>>>>> "Ryan" == Ryan Muldoon <[EMAIL PROTECTED]> writes:
Ryan> Geoffrey,
Ryan> Thanks for the explanation. Unfortunately, I think I am still a little
Ryan> unclear as to how to proceed. If I understand you correctly, my first
Ryan> method is completely wrongheaded. (I tried this because it is how the
Ryan> "Writing Apache Modules with Perl and C" does it. p.327) So it sounds
Ryan> like the second way is the appropriate usage for subprocess_env(). But
Ryan> it seems like you're saying that I shouldn't be using that at all.
Ryan> Specifically, here is what I'd like to get out of the environment:
Ryan> SSL_CLIENT_S_DN_CN
Ryan> SSL_CLIENT_S_DN_O
Ryan> and things of that nature. According to mod_ssl's documentation, these
Ryan> are put in ENV upon processing of a client certificate. Ideally, I'd
Ryan> like to make which fields to extract configurable, so I don't want to
Ryan> hard-code.
Well, then, in any handler after the mod_ssl has run, you
should be be able to use $r->subprocess_env("SSL_CLIENT_S_DN_CN")
to get at that info.
Ryan> Currently, I have
Ryan> PerlPassEnv SSL_CLIENT_S_DN_O
Ryan> PerlPassEnv SSL_CLIENT_S_DN_CN
Ryan> in my httpd.conf, but it doesn't seem to make any kind of difference.
Ryan> To make sure it isn't just mod_ssl being lame for some reason, I've
Ryan> tried it with DOCUMENT_ROOT and other standard ENV variables. But to no
Ryan> avail. :(
That takes the enviroment variables that apache was started with
and passes those to mod_perl. Probably not what you want.
(I'm doing this from memory, so please correct me if I'm wrong.)
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<[EMAIL PROTECTED]> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
