wip: Add replacer vars for mTLS connection details. #67
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is based on the effort in caddyhttp's replacer but
with added Subject/Issuer details.
Also include a minor update to add the cipher_suite replacer for parity.
May be a wee bit overkill, but we actually do OU tests on incoming connections to validate which component in our stack issued the client cert. It did make me think one could refactor this to be sitting in caddy's caddytls module so both may share the Replacer with corresponding prefixes.
I added a basic test based on the http module but didn't know how to go about mocking the entire connection so some of the clientHello replacer values aren't tested.