I'm trying to do this as a PerlAuthenHandler, so it should be well past
mod_ssl's involvement, but before the fixup stage. Trying to print out
MOD_PERL either through a subprocess or ENV fails. So maybe I'm in
bigger trouble than I thought?
--Ryan
On Mon, 2003-06-09 at 14:26, Issac Goldstand wrote:
> Ryan,
> Ust out of curiosity, at what stage in the request chain are you doing
> this? If you are doing anything before mod_ssl populates its environment
> variables (which I seem to rembmer being at Fixup, although I may be
> confusing with something else), you wouldn't be able to access them. You
> *should* still be able to get to other Apache environment variables.....
> Try an easy one: test for mod_perl. If that works, your environment
> variables are OK, and it's likely a mod_ssl problem that you're having.
>
> Issac
>
> ----- Original Message -----
> From: "Ryan Muldoon" <[EMAIL PROTECTED]>
> To: "Geoffrey Young" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Monday, June 09, 2003 10:13 PM
> Subject: Re: getting *any* variables out of the server environment
>
>
> > Geoffrey,
> >
> > Thanks for the explanation. Unfortunately, I think I am still a little
> > unclear as to how to proceed. If I understand you correctly, my first
> > method is completely wrongheaded. (I tried this because it is how the
> > "Writing Apache Modules with Perl and C" does it. p.327) So it sounds
> > like the second way is the appropriate usage for subprocess_env(). But
> > it seems like you're saying that I shouldn't be using that at all.
> > Specifically, here is what I'd like to get out of the environment:
> > SSL_CLIENT_S_DN_CN
> > SSL_CLIENT_S_DN_O
> > and things of that nature. According to mod_ssl's documentation, these
> > are put in ENV upon processing of a client certificate. Ideally, I'd
> > like to make which fields to extract configurable, so I don't want to
> > hard-code.
> >
> > Currently, I have
> > PerlPassEnv SSL_CLIENT_S_DN_O
> > PerlPassEnv SSL_CLIENT_S_DN_CN
> > in my httpd.conf, but it doesn't seem to make any kind of difference.
> > To make sure it isn't just mod_ssl being lame for some reason, I've
> > tried it with DOCUMENT_ROOT and other standard ENV variables. But to no
> > avail. :(
> >
> > --Ryan
> >
> > On Mon, 2003-06-09 at 13:59, Geoffrey Young wrote:
> > > Ryan Muldoon wrote:
> > > > I'm not able to get *any* variables out from the apache server
> > > > environment.
> > >
> > > ok, first off, this is a two step process for Apache. the first step is
> > > that modules (like mod_ssl) populate the subprocess_env table with
> various
> > > values. then, modules like mod_cgi and mod_perl come along and populate
> > > %ENV with the values from subprocess_env as well as various other CGI
> > > specific variables (like DOCUMENT_ROOT or whatever else there is). the
> > > point is that you're really not after environment variables if you want
> to
> > > test for something like $r->subprocess_env('HTTPS') - that it ends up as
> > > $ENV{HTTPS} is a byproduct of modules like mod_cgi and mod_perl.
> > >
> > > just for your own edification :)
> > >
> > > > As you might be able to imagine, this is extremely
> > > > frustrating, and inhibits my ability to do anything of use with
> > > > mod_perl. My basic technique has been:
> > > > my $uri = $r->uri;
> > > > return unless $r->is_main();
> > > > my $subr = $r->lookup_uri($uri);
> > > > my $apachecertcomp = $subr->subprocess_env($certcomponent);
> > >
> > > I don't understand the need for a subrequest to the same URI -
> > > subprocess_env has nothing to do with an actual subprocess. each
> request
> > > (including subrequests) have their own subprocess_env table attached to
> $r.
> > > in many cases, modules are coded to behave differently for subrequests
> > > than for the main request, so something you may see in
> $r->subprocess_env()
> > > could not be in $r->lookup_uri($uri)->subprocess_env().
> > >
> > > > But this doesn't work. I also tried
> > > > my $var = $r->subprocess_env("VARIABLE_NAME");
> > > > And this does not work either. I really need to be able to use
> > > > environment variables that mod_ssl sets in my authentication handler.
> > >
> > > a few things here too. for the reasons described above,
> subprocess_env() is
> > > not a substitute for %ENV, so if what you want is a true %ENV value
> (such as
> > > those from PerlPassEnv), you will not be able to get to it via
> > > $r->subprocess_env().
> > >
> > > > Any ideas? Thanks!
> > >
> > > HTH
> > >
> > > --Geoff
> > >
> > >
> > >
> >
>
