Re: mod_ssl environment variables

2005-01-17 Thread Matt Stevenson 
You can try something like ...


  # Get SSL variables into subprocess...
  my $subr = $r-lookup_uri( $r-uri() );

  # Get serial and issuer
  my $serial =
$subr-subprocess_env('SSL_CLIENT_M_SERIAL') || ;
  my $issuer_slashes =
$subr-subprocess_env('SSL_CLIENT_I_DN') || ;

Hope that works.

Regards
Matt

--- Jason Kaskel [EMAIL PROTECTED] wrote:

 This is technically both a mod_perl and mod_ssl
 question. Maybe I 
 should harass their mailing list too.
 
 I have a PerlAccessHandler that needs to access
 certificate 
 information.  According to what I've read the
 environment isn't loaded 
 with this information until the fixup phase which
 occurs right before 
 the response phase (and well after the access
 phase).  Is there any 
 other way for me to access certificate information
 this early in the 
 Apache process (specifically the data that gets
 loaded into 
 SSL_CLIENT_S_DN_CN)?  Failing that is there a way
 for me to force the 
 fixup phase to occur before the access phase?
 
 Thanks for any help!
 
 -Jason
 [EMAIL PROTECTED]
 

__
 Apache Interface to OpenSSL (mod_ssl)   
www.modssl.org
 User Support Mailing List 
 modssl-users@modssl.org
 Automated List Manager   
 [EMAIL PROTECTED]
 




__ 
Do you Yahoo!? 
Yahoo! Mail - Helps protect you from nasty viruses. 
http://promotions.yahoo.com/new_mail
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  modssl-users@modssl.org
Automated List Manager[EMAIL PROTECTED]

Re: mod_ssl environment variables

2005-01-17 Thread Joe Orton 
On Fri, Jan 14, 2005 at 04:48:09PM -0500, Jason Kaskel wrote:
 This is technically both a mod_perl and mod_ssl question. Maybe I 
 should harass their mailing list too.
 
 I have a PerlAccessHandler that needs to access certificate 
 information.  According to what I've read the environment isn't loaded 
 with this information until the fixup phase which occurs right before 
 the response phase (and well after the access phase).  Is there any 
 other way for me to access certificate information this early in the 
 Apache process (specifically the data that gets loaded into 
 SSL_CLIENT_S_DN_CN)?  Failing that is there a way for me to force the 
 fixup phase to occur before the access phase?

With the mod_ssl in httpd 2.0, you can do this using Geoff Young's
Apache::SSLLookup module, which extracts variables directly from mod_ssl
rather than going through the environment table:

http://search.cpan.org/~geoff/Apache-SSLLookup-2.00_02/

Regards,

joe
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  modssl-users@modssl.org
Automated List Manager[EMAIL PROTECTED]