From fd94836e5162428f15393d4f9ea902533d9e1e90 Mon Sep 17 00:00:00 2001 From: Nokis Mavrogiannopoulos Date: Sun, 2 Dec 2007 09:42:34 +0000 Subject: added SSL_SERVER/CLIENT_S_TYPE --- README.ENV | 12 +++++++++++- src/gnutls_hooks.c | 3 +++ 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/README.ENV b/README.ENV index b18e4d1..35da82f 100644 --- a/README.ENV +++ b/README.ENV @@ -19,6 +19,10 @@ SSL_CLIENT_V_START: The activation time of client's certificate. SSL_CLIENT_V_END: The expiration time of client's certificate. SSL_CLIENT_S_DN: The distinguished name of client's certificate in RFC2253 format. SSL_CLIENT_I_DN: The distinguished name of client's issuer certificate in RFC2253 format. +SSL_CLIENT_SAN%: These will contain the alternative names of the client certificate + (% is a number starting from zero). The values will be prepended by "DNSNAME:", + "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value + "UNSUPPORTED" will be set. SSL_CLIENT_M_SERIAL: The serial number of the client's certificate. SSL_CLIENT_M_VERSION: The version of the client's certificate. SSL_CLIENT_A_SIG: The algorithm used for the signature in client's certificate. @@ -26,14 +30,20 @@ SSL_CLIENT_A_KEY: The public key algorithm in client's certificate. SSL_CLIENT_CERT: The PEM-encoded client certificate SSL_CLIENT_VERIFY: whether the client's certificate was verified. (NONE if none was sent, or SUCCESS or FAILED) +SSL_CLIENT_S_TYPE: The certificate type can be X.509 or OPENPGP. SSL_SERVER_V_START: The activation time of server's certificate. SSL_SERVER_V_END: The expiration time of server's certificate. SSL_SERVER_S_DN: The distinguished name of the server's certificate in RFC2253 format. SSL_SERVER_I_DN: The distinguished name of the server's issuer certificate in RFC2253 format. +SSL_SERVER_SAN%: These will contain the alternative names of the server certificate + (% is a number starting from zero). The values will be prepended by "DNSNAME:", + "RFC822NAME:" or "URI:" depending on the type. If it is not supported the value + "UNSUPPORTED" will be set. SSL_SERVER_M_SERIAL: The serial number of the server's certificate. SSL_SERVER_M_VERSION: The version of the server's certificate. SSL_SERVER_A_SIG: The algorithm used for the signature in server's certificate. SSL_SERVER_A_KEY: The public key algorithm in server's certificate. - SSL_SERVER_CERT: The PEM-encoded server certificate +SSL_SERVER_S_TYPE: The certificate type can be X.509 or OPENPGP. + diff --git a/src/gnutls_hooks.c b/src/gnutls_hooks.c index 6619be5..c1a1c52 100644 --- a/src/gnutls_hooks.c +++ b/src/gnutls_hooks.c @@ -848,6 +848,9 @@ mgs_add_common_cert_vars(request_rec * r, gnutls_x509_crt cert, int side, apr_pstrcat(r->pool, MGS_SIDE, "_M_VERSION", NULL), apr_psprintf(r->pool, "%u", ret)); + apr_table_setn(env, + apr_pstrcat(r->pool, MGS_SIDE, "_S_TYPE", NULL), "X.509"); + tmp = mgs_time2sz(gnutls_x509_crt_get_expiration_time (cert), buf, sizeof(buf)); -- cgit