>-----Original Message----- >From: Marc Stern [mailto:[EMAIL PROTECTED] >Sent: Wednesday, May 12, 2004 11:35 PM >To: [EMAIL PROTECTED] >Subject: Re: SSL_CLIENT_S_DN and proxy > > >From what I understand - and it seems confirmed by the test I >made - the header is modified (created) before Apache >populates the value. I tried with the header HTTP_HOST >"RequestHeader set X-HOST %{HTTP_HOST}e)", and the header is >created, but empty. > >Is the same feature available, but at the end of the treatment ? >
That is correct - I had a similar requirement from a customer some time back. The current method (using SSLOptions +StdEnvVars and RequestHeader) suffers from 2 drawbacks: 1. (the one you pointed out) 2. With "SSLOptions +StdEnvVars" set, the performance degrades by almost 20%. To get around the problem, I used a optional function from mod_ssl (ssl_getenv) to get the variable values, and invoke it from mod_headers if/when it's available - this fixes both (1) and (2). I'll post the patch shortly - and if people don't see any issues, I can submit it to the CVS also. -Madhu
