Bug 52553 - missing support for DirectoryString
Summary: missing support for DirectoryString
Alias: None
Product: Apache httpd-2
Classification: Unclassified
Component: mod_ssl (show other bugs)
Version: 2.0-HEAD
Hardware: PC Linux
: P2 minor (vote)
Target Milestone: ---
Assignee: Apache HTTPD Bugs Mailing List
Keywords: FixedInTrunk
Depends on:
Reported: 2012-01-29 19:08 UTC by Roumen Petrov
Modified: 2012-02-05 11:12 UTC (History)
0 users


Note You need to log in before you can comment on or make changes to this bug.
Description Roumen Petrov 2012-01-29 19:08:02 UTC
Module use raw data for SSL_CLIENT_{S|I}_DN_x509 environment variables. 
If an certificate contain distinguished name item encoded as BMPString and universalString this item cannot be used in neither in LogFormat nor in SSLRequire.
By example such items are logged as - in log file.

Since BMPString and UniversalString are included in RFC 5280 for backward compatibility severity is set to minor.
Comment 1 Kaspar Brand 2012-02-04 08:01:36 UTC
For 2.4, this was addressed with the changes in r1054323 - see also the thread "Re: SSLRequire & UTF-8 characters & backward compatibility" on httpd-dev: 


I think it's unlikely that this is ever going to be backported to 2.0.