diff options
| author | Nokis Mavrogiannopoulos <nmav@gnutls.org> | 2007-12-10 22:49:20 (GMT) |
|---|---|---|
| committer | Nokis Mavrogiannopoulos <nmav@gnutls.org> | 2007-12-10 22:49:20 (GMT) |
| commit | a592fc96a77530e8c5e04e30389f90074b01d77b (patch) | |
| tree | 603487a5d455a5ec7cfe6a2e27fbeaf938b6ac1a | |
| parent | d45cdc5945cd6ff140890c8e8ea880443b26f4ea (diff) | |
| -rw-r--r-- | README.ENV | 8 | ||||
| -rw-r--r-- | src/gnutls_hooks.c | 12 |
2 files changed, 12 insertions, 8 deletions
| @@ -19,7 +19,7 @@ SSL_CLIENT_V_START: The activation time of client's certificate. | |||
| 19 | SSL_CLIENT_V_END: The expiration time of client's certificate. | 19 | SSL_CLIENT_V_END: The expiration time of client's certificate. |
| 20 | SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. | 20 | SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. |
| 21 | SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. | 21 | SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. |
| 22 | SSL_CLIENT_S_SAN%: These will contain the alternative names of the client certificate | 22 | SSL_CLIENT_S_AN%: These will contain the alternative names of the client certificate |
| 23 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", | 23 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", |
| 24 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value | 24 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value |
| 25 | "UNSUPPORTED" will be set. | 25 | "UNSUPPORTED" will be set. |
| @@ -30,13 +30,13 @@ SSL_CLIENT_A_KEY: The public key algorithm in client's certificate. | |||
| 30 | SSL_CLIENT_CERT: The PEM-encoded client certificate | 30 | SSL_CLIENT_CERT: The PEM-encoded client certificate |
| 31 | SSL_CLIENT_VERIFY: | 31 | SSL_CLIENT_VERIFY: |
| 32 | whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) | 32 | whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) |
| 33 | SSL_CLIENT_S_TYPE: The certificate type can be X.509 or OPENPGP. | 33 | SSL_CLIENT_CERT_TYPE: The certificate type can be X.509 or OPENPGP. |
| 34 | 34 | ||
| 35 | SSL_SERVER_V_START: The activation time of server's certificate. | 35 | SSL_SERVER_V_START: The activation time of server's certificate. |
| 36 | SSL_SERVER_V_END: The expiration time of server's certificate. | 36 | SSL_SERVER_V_END: The expiration time of server's certificate. |
| 37 | SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. | 37 | SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. |
| 38 | SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. | 38 | SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. |
| 39 | SSL_SERVER_S_SAN%: These will contain the alternative names of the server certificate | 39 | SSL_SERVER_S_AN%: These will contain the alternative names of the server certificate |
| 40 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", | 40 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", |
| 41 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value | 41 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value |
| 42 | "UNSUPPORTED" will be set. | 42 | "UNSUPPORTED" will be set. |
| @@ -45,5 +45,5 @@ SSL_SERVER_M_VERSION: The version of the server's certificate. | |||
| 45 | SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. | 45 | SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. |
| 46 | SSL_SERVER_A_KEY: The public key algorithm in server's certificate. | 46 | SSL_SERVER_A_KEY: The public key algorithm in server's certificate. |
| 47 | SSL_SERVER_CERT: The PEM-encoded server certificate | 47 | SSL_SERVER_CERT: The PEM-encoded server certificate |
| 48 | SSL_SERVER_S_TYPE: The certificate type can be X.509 or OPENPGP. | 48 | SSL_SERVER_CERT_TYPE: The certificate type can be X.509 or OPENPGP. |
| 49 | 49 | ||
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 15b66fa..44b2bc1 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c | |||
| @@ -793,7 +793,11 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt cert, int side, | |||
| 793 | apr_psprintf(r->pool, "%u", ret)); | 793 | apr_psprintf(r->pool, "%u", ret)); |
| 794 | 794 | ||
| 795 | apr_table_setn(env, | 795 | apr_table_setn(env, |
| 796 | apr_pstrcat(r->pool, MGS_SIDE, "_CERT_TYPE", NULL), "X.509"); | ||
| 797 | #ifdef COMPAT | ||
| 798 | apr_table_setn(env, | ||
| 796 | apr_pstrcat(r->pool, MGS_SIDE, "_S_TYPE", NULL), "X.509"); | 799 | apr_pstrcat(r->pool, MGS_SIDE, "_S_TYPE", NULL), "X.509"); |
| 800 | #endif | ||
| 797 | 801 | ||
| 798 | tmp = | 802 | tmp = |
| 799 | mgs_time2sz(gnutls_x509_crt_get_expiration_time | 803 | mgs_time2sz(gnutls_x509_crt_get_expiration_time |
| @@ -835,19 +839,19 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt cert, int side, | |||
| 835 | 839 | ||
| 836 | if (ret == GNUTLS_SAN_DNSNAME) { | 840 | if (ret == GNUTLS_SAN_DNSNAME) { |
| 837 | apr_table_setn(env, | 841 | apr_table_setn(env, |
| 838 | apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), | 842 | apr_psprintf(r->pool, "%s_S_AN%u", MGS_SIDE, i), |
| 839 | apr_psprintf(r->pool, "DNSNAME:%s", tmp2)); | 843 | apr_psprintf(r->pool, "DNSNAME:%s", tmp2)); |
| 840 | } else if (ret == GNUTLS_SAN_RFC822NAME) { | 844 | } else if (ret == GNUTLS_SAN_RFC822NAME) { |
| 841 | apr_table_setn(env, | 845 | apr_table_setn(env, |
| 842 | apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), | 846 | apr_psprintf(r->pool, "%s_S_AN%u", MGS_SIDE, i), |
| 843 | apr_psprintf(r->pool, "RFC822NAME:%s", tmp2)); | 847 | apr_psprintf(r->pool, "RFC822NAME:%s", tmp2)); |
| 844 | } else if (ret == GNUTLS_SAN_URI) { | 848 | } else if (ret == GNUTLS_SAN_URI) { |
| 845 | apr_table_setn(env, | 849 | apr_table_setn(env, |
| 846 | apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), | 850 | apr_psprintf(r->pool, "%s_S_AN%u", MGS_SIDE, i), |
| 847 | apr_psprintf(r->pool, "URI:%s", tmp2)); | 851 | apr_psprintf(r->pool, "URI:%s", tmp2)); |
| 848 | } else { | 852 | } else { |
| 849 | apr_table_setn(env, | 853 | apr_table_setn(env, |
| 850 | apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), | 854 | apr_psprintf(r->pool, "%s_S_AN%u", MGS_SIDE, i), |
| 851 | "UNSUPPORTED"); | 855 | "UNSUPPORTED"); |
| 852 | } | 856 | } |
| 853 | } | 857 | } |