[see the "Linux -- Strongly Advise Against..." message for the ssh patch, sorry] Ok, now here's my question to the OpenSSL list, since I know Ralf and Ben read it. Where should I go to look for/talk about how I may patch mod_ssl to overwrite the REMOTE_USER environment variable with the value of SSL_CLIENT_S_DN_CN if I turn on an option, let's call it +SSLRemoteUser, for a Location element? I would like to make mod_ssl / ApacheSSL act in a fashion that lets Apache Jserv users transparently create sessions based on the contents of a user's DN_CN, and the Servlet API only specifies that servers ought to jam this information into the value retrieved by req.getRemoteUser(). So I went to the bookstore and bought the Apache module book, but it's still unclear to me where I need to start. I have programmed in C/C++ off and on for two years so it's more a matter of guidance than syntax. Anyways, any assistance would be greatly appreciated because this will then let the Java-Apache project "Dash" able to use client-side SSL yet remain server-independent. I sent Ralf an email and looked for a mod_ssl developer list of some sort, as well, but neither has been fruitful yet. Any help will be much appreciated (and ought to make it into mod_ssl 2.3.x with any luck). Thanks in advance, --tim ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
