diff options
author | Nokis Mavrogiannopoulos | 2007-12-02 09:42:34 +0000 |
---|---|---|
committer | Nokis Mavrogiannopoulos | 2007-12-02 09:42:34 +0000 |
commit | fd94836e5162428f15393d4f9ea902533d9e1e90 (patch) | |
tree | c5901068cf44d085202c3446169e52b3577436ae | |
parent | 3346bde60f584c3d64216cf8569c231ee6f6b74c (diff) |
added SSL_SERVER/CLIENT_S_TYPE
-rw-r--r-- | README.ENV | 12 | ||||
-rw-r--r-- | src/gnutls_hooks.c | 3 |
2 files changed, 14 insertions, 1 deletions
@@ -19,6 +19,10 @@ SSL_CLIENT_V_START: The activation time of client's certificate. | |||
19 | SSL_CLIENT_V_END: The expiration time of client's certificate. | 19 | SSL_CLIENT_V_END: The expiration time of client's certificate. |
20 | SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. | 20 | SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. |
21 | SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. | 21 | SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. |
22 | SSL_CLIENT_SAN%: These will contain the alternative names of the client certificate | ||
23 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", | ||
24 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value | ||
25 | "UNSUPPORTED" will be set. | ||
22 | SSL_CLIENT_M_SERIAL: The serial number of the client's certificate. | 26 | SSL_CLIENT_M_SERIAL: The serial number of the client's certificate. |
23 | SSL_CLIENT_M_VERSION: The version of the client's certificate. | 27 | SSL_CLIENT_M_VERSION: The version of the client's certificate. |
24 | SSL_CLIENT_A_SIG: The algorithm used for the signature in client's certificate. | 28 | SSL_CLIENT_A_SIG: The algorithm used for the signature in client's certificate. |
@@ -26,14 +30,20 @@ SSL_CLIENT_A_KEY: The public key algorithm in client's certificate. | |||
26 | SSL_CLIENT_CERT: The PEM-encoded client certificate | 30 | SSL_CLIENT_CERT: The PEM-encoded client certificate |
27 | SSL_CLIENT_VERIFY: | 31 | SSL_CLIENT_VERIFY: |
28 | whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) | 32 | whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) |
33 | SSL_CLIENT_S_TYPE: The certificate type can be X.509 or OPENPGP. | ||
29 | 34 | ||
30 | SSL_SERVER_V_START: The activation time of server's certificate. | 35 | SSL_SERVER_V_START: The activation time of server's certificate. |
31 | SSL_SERVER_V_END: The expiration time of server's certificate. | 36 | SSL_SERVER_V_END: The expiration time of server's certificate. |
32 | SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. | 37 | SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. |
33 | SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. | 38 | SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. |
39 | SSL_SERVER_SAN%: These will contain the alternative names of the server certificate | ||
40 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", | ||
41 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value | ||
42 | "UNSUPPORTED" will be set. | ||
34 | SSL_SERVER_M_SERIAL: The serial number of the server's certificate. | 43 | SSL_SERVER_M_SERIAL: The serial number of the server's certificate. |
35 | SSL_SERVER_M_VERSION: The version of the server's certificate. | 44 | SSL_SERVER_M_VERSION: The version of the server's certificate. |
36 | SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. | 45 | SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. |
37 | SSL_SERVER_A_KEY: The public key algorithm in server's certificate. | 46 | SSL_SERVER_A_KEY: The public key algorithm in server's certificate. |
38 | |||
39 | SSL_SERVER_CERT: The PEM-encoded server certificate | 47 | SSL_SERVER_CERT: The PEM-encoded server certificate |
48 | SSL_SERVER_S_TYPE: The certificate type can be X.509 or OPENPGP. | ||
49 | |||
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 6619be5..c1a1c52 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c | |||
@@ -848,6 +848,9 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt cert, int side, | |||
848 | apr_pstrcat(r->pool, MGS_SIDE, "_M_VERSION", NULL), | 848 | apr_pstrcat(r->pool, MGS_SIDE, "_M_VERSION", NULL), |
849 | apr_psprintf(r->pool, "%u", ret)); | 849 | apr_psprintf(r->pool, "%u", ret)); |
850 | 850 | ||
851 | apr_table_setn(env, | ||
852 | apr_pstrcat(r->pool, MGS_SIDE, "_S_TYPE", NULL), "X.509"); | ||
853 | |||
851 | tmp = | 854 | tmp = |
852 | mgs_time2sz(gnutls_x509_crt_get_expiration_time | 855 | mgs_time2sz(gnutls_x509_crt_get_expiration_time |
853 | (cert), buf, sizeof(buf)); | 856 | (cert), buf, sizeof(buf)); |