From: Jeff Trawick Date: Mon, 14 Jul 2003 17:28:14 +0000 (+0000) Subject: mod_ssl: Fix a problem setting variables that represent the X-Git-Tag: pre_ajp_proxy~1425 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0420b563577cda129feb02a9f35e3d554ea7fd85;p=apache mod_ssl: Fix a problem setting variables that represent the client certificate chain. PR: 21371 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100605 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index b87d545cbe..0fca3dbe07 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,9 @@ Changes with Apache 2.1.0-dev [Remove entries to the current 2.0 section below, when backported] + *) mod_ssl: Fix a problem setting variables that represent the + client certificate chain. PR 21397 [Jeff Trawick] + *) Remember an authenticated user during internal redirects if the redirection target is not access protected and pass it to scripts using the REDIRECT_REMOTE_USER environment variable. diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index dc63a31640..eeb331c0f2 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -290,7 +290,7 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, char *var) } else if (ssl != NULL && strlen(var) > 18 && strcEQn(var, "CLIENT_CERT_CHAIN_", 18)) { sk = SSL_get_peer_cert_chain(ssl); - result = ssl_var_lookup_ssl_cert_chain(p, sk, var+17); + result = ssl_var_lookup_ssl_cert_chain(p, sk, var+18); } else if (ssl != NULL && strcEQ(var, "CLIENT_VERIFY")) { result = ssl_var_lookup_ssl_cert_verify(p, c);