Cutlery/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-11-18 20:43:23 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

http: create a placeholder for and log ech status

Browse Source
This commit is contained in:
WeidiDeng 2025-10-31 08:26:57 +08:00
parent 92c8bc7322
commit 1a5f1af43c
No known key found for this signature in database
GPG Key ID: 25F87CE1741EC7CD
3 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
modules/caddyhttp/app.go
View File

@ -82,6 +82,7 @@ func init() {
// `{http.request.tls.proto}` | The negotiated next protocol // `{http.request.tls.proto}` | The negotiated next protocol
// `{http.request.tls.proto_mutual}` | The negotiated next protocol was advertised by the server // `{http.request.tls.proto_mutual}` | The negotiated next protocol was advertised by the server
// `{http.request.tls.server_name}` | The server name requested by the client, if any // `{http.request.tls.server_name}` | The server name requested by the client, if any
// `{http.request.tls.ech_accepted}` | ECH offered by the client and accepted by the server
// `{http.request.tls.client.fingerprint}` | The SHA256 checksum of the client certificate // `{http.request.tls.client.fingerprint}` | The SHA256 checksum of the client certificate
// `{http.request.tls.client.public_key}` | The public key of the client certificate. // `{http.request.tls.client.public_key}` | The public key of the client certificate.
// `{http.request.tls.client.public_key_sha256}` | The SHA256 checksum of the client's public key. // `{http.request.tls.client.public_key_sha256}` | The SHA256 checksum of the client's public key.

1
modules/caddyhttp/marshalers.go
View File

@ -110,6 +110,7 @@ func (t LoggableTLSConnState) MarshalLogObject(enc zapcore.ObjectEncoder) error
enc.AddUint16("cipher_suite", t.CipherSuite) enc.AddUint16("cipher_suite", t.CipherSuite)
enc.AddString("proto", t.NegotiatedProtocol) enc.AddString("proto", t.NegotiatedProtocol)
enc.AddString("server_name", t.ServerName) enc.AddString("server_name", t.ServerName)
enc.AddBool("ech_accepted", t.ECHAccepted)
if len(t.PeerCertificates) > 0 { if len(t.PeerCertificates) > 0 {
enc.AddString("client_common_name", t.PeerCertificates[0].Subject.CommonName) enc.AddString("client_common_name", t.PeerCertificates[0].Subject.CommonName)
enc.AddString("client_serial", t.PeerCertificates[0].SerialNumber.String()) enc.AddString("client_serial", t.PeerCertificates[0].SerialNumber.String())

2
modules/caddyhttp/replacer.go
View File

@ -511,6 +511,8 @@ func getReqTLSReplacement(req *http.Request, key string) (any, bool) {
return true, true return true, true
case "server_name": case "server_name":
return req.TLS.ServerName, true return req.TLS.ServerName, true
case "ech_accepted":
return req.TLS.ECHAccepted, true
} }
return nil, false return nil, false
} }