From e1e8233759f835025f15da302f2a37ff6845d600 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 20 Apr 2016 22:13:45 +0200 Subject: inets: Add peer_cert to ESI environment --- lib/inets/doc/src/mod_esi.xml | 66 +++++++++++++++++++++----- lib/inets/src/http_server/httpd_example.erl | 18 ++++++- lib/inets/src/http_server/httpd_script_env.erl | 14 ++++++ lib/inets/test/httpd_SUITE.erl | 14 +++++- 4 files changed, 98 insertions(+), 14 deletions(-) (limited to 'lib/inets') diff --git a/lib/inets/doc/src/mod_esi.xml b/lib/inets/doc/src/mod_esi.xml index 66c59a0c60..c2fb60c416 100644 --- a/lib/inets/doc/src/mod_esi.xml +++ b/lib/inets/doc/src/mod_esi.xml @@ -23,10 +23,6 @@ mod_esi - Joakim Grebenö - - 1997-10-14 - 2.2 mod_esi.sgml mod_esi @@ -39,6 +35,56 @@ +
+ DATA TYPES +

The following data types are used in the functions for mod_esi:

+ + + env() = +

{EnvKey()::atom(), Value::term()}

+
+ +

Currently supported key value pairs

+ + + {server_software, string()} +

Indicates the inets version.

+ + {server_name, string()} +

The local hostname.

+ + {gateway_interface, string()} +

Legacy string used in CGI, just ignore.

+ + {server_protocol, string()} +

HTTP version, currently "HTTP/1.1"

+ + {server_port, integer()} +

Servers port number.

+ + {request_method, "GET | "PUT" | "DELETE | "POST" | "PATCH"} + + {remote_adress, inet:ip_address()} +

The clients ip address.

+ + {peer_cert, undefined | no_peercert | DER:binary() + +

For TLS connections where client certificates are used this will + be an ASN.1 DER-encoded X509-certificate as an Erlang binary. + If client certificates are not used the value will be no_peercert, + and if TLS is not used (HTTP or connection is lost due to network failure) + the value will be undefined. +

+ + {script_name, string()} +

Request URI

+ + {http_LowerCaseHTTPHeaderName, string()} +

example: {http_content_type, "text/html"}

+
+ +
+ deliver(SessionID, Data) -> ok | {error, Reason} @@ -63,11 +109,11 @@ overhead. Do not assume anything about the data type of SessionID. SessionID must be the value given as input to the ESI callback function that you implemented.

