From f391e38c388762ec930cd53d9d5897b98e991552 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Wed, 20 Apr 2016 22:13:45 +0200
Subject: inets: Add peer_cert to ESI environment

---
 lib/inets/src/http_server/httpd_example.erl    | 18 +++++++++++++++++-
 lib/inets/src/http_server/httpd_script_env.erl | 14 ++++++++++++++
 2 files changed, 31 insertions(+), 1 deletion(-)

(limited to 'lib/inets/src')

diff --git a/lib/inets/src/http_server/httpd_example.erl b/lib/inets/src/http_server/httpd_example.erl
index 366e37742b..424d269859 100644
--- a/lib/inets/src/http_server/httpd_example.erl
+++ b/lib/inets/src/http_server/httpd_example.erl
@@ -20,7 +20,7 @@
 %%
 -module(httpd_example).
 -export([print/1]).
--export([get/2, post/2, yahoo/2, test1/2, get_bin/2]).
+-export([get/2, post/2, yahoo/2, test1/2, get_bin/2, peer/2]).
 
 -export([newformat/3]).
 %% These are used by the inets test-suite
@@ -94,10 +94,26 @@ default(Env,Input) ->
    io_lib:format("~p",[httpd:parse_query(Input)]),"\n",
    footer()].
 
+peer(Env, Input) ->
+   Header = 
+     case proplists:get_value(peer_cert, Env) of
+       undefined ->
+   	 header("text/html", "Peer-Cert-Exist:false");
+      _ ->
+         header("text/html", "Peer-Cert-Exist:true")
+     end,
+   [Header,
+   top("Test peer_cert environment option"),
+   "<B>Peer cert:</B> ",
+   io_lib:format("~p",[proplists:get_value(peer_cert, Env)]),"\n",
+   footer()].	   	 
+
 header() ->
   header("text/html").
 header(MimeType) ->
   "Content-type: " ++ MimeType ++ "\r\n\r\n".
+header(MimeType, Other) ->
+  "Content-type: " ++ MimeType ++ "\r\n" ++ Other ++ "\r\n\r\n".			 
 
 top(Title) ->
   "<HTML>
diff --git a/lib/inets/src/http_server/httpd_script_env.erl b/lib/inets/src/http_server/httpd_script_env.erl
index 25f9bea7b3..e15613273e 100644
--- a/lib/inets/src/http_server/httpd_script_env.erl
+++ b/lib/inets/src/http_server/httpd_script_env.erl
@@ -61,6 +61,19 @@ which_port(#mod{config_db = ConfigDb}) ->
 which_peername(#mod{init_data = #init_data{peername = {_, RemoteAddr}}}) ->
     RemoteAddr.
 
+which_peercert(#mod{socket_type = {Type, _}, socket = Socket}) when Type == essl;
+								    Type == ssl ->
+    case ssl:peercert(Socket) of
+	{ok, Cert} ->
+	    Cert;
+	{error, no_peercert} -> 
+	    no_peercert;
+	_  ->
+	    undefined
+    end;
+which_peercert(_) -> %% Not an ssl connection
+    undefined.
+
 which_resolve(#mod{init_data = #init_data{resolve = Resolve}}) ->
     Resolve.
 
@@ -78,6 +91,7 @@ create_basic_elements(esi, ModData) ->
      {server_port,       which_port(ModData)},
      {request_method,    which_method(ModData)},
      {remote_addr,       which_peername(ModData)},
+     {peer_cert,         which_peercert(ModData)},
      {script_name,       which_request_uri(ModData)}];
 
 create_basic_elements(cgi, ModData) ->
-- 
cgit v1.2.3