On Sunday 02 January 2011, Rüdiger Plüm wrote: > On 01/02/2011 12:56 AM, s...@apache.org wrote: > > Author: sf > > Date: Sat Jan 1 23:56:24 2011 > > New Revision: 1054323 > > > > URL: http://svn.apache.org/viewvc?rev=1054323&view=rev > > Log: > > Change the format of the SSL_{CLIENT,SERVER}_{I,S}_DN variables > > to be RFC 2253 compatible, convert non-ASCII characters to UTF8, > > and escape other special characters with backslashes. The old > > format can still be used with the LegacyDNStringFormat argument > > to SSLOptions. > > > > Modified: > > httpd/httpd/trunk/CHANGES > > httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml > > httpd/httpd/trunk/docs/manual/upgrading.xml > > httpd/httpd/trunk/modules/ssl/ssl_engine_config.c > > httpd/httpd/trunk/modules/ssl/ssl_engine_vars.c > > httpd/httpd/trunk/modules/ssl/ssl_private.h > > httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c > > httpd/httpd/trunk/modules/ssl/ssl_util_ssl.h > > > > Modified: httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c > > URL: > > http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_u > > til_ssl.c?rev=1054323&r1=1054322&r2=1054323&view=diff > > ================================================================ > > ============== --- httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c > > (original) +++ httpd/httpd/trunk/modules/ssl/ssl_util_ssl.c Sat > > Jan 1 23:56:24 2011 @@ -344,14 +344,32 @@ BOOL > > SSL_X509_getBC(X509 *cert, int *ca, > > > > #endif > > } > > > > +/* convert a NAME_ENTRY to UTF8 string */ > > +char *SSL_X509_NAME_ENTRY_to_string(apr_pool_t *p, > > X509_NAME_ENTRY *xsne) +{ > > + char *result = NULL; > > + BIO* bio; > > + int len; > > + > > + if ((bio = BIO_new(BIO_s_mem())) == NULL) > > + return NULL; > > + ASN1_STRING_print_ex(bio, X509_NAME_ENTRY_get_data(xsne), > > + > > ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_UTF8_CONVERT); + len = > > BIO_pending(bio); > > + result = apr_palloc(p, len+1); > > + len = BIO_read(bio, result, len); > > + result[len] = NUL; > > + BIO_free(bio); > > + ap_xlate_proto_from_ascii(value, len); > > Shouldn't that be ap_xlate_proto_from_ascii(result, len); instead?
Of course, thanks. Fixed in r1054453.