http://bugs.winehq.org/show_bug.cgi?id=9765
Summary: iTunes 7.4.2 can't connect to the iTunes music store Product: Wine Version: CVS/GIT Platform: PC URL: http://apple.com/itunes/download/ OS/Version: All Status: NEW Keywords: download Severity: enhancement Priority: P2 Component: wine-crypt32 AssignedTo: wine-bugs@winehq.org ReportedBy: juan_lang@yahoo.com
Created an attachment (id=8197) --> (http://bugs.winehq.org/attachment.cgi?id=8197) Error dialog
Install iTunes 7.4.2. Ignore the error during installation, and run 'wine c:\Program\ Files\iTunes\iTunes.exe". When the dialog comes up warning that system components that iTunes needs are missing and corrupted, press Continue. Finally the main iTunes window appears, but complains that it can't connect to the iTunes music store, showing the attached dialog.
The suspicious entry in the console is: fixme:crypt:CertVerifyCertificateChainPolicy unimplemented for 4
4 is CERT_CHAIN_POLICY_SSL in wincrypt.h.
http://bugs.winehq.org/show_bug.cgi?id=9765
Juan Lang juan_lang@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |WORKSFORME
--- Comment #1 from Juan Lang juan_lang@yahoo.com 2007-10-11 13:40:26 --- I can't reproduce this anymore. There were reports of this problem on Windows, and there was a release shortly afterward (7.4.3), so I'm assuming they fixed it on their end, and I'm closing it.
http://bugs.winehq.org/show_bug.cgi?id=9765
Juan Lang juan_lang@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|WORKSFORME |
--- Comment #2 from Juan Lang juan_lang@yahoo.com 2007-10-11 13:57:56 --- Whoops, spoke too soon. Got the same error with 7.4.3.
http://bugs.winehq.org/show_bug.cgi?id=9765
Juan Lang juan_lang@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|iTunes 7.4.2 can't connect |iTunes 7.4.3 can't connect |to the iTunes music store |to the iTunes music store
--- Comment #3 from Juan Lang juan_lang@yahoo.com 2007-10-11 13:58:35 --- changing summary..
http://bugs.winehq.org/show_bug.cgi?id=9765
--- Comment #4 from Juan Lang juan_lang@yahoo.com 2007-10-11 14:19:56 --- Created an attachment (id=8520) --> (http://bugs.winehq.org/attachment.cgi?id=8520) Stub patch to address fixme
This doesn't fix the problem, it just demonstrates that the lack of an SSL policy check is unlikely to be the problem. When this patch is applied, the following output comes from crypt32: fixme:crypt:verify_ssl_policy (nil)
That is, there isn't any additional policy checking information, so, for example, the URL of the site can't be checked against the name in the end cert.
http://bugs.winehq.org/show_bug.cgi?id=9765
--- Comment #5 from Juan Lang juan_lang@yahoo.com 2007-10-11 14:21:44 --- More on the problem: Apple users that get this problem are instructed to disable something in the keychain, so, something to do with certificates. Windows users are told to sync their clocks via NTP, and to make sure the CRLs are allowed through the firewall.
Thus, it seems more likely that the problem is lack of revocation checking on certificate chains. Or, it's just an Apple bug.
http://bugs.winehq.org/show_bug.cgi?id=9765
Juan Lang juan_lang@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Component|wine-crypt32 |wine-ole
--- Comment #6 from Juan Lang juan_lang@yahoo.com 2007-10-17 14:59:44 --- I'm no longer convinced this is a crypt32 bug. I've got a hacked-up version of Wine that uses native cryptnet.dll to perform chain revocation checking. On both an unmodified Wine and on the hacked version, I see this in the console just prior to the error message:
fixme:ntdll:RtlNtStatusToDosErrorNoTeb no mapping for 8000000a err:ole:local_server_thread Failure during ConnectNamedPipe 317 fixme:ntdll:RtlNtStatusToDosErrorNoTeb no mapping for 8000000a err:ole:local_server_thread Failure during ConnectNamedPipe 317
Thus, it seems more likely to be an ole bug than a crypt32 one.
http://bugs.winehq.org/show_bug.cgi?id=9765
Juan Lang juan_lang@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Component|wine-ole |wine-crypt32
--- Comment #7 from Juan Lang juan_lang@yahoo.com 2007-10-18 14:07:15 --- Hm, except the named pipe error only happens when using native cryptnet. Sorry for the noise, moving back to crypt32.
http://bugs.winehq.org/show_bug.cgi?id=9765
--- Comment #8 from Juan Lang juan_lang@yahoo.com 2007-10-19 10:02:15 --- Bradley Tordoff pointed me to this Apple web page about the problem: http://docs.info.apple.com/article.html?artnum=306628
I haven't yet tried importing the newer Entrust certificate to see if it corrects the problem. The CRLs would be downloaded automatically in the process of revocation checking, though that isn't implemented yet either.
http://bugs.winehq.org/show_bug.cgi?id=9765
Juan Lang juan_lang@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Component|wine-crypt32 |wine-misc
--- Comment #9 from Juan Lang juan_lang@yahoo.com 2007-10-22 13:36:44 --- I'm back to thinking this isn't a crypt32 problem. I've implemented certificate revocation checking, which I'll merge in over the next couple days. The certificate being checked is not revoked, so that isn't the problem. With revocation checking implemented and the stub for the ssl policy attached here applied, I still get the error.
I also get the RtlNtStatusToDosErrorNoTeb fixme with my builtin cryptnet, but I think that's a red herring: a relay log shows it's near a bunch of thread detach calls to ole32.dll, user32.dll, iPodServiceLocalized.dll. So iTunes appears to be in the process of giving up on connecting to the iTMS when this fixme appears.
Looking at a wireshark capture, I see that iTunes connects to phobos.apple.com, and is redirected to ax.phobos.apple.com.edgesuite.net, an akamai server. It connects to that and downloads some xml content or other successfully.
So, I have no idea what the problem is.
http://bugs.winehq.org/show_bug.cgi?id=9765
Maarten Lankhorst m.b.lankhorst@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |m.b.lankhorst@gmail.com Status|REOPENED |ASSIGNED
--- Comment #10 from Maarten Lankhorst m.b.lankhorst@gmail.com 2008-02-25 14:11:25 --- I found the cause and send in a patch.
Basically iTunes queries the raw headers, but we accidentally change it to include a null so the headers end early. This causes the headers to be truncated to only "HTTP/1.1", I sent in a patch that fixes this.
http://bugs.winehq.org/show_bug.cgi?id=9765
Maarten Lankhorst m.b.lankhorst@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED
--- Comment #11 from Maarten Lankhorst m.b.lankhorst@gmail.com 2008-04-16 17:25:12 --- Fixed.
http://bugs.winehq.org/show_bug.cgi?id=9765
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #12 from Alexandre Julliard julliard@winehq.org 2008-04-18 11:03:23 --- Closing bugs reported fixed in 0.9.60.
http://bugs.winehq.org/show_bug.cgi?id=9765
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Version|CVS/GIT |unspecified
http://bugs.winehq.org/show_bug.cgi?id=9765
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- OS/Version|All |other
--- Comment #13 from Austin English austinenglish@gmail.com 2012-02-23 15:21:13 CST --- Removing deprecated 'All' OS.
http://bugs.winehq.org/show_bug.cgi?id=9765
whiteblazehiker@yahoo.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |whiteblazehiker@yahoo.com
-
wine-bugs@winehq.org