At 09:45 PM 11/2/2000 , Muwon Lum wrote:
>I use mod_ssl 2.7.1 for Apache 1.3.14 on Solaris 2.6. I'm
>writing an authentication module that needs to get the
>DN from user's certificate when the user is trying to
>access a resource within the DocumentRoot.
>
>In my authentication module, I try to access the SSL_* env vars,
>for example, SSL_CLIENT_S_DN, with:
>
>char *userDN = (char *)ap_table_get(request->subprocess_env,
>"SSL_CLIENT_S_DN");
>
>It returns null.
>
>What's the correct way to get the SSL_* values within my own
>module?
The following could probably be much simpler, but as a starting point...
int get_user_dn(
request_rec *r
)
{
SSLSrvConfigRec *sc = mySrvConfig(r->server);
/*
* Make sure SSL is enabled, connected, and client-authenticated
*/
if (!sc->bEnabled)
return NULL;
if (ap_ctx_get(r->connection->client->ctx, "ssl") == NULL)
return NULL;
if (ap_ctx_get(r->connection->client->ctx, "ssl::client::dn") == NULL)
return NULL;
return ssl_var_lookup(r->pool, r->server, r->connection, r, "SSL_CLIENT_S_DN");
}
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
