/matching/inputs.h"
 #include "source/common/network/socket_interface_impl.h"
 #include "source/common/router/upstream_codec_filter.h"
 #include "source/common/watchdog/abort_action_config.h"
@@ -122,25 +121,6 @@ void ExtensionRegistry::registerFactories() {
   Network::forceRegisterGetAddrInfoDnsResolverFactory();
   Network::forceRegisterSocketInterfaceImpl();
   Network::forceRegisterUdpDefaultWriterFactoryFactory();
-  Network::Matching::forceRegisterApplicationProtocolInputFactory();
-  Network::Matching::forceRegisterDestinationPortInputFactory();
-  Network::Matching::forceRegisterDirectSourceIPInputFactory();
-  Network::Matching::forceRegisterHttpDestinationIPInputFactory();
-  Network::Matching::forceRegisterHttpDestinationPortInputFactory();
-  Network::Matching::forceRegisterHttpDirectSourceIPInputFactory();
-  Network::Matching::forceRegisterHttpServerNameInputFactory();
-  Network::Matching::forceRegisterHttpSourceIPInputFactory();
-  Network::Matching::forceRegisterHttpSourcePortInputFactory();
-  Network::Matching::forceRegisterHttpSourceTypeInputFactory();
-  Network::Matching::forceRegisterServerNameInputFactory();
-  Network::Matching::forceRegisterSourceIPInputFactory();
-  Network::Matching::forceRegisterSourcePortInputFactory();
-  Network::Matching::forceRegisterSourceTypeInputFactory();
-  Network::Matching::forceRegisterTransportProtocolInputFactory();
-  Network::Matching::forceRegisterUdpDestinationIPInputFactory();
-  Network::Matching::forceRegisterUdpDestinationPortInputFactory();
-  Network::Matching::forceRegisterUdpSourceIPInputFactory();
-  Network::Matching::forceRegisterUdpSourcePortInputFactory();
   Regex::forceRegisterGoogleReEngineFactory();
   Router::forceRegisterDefaultEarlyDataPolicyFactory();
   Router::forceRegisterRouteListMatchActionFactory();

diff --git a/source/common/network/matching/BUILD b/source/common/network/matching/BUILD
@@ -3,10 +3,6 @@ load(
     "envoy_cc_library",
     "envoy_package",
 )
-load(
-    "@envoy_build_config//:extensions_build_config.bzl",
-    "LEGACY_ALWAYSLINK",
-)
 
 licenses(["notice"])  # Apache 2
 
@@ -22,7 +18,6 @@ envoy_cc_library(
 
 envoy_cc_library(
     name = "inputs_lib",
-    srcs = ["inputs.cc"],
     hdrs = ["inputs.h"],
     deps = [
         "//envoy/http:filter_interface",
@@ -32,5 +27,4 @@ envoy_cc_library(
         "//source/common/network:utility_lib",
         "@envoy_api//envoy/extensions/matching/common_inputs/network/v3:pkg_cc_proto",
     ],
-    alwayslink = LEGACY_ALWAYSLINK,
 )
diff --git a/source/common/network/matching/inputs.h b/source/common/network/matching/inputs.h
@@ -32,276 +32,6 @@ class BaseFactory : public Matcher::DataInputFactory<MatchingDataType> {
   const std::string name_;
 };
 
-template <class MatchingDataType>
-class DestinationIPInput : public Matcher::DataInput<MatchingDataType> {
-public:
-  Matcher::DataInputGetResult get(const MatchingDataType& data) const override {
-    const auto& address = data.localAddress();
-
-    if (address.type() != Network::Address::Type::Ip) {
-      return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, absl::nullopt};
-    }
-    return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable,
-            address.ip()->addressAsString()};
-  }
-};
-
-template <class MatchingDataType>
-class DestinationIPInputBaseFactory
-    : public BaseFactory<
-          DestinationIPInput<MatchingDataType>,
-          envoy::extensions::matching::common_inputs::network::v3::DestinationIPInput,
-          MatchingDataType> {
-public:
-  DestinationIPInputBaseFactory()
-      : BaseFactory<DestinationIPInput<MatchingDataType>,
-                    envoy::extensions::matching::common_inputs::network::v3::DestinationIPInput,
