On Wed, May 19, 1999, [EMAIL PROTECTED] wrote:
> This patch makes the ssl session id available via the environment variable
> SSL_SESSION_ID. Apache modules may obtain this ssl session id via the
> "ap::mod_ssl::var_lookup" EAPI hook. The value of this ssl session id is
> actually the concatenation of the hex representation of each byte in the
> ssl session id. For example, running this through printenv produces:
>
> SSL_SESSION_ID = bd1c692524d2d3648cb8c87bf71111484eb5dd81777659b479b2dbfbc3ec5d2
Fine, good idea. I'll take it over for 2.3.0.
> The idea behind this is to make the ssl session id available so that other
> modules may use the ssl session id as a `key' into their own session table.
>
> + result = ap_psprintf(p, "%x%s",
>pSession->session_id[i],
> +
>result);
> [...]
Is there a reason why you reverse the bytes?
I think it should be ``..."%s%x", result, pSessio..''.
OTOH you can use ssl_scache_id2sz() for this task....
Ralf S. Engelschall
[EMAIL PROTECTED]
www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
