Feature #1288 » lighty-clientvalidation-serialenv.patch
lighttpd-1.4.19/src/response.c 2008-05-21 16:57:57.000000000 +0200 | ||
---|---|---|
X509 *xs;
|
||
X509_NAME *xn;
|
||
X509_NAME_ENTRY *xe;
|
||
ASN1_INTEGER *xsn;
|
||
if (
|
||
SSL_get_verify_result(con->ssl) != X509_V_OK
|
||
|| !(xs = SSL_get_peer_certificate(con->ssl))
|
||
... | ... | |
}
|
||
array_insert_unique(con->environment, (data_unset *)envds);
|
||
}
|
||
/* Also got serial of the certificate */
|
||
xsn = X509_get_serialNumber(xs);
|
||
if (xsn)
|
||
{
|
||
data_string *envds;
|
||
char * serialHex;
|
||
BIGNUM *serialBN = NULL;
|
||
serialBN = ASN1_INTEGER_to_BN(xsn,NULL);
|
||
serialHex = BN_bn2hex(serialBN);
|
||
if (NULL == (envds = (data_string *)array_get_unused_element(con->environment, TYPE_STRING))) {
|
||
envds = data_string_init();
|
||
}
|
||
buffer_copy_string_len(envds->key, CONST_STR_LEN("SSL_CLIENT_M_SERIAL"));
|
||
buffer_copy_string(
|
||
envds->value,
|
||
serialHex
|
||
);
|
||
if (buffer_is_equal(con->conf.ssl_verifyclient_username, envds->key)) {
|
||
buffer_copy_string_buffer(con->authed_user, envds->value);
|
||
}
|
||
array_insert_unique(con->environment, (data_unset *)envds);
|
||
}
|
||
X509_free(xs);
|
||
}
|
||
#endif
|