Merge r1933908 from trunk:

mod_ssl: Expose serialNumber (2.5.4.5) as standard env var from certificate DN

serialNumber (2.5.4.5) is a standard LDAP attribute embedded in the subject's
and/or issuer's DN, extract it by standard means from the DN and expose
via StdEnvVars.

PR: 35154
Co-authored-by: Michael Osipov <michaelo@apache.org>
Submitted by: Benjamin Demarteau <benjamin.demarteau@liege.be>
Reviewed By:  michaelo, jorton, rpluem
Github: closes #644

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1934900 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/changes-entries/ssl-serialnumber.txt b/changes-entries/ssl-serialnumber.txt
new file mode 100644 (file)
index 0000000..af82ca4
--- /dev/null
+++ b/changes-entries/ssl-serialnumber.txt
@@ -0,0 +1,4 @@
+  *) mod_ssl: Add SerialNumber as a recognized attribute type for SSL
+     distinguished name variables.  [Michael Osipov <michaelo apache.org>,
+     Benjamin Demarteau <benjamin.demarteau liege.be>]
+

diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c
index 4060c0f6a63f78e2408187c17ee9c21a66bfe3d1..85f075978df43e65664385d143dfead272ccbe38 100644 (file)
--- a/modules/ssl/ssl_engine_vars.c
+++ b/modules/ssl/ssl_engine_vars.c
@@ -576,6 +576,7 @@ static const struct {
     { "G",     NID_givenName,              1 },
     { "S",     NID_surname,                1 },
     { "D",     NID_description,            1 },
+    { "SerialNumber", NID_serialNumber,    1 },
 #ifdef NID_userId
     { "UID",   NID_userId,                 1 },
 #endif