forked from envoyproxy/envoy
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathssl_context_manager.cc
65 lines (52 loc) · 2.07 KB
/
ssl_context_manager.cc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#include "source/server/ssl_context_manager.h"
#include <cstddef>
#include "envoy/common/exception.h"
#include "envoy/registry/registry.h"
namespace Envoy {
namespace Server {
/**
* A stub that provides a SSL context manager capable of reporting on
* certificates' data in case there's no TLS implementation built
* into Envoy.
*/
class SslContextManagerNoTlsStub final : public Envoy::Ssl::ContextManager {
Ssl::ClientContextSharedPtr
createSslClientContext(Stats::Scope& /* scope */,
const Envoy::Ssl::ClientContextConfig& /* config */) override {
throwException();
}
Ssl::ServerContextSharedPtr
createSslServerContext(Stats::Scope& /* scope */,
const Envoy::Ssl::ServerContextConfig& /* config */,
const std::vector<std::string>& /* server_names */) override {
throwException();
}
absl::optional<uint32_t> daysUntilFirstCertExpires() const override {
return absl::make_optional(std::numeric_limits<uint32_t>::max());
}
absl::optional<uint64_t> secondsUntilFirstOcspResponseExpires() const override {
return absl::nullopt;
}
void iterateContexts(std::function<void(const Envoy::Ssl::Context&)> /* callback */) override{};
Ssl::PrivateKeyMethodManager& privateKeyMethodManager() override { throwException(); }
void removeContext(const Envoy::Ssl::ContextSharedPtr& old_context) override {
if (old_context) {
throw EnvoyException("SSL is not supported in this configuration");
}
}
private:
[[noreturn]] void throwException() {
throw EnvoyException("SSL is not supported in this configuration");
}
};
Ssl::ContextManagerPtr createContextManager(const std::string& factory_name,
TimeSource& time_source) {
Ssl::ContextManagerFactory* factory =
Registry::FactoryRegistry<Ssl::ContextManagerFactory>::getFactory(factory_name);
if (factory != nullptr) {
return factory->createContextManager(time_source);
}
return std::make_unique<SslContextManagerNoTlsStub>();
}
} // namespace Server
} // namespace Envoy