>>>>> "Ryan" == Ryan Muldoon <[EMAIL PROTECTED]> writes:
Ryan> Geoffrey, Ryan> Thanks for the explanation. Unfortunately, I think I am still a little Ryan> unclear as to how to proceed. If I understand you correctly, my first Ryan> method is completely wrongheaded. (I tried this because it is how the Ryan> "Writing Apache Modules with Perl and C" does it. p.327) So it sounds Ryan> like the second way is the appropriate usage for subprocess_env(). But Ryan> it seems like you're saying that I shouldn't be using that at all. Ryan> Specifically, here is what I'd like to get out of the environment: Ryan> SSL_CLIENT_S_DN_CN Ryan> SSL_CLIENT_S_DN_O Ryan> and things of that nature. According to mod_ssl's documentation, these Ryan> are put in ENV upon processing of a client certificate. Ideally, I'd Ryan> like to make which fields to extract configurable, so I don't want to Ryan> hard-code. Well, then, in any handler after the mod_ssl has run, you should be be able to use $r->subprocess_env("SSL_CLIENT_S_DN_CN") to get at that info. Ryan> Currently, I have Ryan> PerlPassEnv SSL_CLIENT_S_DN_O Ryan> PerlPassEnv SSL_CLIENT_S_DN_CN Ryan> in my httpd.conf, but it doesn't seem to make any kind of difference. Ryan> To make sure it isn't just mod_ssl being lame for some reason, I've Ryan> tried it with DOCUMENT_ROOT and other standard ENV variables. But to no Ryan> avail. :( That takes the enviroment variables that apache was started with and passes those to mod_perl. Probably not what you want. (I'm doing this from memory, so please correct me if I'm wrong.) -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <[EMAIL PROTECTED]> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!