On 28 January 2012 12:53, James Slagle <james.sla...@gmail.com> wrote: > I have a small patch for mod_wsgi that has enabled me to use > WSGIAccessScript and have access to the client SSL certificate. > > The patch makes it so that the mod_ssl hooks that are registered at > APR_HOOK_MIDDLE are run before wsgi_hook_access_checker > hook. This makes it so that I can use mod_ssl.var_lookup to get the > value of the client certificate. > > Here's the patch against mod_wsgi tip: > diff -r 8633d5afeea8 mod_wsgi.c > --- a/mod_wsgi.c Tue Apr 19 11:33:51 2011 +1000 > +++ b/mod_wsgi.c Fri Jan 27 20:52:25 2012 -0500 > @@ -14880,6 +14880,7 @@ > #endif > > static const char * const p6[] = { "mod_python.c", NULL }; > + static const char * const p7[] = { "mod_ssl.c", NULL }; > > ap_hook_post_config(wsgi_hook_init, p6, NULL, APR_HOOK_MIDDLE); > ap_hook_child_init(wsgi_hook_child_init, p6, NULL, > APR_HOOK_MIDDLE); > @@ -14908,7 +14909,7 @@ > ap_register_provider(p, AUTHZ_PROVIDER_GROUP, "wsgi-group", > AUTHZ_PROVIDER_VERSION, > &wsgi_authz_provider); > #endif > - ap_hook_access_checker(wsgi_hook_access_checker, NULL, n5, > APR_HOOK_MIDDLE); > + ap_hook_access_checker(wsgi_hook_access_checker, p7, n5, > APR_HOOK_MIDDLE); > #endif > } > > We're actually using mod_wsgi 3.3, and the patch works there as well.
That is a reasonable solution actually. I have created: http://code.google.com/p/modwsgi/issues/detail?id=257 to remind myself to look at it properly and make change if no obvious problems. Not sure if you have mentioned you were doing this before, I don't remember it. Graham -- You received this message because you are subscribed to the Google Groups "modwsgi" group. To post to this group, send email to modwsgi@googlegroups.com. To unsubscribe from this group, send email to modwsgi+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/modwsgi?hl=en.