Module: wine Branch: master Commit: 756c17165990351bc43446bdf3f8d5807a0666aa URL: http://source.winehq.org/git/wine.git/?a=commit;h=756c17165990351bc43446bdf3...
Author: Juan Lang juan.lang@gmail.com Date: Wed Sep 29 08:36:28 2010 -0700
winhttp: Honor more SECURITY_FLAG_IGNORE flags.
---
dlls/winhttp/net.c | 12 ++++++++++-- 1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/dlls/winhttp/net.c b/dlls/winhttp/net.c index a85eecd..398c0b7 100644 --- a/dlls/winhttp/net.c +++ b/dlls/winhttp/net.c @@ -276,6 +276,11 @@ static DWORD netconn_verify_cert( PCCERT_CONTEXT cert, HCERTSTORE store, { if (chain->TrustStatus.dwErrorStatus) { + static const DWORD supportedErrors = + CERT_TRUST_IS_NOT_TIME_VALID | + CERT_TRUST_IS_UNTRUSTED_ROOT | + CERT_TRUST_IS_NOT_VALID_FOR_USAGE; + if (chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_TIME_VALID) { if (!(security_flags & SECURITY_FLAG_IGNORE_CERT_DATE_INVALID)) @@ -283,7 +288,10 @@ static DWORD netconn_verify_cert( PCCERT_CONTEXT cert, HCERTSTORE store, } else if (chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_UNTRUSTED_ROOT) - err = ERROR_WINHTTP_SECURE_INVALID_CA; + { + if (!(security_flags & SECURITY_FLAG_IGNORE_UNKNOWN_CA)) + err = ERROR_WINHTTP_SECURE_INVALID_CA; + } else if ((chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_OFFLINE_REVOCATION) || (chain->TrustStatus.dwErrorStatus & @@ -297,7 +305,7 @@ static DWORD netconn_verify_cert( PCCERT_CONTEXT cert, HCERTSTORE store, if (!(security_flags & SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE)) err = ERROR_WINHTTP_SECURE_CERT_WRONG_USAGE; } - else + else if (chain->TrustStatus.dwErrorStatus & ~supportedErrors) err = ERROR_WINHTTP_SECURE_INVALID_CERT; } else
-
Alexandre Julliard