Klaus Demo nginx / 81f9c9d
$ssl_client_cert Igor Sysoev 14 years ago
3 changed file(s) with 55 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
18781878
18791879
18801880 ngx_int_t
1881 ngx_ssl_get_certificate(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
1882 {
1883 size_t len;
1884 BIO *bio;
1885 X509 *cert;
1886
1887 s->len = 0;
1888
1889 cert = SSL_get_peer_certificate(c->ssl->connection);
1890 if (cert == NULL) {
1891 return NGX_OK;
1892 }
1893
1894 bio = BIO_new(BIO_s_mem());
1895 if (bio == NULL) {
1896 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "BIO_new() failed");
1897 X509_free(cert);
1898 return NGX_ERROR;
1899 }
1900
1901 if (PEM_write_bio_X509(bio, cert) == 0) {
1902 ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "PEM_write_bio_X509() failed");
1903 goto failed;
1904 }
1905
1906 len = BIO_pending(bio);
1907 s->len = len;
1908
1909 s->data = ngx_palloc(pool, len);
1910 if (s->data == NULL) {
1911 goto failed;
1912 }
1913
1914 BIO_read(bio, s->data, len);
1915
1916 BIO_free(bio);
1917 X509_free(cert);
1918
1919 return NGX_OK;
1920
1921 failed:
1922
1923 BIO_free(bio);
1924 X509_free(cert);
1925
1926 return NGX_ERROR;
1927 }
1928
1929
1930 ngx_int_t
18811931 ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
18821932 {
18831933 char *p;
120120 ngx_str_t *s);
121121 ngx_int_t ngx_ssl_get_cipher_name(ngx_connection_t *c, ngx_pool_t *pool,
122122 ngx_str_t *s);
123 ngx_int_t ngx_ssl_get_certificate(ngx_connection_t *c, ngx_pool_t *pool,
124 ngx_str_t *s);
123125 ngx_int_t ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool,
124126 ngx_str_t *s);
125127 ngx_int_t ngx_ssl_get_issuer_dn(ngx_connection_t *c, ngx_pool_t *pool,
181181 { ngx_string("ssl_cipher"), NULL, ngx_http_ssl_static_variable,
182182 (uintptr_t) ngx_ssl_get_cipher_name, NGX_HTTP_VAR_CHANGEABLE, 0 },
183183
184 { ngx_string("ssl_client_cert"), NULL, ngx_http_ssl_variable,
185 (uintptr_t) ngx_ssl_get_certificate, NGX_HTTP_VAR_CHANGEABLE, 0 },
186
184187 { ngx_string("ssl_client_s_dn"), NULL, ngx_http_ssl_variable,
185188 (uintptr_t) ngx_ssl_get_subject_dn, NGX_HTTP_VAR_CHANGEABLE, 0 },
186189