You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2009/06/23 16:10:06 UTC

svn commit: r787683 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_vars.c

Author: jorton
Date: Tue Jun 23 14:10:06 2009
New Revision: 787683

URL: http://svn.apache.org/viewvc?rev=787683&view=rev
Log:
* modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn_rec): Map
  the _UID variable to NID_userId, where defined by OpenSSL.

PR: 45107
Submitted by: Michael Ströder <michael stroeder.com>,
     Peter Sylvester <peter.sylvester edelweb.fr>

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=787683&r1=787682&r2=787683&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Jun 23 14:10:06 2009
@@ -5,6 +5,10 @@
   *) SECURITY: CVE-2009-1191 (cve.mitre.org)
      mod_proxy_ajp: Avoid delivering content from a previous request which
      failed to send a request body. PR 46949 [Ruediger Pluem]
+ 
+  *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute
+     type.  PR 45107.  [Michael Ströder <michael stroeder.com>,
+     Peter Sylvester <peter.sylvester edelweb.fr>]
 
   *) mod_proxy_http: fix case sensitivity checking transfer encoding
      PR 47383 [Ryuzo Yamamoto <ryuzo.yamamoto gmail.com>]

Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c?rev=787683&r1=787682&r2=787683&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c Tue Jun 23 14:10:06 2009
@@ -428,10 +428,8 @@
     { "G",     NID_givenName,              1 },
     { "S",     NID_surname,                1 },
     { "D",     NID_description,            1 },
-#ifdef NID_x500UniqueIdentifier /* new name as of Openssl 0.9.7 */
-    { "UID",   NID_x500UniqueIdentifier,   1 },
-#else /* old name, OpenSSL < 0.9.7 */
-    { "UID",   NID_uniqueIdentifier,       1 },
+#ifdef NID_userId
+    { "UID",   NID_userId,                 1 },
 #endif
     { "Email", NID_pkcs9_emailAddress,     1 },
     { NULL,    0                          }