Ryan,
Ust out of curiosity, at what stage in the request chain are you doing
this? If you are doing anything before mod_ssl populates its environment
variables (which I seem to rembmer being at Fixup, although I may be
confusing with something else), you wouldn't be able to access them. You
*should* still be able to get to other Apache environment variables.....
Try an easy one: test for mod_perl. If that works, your environment
variables are OK, and it's likely a mod_ssl problem that you're having.
Issac
----- Original Message -----
From: "Ryan Muldoon" <[EMAIL PROTECTED]>
To: "Geoffrey Young" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Monday, June 09, 2003 10:13 PM
Subject: Re: getting *any* variables out of the server environment
> Geoffrey,
>
> Thanks for the explanation. Unfortunately, I think I am still a little
> unclear as to how to proceed. If I understand you correctly, my first
> method is completely wrongheaded. (I tried this because it is how the
> "Writing Apache Modules with Perl and C" does it. p.327) So it sounds
> like the second way is the appropriate usage for subprocess_env(). But
> it seems like you're saying that I shouldn't be using that at all.
> Specifically, here is what I'd like to get out of the environment:
> SSL_CLIENT_S_DN_CN
> SSL_CLIENT_S_DN_O
> and things of that nature. According to mod_ssl's documentation, these
> are put in ENV upon processing of a client certificate. Ideally, I'd
> like to make which fields to extract configurable, so I don't want to
> hard-code.
>
> Currently, I have
> PerlPassEnv SSL_CLIENT_S_DN_O
> PerlPassEnv SSL_CLIENT_S_DN_CN
> in my httpd.conf, but it doesn't seem to make any kind of difference.
> To make sure it isn't just mod_ssl being lame for some reason, I've
> tried it with DOCUMENT_ROOT and other standard ENV variables. But to no
> avail. :(
>
> --Ryan
>
> On Mon, 2003-06-09 at 13:59, Geoffrey Young wrote:
> > Ryan Muldoon wrote:
> > > I'm not able to get *any* variables out from the apache server
> > > environment.
> >
> > ok, first off, this is a two step process for Apache. the first step is
> > that modules (like mod_ssl) populate the subprocess_env table with
various
> > values. then, modules like mod_cgi and mod_perl come along and populate
> > %ENV with the values from subprocess_env as well as various other CGI
> > specific variables (like DOCUMENT_ROOT or whatever else there is). the
> > point is that you're really not after environment variables if you want
to
> > test for something like $r->subprocess_env('HTTPS') - that it ends up as
> > $ENV{HTTPS} is a byproduct of modules like mod_cgi and mod_perl.
> >
> > just for your own edification :)
> >
> > > As you might be able to imagine, this is extremely
> > > frustrating, and inhibits my ability to do anything of use with
> > > mod_perl. My basic technique has been:
> > > my $uri = $r->uri;
> > > return unless $r->is_main();
> > > my $subr = $r->lookup_uri($uri);
> > > my $apachecertcomp = $subr->subprocess_env($certcomponent);
> >
> > I don't understand the need for a subrequest to the same URI -
> > subprocess_env has nothing to do with an actual subprocess. each
request
> > (including subrequests) have their own subprocess_env table attached to
$r.
> > in many cases, modules are coded to behave differently for subrequests
> > than for the main request, so something you may see in
$r->subprocess_env()
> > could not be in $r->lookup_uri($uri)->subprocess_env().
> >
> > > But this doesn't work. I also tried
> > > my $var = $r->subprocess_env("VARIABLE_NAME");
> > > And this does not work either. I really need to be able to use
> > > environment variables that mod_ssl sets in my authentication handler.
> >
> > a few things here too. for the reasons described above,
subprocess_env() is
> > not a substitute for %ENV, so if what you want is a true %ENV value
(such as
> > those from PerlPassEnv), you will not be able to get to it via
> > $r->subprocess_env().
> >
> > > Any ideas? Thanks!
> >
> > HTH
> >
> > --Geoff
> >
> >
> >
>
