1 
#pragma once
2 

            

        

            

                3
            

            

                
            

            

                
#include "source/common/common/empty_string.h"

            

        

            

                4
            

            

                
            

            

                
#include "source/common/tls/connection_info_impl_base.h"

            

        

            

                5
            

            

                
            

            

                

            

        

            

                6
            

            

                
            

            

                
#include "quiche/quic/core/quic_session.h"

            

        

            

                7
            

            

                
            

            

                

            

        

            

                8
            

            

                
            

            

                
namespace Envoy {

            

        

            

                9
            

            

                
            

            

                
namespace Quic {

            

        

            

                10
            

            

                
            

            

                

            

        

            

                11
            

            

                
            

            

                
// A wrapper of a QUIC session to be passed around as an indicator of ssl support and to provide

            

        

            

                12
            

            

                
            

            

                
// access to the SSL object in QUIC crypto stream.

            

        

            

                13
            

            

                
            

            

                
class QuicSslConnectionInfo : public Extensions::TransportSockets::Tls::ConnectionInfoImplBase {

            

        

            

                14
            

            

                
            

            

                
public:

            

        

            

                15
            

            

                6123
            

            

                
  QuicSslConnectionInfo(quic::QuicSession& session) : session_(session) {}

            

        

            

                16
            

            

                
            

            

                

            

        

            

                17
            

            

                
            

            

                
  // Ssl::ConnectionInfo

            

        

            

                18
            

            

                1
            

            

                
  bool peerCertificateValidated() const override { return cert_validated_; };

            

        

            

                19
            

            

                
            

            

                
  // Extensions::TransportSockets::Tls::ConnectionInfoImplBase

            

        

            

                20
            

            

                25
            

            

                
  SSL* ssl() const override {

            

        

            

                21
            

            

                25
            

            

                
    ASSERT(session_.GetCryptoStream() != nullptr);

            

        

            

                22
            

            

                25
            

            

                
    ASSERT(session_.GetCryptoStream()->GetSsl() != nullptr);

            

        

            

                23
            

            

                25
            

            

                
    return session_.GetCryptoStream()->GetSsl();

            

        

            

                24
            

            

                25
            

            

                
  }

            

        

            

                25
            

            

                
            

            

                

            

        

            

                26
            

            

                
            

            

                
  // Extensions::TransportSockets::Tls::ConnectionInfoImplBase

            

        

            

                27
            

            

                
            

            

                
  // TODO(#23809) populate those field once we support mutual TLS.

            

        

            

                28
            

            

                1
            

            

                
  bool peerCertificatePresented() const override { return false; }

            

        

            

                29
            

            

                1
            

            

                
  const std::string& sha256PeerCertificateDigest() const override { return EMPTY_STRING; }

            

        

            

                30
            

            

                1
            

            

                
  const std::string& sha1PeerCertificateDigest() const override { return EMPTY_STRING; }

            

        

            

                31
            

            

                1
            

            

                
  absl::Span<const std::string> uriSanPeerCertificate() const override { return {}; }

            

        

            

                32
            

            

                1
            

            

                
  const std::string& serialNumberPeerCertificate() const override { return EMPTY_STRING; }

            

        

            

                33
            

            

                1
            

            

                
  const std::string& issuerPeerCertificate() const override { return EMPTY_STRING; }

            

        

            

                34
            

            

                1
            

            

                
  const std::string& subjectPeerCertificate() const override { return EMPTY_STRING; }

            

        

            

                35
            

            

                
            

            

                
  Ssl::ParsedX509NameOptConstRef parsedSubjectPeerCertificate() const override {

            

        

            

                36
            

            

                
            

            

                
    return absl::nullopt;

            

        

            

                37
            

            

                
            

            

                
  }

            

        

            

                38
            

            

                1
            

            

                
  const std::string& urlEncodedPemEncodedPeerCertificate() const override { return EMPTY_STRING; }

            

        

            

                39
            

            

                1
            

            

                
  const std::string& urlEncodedPemEncodedPeerCertificateChain() const override {

            

        

            

                40
            

            

                1
            

            

                
    return EMPTY_STRING;

            

        

            

                41
            

            

                1
            

            

                
  }

            

        

            

                42
            

            

                1
            

            

                
  absl::Span<const std::string> dnsSansPeerCertificate() const override { return {}; }

            

        

            

                43
            

            

                1
            

            

                
  absl::optional<SystemTime> validFromPeerCertificate() const override { return absl::nullopt; }

            

        

            

                44
            

            

                1
            

            

                
  absl::optional<SystemTime> expirationPeerCertificate() const override { return absl::nullopt; }

            

        

            

                45
            

            

                
            

            

                
  // QUIC SSL object doesn't cache local certs after the handshake.

            

        

            

                46
            

            

                
            

            

                
  // TODO(danzh) cache these fields during cert chain retrieval.

            

        

            

                47
            

            

                1
            

            

                
  const std::string& subjectLocalCertificate() const override { return EMPTY_STRING; }

            

        

            

                48
            

            

                1
            

            

                
  absl::Span<const std::string> uriSanLocalCertificate() const override { return {}; }

            

        

            

                49
            

            

                1
            

            

                
  absl::Span<const std::string> dnsSansLocalCertificate() const override { return {}; }

            

        

            

                50
            

            

                
            

            

                

            

        

            

                51
            

            

                2936
            

            

                
  void onCertValidated() { cert_validated_ = true; };

            

        

            

                52
            

            

                
            

            

                

            

        

            

                53
            

            

                
            

            

                
private:

            

        

            

                54
            

            

                
            

            

                
  quic::QuicSession& session_;

            

        

            

                55
            

            

                
            

            

                
  bool cert_validated_{false};

            

        

            

                56
            

            

                
            

            

                
};

            

        

            

                57
            

            

                
            

            

                

            

        

            

                58
            

            

                
            

            

                
} // namespace Quic

            

        

            

                59
            

            

                
            

            

                
} // namespace Envoy