Browse Source

[mod_openssl] allow ssl.verifyclient on url paths (fixes #2245)

re-patch mod_openssl config within the request so that per-request
settings can be applied, such as activating client cert verification
for specific URL paths.

(This can be used in conjunction with auth.backend = "extern"
 to require auth to occur)

x-ref:
  "SSL : authenticate only clients for a particular URL"
  https://redmine.lighttpd.net/issues/2245
personal/stbuehler/mod-csrf
Glenn Strauss 6 years ago
parent
commit
20946a8b92
  1. 1
      src/mod_openssl.c

1
src/mod_openssl.c

@ -1501,6 +1501,7 @@ CONNECTION_FUNC(mod_openssl_handle_uri_raw)
handler_ctx *hctx = con->plugin_ctx[p->id];
if (NULL == hctx) return HANDLER_GO_ON;
mod_openssl_patch_connection(srv, con, hctx);
if (hctx->conf.ssl_verifyclient) {
mod_openssl_handle_request_env(srv, con, p);
}

Loading…
Cancel
Save