subject:"RE\: CGI\/SSL spec\?"

Re: CGI/SSL spec?

2003-08-22 Thread Philip Champon

Thanks, but I was more so looking to find out if there was some sort of
formal spec that the mod_ssl team used to decide what SSL environment
variables to create. I am making some changes to stunnel to support http
proxying and I wanted to include some headers for user CGIs. Since I can
not find any spec, describing what SSL environment variables are expected,
I have simply chosen to insert the headers X-Https and X-Session-Id.

Thus spake Colin Faber, on the year of our L*rd Wed, Aug 20, 2003 at 05:32:58PM -0600:
 Dumping the environment variables is a very simple task. Try:
 
 
 #!/bin/sh
 echo Content-type: text/plain
 echo 
 /usr/bin/printenv
 
 
 chmod it and stick it on your SSL server and run it.
 
 
 Philip Champon wrote:
 
 Hi,
 
 I tried searching the archives, to find out where I might be able
 to read about a CGI/SSL spec, but I couldn't turn anything up?
 While I have read the mod_ssl ref on envirionment variables, I was
 hoping to find out what source the group used to compile this list
 of environment variables. I also consulted the CGI spec, but it did
 not cover any SSL specific variables.
 
 Could someone tell me, is there such a spec, or did the group arbitrarily
 compile a list of SSL env vars to include in the CGI env?
 
 
 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

-- 
Philip Champon Affinity Developer
Ph - 954-334-8156
Em - [EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

RE: CGI/SSL spec?

2003-08-22 Thread Dave Paris

http://www.apache-ssl.org/docs.html#CGI

but there is no RFC for SSL envvars that I'm aware of.  mod_ssl offers a
more complete list than is shown above.  This can be found at:

http://www.modssl.org/docs/2.8/ssl_reference.html#ToC25

since the server is what's setting the environment variable, you need to go
by the documentation you're working with.  A good example of a popular, yet
optional envvar is HTTP_REFERER .. this is a completely optional envvar left
up to the browser's implementation team.  So, to depend on this variable,
you need to be positive of the client hitting your server.  Likewise the SSL
envvars.

Regards,
-dsp


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Philip Champon
Sent: Friday, August 22, 2003 2:42 PM
To: [EMAIL PROTECTED]
Subject: Re: CGI/SSL spec?


Thanks, but I was more so looking to find out if there was some sort of
formal spec that the mod_ssl team used to decide what SSL environment
variables to create. I am making some changes to stunnel to support http
proxying and I wanted to include some headers for user CGIs. Since I can
not find any spec, describing what SSL environment variables are expected,
I have simply chosen to insert the headers X-Https and X-Session-Id.

Thus spake Colin Faber, on the year of our L*rd Wed, Aug 20, 2003 at
05:32:58PM -0600:
 Dumping the environment variables is a very simple task. Try:


 #!/bin/sh
 echo Content-type: text/plain
 echo 
 /usr/bin/printenv


 chmod it and stick it on your SSL server and run it.


 Philip Champon wrote:

 Hi,
 
 I tried searching the archives, to find out where I might be able
 to read about a CGI/SSL spec, but I couldn't turn anything up?
 While I have read the mod_ssl ref on envirionment variables, I was
 hoping to find out what source the group used to compile this list
 of environment variables. I also consulted the CGI spec, but it did
 not cover any SSL specific variables.
 
 Could someone tell me, is there such a spec, or did the group arbitrarily
 compile a list of SSL env vars to include in the CGI env?
 

 __
 Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
 User Support Mailing List  [EMAIL PROTECTED]
 Automated List Manager[EMAIL PROTECTED]

--
Philip Champon Affinity Developer
Ph - 954-334-8156
Em - [EMAIL PROTECTED]
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]



__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: CGI/SSL spec?

2003-08-20 Thread Colin Faber

Hi Philip,

Dumping the environment variables is a very simple task. Try:

#!/bin/sh
echo Content-type: text/plain
echo 
/usr/bin/printenv
chmod it and stick it on your SSL server and run it.

Philip Champon wrote:

Hi,

I tried searching the archives, to find out where I might be able
to read about a CGI/SSL spec, but I couldn't turn anything up?
While I have read the mod_ssl ref on envirionment variables, I was
hoping to find out what source the group used to compile this list
of environment variables. I also consulted the CGI spec, but it did
not cover any SSL specific variables.
Could someone tell me, is there such a spec, or did the group arbitrarily
compile a list of SSL env vars to include in the CGI env?
__
Apache Interface to OpenSSL (mod_ssl)   www.modssl.org
User Support Mailing List  [EMAIL PROTECTED]
Automated List Manager[EMAIL PROTECTED]

Re: CGI/SSL spec?

RE: CGI/SSL spec?

Re: CGI/SSL spec?

3 matches

Site Navigation

Mail list logo

Footer information