ssl variables in any expression using
mod_rewrite syntax "%{SSL:VARNAME}" or function
syntax "ssl(VARNAME)".
Backport of r1707002 and r1709596 from trunk.
Committed By: rjung
Backported By: rjung
Reviewed by: rjung, ylavic, sf
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@
1710433 13f79535-47bb-0310-9956-
ffa450edef68
Changes with Apache 2.4.18
+ *) mod_ssl: Extend expression parser registration to support ssl variables
+ in any expression using mod_rewrite syntax "%{SSL:VARNAME}" or function
+ syntax "ssl(VARNAME)". [Rainer Jung]
Changes with Apache 2.4.17
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_ssl: Extend expression parser registration to support ssl variables
- in any expression using mod_rewrite syntax "%{SSL:VARNAME}" or function
- syntax "ssl(VARIABLE)".
- trunk patch: http://svn.apache.org/r1707002
- 2.4.x patch: trunk works (modulo CHANGES)
- +1: rjung, ylavic, sf (plus doc fix pointed out by minfrin)
- minfrin: Tiny nit: http://svn.apache.org/r1709596
* httpd.conf.in: Remove commented config regarding DNT because the spec
now has CR status (confirming our interpretation) and MS has committed
</section>
+<section id="expressionparser"><title>Expression Parser Extension</title>
+
+<p>When <module>mod_ssl</module> is built into Apache or at least
+loaded (under DSO situation) any <a name="envvars">variables</a>
+provided by <module>mod_ssl</module> can be used in expressions
+for the <a href="../expr.html">ap_expr Expression Parser</a>.
+The variables can be referenced using the syntax
+``<code>%{</code><em>varname</em><code>}</code>''. Starting
+with version 2.4.18 one can also use the
+<module>mod_rewrite</module> style syntax
+``<code>%{SSL:</code><em>varname</em><code>}</code>'' or
+the function style syntax
+``<code>ssl(</code><em>varname</em><code>)</code>''.</p>
+<example><title>Example (using <module>mod_headers</module>)</title>
+<highlight language="config">
+Header set X-SSL-PROTOCOL "expr=%{SSL_PROTOCOL}"
+Header set X-SSL-CIPHER "expr=%{SSL:SSL_CIPHER}"
+</highlight>
+</example>
+<p>This feature even works without setting the <code>StdEnvVars</code>
+option of the <directive module="mod_ssl">SSLOptions</directive>
+directive.</p>
+</section>
+
<section id="authzproviders"><title>Authorization providers for use with Require</title>
<p><module>mod_ssl</module> provides a few authentication providers for use
return sslconn ? ssl_var_lookup_ssl(ctx->p, ctx->c, ctx->r, var) : NULL;
}
+static const char *expr_func_fn(ap_expr_eval_ctx_t *ctx, const void *data,
+ const char *arg)
+{
+ char *var = (char *)arg;
+
+ return var ? ssl_var_lookup(ctx->p, ctx->s, ctx->c, ctx->r, var) : NULL;
+}
+
static int ssl_expr_lookup(ap_expr_lookup_parms *parms)
{
switch (parms->type) {
return OK;
}
break;
+ case AP_EXPR_FUNC_STRING:
+ /* Function SSL() is implemented by us.
+ */
+ if (strcEQ(parms->name, "SSL")) {
+ *parms->func = expr_func_fn;
+ *parms->data = NULL;
+ return OK;
+ }
+ break;
case AP_EXPR_FUNC_LIST:
if (strcEQ(parms->name, "PeerExtList")) {
*parms->func = expr_peer_ext_list_fn;
projects / thirdparty / apache / httpd.git / commitdiff
