"Ralf S. Engelschall" <[EMAIL PROTECTED]> writes:
> On Wed, May 19, 1999, [EMAIL PROTECTED] wrote:
>
> > This patch makes the ssl session id available via the environment variable
> > SSL_SESSION_ID. Apache modules may obtain this ssl session id via the
> > "ap::mod_ssl::var_lookup" EAPI hook. The value of this ssl session id is
> > actually the concatenation of the hex representation of each byte in the
> > ssl session id. For example, running this through printenv produces:
> >
> > SSL_SESSION_ID = bd1c692524d2d3648cb8c87bf71111484eb5dd81777659b479b2dbfbc3ec5d2
>
> Fine, good idea. I'll take it over for 2.3.0.
Cool. Thanks.
>
> > The idea behind this is to make the ssl session id available so that other
> > modules may use the ssl session id as a `key' into their own session table.
> >
> > + result = ap_psprintf(p, "%x%s",
>pSession->session_id[i],
> > +
>result);
> > [...]
>
> Is there a reason why you reverse the bytes?
> I think it should be ``..."%s%x", result, pSessio..''.
No. It really doesn't matter, to me, in what order the bytes are. So long
as it's consistent of course. Are the bytes really reversed?
> OTOH you can use ssl_scache_id2sz() for this task....
Ah. I didn't know about that. Thanks again.
-Tom
--
Tom Vaughan <tvaughan at aventail dot com>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
