forked from solderpunk/molly-brown
Pass some client cert information to CGI programs.
This commit is contained in:
parent
6f3887bdc4
commit
7ffbb6c6ef
16
handler.go
16
handler.go
|
@ -3,8 +3,10 @@ package main
|
||||||
import (
|
import (
|
||||||
"bufio"
|
"bufio"
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/sha256"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
|
"encoding/hex"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
|
@ -249,6 +251,20 @@ func handleCGI(config Config, path string, URL *url.URL, clientCerts []*x509.Cer
|
||||||
"SERVER_PROTOCL=GEMINI",
|
"SERVER_PROTOCL=GEMINI",
|
||||||
"SERVER_SOFTWARE=MOLLY_BROWN",
|
"SERVER_SOFTWARE=MOLLY_BROWN",
|
||||||
}
|
}
|
||||||
|
// Add client cert variables
|
||||||
|
if len(clientCerts) > 0 {
|
||||||
|
cert := clientCerts[0]
|
||||||
|
fingerprint := sha256.Sum256(cert.Raw)
|
||||||
|
cmd.Env = append(cmd.Env,
|
||||||
|
"TLS_CLIENT_HASH=" + hex.EncodeToString(fingerprint[:]),
|
||||||
|
"TLS_CLIENT_ISSUER=" + cert.Issuer.String(),
|
||||||
|
"TLS_CLIENT_ISSUER_CN=" + cert.Issuer.CommonName,
|
||||||
|
"TLS_CLIENT_SUBJECT=" + cert.Subject.String(),
|
||||||
|
"TLS_CLIENT_SUBJECT_CN=" + cert.Subject.CommonName,
|
||||||
|
)
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
response, err := cmd.Output()
|
response, err := cmd.Output()
|
||||||
if ctx.Err() == context.DeadlineExceeded {
|
if ctx.Err() == context.DeadlineExceeded {
|
||||||
conn.Write([]byte("42 CGI process timed out!\r\n"))
|
conn.Write([]byte("42 CGI process timed out!\r\n"))
|
||||||
|
|
Loading…
Reference in New Issue