From: Lutz Jänicke Date: Wed, 12 Jun 2002 20:42:04 +0000 (+0000) Subject: Make change uniqueIdentifier -> x500UniqueIdentifier clearly visible. X-Git-Tag: OpenSSL_0_9_7-beta2~21 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=f10581829dd301ecddaadc526a0aaa013404a5a9;p=oweals%2Fopenssl.git Make change uniqueIdentifier -> x500UniqueIdentifier clearly visible. Submitted by: Reviewed by: PR: 82 --- diff --git a/CHANGES b/CHANGES index 715424be76..9293428c97 100644 --- a/CHANGES +++ b/CHANGES @@ -32,6 +32,8 @@ form for "surname", serialNumber has no short form. Use "mail" as the short name for "rfc822Mailbox" according to RFC2798; therefore remove "mail" short name for "internet 7". + The OID for unique identifiers in X509 certificates is + x500UniqueIdentifier, not uniqueIdentifier. Some more OID additions. (Michael Bell ) [Lutz Jaenicke] diff --git a/FAQ b/FAQ index bea8fcfde0..42844d58d0 100644 --- a/FAQ +++ b/FAQ @@ -52,6 +52,7 @@ OpenSSL - Frequently Asked Questions * Why can't the OpenSSH configure script detect OpenSSL? * Can I use OpenSSL's SSL library with non-blocking I/O? * Why doesn't my server application receive a client certificate? +* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier? =============================================================================== @@ -624,5 +625,13 @@ if explicitly asked by the server. Use the SSL_VERIFY_PEER flag of the SSL_CTX_set_verify() function to enable the use of client certificates. +* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier? + +For OpenSSL 0.9.7 the OID table was extended and corrected. uniqueIdentifier +was incorrectly used for X.509 certificates. The correct name according to +RFC2256 (LDAP) is x500UniqueIdentifier. Change your code to use the new +name when compiling against OpenSSL 0.9.7. + + =============================================================================== diff --git a/NEWS b/NEWS index bf8f031a29..343eea600f 100644 --- a/NEWS +++ b/NEWS @@ -31,6 +31,7 @@ o Reworked parts of the BIGNUM code. o Support for new engines: Broadcom ubsec, Accelerated Encryption Processing, IBM 4758. + o Extended and corrected OID (object identifier) table. o PRNG: query at more locations for a random device, automatic query for EGD style random sources at several locations. o SSL/TLS: allow optional cipher choice according to server's preference.