On Tue, Sep 29, 1998, [EMAIL PROTECTED] wrote:
> I use kerberos authentification and I don't want everyone's passwd to
> travel plain text across the net. I know I could simply protect
> directories by using SSLrequireSSL: but:
> -for most of the docs of the site, ssl isn't needed;
> -People are allowed to set up their own authentification policies by
> using .htaccess files, however, I don't want to rely on them having
> thought of using SSLrequireSSL.
>
> So want I want to do, is either:
> -discover that miraculously there was an undocumented function called
> SSLRequireSSLforAuthentification;
> -or have someone nice to tell me wich variable to check to see if SSL is
> active (not just enabled: actually being used!) in order to modify
> mod_auth_kerb to give an error if trying to authentify without ssl. I am
> not brillant at C (although I am shameful not to be), so a full fully
> operational expression yielding a boolean would be just great.
You can use:
#if defined(APACHE_SSL) || defined(MOD_SSL) || defined(STRONGHOLD)
if (r->connection->client->ssl != NULL) {
...SSL this stuff only for SSL enabled...
}
#endif
The ifdef's are needed because the client->ssl attribute only exists when
mod_ssl is compiled into Apache.
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to SSLeay (mod_ssl) www.engelschall.com/sw/mod_ssl/
Official Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
