caddyhttp: parse UID field from client certificates

This requires a patch to the Go standard library.
nyantec · Oct 16, 2024 · e7987ce · e7987ce
1 parent c6f2979
commit e7987ce
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/modules/caddyhttp/replacer.go b/modules/caddyhttp/replacer.go
@@ -384,7 +384,6 @@ func getReqTLSReplacement(req *http.Request, key string) (any, bool) {
 	}
 
 	field := strings.ToLower(key[len(reqTLSReplPrefix):])
-
 	if strings.HasPrefix(field, "client.") {
 		cert := getTLSPeerCert(req.TLS)
 		if cert == nil {
@@ -409,6 +408,10 @@ func getReqTLSReplacement(req *http.Request, key string) (any, bool) {
 			case strings.HasPrefix(field, "uris"):
 				fieldName = "uris"
 				fieldValue = cert.URIs
+			// Maybe there's a better place for this
+			case strings.HasPrefix(field, "uids"):
+				fieldName = "uids"
+				fieldValue = cert.Subject.Uid
 			default:
 				return nil, false
 			}