Would it be possible that people are using it that way
for exactly that purpose? I am wondering about this
causing some regression for external users.
> On Feb 22, 2017, at 10:51 AM, Yann Ylavic <ylavic....@gmail.com> wrote:
>
>> On Tue, Feb 21, 2017 at 6:32 PM, Yann Ylavic <ylavic....@gmail.com> wrote:
>>>
>>> Header set Client-SAN "expr=%{PeerExtList:2.5.29.17}"
>
> This currently fails because list functions are not recognized in a
> string context.
>
> For now, lists can be either expressed with the syntax "{ <word>,
> <word>, ... }", with <word> being itself something powerful, or
> obtained from the mod_ssl's PeerExtList() function (grab anything from
> a peer certificate).
>
> For the latter case (or for future functions), it could be useful to
> be able to work on such strings (e.g. with extracting regexes).
> So I wonder if we could return the string elements separated by
> something in the case of lists evaluated in a string context.
>
> For example, the attached patch uses the seprator ", " (quite HTTP
> field inspired), but it could be a json string or whatever...
> We could also have an explicit tostring/tojson() function which would
> stringify anything as argument.
>
> Or yet more operators on lists, like list_empty(), list_first(),
> list_last(), list_nth(), list_match(<list>, <regex>) (returning
> another list of matching entries), ... you name it.
>
> Working on anything from a certificates looks very useful at least.
>
> WDYT?
> <ap_expr_eval_list-string.patch>
