Module: wine Branch: master Commit: 1db8a6abdad49a23510ed6a6a4dab5eb0fe32ec0 URL: http://source.winehq.org/git/wine.git/?a=commit;h=1db8a6abdad49a23510ed6a6a4... Author: Juan Lang <juan.lang(a)gmail.com> Date: Tue Nov 17 14:01:11 2009 -0800 crypt32: Only fail directory name comparison if a directory name constraint is present and doesn't match. --- dlls/crypt32/chain.c | 7 +++++-- 1 files changed, 5 insertions(+), 2 deletions(-) diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c index df94523..2b2ac88 100644 --- a/dlls/crypt32/chain.c +++ b/dlls/crypt32/chain.c @@ -1011,7 +1011,7 @@ static void compare_subject_with_constraints(const CERT_NAME_BLOB *subjectName, */ if (nameConstraints->cPermittedSubtree && !CRYPT_IsEmptyName(subjectName)) { - BOOL match = FALSE; + BOOL match = FALSE, hasDirectoryConstraint = FALSE; for (i = 0; !match && i < nameConstraints->cPermittedSubtree; i++) { @@ -1019,10 +1019,13 @@ static void compare_subject_with_constraints(const CERT_NAME_BLOB *subjectName, &nameConstraints->rgPermittedSubtree[i].Base; if (constraint->dwAltNameChoice == CERT_ALT_NAME_DIRECTORY_NAME) + { + hasDirectoryConstraint = TRUE; match = directory_name_matches(&constraint->u.DirectoryName, subjectName); + } } - if (!match) + if (hasDirectoryConstraint && !match) *trustErrorStatus |= CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT; } }