Geoffrey,
Thanks for the explanation. Unfortunately, I think I am still a little
unclear as to how to proceed. If I understand you correctly, my first
method is completely wrongheaded. (I tried this because it is how the
"Writing Apache Modules with Perl and C" does it. p.327) So it sounds
like the second way is the appropriate usage for subprocess_env(). But
it seems like you're saying that I shouldn't be using that at all.
Specifically, here is what I'd like to get out of the environment:
SSL_CLIENT_S_DN_CN
SSL_CLIENT_S_DN_O
and things of that nature. According to mod_ssl's documentation, these
are put in ENV upon processing of a client certificate. Ideally, I'd
like to make which fields to extract configurable, so I don't want to
hard-code.
Currently, I have
PerlPassEnv SSL_CLIENT_S_DN_O
PerlPassEnv SSL_CLIENT_S_DN_CN
in my httpd.conf, but it doesn't seem to make any kind of difference.
To make sure it isn't just mod_ssl being lame for some reason, I've
tried it with DOCUMENT_ROOT and other standard ENV variables. But to no
avail. :(
--Ryan
On Mon, 2003-06-09 at 13:59, Geoffrey Young wrote:
> Ryan Muldoon wrote:
> > I'm not able to get *any* variables out from the apache server
> > environment.
>
> ok, first off, this is a two step process for Apache. the first step is
> that modules (like mod_ssl) populate the subprocess_env table with various
> values. then, modules like mod_cgi and mod_perl come along and populate
> %ENV with the values from subprocess_env as well as various other CGI
> specific variables (like DOCUMENT_ROOT or whatever else there is). the
> point is that you're really not after environment variables if you want to
> test for something like $r->subprocess_env('HTTPS') - that it ends up as
> $ENV{HTTPS} is a byproduct of modules like mod_cgi and mod_perl.
>
> just for your own edification :)
>
> > As you might be able to imagine, this is extremely
> > frustrating, and inhibits my ability to do anything of use with
> > mod_perl. My basic technique has been:
> > my $uri = $r->uri;
> > return unless $r->is_main();
> > my $subr = $r->lookup_uri($uri);
> > my $apachecertcomp = $subr->subprocess_env($certcomponent);
>
> I don't understand the need for a subrequest to the same URI -
> subprocess_env has nothing to do with an actual subprocess. each request
> (including subrequests) have their own subprocess_env table attached to $r.
> in many cases, modules are coded to behave differently for subrequests
> than for the main request, so something you may see in $r->subprocess_env()
> could not be in $r->lookup_uri($uri)->subprocess_env().
>
> > But this doesn't work. I also tried
> > my $var = $r->subprocess_env("VARIABLE_NAME");
> > And this does not work either. I really need to be able to use
> > environment variables that mod_ssl sets in my authentication handler.
>
> a few things here too. for the reasons described above, subprocess_env() is
> not a substitute for %ENV, so if what you want is a true %ENV value (such as
> those from PerlPassEnv), you will not be able to get to it via
> $r->subprocess_env().
>
> > Any ideas? Thanks!
>
> HTH
>
> --Geoff
>
>
>
