summaryrefslogtreecommitdiffstatsabout
diff options
context:
space:
mode:
-rw-r--r--README.ENV12
-rw-r--r--src/gnutls_hooks.c3
2 files changed, 14 insertions, 1 deletions
diff --git a/README.ENV b/README.ENV
index b18e4d1..35da82f 100644
--- a/README.ENV
+++ b/README.ENV
@@ -19,6 +19,10 @@ SSL_CLIENT_V_START: The activation time of client's certificate.
19SSL_CLIENT_V_END: The expiration time of client's certificate. 19SSL_CLIENT_V_END: The expiration time of client's certificate.
20SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. 20SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format.
21SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. 21SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format.
22SSL_CLIENT_SAN%: These will contain the alternative names of the client certificate
23 (% is a number starting from zero). The values will be prepended by "DNSNAME:",
24 "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value
25 "UNSUPPORTED" will be set.
22SSL_CLIENT_M_SERIAL: The serial number of the client's certificate. 26SSL_CLIENT_M_SERIAL: The serial number of the client's certificate.
23SSL_CLIENT_M_VERSION: The version of the client's certificate. 27SSL_CLIENT_M_VERSION: The version of the client's certificate.
24SSL_CLIENT_A_SIG: The algorithm used for the signature in client's certificate. 28SSL_CLIENT_A_SIG: The algorithm used for the signature in client's certificate.
@@ -26,14 +30,20 @@ SSL_CLIENT_A_KEY: The public key algorithm in client's certificate.
26SSL_CLIENT_CERT: The PEM-encoded client certificate 30SSL_CLIENT_CERT: The PEM-encoded client certificate
27SSL_CLIENT_VERIFY: 31SSL_CLIENT_VERIFY:
28 whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) 32 whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED)
33SSL_CLIENT_S_TYPE: The certificate type can be X.509 or OPENPGP.
29 34
30SSL_SERVER_V_START: The activation time of server's certificate. 35SSL_SERVER_V_START: The activation time of server's certificate.
31SSL_SERVER_V_END: The expiration time of server's certificate. 36SSL_SERVER_V_END: The expiration time of server's certificate.
32SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. 37SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format.
33SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. 38SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format.
39SSL_SERVER_SAN%: These will contain the alternative names of the server certificate
40 (% is a number starting from zero). The values will be prepended by "DNSNAME:",
41 "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value
42 "UNSUPPORTED" will be set.
34SSL_SERVER_M_SERIAL: The serial number of the server's certificate. 43SSL_SERVER_M_SERIAL: The serial number of the server's certificate.
35SSL_SERVER_M_VERSION: The version of the server's certificate. 44SSL_SERVER_M_VERSION: The version of the server's certificate.
36SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. 45SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate.
37SSL_SERVER_A_KEY: The public key algorithm in server's certificate. 46SSL_SERVER_A_KEY: The public key algorithm in server's certificate.
38
39SSL_SERVER_CERT: The PEM-encoded server certificate 47SSL_SERVER_CERT: The PEM-encoded server certificate
48SSL_SERVER_S_TYPE: The certificate type can be X.509 or OPENPGP.
49
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index 6619be5..c1a1c52 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -848,6 +848,9 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt cert, int side,
848 apr_pstrcat(r->pool, MGS_SIDE, "_M_VERSION", NULL), 848 apr_pstrcat(r->pool, MGS_SIDE, "_M_VERSION", NULL),
849 apr_psprintf(r->pool, "%u", ret)); 849 apr_psprintf(r->pool, "%u", ret));
850 850
851 apr_table_setn(env,
852 apr_pstrcat(r->pool, MGS_SIDE, "_S_TYPE", NULL), "X.509");
853
851 tmp = 854 tmp =
852 mgs_time2sz(gnutls_x509_crt_get_expiration_time 855 mgs_time2sz(gnutls_x509_crt_get_expiration_time
853 (cert), buf, sizeof(buf)); 856 (cert), buf, sizeof(buf));