I am prototyping an Apache module that performs certain security compliance
checks, one aspect of which requires access to the SSL_CTX that mod_ssl
creates for an SSL enabled server.
Access to that object is currently through the SSLSrvConfigRec->server
and modssl_ctx_t->ssl_ctx structures, which works well but I would like to
avoid directly accessing these private structures if possible.
It would be nice if the public API of mod_ssl (perhaps exposed in
ssl_util_ssl.h) defined a function such as:
/* please be a function not a macro! */
SSL_CTX *sslctx_from_server(server_rec *s)
{
SSLSrvConfigRec *sc = mySrvConfig(s);
if (sc && sc->enabled > 0) {
return sc->server->ssl_ctx;
}
return NULL;
}
Of course if there is a better way to go about it glad to hear it!
Thanks.
