Commit cab33293 authored by Joe Orton's avatar Joe Orton
Browse files

Add "SSLUserName" directive to set r->user based on a chosen SSL 

environment variable name.

* modules/ssl/ssl_private.h (struct SSLDirConfigRec): Add
szUserName field.

* modules/ssl/ssl_engine_config.c (ssl_config_perdir_create,
ssl_config_perdir_merge): Initialize and merge szUserName field.
(ssl_cmd_SSLUserName): New function.

* modules/ssl/ssl_engine_kernel.c (ssl_hook_Fixup): Set r->user to
 the value of the chosen SSL environment variable.

* modules/ssl/mod_ssl.c: Add SSLUserName config directive.

PR: 20957
Submitted by: Martin v. Loewis <martin v.loewis.de>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103834 13f79535-47bb-0310-9956-ffa450edef68
parent 9329dc4f

mod_ssl.c

+2 −0
Original line number Diff line number Diff line
@@ -136,6 +136,8 @@ static const command_rec ssl_config_cmds[] = { 
                "(`[+-][SSLv2|SSLv3|TLSv1] ...' - see manual)")

    SSL_CMD_SRV(HonorCipherOrder, FLAG,

                "Use the server's cipher ordering preference")

    SSL_CMD_ALL(UserName, TAKE1,

		"Set user name to SSL variable value")



    /* 

     * Proxy configuration for remote SSL connections

ssl_engine_config.c

+9 −0
Original line number Diff line number Diff line
@@ -288,6 +288,7 @@ void *ssl_config_perdir_create(apr_pool_t *p, char *dir) 


    dc->szCACertificatePath    = NULL;

    dc->szCACertificateFile    = NULL;

    dc->szUserName             = NULL;



    return dc;

}
@@ -324,6 +325,7 @@ void *ssl_config_perdir_merge(apr_pool_t *p, void *basev, void *addv) 


    cfgMergeString(szCACertificatePath);

    cfgMergeString(szCACertificateFile);

    cfgMergeString(szUserName);



    return mrg;

}
@@ -1372,3 +1374,10 @@ const char *ssl_cmd_SSLProxyMachineCertificatePath(cmd_parms *cmd, 
}





const char *ssl_cmd_SSLUserName(cmd_parms *cmd, void *dcfg, 

				const char *arg)

{

    SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg;

    dc->szUserName = arg;

    return NULL;

}

ssl_engine_kernel.c

+11 −0
Original line number Diff line number Diff line
@@ -1024,6 +1024,17 @@ int ssl_hook_Fixup(request_rec *r) 
        return DECLINED;

    }



    /*

     * Set r->user if requested

     */

    if (dc->szUserName) {

        val = ssl_var_lookup(r->pool, r->server, r->connection, 

                             r, (char *)dc->szUserName);

        if (val && val[0]) {

            r->user = val;

        }

    }



    /*

     * Annotate the SSI/CGI environment with standard SSL information

     */

ssl_private.h

+3 −1
Original line number Diff line number Diff line
@@ -455,6 +455,7 @@ typedef struct { 
    int           nVerifyDepth;

    const char   *szCACertificatePath;

    const char   *szCACertificateFile;

    const char   *szUserName;

} SSLDirConfigRec;



/*
@@ -497,6 +498,7 @@ const char *ssl_cmd_SSLProtocol(cmd_parms *, void *, const char *); 
const char  *ssl_cmd_SSLOptions(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLRequireSSL(cmd_parms *, void *);

const char  *ssl_cmd_SSLRequire(cmd_parms *, void *, const char *);

const char  *ssl_cmd_SSLUserName(cmd_parms *, void *, const char *);



const char  *ssl_cmd_SSLProxyEngine(cmd_parms *cmd, void *dcfg, int flag);

const char  *ssl_cmd_SSLProxyProtocol(cmd_parms *, void *, const char *);