httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: Use of X509_NAME_oneline in mod_ssl
Date Wed, 20 Oct 2004 07:37:01 GMT
On Wed, Oct 20, 2004 at 12:13:14AM -0700, Madhusudan Mathihalli wrote:
> On Sat, 16 Oct 2004 07:58:57 +0100, Joe Orton <jorton@redhat.com> wrote:
> > Changing just the _DN variable format with a config directive sounds OK.
> > Adding new variables would be an alternative, but the names would
> > probably get *really* ugly...
> > 
> That is correct - I should've been more clear in my mail. What I
> really meant was to give options like
> DNFormat SSL_SERVER_S_DN default
> DNFormat SSL_CLIENT_S_DN rfc2253

Actually I do wonder whether just adding new variable names

  SSL_{SERVER,CLIENT}_{I,S}_2253DN

is the best way.  If you have other modules which are accessing the DNs
directly from ssl_var_lookup you may not want to change the DN format
for them, but you do for some script, or vice versa.  Those names aren't
so ugly, and it saves adding more config directives.  What do you
reckon?

joe

Mime
View raw message