httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Fritsch ...@sfritsch.de>
Subject Re: Supporting "SSL:" in the expression parser via mod_ssl
Date Mon, 05 Oct 2015 22:44:06 GMT
On Wednesday 30 September 2015 23:26:30, Rainer Jung wrote:
> I noticed that currently the expression parser in 2.4/trunk does not
> support the SSL:VARIABLE lookups that mod_rewrite supports.
> 
> The expression parser uses ":" as an alternative function call
> syntax, so HTTP:VARIABLE is the same as HTTP(VARIABLE) which in
> turn executes http(VARIABLE). The same is true for ENV:VARIABLE
> which maps to env(VARIABLE) etc.
> 
> We already do support the syntax SSL_VARIABLE to look up SSL
> variables, because mod_ssl registers in the expression parser for
> variables whose name starts with "SSL_". But mod_ssl does not
> register for a function named SSL (or ssl), so the SSL: notation
> does not work.
> 
> Is that just an omission, or was that intentional? If not
> intentional, I would apply the following (yet untested) simple
> patch to trunk mod_ssl and propose for backport. It registers the
> SSL (and ssl) function in the expression parser:

I think that was just an omission. +1 to your patch.

> 
> Index: modules/ssl/ssl_engine_vars.c
> ===================================================================
> --- modules/ssl/ssl_engine_vars.c       (revision 1706155)
> +++ modules/ssl/ssl_engine_vars.c       (working copy)
> @@ -149,6 +149,15 @@
>       return sslconn ? ssl_var_lookup_ssl(ctx->p, ctx->c, ctx->r,
> var) : NULL;
>   }
> 
> +static const char *expr_func_fn(ap_expr_eval_ctx_t *ctx, const void
> *data, +                                const char *arg)
> +{
> +    char *var = (char *)arg;
> +    SSLConnRec *sslconn = myConnConfig(ctx->c);
> +
> +    return (var && sslconn) ? ssl_var_lookup_ssl(ctx->p, ctx->c,
> ctx->r, var) : NULL;
> +}
> +
>   static int ssl_expr_lookup(ap_expr_lookup_parms *parms)
>   {
>       switch (parms->type) {
> @@ -163,6 +172,15 @@
>               return OK;
>           }
>           break;
> +    case AP_EXPR_FUNC_STRING:
> +        /* Function SSL() is implemented by us.
> +         */
> +        if (strcEQ(parms->name, "SSL")) {
> +            *parms->func = expr_func_fn;
> +            *parms->data = NULL;
> +            return OK;
> +        }
> +        break;
>       case AP_EXPR_FUNC_LIST:
>           if (strcEQ(parms->name, "PeerExtList")) {
>               *parms->func = expr_peer_ext_list_fn;
> 
> 
> Regards,
> 
> Rainer


Mime
View raw message