22 #include <glog/logging.h> 40 class ClientHelloExtStats;
41 struct SSLCacheOptions;
43 class TLSTicketKeyManager;
44 struct TLSTicketKeySeeds;
45 class ServerSSLContext;
53 std::vector<std::shared_ptr<ServerSSLContext>>
ctxs;
62 std::shared_ptr<folly::SSLContext>,
76 virtual void attachSSLContext(
77 const std::shared_ptr<folly::SSLContext>& sslCtx) = 0;
99 void addSSLContextConfig(
104 const std::shared_ptr<SSLCacheProvider> &externalCache,
118 void resetSSLContextConfigs(
119 const std::vector<SSLContextConfig>& ctxConfig,
123 const std::shared_ptr<SSLCacheProvider> &externalCache);
133 std::shared_ptr<folly::SSLContext>
134 getDefaultSSLCtx()
const;
139 std::shared_ptr<folly::SSLContext>
145 std::shared_ptr<folly::SSLContext>
151 std::shared_ptr<folly::SSLContext>
154 void reloadTLSTicketKeys(
const std::vector<std::string>& oldSeeds,
155 const std::vector<std::string>& currentSeeds,
156 const std::vector<std::string>& newSeeds);
166 clientHelloTLSExtStats_ = stats;
170 clientCertVerifyCallback_ =
std::move(cb);
175 const std::shared_ptr<folly::SSLContext>&,
178 LOG(
FATAL) <<
"Unsupported in base SSLContextManager";
182 const std::shared_ptr<folly::SSLContext>&,
191 void insertSSLCtxByDomainName(
194 std::shared_ptr<folly::SSLContext> sslCtx,
196 CertCrypto certCrypto = CertCrypto::BEST_AVAILABLE);
201 std::shared_ptr<folly::SSLContext> sslCtx,
202 CertCrypto certCrypto = CertCrypto::BEST_AVAILABLE) {
203 insertSSLCtxByDomainName(dn, len, sslCtx, contexts_, certCrypto);
209 void ctxSetupByOpensslFeature(
210 std::shared_ptr<ServerSSLContext> sslCtx,
218 #if FOLLY_OPENSSL_HAS_SNI 219 # define PROXYGEN_HAVE_SERVERNAMECALLBACK 220 folly::SSLContext::ServerNameCallbackResult
221 serverNameCallback(SSL* ssl);
246 std::shared_ptr<ServerSSLContext> sslCtx,
247 bool defaultFallback,
250 void insertSSLCtxByDomainNameImpl(
253 std::shared_ptr<folly::SSLContext> sslCtx,
258 std::shared_ptr<folly::SSLContext> sslCtx,
267 std::unique_ptr<ClientCertVerifyCallback> clientCertVerifyCallback_{
nullptr};
virtual void loadCertKeyPairExternal(const std::shared_ptr< folly::SSLContext > &, const SSLContextConfig &, const std::string &)
SSLContextConfig::SNINoMatchFn noMatchFn_
std::vector< std::shared_ptr< ServerSSLContext > > ctxs
std::shared_ptr< ServerSSLContext > defaultCtx
virtual void overrideConfiguration(const std::shared_ptr< folly::SSLContext > &, const SSLContextConfig &)
constexpr detail::Map< Move > move
void insertSSLCtxByDomainName(const char *dn, size_t len, std::shared_ptr< folly::SSLContext > sslCtx, CertCrypto certCrypto=CertCrypto::BEST_AVAILABLE)
—— Concurrent Priority Queue Implementation ——
requires E e noexcept(noexcept(s.error(std::move(e))))
std::string defaultCtxDomainName
std::function< bool(char const *server_name)> SNINoMatchFn
void setClientHelloExtStats(ClientHelloExtStats *stats)
std::unordered_map< SSLContextKey, std::shared_ptr< folly::SSLContext >, SSLContextKeyHash > dnMap
void setClientVerifyCallback(std::unique_ptr< ClientCertVerifyCallback > cb)
virtual ~ClientCertVerifyCallback()
void swap(exception_wrapper &a, exception_wrapper &b) noexcept
folly::EventBase * eventBase_
void setSSLStats(SSLStats *stats)