NID_uniqueIdentifier got (partially) lost?

When trying to compile apache+mod_ssl against a recent snapshot of
openssl-0.9.8-dev (?), I get compile errors because the #define for
NID_uniqueIdentifier
is no longer present. It used to be both in objects.h and in obj_mac.h
(and is referenced in ssl_engine_vars.c):
cscope:
0 ssl_engine_vars.c 410 { "UID", NID_uniqueIdentifier },
1 objects.h 557 #define NID_uniqueIdentifier 102
2 obj_mac.h 1550 #define NID_uniqueIdentifier 102

Now the funny thing is that the variable is still present in an up-to-date
copy of objects.h, but it has vanished from obj_mac.h (but USE_OBJ_MAC
is set so it is only #included freom the latter).

It appears that a renaming has happened, as the string "UID" is still
present in both include files, albeit with a different definition:
---obj_mac.h:---
#define SN_userId "UID"
#define LN_userId "userId"
#define NID_userId 458
#define OBJ_userId OBJ_pilotAttributeType,1L
---objects.h:---
#define SN_uniqueIdentifier "UID"
#define LN_uniqueIdentifier "uniqueIdentifier"
#define NID_uniqueIdentifier 102
#define OBJ_uniqueIdentifier OBJ_X509,45L

And it is the "UID" which mod_ssl tries to decode:
static const struct {
char *name;
int nid;
} ssl_var_lookup_ssl_cert_dn_rec[] = {
...
{ "UID", NID_uniqueIdentifier },
...
{ NULL, 0 }
};


So, which file is correct, or: why was obj_mac.h fixed, but objects.h
wasn't?

Puzzled,

Martin
--
| Fujitsu Siemens
Fon: +49-89-636-46021, FAX: +49-89-636-47655 | 81730 Munich, Germany
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: NID_uniqueIdentifier got (partially) lost?

On Tue, May 28, 2002 at 06:08:08PM +0200, Martin Kraemer wrote:
> When trying to compile apache+mod_ssl against a recent snapshot of
> openssl-0.9.8-dev (?), I get compile errors because the #define for
> NID_uniqueIdentifier
> is no longer present. It used to be both in objects.h and in obj_mac.h
> (and is referenced in ssl_engine_vars.c):
> cscope:
> 0 ssl_engine_vars.c 410 { "UID", NID_uniqueIdentifier },
> 1 objects.h 557 #define NID_uniqueIdentifier 102
> 2 obj_mac.h 1550 #define NID_uniqueIdentifier 102
>
> Now the funny thing is that the variable is still present in an up-to-date
> copy of objects.h, but it has vanished from obj_mac.h (but USE_OBJ_MAC
> is set so it is only #included freom the latter).

The contents of objects.h is no longer being used. Only obj_mac.h is
important now.

> It appears that a renaming has happened, as the string "UID" is still
> present in both include files, albeit with a different definition:
> ---obj_mac.h:---
> #define SN_userId "UID"
> #define LN_userId "userId"
> #define NID_userId 458
> #define OBJ_userId OBJ_pilotAttributeType,1L
> ---objects.h:---
> #define SN_uniqueIdentifier "UID"
> #define LN_uniqueIdentifier "uniqueIdentifier"
> #define NID_uniqueIdentifier 102
> #define OBJ_uniqueIdentifier OBJ_X509,45L

Yes. The previous usage of the shortname UID was wrong, it has been
corrected. Now it is correctly being used for "userId"
The name uniqueIdentifier has been corrected to x500uniqueIdentifier
according to RFC2256. Please check out the thread
wrong defines SN_xyz
being discussed around April 02 -- April 10 on openssl-dev and other
threads short thereafter.

(This does not help with your mod_ssl problem, as it requires an
adjustment of mod_ssl, though.)

Best regards,
Lutz
--
Lutz Jaenicke Lutz.Jaenicke@aet.TU-Cottbus.DE
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org