You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2004/09/23 11:55:22 UTC
DO NOT REPLY [Bug 31384] New: -
Adding modssl variables to the environment
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=31384>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=31384
Adding modssl variables to the environment
Summary: Adding modssl variables to the environment
Product: Apache httpd-2.0
Version: 2.0-HEAD
Platform: All
OS/Version: All
Status: NEW
Severity: Major
Priority: Other
Component: mod_headers
AssignedTo: bugs@httpd.apache.org
ReportedBy: mstern@csc.com
The environment variables created by modssl are not passed back to a forward
request. This prevent to retrieve the user's certificate when Apache is used as
reverse proxy. This is a major issue for user's authentication.
Patch:
diff -aur httpd-2.0.49/modules/metadata/mod_headers.c
httpd-ocsp/modules/metadata/mod_headers.c
--- httpd-2.0.49/modules/metadata/mod_headers.c 2004-02-09 21:53:19.000000000 +0100
+++ httpd-ocsp/modules/metadata/mod_headers.c 2004-08-13 12:10:45.000000000 +0200
@@ -70,6 +70,7 @@
#include "apr_hash.h"
#define APR_WANT_STRFUNC
#include "apr_want.h"
+#include "apr_optional.h"
#include "httpd.h"
#include "http_config.h"
@@ -128,6 +129,14 @@
apr_array_header_t *fixup_out;
} headers_conf;
+/* Pointer to ssl_var_lookup, if available. */
+APR_DECLARE_OPTIONAL_FN(char *, ssl_var_lookup,
+ (apr_pool_t *, server_rec *,
+ conn_rec *, request_rec *,
+ char *));
+static APR_OPTIONAL_FN_TYPE(ssl_var_lookup) *header_ssl_lookup = NULL;
+
+
module AP_MODULE_DECLARE_DATA headers_module;
/*
@@ -146,9 +155,27 @@
{
return apr_psprintf(r->pool, "t=%" APR_TIME_T_FMT, r->request_time);
}
+/* to also get the variables from mod_ssl */
+static const char *header_request_ssl_var(request_rec *r, char *name)
+{
+ const char *val;
+
+ ap_log_error( APLOG_MARK, APLOG_DEBUG, 0, r->server, "Getting env. var.
'%s' from mod_sll", name );
+
+ if ( !header_ssl_lookup) return NULL;
+
+ val = header_ssl_lookup(r->pool, r->server, r->connection, r, name);
+ if ( !val || !val[0] ) return NULL;
+
+ ap_log_error( APLOG_MARK, APLOG_DEBUG, 0, r->server, "Getting env. var.
from mod_sll: '%s'='%s'", name, val );
+
+ return val;
+}
static const char *header_request_env_var(request_rec *r, char *a)
{
const char *s = apr_table_get(r->subprocess_env,a);
+ /* to also get the variables from mod_ssl */
+ if ( !s ) s = header_request_ssl_var(r, a);
if (s)
return s;
@@ -573,9 +600,18 @@
return OK;
}
+/* to also get the variables from mod_ssl */
+static int header_post_config(apr_pool_t *pconf, apr_pool_t *plog,
+ apr_pool_t *ptemp, server_rec *s)
+{
+ header_ssl_lookup = APR_RETRIEVE_OPTIONAL_FN(ssl_var_lookup);
+ return OK;
+}
+
static void register_hooks(apr_pool_t *p)
{
ap_hook_pre_config(header_pre_config,NULL,NULL,APR_HOOK_MIDDLE);
+ ap_hook_post_config(header_post_config,NULL,NULL,APR_HOOK_MIDDLE); /* to
also get the variables from mod_ssl */
ap_hook_insert_filter(ap_headers_insert_output_filter, NULL, NULL,
APR_HOOK_LAST);
ap_hook_fixups(ap_headers_fixup, NULL, NULL, APR_HOOK_LAST);
ap_register_output_filter("FIXUP_HEADERS_OUT", ap_headers_output_filter,
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org