Add the SECURE_RENEG environment variable

author: Rob Crittenden <rcritten@redhat.com> 2015-09-24 22:45:57 -0400
committer: Rob Crittenden <rcritten@redhat.com> 2015-10-02 16:51:56 -0400
commit: cf1bfa65919c137008982a646249ed60b5283725 (patch)
tree: 5be45529750246ba761bd041570e432d9ebeb361
parent: 939dd39cb0e45fc70f0ed02d2b4e335a8c864856 (diff)
download: mod_nss-cf1bfa65919c137008982a646249ed60b5283725.tar.gz
mod_nss-cf1bfa65919c137008982a646249ed60b5283725.tar.xz
mod_nss-cf1bfa65919c137008982a646249ed60b5283725.zip
2 files changed, 8 insertions, 0 deletions
diff --git a/nss_engine_kernel.c b/nss_engine_kernel.c
index 9ce1411..93e7c74 100644
--- a/nss_engine_kernel.c
+++ b/nss_engine_kernel.c
@@ -795,6 +795,7 @@ static const char *nss_hook_Fixup_vars[] = {
     "SSL_VERSION_INTERFACE",
     "SSL_VERSION_LIBRARY",
     "SSL_PROTOCOL",
+    "SSL_SECURE_RENEG",
     "SSL_CIPHER",
     "SSL_CIPHER_NAME",
     "SSL_CIPHER_EXPORT",
diff --git a/nss_engine_vars.c b/nss_engine_vars.c
index 7a0d08b..5c83408 100644
--- a/nss_engine_vars.c
+++ b/nss_engine_vars.c
@@ -352,6 +352,13 @@ static char *nss_var_lookup_ssl(apr_pool_t *p, conn_rec *c, char *var)
             PORT_Free(hostInfo);
         }
     }
+    else if (ssl != NULL && strcEQ(var, "SECURE_RENEG")) {
+        PRInt32 flag = 0;
+#ifdef SSL_ENABLE_RENEGOTIATION
+        SSL_OptionGet(ssl, SSL_ENABLE_RENEGOTIATION, &flag);
+#endif
+        result = apr_pstrdup(p, flag ? "true" : "false");
+    }
 
     return result;
 }
author	Rob Crittenden <rcritten@redhat.com>	2015-09-24 22:45:57 -0400
committer	Rob Crittenden <rcritten@redhat.com>	2015-10-02 16:51:56 -0400
commit	cf1bfa65919c137008982a646249ed60b5283725 (patch)
tree	5be45529750246ba761bd041570e432d9ebeb361
parent	939dd39cb0e45fc70f0ed02d2b4e335a8c864856 (diff)
download	mod_nss-cf1bfa65919c137008982a646249ed60b5283725.tar.gz mod_nss-cf1bfa65919c137008982a646249ed60b5283725.tar.xz mod_nss-cf1bfa65919c137008982a646249ed60b5283725.zip