-                    MatchingDataType>("destination_ip") {}
-};
-
-DECLARE_FACTORY(DestinationIPInputFactory);
-DECLARE_FACTORY(UdpDestinationIPInputFactory);
-DECLARE_FACTORY(HttpDestinationIPInputFactory);
-
-template <class MatchingDataType>
-class DestinationPortInput : public Matcher::DataInput<MatchingDataType> {
-public:
-  Matcher::DataInputGetResult get(const MatchingDataType& data) const override {
-    const auto& address = data.localAddress();
-    if (address.type() != Network::Address::Type::Ip) {
-      return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, absl::nullopt};
-    }
-    return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable,
-            absl::StrCat(address.ip()->port())};
-  }
-};
-
-template <class MatchingDataType>
-class DestinationPortInputBaseFactory
-    : public BaseFactory<
-          DestinationPortInput<MatchingDataType>,
-          envoy::extensions::matching::common_inputs::network::v3::DestinationPortInput,
-          MatchingDataType> {
-public:
-  DestinationPortInputBaseFactory()
-      : BaseFactory<DestinationPortInput<MatchingDataType>,
-                    envoy::extensions::matching::common_inputs::network::v3::DestinationPortInput,
-                    MatchingDataType>("destination_port") {}
-};
-
-DECLARE_FACTORY(DestinationPortInputFactory);
-DECLARE_FACTORY(UdpDestinationPortInputFactory);
-DECLARE_FACTORY(HttpDestinationPortInputFactory);
-
-template <class MatchingDataType>
-class SourceIPInput : public Matcher::DataInput<MatchingDataType> {
-public:
-  Matcher::DataInputGetResult get(const MatchingDataType& data) const override {
-    const auto& address = data.remoteAddress();
-    if (address.type() != Network::Address::Type::Ip) {
-      return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, absl::nullopt};
-    }
-    return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable,
-            address.ip()->addressAsString()};
-  }
-};
-
-template <class MatchingDataType>
-class SourceIPInputBaseFactory
-    : public BaseFactory<SourceIPInput<MatchingDataType>,
-                         envoy::extensions::matching::common_inputs::network::v3::SourceIPInput,
-                         MatchingDataType> {
-public:
-  SourceIPInputBaseFactory()
-      : BaseFactory<SourceIPInput<MatchingDataType>,
-                    envoy::extensions::matching::common_inputs::network::v3::SourceIPInput,
-                    MatchingDataType>("source_ip") {}
-};
-
-DECLARE_FACTORY(SourceIPInputFactory);
-DECLARE_FACTORY(UdpSourceIPInputFactory);
-DECLARE_FACTORY(HttpSourceIPInputFactory);
-
-template <class MatchingDataType>
-class SourcePortInput : public Matcher::DataInput<MatchingDataType> {
-public:
-  Matcher::DataInputGetResult get(const MatchingDataType& data) const override {
-    const auto& address = data.remoteAddress();
-    if (address.type() != Network::Address::Type::Ip) {
-      return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, absl::nullopt};
-    }
-    return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable,
-            absl::StrCat(address.ip()->port())};
-  }
-};
-
-template <class MatchingDataType>
-class SourcePortInputBaseFactory
-    : public BaseFactory<SourcePortInput<MatchingDataType>,
-                         envoy::extensions::matching::common_inputs::network::v3::SourcePortInput,
-                         MatchingDataType> {
-public:
-  SourcePortInputBaseFactory()
-      : BaseFactory<SourcePortInput<MatchingDataType>,
-                    envoy::extensions::matching::common_inputs::network::v3::SourcePortInput,
-                    MatchingDataType>("source_port") {}
-};
-
-DECLARE_FACTORY(SourcePortInputFactory);
-DECLARE_FACTORY(UdpSourcePortInputFactory);
-DECLARE_FACTORY(HttpSourcePortInputFactory);
