Line data    Source code

       1             : #include "source/server/ssl_context_manager.h"
       2             : 
       3             : #include <cstddef>
       4             : 
       5             : #include "envoy/common/exception.h"
       6             : #include "envoy/registry/registry.h"
       7             : 
       8             : namespace Envoy {
       9             : namespace Server {
      10             : 
      11             : /**
      12             :  * A stub that provides a SSL context manager capable of reporting on
      13             :  * certificates' data in case there's no TLS implementation built
      14             :  * into Envoy.
      15             :  */
      16             : class SslContextManagerNoTlsStub final : public Envoy::Ssl::ContextManager {
      17             :   Ssl::ClientContextSharedPtr
      18             :   createSslClientContext(Stats::Scope& /* scope */,
      19           0 :                          const Envoy::Ssl::ClientContextConfig& /* config */) override {
      20           0 :     throwException();
      21           0 :   }
      22             : 
      23             :   Ssl::ServerContextSharedPtr
      24             :   createSslServerContext(Stats::Scope& /* scope */,
      25             :                          const Envoy::Ssl::ServerContextConfig& /* config */,
      26           0 :                          const std::vector<std::string>& /* server_names */) override {
      27           0 :     throwException();
      28           0 :   }
      29             : 
      30           0 :   absl::optional<uint32_t> daysUntilFirstCertExpires() const override {
      31           0 :     return absl::make_optional(std::numeric_limits<uint32_t>::max());
      32           0 :   }
      33           0 :   absl::optional<uint64_t> secondsUntilFirstOcspResponseExpires() const override {
      34           0 :     return absl::nullopt;
      35           0 :   }
      36             : 
      37           0 :   void iterateContexts(std::function<void(const Envoy::Ssl::Context&)> /* callback */) override{};
      38             : 
      39           0 :   Ssl::PrivateKeyMethodManager& privateKeyMethodManager() override { throwException(); }
      40             : 
      41           0 :   void removeContext(const Envoy::Ssl::ContextSharedPtr& old_context) override {
      42           0 :     if (old_context) {
      43           0 :       throwEnvoyExceptionOrPanic("SSL is not supported in this configuration");
      44           0 :     }
      45           0 :   }
      46             : 
      47             : private:
      48           0 :   [[noreturn]] void throwException() {
      49           0 :     throwEnvoyExceptionOrPanic("SSL is not supported in this configuration");
      50           0 :   }
      51             : };
      52             : 
      53             : Ssl::ContextManagerPtr createContextManager(const std::string& factory_name,
      54         131 :                                             TimeSource& time_source) {
      55         131 :   Ssl::ContextManagerFactory* factory =
      56         131 :       Registry::FactoryRegistry<Ssl::ContextManagerFactory>::getFactory(factory_name);
      57         131 :   if (factory != nullptr) {
      58         131 :     return factory->createContextManager(time_source);
      59         131 :   }
      60             : 
      61           0 :   return std::make_unique<SslContextManagerNoTlsStub>();
      62         131 : }
      63             : 
      64             : } // namespace Server
      65             : } // namespace Envoy