Commits

Andreas Heck  committed 7117982

Adds support for some SSL variables to pywsgi

  • Participants
  • Parent commits 6dcc729

Comments (0)

Files changed (1)

File gevent/pywsgi.py

 # Copyright (c) 2009-2011, gevent contributors
 
 import errno
+import ssl
 import sys
 import time
 import traceback
         chunked = env.get('HTTP_TRANSFER_ENCODING', '').lower() == 'chunked'
         self.wsgi_input = Input(self.rfile, self.content_length, socket=socket, chunked_input=chunked)
         env['wsgi.input'] = self.wsgi_input
+        if self.server.ssl_enabled:
+            client_cert = self.socket.getpeercert()
+            subject = {}
+
+            for i in client_cert['subject']:
+                subject[i[0][0]] = i[0][1]
+
+            env['SSL_CIPHER'] = self.socket.cipher()[0]
+            env['SSL_VERSION_LIBRARY'] = ssl.OPENSSL_VERSION
+
+            dn = []
+            if 'countryName' in subject:
+                env['SSL_CLIENT_S_DN_C'] = subject['countryName']
+                dn.append('/C=')
+                dn.append(subject['countryName'])
+            if 'localityName' in subject:
+                env['SSL_CLIENT_S_DN_L'] = subject['localityName']
+                dn.append('/L=')
+                dn.append(subject['localityName'])
+            if 'stateOrProvinceName' in subject:
+                env['SSL_CLIENT_S_DN_S'] = subject['stateOrProvinceName']
+                dn.append('/S=') 
+                dn.append(subject['stateOrProvinceName'])
+            if 'organizationName' in subject:
+                env['SSL_CLIENT_S_DN_O'] = subject['organizationName']
+                dn.append('/O=')
+                dn.append(subject['organizationName'])
+            if 'organizationalUnitName' in subject:
+                env['SSL_CLIENT_S_DN_OU'] = subject['organizationalUnitName']
+                dn.append('/OU=')
+                dn.append(subject['organizationalUnitName'])
+            if 'commonName' in subject:
+                env['SSL_CLIENT_S_DN_CN'] = subject['commonName']
+                dn.append('/CN=')
+                dn.append(subject['commonName'])
+            if 'emailAddress' in subject:
+                env['SSL_CLIENT_S_DN_EMAIL'] = subject['emailAddress']
+                dn.append('/emailAddress=')
+                dn.append(subject['emailAddress'])
+
+            dn = ''.join(dn)
+
+            if 'notAfter' in client_cert:
+                env['SSL_CLIENT_V_END'] = client_cert['notAfter']
         return env