httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject Supporting "SSL:" in the expression parser via mod_ssl
Date Wed, 30 Sep 2015 21:26:30 GMT
I noticed that currently the expression parser in 2.4/trunk does not 
support the SSL:VARIABLE lookups that mod_rewrite supports.

The expression parser uses ":" as an alternative function call syntax, 
so HTTP:VARIABLE is the same as HTTP(VARIABLE) which in turn executes 
http(VARIABLE). The same is true for ENV:VARIABLE which maps to 
env(VARIABLE) etc.

We already do support the syntax SSL_VARIABLE to look up SSL variables, 
because mod_ssl registers in the expression parser for variables whose 
name starts with "SSL_". But mod_ssl does not register for a function 
named SSL (or ssl), so the SSL: notation does not work.

Is that just an omission, or was that intentional? If not intentional, I 
would apply the following (yet untested) simple patch to trunk mod_ssl 
and propose for backport. It registers the SSL (and ssl) function in the 
expression parser:

Index: modules/ssl/ssl_engine_vars.c
===================================================================
--- modules/ssl/ssl_engine_vars.c       (revision 1706155)
+++ modules/ssl/ssl_engine_vars.c       (working copy)
@@ -149,6 +149,15 @@
      return sslconn ? ssl_var_lookup_ssl(ctx->p, ctx->c, ctx->r, var) : 
NULL;
  }

+static const char *expr_func_fn(ap_expr_eval_ctx_t *ctx, const void *data,
+                                const char *arg)
+{
+    char *var = (char *)arg;
+    SSLConnRec *sslconn = myConnConfig(ctx->c);
+
+    return (var && sslconn) ? ssl_var_lookup_ssl(ctx->p, ctx->c, 
ctx->r, var) : NULL;
+}
+
  static int ssl_expr_lookup(ap_expr_lookup_parms *parms)
  {
      switch (parms->type) {
@@ -163,6 +172,15 @@
              return OK;
          }
          break;
+    case AP_EXPR_FUNC_STRING:
+        /* Function SSL() is implemented by us.
+         */
+        if (strcEQ(parms->name, "SSL")) {
+            *parms->func = expr_func_fn;
+            *parms->data = NULL;
+            return OK;
+        }
+        break;
      case AP_EXPR_FUNC_LIST:
          if (strcEQ(parms->name, "PeerExtList")) {
              *parms->func = expr_peer_ext_list_fn;


Regards,

Rainer

Mime
View raw message