access log: Add support for downstream TLS session ID (#6888)

The TLS session ID is now accessible as a method on the Ssl::ConnectionInfo object. Add a new %DOWNSTREAM_TLS_SESSION_ID% directive to the file access logger, and a tls_session_id field to the gRPC access logger. Update unit tests to validate the new access log fields. Signed-off-by: Mike Grass <mgrass@salesforce.com> Mirrored from https://github.com/envoyproxy/envoy @ cbd8d57e9fc2921d26236db24b6bf91246ba3b4f
6 years ago · f914626283
parent 59df396177
commit f914626283
1 changed files with 3 additions and 0 deletions
--- a/envoy/data/accesslog/v2/accesslog.proto
+++ b/envoy/data/accesslog/v2/accesslog.proto
@ -255,6 +255,9 @@ message TLSProperties {

  // Properties of the peer certificate used to negotiate TLS.
  CertificateProperties peer_certificate_properties = 5;
+
+  // The TLS session ID.
+  string tls_session_id = 6;
 }

 message HTTPRequestProperties {