Project

General

Profile

Feature #1288 » lighttpd-1.4.28-clientvalidation-serialenv.patch

cicik, 2010-10-23 13:54

View differences:

lighttpd-1.4.28/src/response.c 2010-10-23 13:27:36.000000000 +0200
136 136
	X509 *xs;
137 137
	X509_NAME *xn;
138 138
	X509_NAME_ENTRY *xe;
139
	ASN1_INTEGER *xsn;
139 140
	int i, nentries;
140 141

  
141 142
	if (
......
199 200
			array_insert_unique(con->environment, (data_unset *)envds);
200 201
		}
201 202
	}
203

  
204
	/* Also got serial of the certificate */
205
	xsn = X509_get_serialNumber(xs);
206
	if (xsn)
207
	{
208
		data_string *envds;
209

  
210
		char * serialHex;
211
		BIGNUM *serialBN = NULL;
212

  
213
		serialBN = ASN1_INTEGER_to_BN(xsn,NULL);
214
		serialHex = BN_bn2hex(serialBN);
215

  
216
		if (NULL == (envds = (data_string *)array_get_unused_element(con->environment, TYPE_STRING))) {
217
			envds = data_string_init();
218
		}
219

  
220
		buffer_copy_string_len(envds->key, CONST_STR_LEN("SSL_CLIENT_M_SERIAL"));
221
		buffer_copy_string(
222
			envds->value,
223
			serialHex
224
		);
225
		if (buffer_is_equal(con->conf.ssl_verifyclient_username, envds->key)) {
226
			buffer_copy_string_buffer(con->authed_user, envds->value);
227
		}
228
		array_insert_unique(con->environment, (data_unset *)envds);
229
	}
230

  
202 231
	X509_free(xs);
203 232
}
204 233
#endif
(12-12/12)