-
-template <class MatchingDataType>
-class DirectSourceIPInput : public Matcher::DataInput<MatchingDataType> {
-public:
-  Matcher::DataInputGetResult get(const MatchingDataType& data) const override {
-    const auto& address = data.connectionInfoProvider().directRemoteAddress();
-    if (address->type() != Network::Address::Type::Ip) {
-      return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, absl::nullopt};
-    }
-    return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable,
-            address->ip()->addressAsString()};
-  }
-};
-
-template <class MatchingDataType>
-class DirectSourceIPInputBaseFactory
-    : public BaseFactory<
-          DirectSourceIPInput<MatchingDataType>,
-          envoy::extensions::matching::common_inputs::network::v3::DirectSourceIPInput,
-          MatchingDataType> {
-public:
-  DirectSourceIPInputBaseFactory()
-      : BaseFactory<DirectSourceIPInput<MatchingDataType>,
-                    envoy::extensions::matching::common_inputs::network::v3::DirectSourceIPInput,
-                    MatchingDataType>("direct_source_ip") {}
-};
-
-DECLARE_FACTORY(DirectSourceIPInputFactory);
-DECLARE_FACTORY(HttpDirectSourceIPInputFactory);
-
-template <class MatchingDataType>
-class SourceTypeInput : public Matcher::DataInput<MatchingDataType> {
-public:
-  Matcher::DataInputGetResult get(const MatchingDataType& data) const override {
-    const bool is_local_connection =
-        Network::Utility::isSameIpOrLoopback(data.connectionInfoProvider());
-    if (is_local_connection) {
-      return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, "local"};
-    }
-    return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, absl::nullopt};
-  }
-};
-
-template <class MatchingDataType>
-class SourceTypeInputBaseFactory
-    : public BaseFactory<SourceTypeInput<MatchingDataType>,
-                         envoy::extensions::matching::common_inputs::network::v3::SourceTypeInput,
-                         MatchingDataType> {
-public:
-  SourceTypeInputBaseFactory()
-      : BaseFactory<SourceTypeInput<MatchingDataType>,
-                    envoy::extensions::matching::common_inputs::network::v3::SourceTypeInput,
-                    MatchingDataType>("source_type") {}
-};
-
-DECLARE_FACTORY(SourceTypeInputFactory);
-DECLARE_FACTORY(HttpSourceTypeInputFactory);
-
-template <class MatchingDataType>
-class ServerNameInput : public Matcher::DataInput<MatchingDataType> {
-public:
-  Matcher::DataInputGetResult get(const MatchingDataType& data) const override {
-    const auto server_name = data.connectionInfoProvider().requestedServerName();
-    if (!server_name.empty()) {
-      return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable,
-              std::string(server_name)};
-    }
-    return {Matcher::DataInputGetResult::DataAvailability::AllDataAvailable, absl::nullopt};
-  }
-};
-
-template <class MatchingDataType>
-class ServerNameInputBaseFactory
-    : public BaseFactory<ServerNameInput<MatchingDataType>,
-                         envoy::extensions::matching::common_inputs::network::v3::ServerNameInput,
-                         MatchingDataType> {
-public:
-  ServerNameInputBaseFactory()
-      : BaseFactory<ServerNameInput<MatchingDataType>,
-                    envoy::extensions::matching::common_inputs::network::v3::ServerNameInput,
-                    MatchingDataType>("server_name") {}
-};
-
-DECLARE_FACTORY(ServerNameInputFactory);
-DECLARE_FACTORY(HttpServerNameInputFactory);
-
-class TransportProtocolInput : public Matcher::DataInput<MatchingData> {
-public:
-  Matcher::DataInputGetResult get(const MatchingData& data) const override;
-};
-
-class TransportProtocolInputFactory
-    : public BaseFactory<
-          TransportProtocolInput,
