summaryrefslogtreecommitdiffstatsabout
path: root/src
diff options
context:
space:
mode:
authorPaul Querna <chip@outoforder.cc>2005-04-24 23:51:47 (GMT)
committer Paul Querna <chip@outoforder.cc>2005-04-24 23:51:47 (GMT)
commit2ad3683ac277f1f738570c5a95dc4fda90e324b9 (patch)
treed91c09779dedbe9fbbca280f5e2f61c63d0c7511 /src
parent46e3920048e0be9fd270befa4b59226d4330716d (diff)
We already have a Certificate, use it directly. With SNI, GnuTLS doesn't properly update it's internal state. ick.
Diffstat (limited to 'src')
-rw-r--r--src/gnutls_hooks.c43
1 files changed, 9 insertions, 34 deletions
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index 575b631..27d9c53 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -524,7 +524,7 @@ int mgs_hook_fixups(request_rec *r)
524 const char* tmp; 524 const char* tmp;
525 int len; 525 int len;
526 mgs_handle_t *ctxt; 526 mgs_handle_t *ctxt;
527 int rv; 527 int rv = OK;
528 528
529 apr_table_t *env = r->subprocess_env; 529 apr_table_t *env = r->subprocess_env;
530 530
@@ -561,41 +561,16 @@ int mgs_hook_fixups(request_rec *r)
561 561
562 /* TODO: There are many other env vars that we need to add */ 562 /* TODO: There are many other env vars that we need to add */
563 { 563 {
564 const gnutls_datum *certs; 564 len = sizeof(buf);
565 gnutls_x509_crt cert; 565 gnutls_x509_crt_get_dn(ctxt->sc->cert_x509, buf, &len);
566 566 apr_table_setn(env, "SSL_SERVER_S_DN", buf);
567 certs = gnutls_certificate_get_ours(ctxt->session); 567
568 if (certs) { 568 len = sizeof(buf);
569 569 gnutls_x509_crt_get_issuer_dn(ctxt->sc->cert_x509, buf, &len);
570 rv = gnutls_x509_crt_init(&cert); 570 apr_table_setn(env, "SSL_SERVER_I_DN", buf);
571 if (rv < 0) {
572 goto end_fixups;
573 }
574
575 rv = gnutls_x509_crt_import(cert, &certs[0], GNUTLS_X509_FMT_DER);
576 if (rv < 0) {
577 gnutls_x509_crt_deinit(cert);
578 goto end_fixups;
579 }
580
581 len = sizeof(buf);
582 gnutls_x509_crt_get_dn(cert, buf, &len);
583 apr_table_setn(env, "SSL_SERVER_S_DN", buf);
584
585 len = sizeof(buf);
586 gnutls_x509_crt_get_issuer_dn(cert, buf, &len);
587 apr_table_setn(env, "SSL_SERVER_I_DN", buf);
588
589 gnutls_x509_crt_deinit(cert);
590 }
591 else {
592 apr_table_setn(env, "SSL_SERVER_S_DN", "Unknown");
593 apr_table_setn(env, "SSL_SERVER_I_DN", "Unknown");
594 }
595 } 571 }
596 572
597end_fixups: 573 return rv;
598 return OK;
599} 574}
600 575
601int mgs_hook_authz(request_rec *r) 576int mgs_hook_authz(request_rec *r)