From b01bb275b395643542ceca4fbc82bedea8e43937 Mon Sep 17 00:00:00 2001
From: Gaurav Dhameeja <gdhameeja@gmail.com>
Date: Thu, 17 Sep 2020 02:36:51 +0530
Subject: caddyhttp: New placeholder for PEM of client certificate (#3662)

* Fix-3585: added placeholder for a PEM encoded value of the certificate

* Update modules/caddyhttp/replacer.go

Change type of block and empty headers removed

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

* fixed tests

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
---
 modules/caddyhttp/replacer.go | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'modules/caddyhttp/replacer.go')

diff --git a/modules/caddyhttp/replacer.go b/modules/caddyhttp/replacer.go
index 3f4a808..3993433 100644
--- a/modules/caddyhttp/replacer.go
+++ b/modules/caddyhttp/replacer.go
@@ -25,6 +25,7 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"encoding/asn1"
+	"encoding/pem"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -343,6 +344,9 @@ func getReqTLSReplacement(req *http.Request, key string) (interface{}, bool) {
 			return cert.SerialNumber, true
 		case "client.subject":
 			return cert.Subject, true
+		case "client.certificate_pem":
+			block := pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw}
+			return pem.EncodeToMemory(&block), true
 		default:
 			return nil, false
 		}
-- 
cgit v1.2.3