You are viewing a plain text version of this content. The canonical link for it is here.

Posted to bugs@httpd.apache.org by bu...@apache.org on 2017/08/07 21:26:28 UTC

[Bug 60456] export SSL_CLIENT_SAN_IPaddr variable

https://bz.apache.org/bugzilla/show_bug.cgi?id=60456

--- Comment #5 from abbotttodd@netscape.net ---
Created attachment 35204
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=35204&action=edit
Proposed Patch for SAN IP

Proposed Patch for getting ipaddr from SSL client cert

Proxy config might look like:
SSLRequire ( %{REMOTE_ADDR} in { %{SSL_CLIENT_SAN_IP_0},
%{SSL_CLIENT_SAN_IP_1}, %{SSL_CLIENT_SAN_IP_2} } )

It basically clones the ip address print statement from openssl slightly
altered as I could not see how to get openssl to do the formatting.  It
generates IPv6 with lower case which is in line with what I saw with
REMOTE_ADDR.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org