diff options
author | Paul Querna | 2005-04-24 23:51:47 +0000 |
---|---|---|
committer | Paul Querna | 2005-04-24 23:51:47 +0000 |
commit | 2ad3683ac277f1f738570c5a95dc4fda90e324b9 (patch) | |
tree | d91c09779dedbe9fbbca280f5e2f61c63d0c7511 | |
parent | 46e3920048e0be9fd270befa4b59226d4330716d (diff) |
We already have a Certificate, use it directly. With SNI, GnuTLS doesn't properly update it's internal state. ick.
-rw-r--r-- | src/gnutls_hooks.c | 43 |
1 files changed, 9 insertions, 34 deletions
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 575b631..27d9c53 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c | |||
@@ -524,7 +524,7 @@ int mgs_hook_fixups(request_rec *r) | |||
524 | const char* tmp; | 524 | const char* tmp; |
525 | int len; | 525 | int len; |
526 | mgs_handle_t *ctxt; | 526 | mgs_handle_t *ctxt; |
527 | int rv; | 527 | int rv = OK; |
528 | 528 | ||
529 | apr_table_t *env = r->subprocess_env; | 529 | apr_table_t *env = r->subprocess_env; |
530 | 530 | ||
@@ -561,41 +561,16 @@ int mgs_hook_fixups(request_rec *r) | |||
561 | 561 | ||
562 | /* TODO: There are many other env vars that we need to add */ | 562 | /* TODO: There are many other env vars that we need to add */ |
563 | { | 563 | { |
564 | const gnutls_datum *certs; | 564 | len = sizeof(buf); |
565 | gnutls_x509_crt cert; | 565 | gnutls_x509_crt_get_dn(ctxt->sc->cert_x509, buf, &len); |
566 | 566 | apr_table_setn(env, "SSL_SERVER_S_DN", buf); | |
567 | certs = gnutls_certificate_get_ours(ctxt->session); | 567 | |
568 | if (certs) { | 568 | len = sizeof(buf); |
569 | 569 | gnutls_x509_crt_get_issuer_dn(ctxt->sc->cert_x509, buf, &len); | |
570 | rv = gnutls_x509_crt_init(&cert); | 570 | apr_table_setn(env, "SSL_SERVER_I_DN", buf); |
571 | if (rv < 0) { | ||
572 | goto end_fixups; | ||
573 | } | ||
574 | |||
575 | rv = gnutls_x509_crt_import(cert, &certs[0], GNUTLS_X509_FMT_DER); | ||
576 | if (rv < 0) { | ||
577 | gnutls_x509_crt_deinit(cert); | ||
578 | goto end_fixups; | ||
579 | } | ||
580 | |||
581 | len = sizeof(buf); | ||
582 | gnutls_x509_crt_get_dn(cert, buf, &len); | ||
583 | apr_table_setn(env, "SSL_SERVER_S_DN", buf); | ||
584 | |||
585 | len = sizeof(buf); | ||
586 | gnutls_x509_crt_get_issuer_dn(cert, buf, &len); | ||
587 | apr_table_setn(env, "SSL_SERVER_I_DN", buf); | ||
588 | |||
589 | gnutls_x509_crt_deinit(cert); | ||
590 | } | ||
591 | else { | ||
592 | apr_table_setn(env, "SSL_SERVER_S_DN", "Unknown"); | ||
593 | apr_table_setn(env, "SSL_SERVER_I_DN", "Unknown"); | ||
594 | } | ||
595 | } | 571 | } |
596 | 572 | ||
597 | end_fixups: | 573 | return rv; |
598 | return OK; | ||
599 | } | 574 | } |
600 | 575 | ||
601 | int mgs_hook_authz(request_rec *r) | 576 | int mgs_hook_authz(request_rec *r) |