From: Sander Temme Date: Wed, 27 May 2009 05:41:07 +0000 (+0000) Subject: Expose whether a request was served over an Initial or Resumed SSL session to the... X-Git-Tag: 2.3.3~539 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=274263a2149db35e63a8dbe745dcc6b42aa8a1ae;p=thirdparty%2Fapache%2Fhttpd.git Expose whether a request was served over an Initial or Resumed SSL session to the environment git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@779005 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml index b059e731e47..86e60ad7a17 100644 --- a/docs/manual/mod/mod_ssl.xml +++ b/docs/manual/mod/mod_ssl.xml @@ -61,6 +61,7 @@ compatibility variables.

HTTPS flag HTTPS is being used. SSL_PROTOCOL string The SSL protocol version (SSLv2, SSLv3, TLSv1) SSL_SESSION_ID string The hex-encoded SSL session id +SSL_SESSION_RESUMED string Initial or Resumed SSL Session. Note: multiple requests may be served over the same (Initial or Resumed) SSL session if HTTP KeepAlive is in use SSL_CIPHER string The cipher specification name SSL_CIPHER_EXPORT string true if cipher is an export cipher SSL_CIPHER_USEKEYSIZE number Number of cipher bits (actually used) @@ -1285,13 +1286,13 @@ HTTPS SSL_CLIENT_M_VERSION SSL_SERVER_M_VERSION SSL_CLIENT_M_SERIAL SSL_SERVER_M_SERIAL SSL_PROTOCOL SSL_CLIENT_V_START SSL_SERVER_V_START SSL_SESSION_ID SSL_CLIENT_V_END SSL_SERVER_V_END -SSL_CIPHER SSL_CLIENT_S_DN SSL_SERVER_S_DN -SSL_CIPHER_EXPORT SSL_CLIENT_S_DN_C SSL_SERVER_S_DN_C -SSL_CIPHER_ALGKEYSIZE SSL_CLIENT_S_DN_ST SSL_SERVER_S_DN_ST -SSL_CIPHER_USEKEYSIZE SSL_CLIENT_S_DN_L SSL_SERVER_S_DN_L -SSL_VERSION_LIBRARY SSL_CLIENT_S_DN_O SSL_SERVER_S_DN_O -SSL_VERSION_INTERFACE SSL_CLIENT_S_DN_OU SSL_SERVER_S_DN_OU - SSL_CLIENT_S_DN_CN SSL_SERVER_S_DN_CN +SSL_SESSION_RESUMED SSL_CLIENT_S_DN SSL_SERVER_S_DN +SSL_CIPHER SSL_CLIENT_S_DN_C SSL_SERVER_S_DN_C +SSL_CIPHER_EXPORT SSL_CLIENT_S_DN_ST SSL_SERVER_S_DN_ST +SSL_CIPHER_ALGKEYSIZE SSL_CLIENT_S_DN_L SSL_SERVER_S_DN_L +SSL_CIPHER_USEKEYSIZE SSL_CLIENT_S_DN_O SSL_SERVER_S_DN_O +SSL_VERSION_LIBRARY SSL_CLIENT_S_DN_OU SSL_SERVER_S_DN_OU +SSL_VERSION_INTERFACE SSL_CLIENT_S_DN_CN SSL_SERVER_S_DN_CN SSL_CLIENT_S_DN_T SSL_SERVER_S_DN_T SSL_CLIENT_S_DN_I SSL_SERVER_S_DN_I SSL_CLIENT_S_DN_G SSL_SERVER_S_DN_G diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index b12850034e3..2675b8f3d40 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -1047,6 +1047,7 @@ static const char *ssl_hook_Fixup_vars[] = { "SSL_SERVER_A_KEY", "SSL_SERVER_A_SIG", "SSL_SESSION_ID", + "SSL_SESSION_RESUMED", NULL }; diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index c0023e2c27c..a4c696e7aa8 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -297,6 +297,12 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, char *var) buf, sizeof(buf))); } } + else if(ssl != NULL && strcEQ(var, "SESSION_RESUMED")) { + if (SSL_session_reused(ssl) == 1) + result = "Resumed"; + else + result = "Initial"; + } else if (ssl != NULL && strlen(var) >= 6 && strcEQn(var, "CIPHER", 6)) { result = ssl_var_lookup_ssl_cipher(p, c, var+6); }