emissary-ingress · aburan28 · Oct 14, 2023 · Oct 15, 2023
diff --git a/python/ambassador/envoy/v3/v3tls.py b/python/ambassador/envoy/v3/v3tls.py
@@ -105,7 +105,7 @@ def update_tls_cipher(self, key: str, value: List[str]) -> None:
 
         params[key] = value
 
-    def update_validation(self, key: str, value: str) -> None:
+    def update_validation(self, key: str, value: str, match_typed_subject_alt_names: Optional[List[Dict[str, str]]] = None) -> None:
         empty_context: EnvoyValidationContext = {}
 
         # This looks weirder than you might expect, because self.get_common().setdefault() is a truly
@@ -118,6 +118,8 @@ def update_validation(self, key: str, value: str) -> None:
 
         src: EnvoyCoreSource = {"filename": value}
         validation[key] = src
+        if match_subject_alt_names is not None:
+            validation['match_typed_subject_alt_names'] = match_subject_alt_names
 
     def add_context(self, ctx: IRTLSContext) -> None:
         if TYPE_CHECKING:
@@ -142,6 +144,8 @@ def add_context(self, ctx: IRTLSContext) -> None:
             ("min_tls_version", self.update_tls_version, "tls_minimum_protocol_version"),
             ("max_tls_version", self.update_tls_version, "tls_maximum_protocol_version"),
             ("sni", self.__setitem__, "sni"),
+            ("match_subject_alt_names", self.update_validation, "match_subject_alt_names"),
+
         ]:
             value = ctx.get(ctxkey, None)