Skip to content

ssl: add OID map properties for proxy-wasm #40178

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
DerekTBrown wants to merge 1 commit into from
Closed

ssl: add OID map properties for proxy-wasm #40178

DerekTBrown wants to merge 1 commit into from

Conversation

@DerekTBrown
Copy link

@DerekTBrown DerekTBrown commented Jul 10, 2025
edited
Loading

This implements the proposal from proxy-wasm/spec#89.

This change adds new methods to the SSL ConnectionInfo interface to expose certificate extension OID maps, which allow proxy-wasm filters to access certificate extension data.

The new properties are:

  • connection.oid_map_local_certificate (map)
  • connection.oid_map_peer_certificate (map)
  • upstream.oid_map_local_certificate (map)
  • upstream.oid_map_peer_certificate (map)

Each property provides a map of OID strings to their values extracted from certificate extensions.

@DerekTBrown
ssl: add OID map properties for proxy-wasm
8fc89ac 
This change adds new methods to the SSL ConnectionInfo interface to expose
certificate extension OID maps, which allow proxy-wasm filters to access
certificate extension data. This implements the proposal from
proxy-wasm/spec#89.

The new properties are:
- connection.oid_map_local_certificate (map)
- connection.oid_map_peer_certificate (map)
- upstream.oid_map_local_certificate (map)
- upstream.oid_map_peer_certificate (map)

Each property provides a map of OID strings to their values extracted from
certificate extensions.

Signed-off-by: Derek Brown <6845676+DerekTBrown@users.noreply.github.com>
@repokitteh-read-only
Copy link

repokitteh-read-only bot commented Jul 10, 2025

Hi @DerekTBrown, welcome and thank you for your contribution.

We will try to review your Pull Request as quickly as possible.

In the meantime, please take a look at the contribution guidelines if you have not done so already.

🐱

Caused by: #40178 was opened by DerekTBrown.

see: more, trace.

@repokitteh-read-only
Copy link

repokitteh-read-only bot commented Jul 10, 2025

As a reminder, PRs marked as draft will not be automatically assigned reviewers,
or be handled by maintainer-oncall triage.

Please mark your PR as ready when you want it to be reviewed!

🐱

Caused by: #40178 was opened by DerekTBrown.

see: more, trace.

DerekTBrown
DerekTBrown commented Jul 10, 2025
View reviewed changes
source/common/tls/connection_info_impl_base.h
Comment on lines 91 to 92
OidsPeerCertificate,
OidsLocalCertificate,
Copy link
Author

@DerekTBrown DerekTBrown Jul 10, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note to self: we could probably drop this in favor of the OidMapPeerCertificate/OidMapLocalCertificate implementation, and just iterate over keys when needed.

This was referenced Jul 10, 2025
Open
Open
@github-actions
Copy link

github-actions bot commented Aug 9, 2025

This pull request has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!

@github-actions github-actions bot added the stale stalebot believes this issue/PR has not been touched recently label Aug 9, 2025
@github-actions
Copy link

github-actions bot commented Aug 16, 2025

This pull request has been automatically closed because it has not had activity in the last 37 days. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!

@github-actions github-actions bot closed this Aug 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

stale stalebot believes this issue/PR has not been touched recently

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DerekTBrown