Re: Accessing mod_ssl information from mod_perl modules

[Stas Bekman]

Byron Ellacott wrote:
 Hi,
 
 I've been trying rather unsuccessfully to write an Authen handler that
 is able to detect an SSL connection and use the SSL certificate serial
 as an index into a database table.
 
 The problem I'm facing is how to discover the SSL connection information
 in an Authen handler.
 
 At a later phase, the SSL certificate is available in
 $r-subprocess_env(), in various forms.  I can, for example, turn on
 SSLOptions +StdEnvVars and access
 $r-subprocess_env(SSL_CLIENT_M_SERIAL) and get what I'd expect. 
 However, authenticating and authorizing in the Response phase has
 several downsides.  The first is that there are phases specifically for
 this work.  The second is that if (when) I want to replace SSL
 authentication with Basic, or with JRandomAuthenModule, I'll have to
 modify my Response handler, or have it do an ifthenelsifthenelse block.
 
 So, from reading the mod_ssl source, it appears all the information I
 want is attached to the request object in a pool.  APR::Pool has no
 manpage, I can't figure out how APR::Pool ties into the mod_perl source
 code, and basically I'm completely stuck with no idea how to, or even if
 I can, access this information.

You are talking about mod_perl 2.0, aren't you? Please make that clear 
upfront, preferrably in the subject of your post.

What do you need APR::Pool for? What are you trying to do (code sample) 
and failing to?

APR::Pool is just a class that encapsulates the apr_pool objects. There 
is not much you can do with these objects. You can find the sample usage 
in t/response/TestAPR/pool.pm.

As previously mentioned here, currently if you need to know how a new 
Apache:: or APR:: class works, your best source of information is the 
test suite, unless you prefer to look at the source code.

The new manpages won't be written until we get the automated docs 
generation based on httpd-2.0 header files working. There are too many 
manpages and the API is still changing so it doesn't worth doing any 
manual work before it gets frozen.


__
Stas BekmanJAm_pH -- Just Another mod_perl Hacker
http://stason.org/ mod_perl Guide --- http://perl.apache.org
mailto:[EMAIL PROTECTED] http://use.perl.org http://apacheweek.com
http://modperlbook.org http://apache.org   http://ticketmaster.com

Accessing mod_ssl information from mod_perl modules

[Byron Ellacott]

Hi,

I've been trying rather unsuccessfully to write an Authen handler that
is able to detect an SSL connection and use the SSL certificate serial
as an index into a database table.

The problem I'm facing is how to discover the SSL connection information
in an Authen handler.

At a later phase, the SSL certificate is available in
$r-subprocess_env(), in various forms.  I can, for example, turn on
SSLOptions +StdEnvVars and access
$r-subprocess_env(SSL_CLIENT_M_SERIAL) and get what I'd expect. 
However, authenticating and authorizing in the Response phase has
several downsides.  The first is that there are phases specifically for
this work.  The second is that if (when) I want to replace SSL
authentication with Basic, or with JRandomAuthenModule, I'll have to
modify my Response handler, or have it do an ifthenelsifthenelse block.

So, from reading the mod_ssl source, it appears all the information I
want is attached to the request object in a pool.  APR::Pool has no
manpage, I can't figure out how APR::Pool ties into the mod_perl source
code, and basically I'm completely stuck with no idea how to, or even if
I can, access this information.

Little help?

-- 
bje