xds: client should NACK RDS response with regex (not safe_regex)

[menghanl]

grpc-go/xds/internal/client/client_xds.go

Lines 264 to 275 in bce1fdf

	var route Route
	switch pt := pathSp.(type) {
	case *v3routepb.RouteMatch_Prefix:
	route.Prefix = &pt.Prefix
	case *v3routepb.RouteMatch_Path:
	route.Path = &pt.Path
	case *v3routepb.RouteMatch_SafeRegex:
	route.Regex = &pt.SafeRegex.Regex
	default:
	logger.Warningf("route %+v has an unrecognized path specifier: %+v", r, pt)
	continue
	}

https://github.com/grpc/proposal/blob/master/A28-xds-traffic-splitting-and-routing.md#response-validation

[menghanl]

v3 route proto doesn't have the regex field: https://github.com/envoyproxy/go-control-plane/blob/5d7dab350af2fdbfab6603de2e4b2fd6f82b5ebd/envoy/config/route/v3/route_components.pb.go#L1018.

v2 route does though: https://github.com/envoyproxy/go-control-plane/blob/5d7dab350af2fdbfab6603de2e4b2fd6f82b5ebd/envoy/api/v2/route/route_components.pb.go#L930

In the current xds_client, we unmarshall all wire bytes into a v3 message. If regex is set, it will be dropped during unmarshal() (as an unknown message field). So there's no way to check and NACK regex if we keep the current v3 message approach.

[menghanl]

We should NACK the response if it has none of the known fields set.
E.g. if path_specifier doesn't have prefix or path or safeRegex (which are what the client knows of, and can change if the client can handle more types later).

[menghanl]

Another thing to check in the route: RouteAction_WeightedClusters.
If WeightedClusters has 0 clusters in it, this route is invalid. The whole RDS response should be NACK'ed.