[PATCH] ssl session id as environment var

tvaughan Wed, 19 May 1999 15:42:32 -0700
This patch makes the ssl session id available via the environment variable
SSL_SESSION_ID. Apache modules may obtain this ssl session id via the
"ap::mod_ssl::var_lookup" EAPI hook. The value of this ssl session id is
actually the concatenation of the hex representation of each byte in the
ssl session id. For example, running this through printenv produces:

SSL_SESSION_ID = bd1c692524d2d3648cb8c87bf71111484eb5dd81777659b479b2dbfbc3ec5d2

The idea behind this is to make the ssl session id available so that other
modules may use the ssl session id as a `key' into their own session table.

-Tom

Index: ssl_engine_kernel.c
===================================================================
RCS file: 
/usr/aventail/src/cvsroot/sdk/mod_ssl/pkg.apache/src/modules/ssl/ssl_engine_kernel.c,v
retrieving revision 1.85
diff -u -3 -r1.85 ssl_engine_kernel.c
--- ssl_engine_kernel.c 1999/05/14 15:37:50     1.85
+++ ssl_engine_kernel.c 1999/05/19 23:14:45
@@ -1041,6 +1041,7 @@
     "SSL_SERVER_I_DN_Email",
     "SSL_SERVER_A_KEY",
     "SSL_SERVER_A_SIG",
+    "SSL_SESSION_ID",
     NULL
 };
 
Index: ssl_engine_vars.c
===================================================================
RCS file: 
/usr/aventail/src/cvsroot/sdk/mod_ssl/pkg.apache/src/modules/ssl/ssl_engine_vars.c,v
retrieving revision 1.34
diff -u -3 -r1.34 ssl_engine_vars.c
--- ssl_engine_vars.c   1999/05/18 09:14:59     1.34
+++ ssl_engine_vars.c   1999/05/19 23:28:11
@@ -309,6 +309,22 @@
         if ((xs = SSL_get_certificate(ssl)) != NULL)
             result = ssl_var_lookup_ssl_cert(p, xs, var+7);
     }
+    else if (strlen(var) == 10 && strcEQn(var, "SESSION_ID", 10)) {
+               SSL_SESSION *pSession = NULL;
+               int i;
+
+               ssl = ap_ctx_get(c->client->ctx, "ssl");
+               if (ssl != NULL) {
+                       pSession = SSL_get_session(ssl);
+                       if (pSession != NULL) {
+                               result = "";
+                               for (i = 0; i < SSL_MAX_SSL_SESSION_ID_LENGTH; i++) {
+                                       result = ap_psprintf(p, "%x%s", 
+pSession->session_id[i],
+                                                                                
+result);
+                               }
+                       }
+               }
+       }
     return result;
 }
 

-- 
Tom Vaughan <tvaughan at aventail dot com>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]
[PATCH] ssl session id as environment var

Reply via email to
