MCPcopy
hub / github.com/caddyserver/caddy / getReqTLSReplacement

Function getReqTLSReplacement

modules/caddyhttp/replacer.go:406–539  ·  view source on GitHub ↗
(req *http.Request, key string)

Source from the content-addressed store, hash-verified

404}
405
406func getReqTLSReplacement(req *http.Request, key string) (any, bool) {
407 if req == nil || req.TLS == nil {
408 return nil, false
409 }
410
411 if len(key) < len(reqTLSReplPrefix) {
412 return nil, false
413 }
414
415 field := strings.ToLower(key[len(reqTLSReplPrefix):])
416
417 if strings.HasPrefix(field, "client.") {
418 cert := getTLSPeerCert(req.TLS)
419 if cert == nil {
420 // Instead of returning (nil, false) here, we set it to a dummy
421 // value to fix #7530. This way, even if there is no client cert,
422 // evaluating placeholders with ReplaceKnown() will still remove
423 // the placeholder, which would be expected. It is not expected
424 // for the placeholder to sometimes get removed based on whether
425 // the client presented a cert. We also do not return true here
426 // because we probably should remain accurate about whether a
427 // placeholder is, in fact, known or not.
428 // (This allocation may be slightly inefficient.)
429 cert = new(x509.Certificate)
430 }
431
432 // subject alternate names (SANs)
433 if strings.HasPrefix(field, "client.san.") {
434 field = field[len("client.san."):]
435 var fieldName string
436 var fieldValue any
437 switch {
438 case strings.HasPrefix(field, "dns_names"):
439 fieldName = "dns_names"
440 fieldValue = cert.DNSNames
441 case strings.HasPrefix(field, "emails"):
442 fieldName = "emails"
443 fieldValue = cert.EmailAddresses
444 case strings.HasPrefix(field, "ips"):
445 fieldName = "ips"
446 fieldValue = cert.IPAddresses
447 case strings.HasPrefix(field, "uris"):
448 fieldName = "uris"
449 fieldValue = cert.URIs
450 default:
451 return nil, false
452 }
453 field = field[len(fieldName):]
454
455 // if no index was specified, return the whole list
456 if field == "" {
457 return fieldValue, true
458 }
459 if len(field) < 2 || field[0] != '.' {
460 return nil, false
461 }
462 field = field[1:] // trim '.' between field name and index
463

Callers 1

addHTTPVarsToReplacerFunction · 0.85

Calls 3

ProtocolNameFunction · 0.92
getTLSPeerCertFunction · 0.85
marshalPublicKeyFunction · 0.85

Tested by

no test coverage detected