From d51667e406c2099865a4eec366fdab9d4578b683 Mon Sep 17 00:00:00 2001 From: Nokis Mavrogiannopoulos Date: Sun, 02 Dec 2007 09:44:33 +0000 Subject: --- diff --git a/NEWS b/NEWS index f091be6..30f67e4 100644 --- a/NEWS +++ b/NEWS @@ -3,5 +3,5 @@ - Added support for subject alternative names in certificates. Only one per certificate is supported. -- New enviroment variables: SSL_CLIENT_M_VERSION, SSL_CLIENT_SAN%, -SSL_SERVER_M_VERSION, SSL_SERVER_SAN% \ No newline at end of file +- New enviroment variables: SSL_CLIENT_M_VERSION, SSL_CLIENT_S_SAN%, +SSL_CLIENT_S_TYPE, SSL_SERVER_M_VERSION, SSL_SERVER_S_SAN%, SSL_SERVER_S_TYPE \ No newline at end of file diff --git a/README.ENV b/README.ENV index 35da82f..c055dfe 100644 --- a/README.ENV +++ b/README.ENV @@ -19,7 +19,7 @@ SSL_CLIENT_V_START: The activation time of client's certificate. SSL_CLIENT_V_END: The expiration time of client's certificate. SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. -SSL_CLIENT_SAN%: These will contain the alternative names of the client certificate +SSL_CLIENT_S_SAN%: These will contain the alternative names of the client certificate (% is a number starting from zero). The values will be prepended by "DNSNAME:", "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value "UNSUPPORTED" will be set. @@ -36,7 +36,7 @@ SSL_SERVER_V_START: The activation time of server's certificate. SSL_SERVER_V_END: The expiration time of server's certificate. SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. -SSL_SERVER_SAN%: These will contain the alternative names of the server certificate +SSL_SERVER_S_SAN%: These will contain the alternative names of the server certificate (% is a number starting from zero). The values will be prepended by "DNSNAME:", "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value "UNSUPPORTED" will be set. diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index c1a1c52..1af82a7 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c @@ -891,19 +891,19 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt cert, int side, if (ret == GNUTLS_SAN_DNSNAME) { apr_table_setn(env, - apr_psprintf(r->pool, "%s_SAN%u", MGS_SIDE, i), + apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), apr_psprintf(r->pool, "DNSNAME:%s", tmp2)); } else if (ret == GNUTLS_SAN_RFC822NAME) { apr_table_setn(env, - apr_psprintf(r->pool, "%s_SAN%u", MGS_SIDE, i), + apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), apr_psprintf(r->pool, "RFC822NAME:%s", tmp2)); } else if (ret == GNUTLS_SAN_URI) { apr_table_setn(env, - apr_psprintf(r->pool, "%s_SAN%u", MGS_SIDE, i), + apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), apr_psprintf(r->pool, "URI:%s", tmp2)); } else { apr_table_setn(env, - apr_psprintf(r->pool, "%s_SAN%u", MGS_SIDE, i), + apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), "UNSUPPORTED"); } } -- cgit v0.9.2