Module: wine Branch: master Commit: f378394acda10cb7b9daa9889cf4774940c944ac URL: http://source.winehq.org/git/wine.git/?a=commit;h=f378394acda10cb7b9daa9889c...
Author: Juan Lang juan.lang@gmail.com Date: Thu Nov 19 11:48:53 2009 -0800
crypt32: Correct CertIsValidCRLForCertificate for certificates that do not contain a CRL dist points extension.
---
dlls/crypt32/crl.c | 12 ++++-------- dlls/crypt32/tests/crl.c | 4 ++-- 2 files changed, 6 insertions(+), 10 deletions(-)
diff --git a/dlls/crypt32/crl.c b/dlls/crypt32/crl.c index 03f9b78..5b93d3a 100644 --- a/dlls/crypt32/crl.c +++ b/dlls/crypt32/crl.c @@ -649,15 +649,11 @@ BOOL WINAPI CertIsValidCRLForCertificate(PCCERT_CONTEXT pCert, } else { - /* no CRL dist points extension in cert, compare CRL's issuer - * to cert's issuer. + /* no CRL dist points extension in cert, can't match the CRL + * (which has an issuing dist point extension) */ - if (!CertCompareCertificateName(pCrl->dwCertEncodingType, - &pCrl->pCrlInfo->Issuer, &pCert->pCertInfo->Issuer)) - { - ret = FALSE; - SetLastError(CRYPT_E_NO_MATCH); - } + ret = FALSE; + SetLastError(CRYPT_E_NO_MATCH); } LocalFree(idp); } diff --git a/dlls/crypt32/tests/crl.c b/dlls/crypt32/tests/crl.c index bd70d32..dfb9356 100644 --- a/dlls/crypt32/tests/crl.c +++ b/dlls/crypt32/tests/crl.c @@ -530,6 +530,7 @@ static void testFindCRL(void) * match cert's issuer, but verisignCRL does not, so the expected count * is 0. */ + todo_wine { ok(count == 3 || broken(count == 0 /* NT4, Win9x */), "expected 3 matching CRLs, got %d\n", count); /* Only v1CRLWithIssuerAndEntry and v2CRLWithIssuingDistPoint contain @@ -537,6 +538,7 @@ static void testFindCRL(void) */ ok(revoked_count == 2 || broken(revoked_count == 0 /* NT4, Win9x */), "expected 2 matching CRL entries, got %d\n", revoked_count); + }
CertFreeCertificateContext(cert);
@@ -1000,11 +1002,9 @@ static void testIsValidCRLForCert(void) sizeof(v2CRLWithIssuingDistPoint)); ok(crl != NULL, "CertCreateCRLContext failed: %08x\n", GetLastError());
- todo_wine { ret = pCertIsValidCRLForCertificate(cert1, crl, 0, NULL); ok(!ret && GetLastError() == CRYPT_E_NO_MATCH, "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError()); - } ret = pCertIsValidCRLForCertificate(cert2, crl, 0, NULL); ok(!ret && GetLastError() == CRYPT_E_NO_MATCH, "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());