On Mon, Sep 19, 2005 at 01:39:22PM -0400, Geoffrey Young wrote:
+#ifdef HAVE_SSL_EXT_LOOKUP
if (!ext_lookup) {
ap_rputs(ssl_ext_lookup not available, r);
return OK;
}
hey, speaking of this ext_lookup, can you give me an example of what this
function does? in Apache::SSLLookup I've added perl glue for this method,
and right now I've got 2 forms:
my $client_foo = $r-ext_lookup($something, 1);
my $server_foo = $r-ext_lookup($something);
but I really could never figure out what to glean from the generated ssl
certificates to test against, what to pass as $something, etc.
$something should be the OID (unique identifier) of the extension
which you wish to look up.
The ssl_ext_lookup function has just been replaced with ssl_ext_list so
you'd probably want to support the latter. ssl_ext_list returns an
array of all extensions with that
All the certificates which are automatically generated in Apache-Test
have an nsComment extension, which has OID 2.16.840.1.113730.1.13,
set to This Is A Comment, that's what I used for the t/ssl/extlookup.t
test.
So with 2.1.7 $r-ext_lookup(2.16.840.1.113730.1.13) should return
This Is A Comment for any SSL vhost in the test suite if it works
properly.
joe