On Mon, Sep 19, 2005 at 01:39:22PM -0400, Geoffrey Young wrote:
>
> > +#ifdef HAVE_SSL_EXT_LOOKUP
> > if (!ext_lookup) {
> > ap_rputs("ssl_ext_lookup not available", r);
> > return OK;
> > }
>
> hey, speaking of this ext_lookup, can you give me an example of what this
> function does? in Apache::SSLLookup I've added perl glue for this method,
> and right now I've got 2 forms:
>
> my $client_foo = $r->ext_lookup($something, 1);
> my $server_foo = $r->ext_lookup($something);
>
> but I really could never figure out what to glean from the generated ssl
> certificates to test against, what to pass as $something, etc.
"$something" should be the OID (unique identifier) of the extension
which you wish to look up.
The ssl_ext_lookup function has just been replaced with ssl_ext_list so
you'd probably want to support the latter. ssl_ext_list returns an
array of all extensions with that
All the certificates which are automatically generated in Apache-Test
have an "nsComment" extension, which has OID "2.16.840.1.113730.1.13",
set to "This Is A Comment", that's what I used for the t/ssl/extlookup.t
test.
So with 2.1.7 $r->ext_lookup("2.16.840.1.113730.1.13") should return
"This Is A Comment" for any SSL vhost in the test suite if it works
properly.
joe
