Mailing List Archive: Apache: Bugs

[Bug 45107] Client certificate attribute UID not usable in env var SSL_CLIENT_S_DN_UID since wrong NID/OID assigned

Index | Next | Previous | View Threaded

bugzilla at apache

Jun 12, 2009, 5:23 AM

Post #1 of 5 (341 views)
Permalink

[Bug 45107] Client certificate attribute UID not usable in env var SSL_CLIENT_S_DN_UID since wrong NID/OID assigned

https://issues.apache.org/bugzilla/show_bug.cgi?id=45107

Peter Sylvester <peter.sylvester[at]edelweb.fr> changed:

What |Removed |Added
----------------------------------------------------------------------------
Keywords| |RFC

--- Comment #1 from Peter Sylvester <peter.sylvester[at]edelweb.fr> 2009-06-12 05:23:12 PST ---
OpenSSL has changed the definition of the NIDs in question some time
in the past. Until the definition of NID_Userid, the OID was simply wrong.

in the example, the x_DN is correctly formatted using an openssl function.

The patch replaces the ifdefs and nids by an unconditional use of NID_userId

In order to maintain the possibility to compile with older versions
(without any consideration about their stability in other areas)
I suggest to use

+ #ifdef NID_userId
+ { "UID", NID_userId }, /* officially see RFC 4514 */
+ #endif

Peter Sylvester

--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe[at]httpd.apache.org
For additional commands, e-mail: bugs-help[at]httpd.apache.org

bugzilla at apache

Jun 23, 2009, 4:41 AM

Post #2 of 5 (280 views)
Permalink

[Bug 45107] Client certificate attribute UID not usable in env var SSL_CLIENT_S_DN_UID since wrong NID/OID assigned [In reply to]

https://issues.apache.org/bugzilla/show_bug.cgi?id=45107

Peter Sylvester <peter.sylvester[at]edelweb.fr> changed:

What |Removed |Added
----------------------------------------------------------------------------
Priority|P2 |P3
CC| |peter.sylvester[at]edelweb.fr

--- Comment #2 from Peter Sylvester <peter.sylvester[at]edelweb.fr> 2009-06-23 04:41:51 PST ---
The bug is the same as for ticket 29201.

The proposed solution in 29201 to have a different environment variable
doesn't make much sense.

--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe[at]httpd.apache.org
For additional commands, e-mail: bugs-help[at]httpd.apache.org

bugzilla at apache

Jun 23, 2009, 7:02 AM

Post #3 of 5 (280 views)
Permalink

[Bug 45107] Client certificate attribute UID not usable in env var SSL_CLIENT_S_DN_UID since wrong NID/OID assigned [In reply to]

https://issues.apache.org/bugzilla/show_bug.cgi?id=45107

--- Comment #3 from Joe Orton <jorton[at]redhat.com> 2009-06-23 07:02:41 PST ---
Yes, I think I was convinced by Martin's argument on the mailing list about
this. I will dupe the other bug against this and commit that fix. Thanks,
guys.

--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe[at]httpd.apache.org
For additional commands, e-mail: bugs-help[at]httpd.apache.org

bugzilla at apache

Jun 23, 2009, 7:10 AM

Post #4 of 5 (279 views)
Permalink

[Bug 45107] Client certificate attribute UID not usable in env var SSL_CLIENT_S_DN_UID since wrong NID/OID assigned [In reply to]

https://issues.apache.org/bugzilla/show_bug.cgi?id=45107

Joe Orton <jorton[at]redhat.com> changed:

What |Removed |Added
----------------------------------------------------------------------------
CC| |sasha[at]oktetlabs.ru

--- Comment #4 from Joe Orton <jorton[at]redhat.com> 2009-06-23 07:10:34 PST ---
*** Bug 29201 has been marked as a duplicate of this bug. ***

--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe[at]httpd.apache.org
For additional commands, e-mail: bugs-help[at]httpd.apache.org

bugzilla at apache

Jun 23, 2009, 7:12 AM

Post #5 of 5 (280 views)
Permalink

[Bug 45107] Client certificate attribute UID not usable in env var SSL_CLIENT_S_DN_UID since wrong NID/OID assigned [In reply to]

https://issues.apache.org/bugzilla/show_bug.cgi?id=45107

Joe Orton <jorton[at]redhat.com> changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED

--- Comment #5 from Joe Orton <jorton[at]redhat.com> 2009-06-23 07:12:18 PST ---
Discussion thread, for reference:

http://marc.info/?l=apache-modssl&m=121118489703295&w=2

Committed in r787683 ( https://svn.apache.org/viewcvs.cgi?view=rev&rev=787683 ).

--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe[at]httpd.apache.org
For additional commands, e-mail: bugs-help[at]httpd.apache.org

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com