On 28 January 2012 12:53, James Slagle <james.sla...@gmail.com> wrote:
> I have a small patch for mod_wsgi that has enabled me to use
> WSGIAccessScript and have access to the client SSL certificate.
>
> The patch makes it so that the mod_ssl hooks that are registered at
> APR_HOOK_MIDDLE are run before wsgi_hook_access_checker
> hook. This makes it so that I can use mod_ssl.var_lookup to get the
> value of the client certificate.
>
> Here's the patch against mod_wsgi tip:
> diff -r 8633d5afeea8 mod_wsgi.c
> --- a/mod_wsgi.c Tue Apr 19 11:33:51 2011 +1000
> +++ b/mod_wsgi.c Fri Jan 27 20:52:25 2012 -0500
> @@ -14880,6 +14880,7 @@
> #endif
>
> static const char * const p6[] = { "mod_python.c", NULL };
> + static const char * const p7[] = { "mod_ssl.c", NULL };
>
> ap_hook_post_config(wsgi_hook_init, p6, NULL, APR_HOOK_MIDDLE);
> ap_hook_child_init(wsgi_hook_child_init, p6, NULL,
> APR_HOOK_MIDDLE);
> @@ -14908,7 +14909,7 @@
> ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "wsgi-group",
> AUTHZ_PROVIDER_VERSION,
> &wsgi_authz_provider);
> #endif
> - ap_hook_access_checker(wsgi_hook_access_checker, NULL, n5,
> APR_HOOK_MIDDLE);
> + ap_hook_access_checker(wsgi_hook_access_checker, p7, n5,
> APR_HOOK_MIDDLE);
> #endif
> }
>
> We're actually using mod_wsgi 3.3, and the patch works there as well.
That is a reasonable solution actually.
I have created:
http://code.google.com/p/modwsgi/issues/detail?id=257
to remind myself to look at it properly and make change if no obvious problems.
Not sure if you have mentioned you were doing this before, I don't remember it.
Graham
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To post to this group, send email to modwsgi@googlegroups.com.
To unsubscribe from this group, send email to
modwsgi+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/modwsgi?hl=en.
