[exim-dev] [Bug 1358] Want a way to pull fields out of certi…

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-dev
Old-Topics: [exim-dev] [Bug 1358] New: Want a way to pull fields out of certificates
Subject: [exim-dev] [Bug 1358] Want a way to pull fields out of certificates
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1358




--- Comment #1 from Jeremy Harris <jgh146exb@???> 2014-03-30 17:34:22 ---
Created an attachment (id=705)
--> (http://bugs.exim.org/attachment.cgi?id=705)
first-cut implementation

This adds support for an expansion item:

${certextract {<cert>} {<field>}}
(with the usual if-found, if-not-found possibilities)

The certificate specification must be an expansion variable of (the new) type
"certificate", of which two are also added: $tls_in_peercert,
$tls_out_peercert.
Use of certificate type variables is not supported for anything but the
certextract expansion item.

The field specifier must be one of:
version
serial_number
subject
notbefore
notafter
issuer
signature
signature_algorithm

Still TODO:  certificate exension fields
             documentation


For discussion:
field formats (eg. should output be human-readable or usable for further
processing)
other sources of certificates


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email