-          envoy::extensions::matching::common_inputs::network::v3::TransportProtocolInput,
-          MatchingData> {
-public:
-  TransportProtocolInputFactory() : BaseFactory("transport_protocol") {}
-};
-
-DECLARE_FACTORY(TransportProtocolInputFactory);
-
-class ApplicationProtocolInput : public Matcher::DataInput<MatchingData> {
-public:
-  Matcher::DataInputGetResult get(const MatchingData& data) const override;
-};
-
-class ApplicationProtocolInputFactory
-    : public BaseFactory<
-          ApplicationProtocolInput,
-          envoy::extensions::matching::common_inputs::network::v3::ApplicationProtocolInput,
-          MatchingData> {
-public:
-  ApplicationProtocolInputFactory() : BaseFactory("application_protocol") {}
-};
-
-DECLARE_FACTORY(ApplicationProtocolInputFactory);
-
-class FilterStateInput : public Matcher::DataInput<MatchingData> {
-public:
-  FilterStateInput(
-      const envoy::extensions::matching::common_inputs::network::v3::FilterStateInput& input_config)
-      : filter_state_key_(input_config.key()) {}
-
-  Matcher::DataInputGetResult get(const MatchingData& data) const override;
-
-private:
-  const std::string filter_state_key_;
-};
-
-class FilterStateInputFactory : public Matcher::DataInputFactory<MatchingData> {
-public:
-  std::string name() const override { return "envoy.matching.inputs.filter_state"; }
-
-  Matcher::DataInputFactoryCb<MatchingData> createDataInputFactoryCb(
-      const Protobuf::Message& message,
-      ProtobufMessage::ValidationVisitor& message_validation_visitor) override {
-    const auto& proto_config = MessageUtil::downcastAndValidate<
-        const envoy::extensions::matching::common_inputs::network::v3::FilterStateInput&>(
-        message, message_validation_visitor);
-
-    return [proto_config]() { return std::make_unique<FilterStateInput>(proto_config); };
-  };
-
-  ProtobufTypes::MessagePtr createEmptyConfigProto() override {
-    return std::make_unique<
-        envoy::extensions::matching::common_inputs::network::v3::FilterStateInput>();
-  }
-};
-
-DECLARE_FACTORY(FilterStateInputFactory);
-
 } // namespace Matching
 } // namespace Network
 } // namespace Envoy
diff --git a/source/extensions/extensions_build_config.bzl b/source/extensions/extensions_build_config.bzl
@@ -70,6 +70,21 @@ EXTENSIONS = {
     "envoy.matching.matchers.consistent_hashing":       "//source/extensions/matching/input_matchers/consistent_hashing:config",
     "envoy.matching.matchers.ip":                       "//source/extensions/matching/input_matchers/ip:config",
 
+    #
+    # Network Matchers
+    #
+
+    "envoy.matching.inputs.application_protocol":       "//source/extensions/matching/network/application_protocol:config",
+    # Ideally these would be split up. We'll do so if anyone cares.
+    "envoy.matching.inputs.destination_ip":             "//source/extensions/matching/network/common:inputs_lib",
+    "envoy.matching.inputs.destination_port":           "//source/extensions/matching/network/common:inputs_lib",
+    "envoy.matching.inputs.source_ip":                  "//source/extensions/matching/network/common:inputs_lib",
+    "envoy.matching.inputs.source_port":                "//source/extensions/matching/network/common:inputs_lib",
+    "envoy.matching.inputs.direct_source_ip":           "//source/extensions/matching/network/common:inputs_lib",
+    "envoy.matching.inputs.source_type":                "//source/extensions/matching/network/common:inputs_lib",
+    "envoy.matching.inputs.server_name":                "//source/extensions/matching/network/common:inputs_lib",
+    "envoy.matching.inputs.transport_protocol":         "//source/extensions/matching/network/common:inputs_lib",
+
     #
     # Generic Inputs
     #