Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

Thu, 06 Jun 2002 00:35:50 -0700 


On Wed, Jun 05, 2002 at 03:10:58PM +0200, Lutz Jaenicke via RT wrote:
> 
> [[EMAIL PROTECTED] - Wed Jun  5 14:48:52 2002]:
> 
> > ck_ssl.c: In function k_tn_tls_negotiate':
> > ck_ssl.c:3232: ID_uniqueIdentifier' undeclared (first use in this
> > function)
> > ck_ssl.c:3232: (Each undeclared identifier is reported only once
> > ck_ssl.c:3232: for each function it appears in.)
> > ck_ssl.c: In function k_ssl_incoming':
> > ck_ssl.c:3529: ID_uniqueIdentifier' undeclared (first use in this
> > function)
> > *** Error code 1

Thank you for a reply.
> 
> The problem is caused by inconsistent definitions for the OID values.
> According to RFC2256, the OID 2.5.4.45 is assigned to
> X500UniqueIdentifier. UniqueIdentifier was assigned to
> pilotAttributeType.44 in RFC1274.
> If you have a look into crypto/objects/objects.txt you will see, that
> this was (still is) commented out. The reason is that UniqueIdentifier
> was (incorrectly) used for 2.5.4.45...
> In OpenSSL 0.9.7 I renamed the entry for 2.5.4.45 to fully comply with
> RFC2256. Now UniqueIdentifier is missing, as I did not uncomment the
> entry for RFC1274 (otherwise maybe nobody would have noted and only
> later strange failures would have been reported).
I see.

Let's discuss how to fix it!?

For instance, mod_ssl 2.8.8-1.3.24 use workaround:
#ifndef NID_uniqueIdentifier
#define NID_uniqueIdentifier             102
#endif

######
######
######

Also, markus@ created this temp patch:
+@@ -102,6 +104,13 @@
+ !ERROR This module requires OpenSSL 0.9.5a or higher
+ #endif /* OPENSSL_VERSION_NUMBER */
+ #endif /* SSLDLL */
++
++#if OPENSSL_VERSION_NUMBER < 0x00907000L
++#else
++      #ifndef NID_UniqueIdentifier
++      #define NID_uniqueIdentifier NID_x500UniqueIdentifier
++      #endif
++#endif
+
+ static int auth_ssl_valid = 0;
+ static char *auth_ssl_name = 0;    /* this holds the oneline name */


Comments ?

--mpech
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to