httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: mod_ssl: inserting cert parameters into headers
Date Fri, 19 Nov 2010 16:02:58 GMT
On Fri, Nov 19, 2010 at 05:17:06PM +0200, Graham Leggett wrote:
> On 19 Nov 2010, at 3:19 PM, Plüm, Rüdiger, VF-Group wrote:
> 
> >Does
> >
> >RequestHeader add some_header %{SSL_ENVIRONMENT_VARIABLE}s
> >
> >not work for you?
> 
> It could, but it isn't very clean at all. You are adding a KV pair
> to one table, then manually copying it into another table.
> 
> If a hook existed to do this, a module might do anything anyone
> wanted to.

Is the concern about copying the bytes?  Not sure I follow this either.  
A fixup hook ordered to run later than ssl_hook_Fixup will always have 
access to the SSL_* vars if +StdEnvVars is configured; such a hook can 
avoid copying from bytes from r->subprocess_env if it wants, I suppose. 
Or are you worried that's not really a concrete API on which you can 
depend?

Generally it is better to *avoid* using +StdEnvVars because it forces 
generation of all the variables (slow and expensive), and use 
ssl_var_lookup to generate only those variables you really need.

Regards, Joe

Mime
View raw message