public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2026-01-07 08:19:16 +00:00
Code Issues Releases Wiki Activity

authenticate against a hash of identifyable information from certificate instead of only serial (refs #324)

Browse Source
This commit is contained in:
Andrew Dolgov
2011-03-28 09:45:23 +04:00
parent 3d72afa19a
commit 8de8bfb871
6 changed files with 22 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
functions.php
View File

@@ -1757,9 +1757,19 @@
return true;
}
function get_ssl_certificate_id() {
if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"]) {
return sha1($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] .
$_SERVER["REDIRECT_SSL_CLIENT_V_START"] .
$_SERVER["REDIRECT_SSL_CLIENT_V_END"] .
$_SERVER["REDIRECT_SSL_CLIENT_S_DN"]);
}
return "";
}
function get_login_by_ssl_certificate($link) {
$cert_serial = db_escape_string($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"]);
$cert_serial = db_escape_string(get_ssl_certificate_id());
if ($cert_serial) {
$result = db_query($link, "SELECT login FROM ttrss_user_prefs, ttrss_users