Skip to content

feat(sandbox): auto-detect TLS and terminate unconditionally for credential injection#544

Open
johntmyers wants to merge 8 commits intomainfrom
feat/533-auto-tls-termination
Open

feat(sandbox): auto-detect TLS and terminate unconditionally for credential injection#544
johntmyers wants to merge 8 commits intomainfrom
feat/533-auto-tls-termination

Conversation

@johntmyers
Copy link
Collaborator

@johntmyers johntmyers commented Mar 23, 2026

Summary

The sandbox proxy now auto-detects TLS by peeking the first bytes of every allowed connection. When TLS is detected, it terminates unconditionally -- enabling credential injection and optional L7 inspection without requiring explicit tls: terminate in the policy.

Related Issue

Closes #533

UX Changes

Before: Users had to add tls: terminate to each HTTPS endpoint for L7 inspection and credential injection to work. Missing it caused silent 401s or protocol mismatch errors.

After: TLS termination is automatic. Users write L4 rules (host + port) and get credential injection for free. L7 rules add request-level enforcement on top.

  • tls: terminate / tls: passthrough -- deprecated (log warning), treated as auto-detect
  • tls: skip -- new explicit opt-out for raw tunneling
  • No breaking changes for existing policies

Changes

  • l7/tls.rs -- looks_like_tls() detection (TLS ClientHello peek)
  • l7/mod.rs -- TlsMode::Auto/Skip, parse_tls_mode(), deprecation warnings, validation updates
  • l7/relay.rs -- relay_passthrough_with_credentials() for auto-terminated L4 traffic
  • proxy.rs -- Restructured: peek -> auto-detect -> terminate/relay. Fixed CONNECT log message.
  • sandbox-policy.rego -- endpoint_has_extended_config matches tls field
  • mechanistic_mapper.rs -- Removed auto-generated tls: terminate
  • scripts/smoke-test-network-policy.sh -- 8 e2e tests (L4, L7, cred injection, tls:skip)
  • 13 doc files updated (user docs, architecture, skill examples)

Testing

  • 291 unit tests passing
  • Smoke test 8/8 passing
  • E2E (running in CI)

Checklist

  • Follows Conventional Commits
  • Architecture docs updated
  • User-facing docs updated

@johntmyers johntmyers requested a review from a team as a code owner March 23, 2026 04:46
@johntmyers johntmyers added the test:e2e Requires end-to-end coverage label Mar 23, 2026
@johntmyers johntmyers self-assigned this Mar 23, 2026
@johntmyers johntmyers added the test:e2e Requires end-to-end coverage label Mar 23, 2026
@github-actions
Copy link

github-actions bot commented Mar 23, 2026
edited
Loading

PR Preview Action v1.8.1

QR code for preview link

🚀 View preview at
https://NVIDIA.github.io/OpenShell/pr-preview/pr-544/

Built to branch gh-pages at 2026-03-24 01:26 UTC.
Preview will be ready when the GitHub Pages deployment is complete.

@johntmyers
feat(sandbox): auto-detect TLS and terminate unconditionally for cred…
b89fa84 
…ential injection

Closes #533

The proxy now auto-detects TLS by peeking the first bytes of each
connection. When TLS is detected, it terminates unconditionally —
enabling credential injection and optional L7 inspection without
requiring explicit 'tls: terminate' in the policy.

- Add looks_like_tls() detection (TLS ClientHello: 0x16 0x03 0x0N)
- Replace TlsMode::Passthrough/Terminate with Auto/Skip
- Restructure proxy dispatch: peek → auto-detect → terminate/relay
- Add relay_passthrough_with_credentials for terminate-but-no-L7 path
- Deprecate 'tls: terminate' and 'tls: passthrough' (log warnings)
- Add 'tls: skip' as explicit opt-out escape hatch
- Update validation, tests, docs, examples, and skill references
@johntmyers
test(sandbox): add network policy smoke test script for L4/L7/credent…
db64cad 
…ial injection
@johntmyers
fix(sandbox): extract tls:skip from L4-only endpoints via Rego and in…
b6122a6 
…dependent query

The tls field was only parsed when an L7 protocol was configured,
so tls: skip on L4-only endpoints was silently ignored. Fix:
- Add parse_tls_mode() independent of parse_l7_config()
- Add query_tls_mode() in proxy.rs
- Add endpoint_has_extended_config rule for tls field in Rego
- Update smoke test to verify credential injection and tls: skip
@johntmyers
fix(sandbox): add message string to CONNECT allow log to avoid raw so…
0555c26 
…urce location output
@johntmyers
feat(sandbox): log HTTP response status code in L4 credential injecti…
53a05cc 
…on relay
@johntmyers
revert(sandbox): remove response status logging from passthrough rela…
be66d82 
…y pending keep-alive fix
@johntmyers
fix(sandbox): only indicate credential injection in log when resolver…
034617c 
… is present
@johntmyers johntmyers force-pushed the feat/533-auto-tls-termination branch from b88a1b1 to 034617c Compare March 24, 2026 00:36
pimlock
pimlock previously approved these changes Mar 24, 2026
View reviewed changes
@johntmyers johntmyers enabled auto-merge (squash) March 24, 2026 01:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pimlock pimlock pimlock left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@johntmyers johntmyers

Labels

test:e2e Requires end-to-end coverage

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

feat(sandbox): auto-detect TLS and terminate unconditionally for credential injection

2 participants

@johntmyers @pimlock