diff options
-rw-r--r-- | README.ENV | 8 | ||||
-rw-r--r-- | src/gnutls_hooks.c | 12 |
2 files changed, 12 insertions, 8 deletions
@@ -19,7 +19,7 @@ SSL_CLIENT_V_START: The activation time of client's certificate. | |||
19 | SSL_CLIENT_V_END: The expiration time of client's certificate. | 19 | SSL_CLIENT_V_END: The expiration time of client's certificate. |
20 | SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. | 20 | SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. |
21 | SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. | 21 | SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. |
22 | SSL_CLIENT_S_SAN%: These will contain the alternative names of the client certificate | 22 | SSL_CLIENT_S_AN%: These will contain the alternative names of the client certificate |
23 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", | 23 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", |
24 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value | 24 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value |
25 | "UNSUPPORTED" will be set. | 25 | "UNSUPPORTED" will be set. |
@@ -30,13 +30,13 @@ SSL_CLIENT_A_KEY: The public key algorithm in client's certificate. | |||
30 | SSL_CLIENT_CERT: The PEM-encoded client certificate | 30 | SSL_CLIENT_CERT: The PEM-encoded client certificate |
31 | SSL_CLIENT_VERIFY: | 31 | SSL_CLIENT_VERIFY: |
32 | whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) | 32 | whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) |
33 | SSL_CLIENT_S_TYPE: The certificate type can be X.509 or OPENPGP. | 33 | SSL_CLIENT_CERT_TYPE: The certificate type can be X.509 or OPENPGP. |
34 | 34 | ||
35 | SSL_SERVER_V_START: The activation time of server's certificate. | 35 | SSL_SERVER_V_START: The activation time of server's certificate. |
36 | SSL_SERVER_V_END: The expiration time of server's certificate. | 36 | SSL_SERVER_V_END: The expiration time of server's certificate. |
37 | SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. | 37 | SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. |
38 | SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. | 38 | SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. |
39 | SSL_SERVER_S_SAN%: These will contain the alternative names of the server certificate | 39 | SSL_SERVER_S_AN%: These will contain the alternative names of the server certificate |
40 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", | 40 | (% is a number starting from zero). The values will be prepended by "DNSNAME:", |
41 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value | 41 | "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value |
42 | "UNSUPPORTED" will be set. | 42 | "UNSUPPORTED" will be set. |
@@ -45,5 +45,5 @@ SSL_SERVER_M_VERSION: The version of the server's certificate. | |||
45 | SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. | 45 | SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. |
46 | SSL_SERVER_A_KEY: The public key algorithm in server's certificate. | 46 | SSL_SERVER_A_KEY: The public key algorithm in server's certificate. |
47 | SSL_SERVER_CERT: The PEM-encoded server certificate | 47 | SSL_SERVER_CERT: The PEM-encoded server certificate |
48 | SSL_SERVER_S_TYPE: The certificate type can be X.509 or OPENPGP. | 48 | SSL_SERVER_CERT_TYPE: The certificate type can be X.509 or OPENPGP. |
49 | 49 | ||
diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 15b66fa..44b2bc1 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c | |||
@@ -793,7 +793,11 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt cert, int side, | |||
793 | apr_psprintf(r->pool, "%u", ret)); | 793 | apr_psprintf(r->pool, "%u", ret)); |
794 | 794 | ||
795 | apr_table_setn(env, | 795 | apr_table_setn(env, |
796 | apr_pstrcat(r->pool, MGS_SIDE, "_CERT_TYPE", NULL), "X.509"); | ||
797 | #ifdef COMPAT | ||
798 | apr_table_setn(env, | ||
796 | apr_pstrcat(r->pool, MGS_SIDE, "_S_TYPE", NULL), "X.509"); | 799 | apr_pstrcat(r->pool, MGS_SIDE, "_S_TYPE", NULL), "X.509"); |
800 | #endif | ||
797 | 801 | ||
798 | tmp = | 802 | tmp = |
799 | mgs_time2sz(gnutls_x509_crt_get_expiration_time | 803 | mgs_time2sz(gnutls_x509_crt_get_expiration_time |
@@ -835,19 +839,19 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt cert, int side, | |||
835 | 839 | ||
836 | if (ret == GNUTLS_SAN_DNSNAME) { | 840 | if (ret == GNUTLS_SAN_DNSNAME) { |
837 | apr_table_setn(env, | 841 | apr_table_setn(env, |
838 | apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), | 842 | apr_psprintf(r->pool, "%s_S_AN%u", MGS_SIDE, i), |
839 | apr_psprintf(r->pool, "DNSNAME:%s", tmp2)); | 843 | apr_psprintf(r->pool, "DNSNAME:%s", tmp2)); |
840 | } else if (ret == GNUTLS_SAN_RFC822NAME) { | 844 | } else if (ret == GNUTLS_SAN_RFC822NAME) { |
841 | apr_table_setn(env, | 845 | apr_table_setn(env, |
842 | apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), | 846 | apr_psprintf(r->pool, "%s_S_AN%u", MGS_SIDE, i), |
843 | apr_psprintf(r->pool, "RFC822NAME:%s", tmp2)); | 847 | apr_psprintf(r->pool, "RFC822NAME:%s", tmp2)); |
844 | } else if (ret == GNUTLS_SAN_URI) { | 848 | } else if (ret == GNUTLS_SAN_URI) { |
845 | apr_table_setn(env, | 849 | apr_table_setn(env, |
846 | apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), | 850 | apr_psprintf(r->pool, "%s_S_AN%u", MGS_SIDE, i), |
847 | apr_psprintf(r->pool, "URI:%s", tmp2)); | 851 | apr_psprintf(r->pool, "URI:%s", tmp2)); |
848 | } else { | 852 | } else { |
849 | apr_table_setn(env, | 853 | apr_table_setn(env, |
850 | apr_psprintf(r->pool, "%s_S_SAN%u", MGS_SIDE, i), | 854 | apr_psprintf(r->pool, "%s_S_AN%u", MGS_SIDE, i), |
851 | "UNSUPPORTED"); | 855 | "UNSUPPORTED"); |
852 | } | 856 | } |
853 | } | 857 | } |