From 0420b563577cda129feb02a9f35e3d554ea7fd85 Mon Sep 17 00:00:00 2001 From: Jeff Trawick Date: Mon, 14 Jul 2003 17:28:14 +0000 Subject: [PATCH] mod_ssl: Fix a problem setting variables that represent the client certificate chain. PR: 21371 git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@100605 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 3 +++ modules/ssl/ssl_engine_vars.c | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index b87d545cbe..0fca3dbe07 100644 --- a/CHANGES +++ b/CHANGES @@ -2,6 +2,9 @@ Changes with Apache 2.1.0-dev [Remove entries to the current 2.0 section below, when backported] + *) mod_ssl: Fix a problem setting variables that represent the + client certificate chain. PR 21397 [Jeff Trawick] + *) Remember an authenticated user during internal redirects if the redirection target is not access protected and pass it to scripts using the REDIRECT_REMOTE_USER environment variable. diff --git a/modules/ssl/ssl_engine_vars.c b/modules/ssl/ssl_engine_vars.c index dc63a31640..eeb331c0f2 100644 --- a/modules/ssl/ssl_engine_vars.c +++ b/modules/ssl/ssl_engine_vars.c @@ -290,7 +290,7 @@ static char *ssl_var_lookup_ssl(apr_pool_t *p, conn_rec *c, char *var) } else if (ssl != NULL && strlen(var) > 18 && strcEQn(var, "CLIENT_CERT_CHAIN_", 18)) { sk = SSL_get_peer_cert_chain(ssl); - result = ssl_var_lookup_ssl_cert_chain(p, sk, var+17); + result = ssl_var_lookup_ssl_cert_chain(p, sk, var+18); } else if (ssl != NULL && strcEQ(var, "CLIENT_VERIFY")) { result = ssl_var_lookup_ssl_cert_verify(p, c); -- 2.50.1