http://bugs.winehq.org/show_bug.cgi?id=24654
--- Comment #6 from Juan Lang juan_lang@yahoo.com 2010-10-07 08:17:11 CDT --- (In reply to comment #5)
Could you also apply this patch and attach a fresh +crypt,+chain log with it?
Belay that, it's so easy to reproduce I got my own. Here's the bit I was interested in: trace:crypt:CertVerifyCertificateChainPolicy (#0002, 0x13b430, 0x33b2e4, 0x33b2d0) trace:chain:dump_policy_para cbSize = 12 trace:chain:dump_policy_para dwFlags = 00000000 trace:chain:dump_policy_para pvExtraPolicyPara = (nil) trace:crypt:CertVerifyCertificateChainPolicy returning 1 (800b0101)
I was wondering whether the pvExtraPolicyPara might have specified something else. It doesn't.
Here's another curious thing, with an additional trace I added: trace:chain:CertGetCertificateChain checking chain at time 1601-01-01 What the heck?
My guess at this point is that the authenticode policy (#0002) is supposed to ignore time validity even when not explicitly stated. Tests needed for that, of course.