From: Joe Orton Date: Fri, 15 May 2026 06:57:49 +0000 (+0000) Subject: mod_ssl: Set auth type to \"ClientCert\" after authentication X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=dd3b4e4622c284807aa09c597b482477c3ab6165;p=thirdparty%2Fapache%2Fhttpd.git mod_ssl: Set auth type to \"ClientCert\" after authentication When client certificate authentication has been performed r->ap_auth_type was never populated and env AUTH_TYPE was empty. We now set auth type to \"ClientCert\". PR: 45058 Submitted by: Michael Osipov Github: closes #645 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1934210 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/changes-entries/ssl-authtype.txt b/changes-entries/ssl-authtype.txt new file mode 100644 index 0000000000..c7c8da0aed --- /dev/null +++ b/changes-entries/ssl-authtype.txt @@ -0,0 +1,2 @@ +*) mod_ssl: Set auth type to "ClientCert" when client certificate authentication + has been performed. [Michael Osipov ] diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c index cb88f0112c..9ee25ec52c 100644 --- a/modules/ssl/ssl_engine_kernel.c +++ b/modules/ssl/ssl_engine_kernel.c @@ -1130,8 +1130,10 @@ int ssl_hook_Access(request_rec *r) if ((dc->nOptions & SSL_OPT_FAKEBASICAUTH) == 0 && dc->szUserName) { const char *val = ssl_var_lookup(r->pool, r->server, r->connection, r, dc->szUserName); - if (val && val[0]) + if (val && val[0]) { r->user = apr_pstrdup(r->pool, val); + r->ap_auth_type = "ClientCert"; + } else ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, APLOGNO(02227) "Failed to set r->user to '%s'", dc->szUserName);