/proc/self/cwd/envoy/ssl/context_manager.h
Line | Count | Source |
1 | | #pragma once |
2 | | |
3 | | #include <functional> |
4 | | |
5 | | #include "envoy/common/time.h" |
6 | | #include "envoy/config/typed_config.h" |
7 | | #include "envoy/ssl/context.h" |
8 | | #include "envoy/ssl/context_config.h" |
9 | | #include "envoy/ssl/private_key/private_key.h" |
10 | | #include "envoy/stats/scope.h" |
11 | | |
12 | | namespace Envoy { |
13 | | |
14 | | namespace Server { |
15 | | namespace Configuration { |
16 | | class CommonFactoryContext; |
17 | | } // namespace Configuration |
18 | | } // namespace Server |
19 | | |
20 | | namespace Ssl { |
21 | | |
22 | | using ContextAdditionalInitFunc = |
23 | | std::function<absl::Status(Ssl::TlsContext& context, const Ssl::TlsCertificateConfig& cert)>; |
24 | | |
25 | | /** |
26 | | * Manages all of the SSL contexts in the process |
27 | | */ |
28 | | class ContextManager { |
29 | | public: |
30 | 17.1k | virtual ~ContextManager() = default; |
31 | | |
32 | | /** |
33 | | * Builds a ClientContext from a ClientContextConfig. |
34 | | */ |
35 | | virtual absl::StatusOr<ClientContextSharedPtr> |
36 | | createSslClientContext(Stats::Scope& scope, const ClientContextConfig& config) PURE; |
37 | | |
38 | | /** |
39 | | * Builds a ServerContext from a ServerContextConfig. |
40 | | */ |
41 | | virtual absl::StatusOr<ServerContextSharedPtr> |
42 | | createSslServerContext(Stats::Scope& scope, const ServerContextConfig& config, |
43 | | const std::vector<std::string>& server_names, |
44 | | ContextAdditionalInitFunc additional_init) PURE; |
45 | | |
46 | | /** |
47 | | * @return the number of days until the next certificate being managed will expire, the value is |
48 | | * set when not expired. |
49 | | */ |
50 | | virtual absl::optional<uint32_t> daysUntilFirstCertExpires() const PURE; |
51 | | |
52 | | /** |
53 | | * Iterates through the contexts currently attached to a listener. |
54 | | */ |
55 | | virtual void iterateContexts(std::function<void(const Context&)> callback) PURE; |
56 | | |
57 | | /** |
58 | | * Access the private key operations manager, which is part of SSL |
59 | | * context manager. |
60 | | */ |
61 | | virtual PrivateKeyMethodManager& privateKeyMethodManager() PURE; |
62 | | |
63 | | /** |
64 | | * @return the number of seconds until the next OCSP response being managed will |
65 | | * expire, or `absl::nullopt` if no OCSP responses exist. |
66 | | */ |
67 | | virtual absl::optional<uint64_t> secondsUntilFirstOcspResponseExpires() const PURE; |
68 | | |
69 | | /** |
70 | | * Remove an existing ssl context. |
71 | | */ |
72 | | virtual void removeContext(const Envoy::Ssl::ContextSharedPtr& old_context) PURE; |
73 | | }; |
74 | | |
75 | | using ContextManagerPtr = std::unique_ptr<ContextManager>; |
76 | | |
77 | | } // namespace Ssl |
78 | | } // namespace Envoy |