More fields in SslDigest

[pfzetto]

Problem

Pingora supports client certificates (using OpenSSL).
One might want to use them to authenticate a request.
Currently it is possible to access some information about the client certificate using SslDigest in the ProxyHttp functions (e.g. request_filter).
Sadly it is missing crucial information (e.g. subject name, subject alt names, issuer name,issuer alt names, ...) about the certificate to use it for authentication.

Solution

If I didn't miss a way to access the X509 directly, I think that a field for the x509 certificate in the SslDigest would provide the easiest and least restrictive solution.

Impact of Solution

I don't know where SslDigest is used / cloned elsewhere, so I can't reason about the performance impact of the proposed solution.

Context

I'm currently building an experimental proxy that implements mTLS for a software (the Proxmox VE web interface) that doesn't support mTLS authentication.
The proxy authenticates the user using the client certificates.
On successful authentication it establishes a session with the web interface using the username and password for the user and injects the session ticket in all requests.