You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2009/06/23 16:10:06 UTC
svn commit: r787683 - in /httpd/httpd/trunk: CHANGES
modules/ssl/ssl_engine_vars.c
Author: jorton
Date: Tue Jun 23 14:10:06 2009
New Revision: 787683
URL: http://svn.apache.org/viewvc?rev=787683&view=rev
Log:
* modules/ssl/ssl_engine_vars.c (ssl_var_lookup_ssl_cert_dn_rec): Map
the _UID variable to NID_userId, where defined by OpenSSL.
PR: 45107
Submitted by: Michael Ströder <michael stroeder.com>,
Peter Sylvester <peter.sylvester edelweb.fr>
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=787683&r1=787682&r2=787683&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Tue Jun 23 14:10:06 2009
@@ -5,6 +5,10 @@
*) SECURITY: CVE-2009-1191 (cve.mitre.org)
mod_proxy_ajp: Avoid delivering content from a previous request which
failed to send a request body. PR 46949 [Ruediger Pluem]
+
+ *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute
+ type. PR 45107. [Michael Ströder <michael stroeder.com>,
+ Peter Sylvester <peter.sylvester edelweb.fr>]
*) mod_proxy_http: fix case sensitivity checking transfer encoding
PR 47383 [Ryuzo Yamamoto <ryuzo.yamamoto gmail.com>]
Modified: httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c?rev=787683&r1=787682&r2=787683&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c Tue Jun 23 14:10:06 2009
@@ -428,10 +428,8 @@
{ "G", NID_givenName, 1 },
{ "S", NID_surname, 1 },
{ "D", NID_description, 1 },
-#ifdef NID_x500UniqueIdentifier /* new name as of Openssl 0.9.7 */
- { "UID", NID_x500UniqueIdentifier, 1 },
-#else /* old name, OpenSSL < 0.9.7 */
- { "UID", NID_uniqueIdentifier, 1 },
+#ifdef NID_userId
+ { "UID", NID_userId, 1 },
#endif
{ "Email", NID_pkcs9_emailAddress, 1 },
{ NULL, 0 }