We already have a Certificate, use it directly. With SNI, GnuTLS doesn't properly update it's internal state. ick.

author: Paul Querna 2005-04-24 23:51:47 +0000
committer: Paul Querna 2005-04-24 23:51:47 +0000
commit: 2ad3683ac277f1f738570c5a95dc4fda90e324b9 (patch)
tree: d91c09779dedbe9fbbca280f5e2f61c63d0c7511 /src
parent: 46e3920048e0be9fd270befa4b59226d4330716d (diff)
1 files changed, 9 insertions, 34 deletions
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c
index 575b631..27d9c53 100644
--- a/src/gnutls_hooks.c
+++ b/src/gnutls_hooks.c
@@ -524,7 +524,7 @@ int mgs_hook_fixups(request_rec *r)
    const char* tmp;
    int len;
    mgs_handle_t *ctxt;
-    int rv;
+    int rv = OK;
    
    apr_table_t *env = r->subprocess_env;
@@ -561,41 +561,16 @@ int mgs_hook_fixups(request_rec *r)
    /* TODO: There are many other env vars that we need to add */
    {
-        const gnutls_datum *certs;
+        len = sizeof(buf);
-        gnutls_x509_crt cert;
+        gnutls_x509_crt_get_dn(ctxt->sc->cert_x509, buf, &len);
+        apr_table_setn(env, "SSL_SERVER_S_DN", buf);
-        certs = gnutls_certificate_get_ours(ctxt->session);
+           
-        if (certs) {
+        len = sizeof(buf);
+        gnutls_x509_crt_get_issuer_dn(ctxt->sc->cert_x509, buf, &len);
-            rv = gnutls_x509_crt_init(&cert);
+        apr_table_setn(env, "SSL_SERVER_I_DN", buf);
-            if (rv < 0) {
-                goto end_fixups;
-            }
-            
-            rv = gnutls_x509_crt_import(cert, &certs[0], GNUTLS_X509_FMT_DER);
-            if (rv < 0) {
-                gnutls_x509_crt_deinit(cert);
-                goto end_fixups;
-            }
-            
-            len = sizeof(buf);
-            gnutls_x509_crt_get_dn(cert, buf, &len);
-            apr_table_setn(env, "SSL_SERVER_S_DN", buf);
-            
-            len = sizeof(buf);
-            gnutls_x509_crt_get_issuer_dn(cert, buf, &len);
-            apr_table_setn(env, "SSL_SERVER_I_DN", buf);
-            
-            gnutls_x509_crt_deinit(cert);
-        }
-        else {
-            apr_table_setn(env, "SSL_SERVER_S_DN", "Unknown");
-            apr_table_setn(env, "SSL_SERVER_I_DN", "Unknown");
-        }
    }
    
-end_fixups:
+    return rv;
-    return OK;
 }
 int mgs_hook_authz(request_rec *r)
author	Paul Querna	2005-04-24 23:51:47 +0000
committer	Paul Querna	2005-04-24 23:51:47 +0000
commit	2ad3683ac277f1f738570c5a95dc4fda90e324b9 (patch)
tree	d91c09779dedbe9fbbca280f5e2f61c63d0c7511 /src
parent	46e3920048e0be9fd270befa4b59226d4330716d (diff)

diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 575b631..27d9c53 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c
@@ -524,7 +524,7 @@ int mgs_hook_fixups(request_rec *r)
524	const char* tmp;	524	const char* tmp;
525	int len;	525	int len;
526	mgs_handle_t *ctxt;	526	mgs_handle_t *ctxt;
527	int rv;	527	int rv = OK;
528		528
529	apr_table_t *env = r->subprocess_env;	529	apr_table_t *env = r->subprocess_env;
530		530
@@ -561,41 +561,16 @@ int mgs_hook_fixups(request_rec *r)
561		561
562	/* TODO: There are many other env vars that we need to add */	562	/* TODO: There are many other env vars that we need to add */
563	{	563	{
564	const gnutls_datum *certs;	564	len = sizeof(buf);
565	gnutls_x509_crt cert;	565	gnutls_x509_crt_get_dn(ctxt->sc->cert_x509, buf, &len);
566		566	apr_table_setn(env, "SSL_SERVER_S_DN", buf);
567	certs = gnutls_certificate_get_ours(ctxt->session);	567
568	if (certs) {	568	len = sizeof(buf);
569		569	gnutls_x509_crt_get_issuer_dn(ctxt->sc->cert_x509, buf, &len);
570	rv = gnutls_x509_crt_init(&cert);	570	apr_table_setn(env, "SSL_SERVER_I_DN", buf);
571	if (rv < 0) {
572	goto end_fixups;
573	}
574
575	rv = gnutls_x509_crt_import(cert, &certs[0], GNUTLS_X509_FMT_DER);
576	if (rv < 0) {
577	gnutls_x509_crt_deinit(cert);
578	goto end_fixups;
579	}
580
581	len = sizeof(buf);
582	gnutls_x509_crt_get_dn(cert, buf, &len);
583	apr_table_setn(env, "SSL_SERVER_S_DN", buf);
584
585	len = sizeof(buf);
586	gnutls_x509_crt_get_issuer_dn(cert, buf, &len);
587	apr_table_setn(env, "SSL_SERVER_I_DN", buf);
588
589	gnutls_x509_crt_deinit(cert);
590	}
591	else {
592	apr_table_setn(env, "SSL_SERVER_S_DN", "Unknown");
593	apr_table_setn(env, "SSL_SERVER_I_DN", "Unknown");
594	}
595	}	571	}
596		572
597	end_fixups:	573	return rv;
598	return OK;
599	}	574	}
600		575
601	int mgs_hook_authz(request_rec *r)	576	int mgs_hook_authz(request_rec *r)