From f10581829dd301ecddaadc526a0aaa013404a5a9 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Lutz=20J=C3=A4nicke?= <jaenicke@openssl.org>
Date: Wed, 12 Jun 2002 20:42:04 +0000
Subject: [PATCH] Make change uniqueIdentifier -> x500UniqueIdentifier clearly
 visible. Submitted by: Reviewed by: PR: 82

---
 CHANGES | 2 ++
 FAQ     | 9 +++++++++
 NEWS    | 1 +
 3 files changed, 12 insertions(+)

diff --git a/CHANGES b/CHANGES
index 715424be76..9293428c97 100644
--- a/CHANGES
+++ b/CHANGES
@@ -32,6 +32,8 @@
      form for "surname", serialNumber has no short form.
      Use "mail" as the short name for "rfc822Mailbox" according to RFC2798;
      therefore remove "mail" short name for "internet 7".
+     The OID for unique identifiers in X509 certificates is
+     x500UniqueIdentifier, not uniqueIdentifier.
      Some more OID additions. (Michael Bell <michael.bell@rz.hu-berlin.de>)
      [Lutz Jaenicke]
 
diff --git a/FAQ b/FAQ
index bea8fcfde0..42844d58d0 100644
--- a/FAQ
+++ b/FAQ
@@ -52,6 +52,7 @@ OpenSSL  -  Frequently Asked Questions
 * Why can't the OpenSSH configure script detect OpenSSL?
 * Can I use OpenSSL's SSL library with non-blocking I/O?
 * Why doesn't my server application receive a client certificate?
+* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
 
 ===============================================================================
 
@@ -624,5 +625,13 @@ if explicitly asked by the server. Use the SSL_VERIFY_PEER flag of the
 SSL_CTX_set_verify() function to enable the use of client certificates.
 
 
+* Why does compilation fail due to an undefined symbol NID_uniqueIdentifier?
+
+For OpenSSL 0.9.7 the OID table was extended and corrected. uniqueIdentifier
+was incorrectly used for X.509 certificates. The correct name according to
+RFC2256 (LDAP) is x500UniqueIdentifier. Change your code to use the new
+name when compiling against OpenSSL 0.9.7.
+
+
 ===============================================================================
 
diff --git a/NEWS b/NEWS
index bf8f031a29..343eea600f 100644
--- a/NEWS
+++ b/NEWS
@@ -31,6 +31,7 @@
       o Reworked parts of the BIGNUM code.
       o Support for new engines: Broadcom ubsec, Accelerated Encryption
         Processing, IBM 4758.
+      o Extended and corrected OID (object identifier) table.
       o PRNG: query at more locations for a random device, automatic query for
         EGD style random sources at several locations.
       o SSL/TLS: allow optional cipher choice according to server's preference.
-- 
2.25.1