- +
- +
ESI Callback Functions
@@ -78,9 +124,7 @@ to the server process by calling mod_esi:deliver/2. SessionID = term() - Env = [EnvironmentDirectives] ++ ParsedHeader - EnvironmentDirectives = {Key,Value} - Key = query_string | content_length | server_software | gateway_interface | server_protocol | server_port | request_method | remote_addr | script_name + Env = env() Input = string() @@ -111,9 +155,7 @@ Creates a dynamic web page and returns it as a list. This function is deprecated and is only kept for backwards compatibility. - Env = [EnvironmentDirectives] ++ ParsedHeader - EnvironmentDirectives = {Key,Value} - Key = query_string | content_length | server_software | gateway_interface | server_protocol | server_port | request_method | remote_addr | script_name. + Env = env() Input = string() Response = string() diff --git a/lib/inets/src/http_server/httpd_example.erl b/lib/inets/src/http_server/httpd_example.erl index 0222487a4b..ad29b5b29a 100644 --- a/lib/inets/src/http_server/httpd_example.erl +++ b/lib/inets/src/http_server/httpd_example.erl @@ -20,7 +20,7 @@ %% -module(httpd_example). -export([print/1]). --export([get/2, post/2, yahoo/2, test1/2, get_bin/2]). +-export([get/2, post/2, yahoo/2, test1/2, get_bin/2, peer/2]). -export([newformat/3]). %% These are used by the inets test-suite @@ -94,10 +94,26 @@ default(Env,Input) -> io_lib:format("~p",[httpd:parse_query(Input)]),"\n", footer()]. +peer(Env, Input) -> + Header = + case proplists:get_value(peer_cert, Env) of + undefined -> + header("text/html", "Peer-Cert-Exist:false"); + _ -> + header("text/html", "Peer-Cert-Exist:true") + end, + [Header, + top("Test peer_cert environment option"), + "Peer cert: ", + io_lib:format("~p",[proplists:get_value(peer_cert, Env)]),"\n", + footer()]. + header() -> header("text/html"). header(MimeType) -> "Content-type: " ++ MimeType ++ "\r\n\r\n". +header(MimeType, Other) -> + "Content-type: " ++ MimeType ++ "\r\n" ++ Other ++ "\r\n\r\n". top(Title) -> " diff --git a/lib/inets/src/http_server/httpd_script_env.erl b/lib/inets/src/http_server/httpd_script_env.erl index 232bf96bd4..1c5d828b46 100644 --- a/lib/inets/src/http_server/httpd_script_env.erl +++ b/lib/inets/src/http_server/httpd_script_env.erl @@ -61,6 +61,19 @@ which_port(#mod{config_db = ConfigDb}) -> which_peername(#mod{init_data = #init_data{peername = {_, RemoteAddr}}}) -> RemoteAddr. +which_peercert(#mod{socket_type = {Type, _}, socket = Socket}) when Type == essl; + Type == ssl -> + case ssl:peercert(Socket) of + {ok, Cert} -> + Cert; + {error, no_peercert} -> + no_peercert; + _ -> + undefined + end; +which_peercert(_) -> %% Not an ssl connection + undefined. + which_resolve(#mod{init_data = #init_data{resolve = Resolve}}) -> Resolve. @@ -78,6 +91,7 @@ create_basic_elements(esi, ModData) -> {server_port, which_port(ModData)}, {request_method, which_method(ModData)}, {remote_addr, which_peername(ModData)}, + {peer_cert, which_peercert(ModData)}, {script_name, which_request_uri(ModData)}]; create_basic_elements(cgi, ModData) -> diff --git a/lib/inets/test/httpd_SUITE.erl b/lib/inets/test/httpd_SUITE.erl index 1d8a603981..93520c1cb4 100644 --- a/lib/inets/test/httpd_SUITE.erl +++ b/lib/inets/test/httpd_SUITE.erl @@ -755,7 +755,11 @@ esi(Config) when is_list(Config) -> %% Check "ErlScriptNoCache" directive (default: false) ok = http_status("GET /cgi-bin/erl/httpd_example:get ", Config, [{statuscode, 200}, - {no_header, "cache-control"}]). + {no_header, "cache-control"}]), + ok = http_status("GET /cgi-bin/erl/httpd_example:peer ", + Config, [{statuscode, 200}, + {header, "peer-cert-exist", peer(Config)}]). + %%------------------------------------------------------------------------- mod_esi_chunk_timeout(Config) when is_list(Config) -> ok = httpd_1_1:mod_esi_chunk_timeout(?config(type, Config), @@ -2065,3 +2069,11 @@ response_default_headers() -> {"X-Frame-Options", "SAMEORIGIN"}, %% Override built-in default {"Date", "Override-date"}]. + +peer(Config) -> + case proplists:get_value(type, Config) of + ssl -> + "true"; + _ -> + "false" + end. \ No newline at end of file -- cgit v1.2.3 From 235c32bcb1f91f803ba3d3c8a01edc1399d7a398 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Thu, 21 Apr 2016 10:30:40 +0200 Subject: inets: Prepare for release --- lib/inets/src/inets_app/inets.appup.src | 8 ++++++-- lib/inets/vsn.mk | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) (limited to 'lib/inets') diff --git a/lib/inets/src/inets_app/inets.appup.src b/lib/inets/src/inets_app/inets.appup.src index 6baecfe7a4..73dba0c661 100644 --- a/lib/inets/src/inets_app/inets.appup.src +++ b/lib/inets/src/inets_app/inets.appup.src @@ -18,12 +18,16 @@ %% %CopyrightEnd% {"%VSN%", [ - {<<"6.2">>, [{load_module, httpc, soft_purge, soft_purge, []}]}, + {<<"6.2.1">>, [{load_module, httpd_script_env, soft_purge, soft_purge, []}]}, + {<<"6.2">>, [{load_module, httpd_script_env, soft_purge, soft_purge, []}, + {load_module, httpc, soft_purge, soft_purge, []}]}, {<<"6\\..*">>,[{restart_application, inets}]}, {<<"5\\..*">>,[{restart_application, inets}]} ], [ - {<<"6.2">>, [{load_module, httpc, soft_purge, soft_purge, []}]}, + {<<"6.2.1">>, [{load_module, httpd_script_env, soft_purge, soft_purge, []}]}, + {<<"6.2">>, [{load_module, httpd_script_env, soft_purge, soft_purge, []}, + {load_module, httpc, soft_purge, soft_purge, []}]}, {<<"6\\..*">>,[{restart_application, inets}]}, {<<"5\\..*">>,[{restart_application, inets}]} ] diff --git a/lib/inets/vsn.mk b/lib/inets/vsn.mk index df2359e012..b0c734ea6e 100644 --- a/lib/inets/vsn.mk +++ b/lib/inets/vsn.mk @@ -19,6 +19,6 @@ # %CopyrightEnd% APPLICATION = inets -INETS_VSN = 6.2.1 +INETS_VSN = 6.2.2 PRE_VSN = APP_VSN = "$(APPLICATION)-$(INETS_VSN)$(PRE_VSN)" -- cgit v1.2.3 From ed3f30209985c9bbe097b6bdfff19d696ee56762 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Tue, 26 Apr 2016 12:01:15 +0200 Subject: Update release notes --- lib/inets/doc/src/notes.xml | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'lib/inets') diff --git a/lib/inets/doc/src/notes.xml b/lib/inets/doc/src/notes.xml index 2ff8554afd..5daefa4210 100644 --- a/lib/inets/doc/src/notes.xml +++ b/lib/inets/doc/src/notes.xml @@ -33,7 +33,22 @@ notes.xml -
Inets 6.2.1 +
Inets 6.2.2 + +
Improvements and New Features + + +

+ Add environment information item peer_cert to mod_esi

+

+ Own Id: OTP-13510

+
+
+
+ +
+ +
Inets 6.2.1
Fixed Bugs and Malfunctions -- cgit v1.2.3