From: Joe Orton Date: Thu, 3 Jun 2004 15:00:15 +0000 (+0000) Subject: Add "SSLUserName" directive to set r->user based on a chosen SSL X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f12f9bfb5a9cff6c41961be698ae17063eecfb4c;p=thirdparty%2Fapache%2Fhttpd.git Add "SSLUserName" directive to set r->user based on a chosen SSL environment variable name. * modules/ssl/ssl_private.h (struct SSLDirConfigRec): Add szUserName field. * modules/ssl/ssl_engine_config.c (ssl_config_perdir_create, ssl_config_perdir_merge): Initialize and merge szUserName field. (ssl_cmd_SSLUserName): New function. * modules/ssl/ssl_engine_kernel.c (ssl_hook_Fixup): Set r->user to the value of the chosen SSL environment variable. * modules/ssl/mod_ssl.c: Add SSLUserName config directive. PR: 20957 Submitted by: Martin v. Loewis git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/ssl@103834 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/mod_ssl.c b/mod_ssl.c index 748f3b286cb..0d93fea0edc 100644 --- a/mod_ssl.c +++ b/mod_ssl.c @@ -136,6 +136,8 @@ static const command_rec ssl_config_cmds[] = { "(`[+-][SSLv2|SSLv3|TLSv1] ...' - see manual)") SSL_CMD_SRV(HonorCipherOrder, FLAG, "Use the server's cipher ordering preference") + SSL_CMD_ALL(UserName, TAKE1, + "Set user name to SSL variable value") /* * Proxy configuration for remote SSL connections diff --git a/ssl_engine_config.c b/ssl_engine_config.c index 5fe54a8406a..d43810929ab 100644 --- a/ssl_engine_config.c +++ b/ssl_engine_config.c @@ -288,6 +288,7 @@ void *ssl_config_perdir_create(apr_pool_t *p, char *dir) dc->szCACertificatePath = NULL; dc->szCACertificateFile = NULL; + dc->szUserName = NULL; return dc; } @@ -324,6 +325,7 @@ void *ssl_config_perdir_merge(apr_pool_t *p, void *basev, void *addv) cfgMergeString(szCACertificatePath); cfgMergeString(szCACertificateFile); + cfgMergeString(szUserName); return mrg; } @@ -1372,3 +1374,10 @@ const char *ssl_cmd_SSLProxyMachineCertificatePath(cmd_parms *cmd, } +const char *ssl_cmd_SSLUserName(cmd_parms *cmd, void *dcfg, + const char *arg) +{ + SSLDirConfigRec *dc = (SSLDirConfigRec *)dcfg; + dc->szUserName = arg; + return NULL; +} diff --git a/ssl_engine_kernel.c b/ssl_engine_kernel.c index 538612cb258..ccd84deed7f 100644 --- a/ssl_engine_kernel.c +++ b/ssl_engine_kernel.c @@ -1024,6 +1024,17 @@ int ssl_hook_Fixup(request_rec *r) return DECLINED; } + /* + * Set r->user if requested + */ + if (dc->szUserName) { + val = ssl_var_lookup(r->pool, r->server, r->connection, + r, (char *)dc->szUserName); + if (val && val[0]) { + r->user = val; + } + } + /* * Annotate the SSI/CGI environment with standard SSL information */ diff --git a/ssl_private.h b/ssl_private.h index 8b79b7e7e0b..e044f3a80fa 100644 --- a/ssl_private.h +++ b/ssl_private.h @@ -455,6 +455,7 @@ typedef struct { int nVerifyDepth; const char *szCACertificatePath; const char *szCACertificateFile; + const char *szUserName; } SSLDirConfigRec; /* @@ -497,8 +498,9 @@ const char *ssl_cmd_SSLProtocol(cmd_parms *, void *, const char *); const char *ssl_cmd_SSLOptions(cmd_parms *, void *, const char *); const char *ssl_cmd_SSLRequireSSL(cmd_parms *, void *); const char *ssl_cmd_SSLRequire(cmd_parms *, void *, const char *); +const char *ssl_cmd_SSLUserName(cmd_parms *, void *, const char *); -const char *ssl_cmd_SSLProxyEngine(cmd_parms *cmd, void *dcfg, int flag); +const char *ssl_cmd_SSLProxyEngine(cmd_parms *cmd, void *dcfg, int flag); const char *ssl_cmd_SSLProxyProtocol(cmd_parms *, void *, const char *); const char *ssl_cmd_SSLProxyCipherSuite(cmd_parms *, void *, const char *); const char *ssl_cmd_SSLProxyVerify(cmd_parms *, void *, const char *);