From 36736d41e57309d9a30db83f413b568948f92b2b Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Sun, 02 Dec 2007 09:42:34 +0000
Subject: added SSL_SERVER/CLIENT_S_TYPE

---
diff --git a/README.ENV b/README.ENV
index b18e4d1..35da82f 100644
--- a/README.ENV
+++ b/README.ENV
@@ -19,6 +19,10 @@ SSL_CLIENT_V_START: The activation time of client's certificate.
 SSL_CLIENT_V_END: The expiration time of client's certificate.
 SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format.
 SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format.
+SSL_CLIENT_SAN%: These will contain the alternative names of the client certificate 
+  (% is a number starting from zero). The values will be prepended by "DNSNAME:", 
+  "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value 
+  "UNSUPPORTED" will be set.
 SSL_CLIENT_M_SERIAL: The serial number of the client's certificate.
 SSL_CLIENT_M_VERSION: The version of the client's certificate.
 SSL_CLIENT_A_SIG: The algorithm used for the signature in client's certificate.
@@ -26,14 +30,20 @@ SSL_CLIENT_A_KEY: The public key algorithm in client's certificate.
 SSL_CLIENT_CERT: The PEM-encoded client certificate
 SSL_CLIENT_VERIFY: 
   whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED)
+SSL_CLIENT_S_TYPE: The certificate type can be X.509 or OPENPGP.
 
 SSL_SERVER_V_START: The activation time of server's certificate.
 SSL_SERVER_V_END: The expiration time of server's certificate.
 SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format.
 SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format.
+SSL_SERVER_SAN%: These will contain the alternative names of the server certificate 
+  (% is a number starting from zero). The values will be prepended by "DNSNAME:", 
+  "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value 
+  "UNSUPPORTED" will be set.
 SSL_SERVER_M_SERIAL: The serial number of the server's certificate.
 SSL_SERVER_M_VERSION: The version of the server's certificate.
 SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate.
 SSL_SERVER_A_KEY: The public key algorithm in server's certificate.
-
 SSL_SERVER_CERT: The PEM-encoded server certificate
+SSL_SERVER_S_TYPE: The certificate type can be X.509 or OPENPGP.
+
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index 6619be5..c1a1c52 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -848,6 +848,9 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt cert, int side,
 		       apr_pstrcat(r->pool, MGS_SIDE, "_M_VERSION", NULL),
 		       apr_psprintf(r->pool, "%u", ret));
 
+    apr_table_setn(env,
+       apr_pstrcat(r->pool, MGS_SIDE, "_S_TYPE", NULL), "X.509");
+
     tmp =
 	mgs_time2sz(gnutls_x509_crt_get_expiration_time
 		    (cert), buf, sizeof(buf));
--
cgit v0.9.2