Mercurial > hg > nginx

diff src/http/modules/ngx_http_ssl_module.c @ 6780:56d6bfe6b609

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
SSL: RFC2253 compliant $ssl_client_s_dn and $ssl_client_i_dn. Originally, the variables kept a result of X509_NAME_oneline(), which is, according to the official documentation, a legacy function. It produces a non standard output form and has various quirks and inconsistencies. The RFC2253 compliant behavior is introduced for these variables. The original variables are available through $ssl_client_s_dn_legacy and $ssl_client_i_dn_legacy.
author Dmitry Volyntsev <xeioex@nginx.com>
date Fri, 21 Oct 2016 16:28:39 +0300
parents 04d8d1f85649
children 2d15fff64e3c
line wrap: on
line diff
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -298,6 +298,12 @@ static ngx_http_variable_t  ngx_http_ssl
     { ngx_string("ssl_client_i_dn"), NULL, ngx_http_ssl_variable,
       (uintptr_t) ngx_ssl_get_issuer_dn, NGX_HTTP_VAR_CHANGEABLE, 0 },
 
+    { ngx_string("ssl_client_s_dn_legacy"), NULL, ngx_http_ssl_variable,
+      (uintptr_t) ngx_ssl_get_subject_dn_legacy, NGX_HTTP_VAR_CHANGEABLE, 0 },
+
+    { ngx_string("ssl_client_i_dn_legacy"), NULL, ngx_http_ssl_variable,
+      (uintptr_t) ngx_ssl_get_issuer_dn_legacy, NGX_HTTP_VAR_CHANGEABLE, 0 },
+
     { ngx_string("ssl_client_serial"), NULL, ngx_http_ssl_variable,
       (uintptr_t) ngx_ssl_get_serial_number, NGX_HTTP_VAR_CHANGEABLE, 0 },