Module: wine Branch: master Commit: d654ff6dfcabdfbe3fe8edd196a6578cb9c4c1c3 URL: http://source.winehq.org/git/wine.git/?a=commit;h=d654ff6dfcabdfbe3fe8edd196...

Author: Bruno Jesus 00cpxxx@gmail.com Date: Wed Dec 31 03:47:00 2014 -0200

wininet: Handle CERT_TRUST_IS_NOT_SIGNATURE_VALID in netconn_verify_cert().

---

dlls/wininet/netconnection.c | 12 ++++++++++++ 1 file changed, 12 insertions(+)

diff --git a/dlls/wininet/netconnection.c b/dlls/wininet/netconnection.c index 483dba4..debc271 100644 --- a/dlls/wininet/netconnection.c +++ b/dlls/wininet/netconnection.c @@ -112,6 +112,7 @@ static DWORD netconn_verify_cert(netconn_t *conn, PCCERT_CONTEXT cert, HCERTSTOR CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_PARTIAL_CHAIN | + CERT_TRUST_IS_NOT_SIGNATURE_VALID | CERT_TRUST_IS_NOT_VALID_FOR_USAGE;

TRACE("verifying %s\n", debugstr_w(conn->server->name)); @@ -178,6 +179,17 @@ static DWORD netconn_verify_cert(netconn_t *conn, PCCERT_CONTEXT cert, HCERTSTOR errors &= ~CERT_TRUST_IS_PARTIAL_CHAIN; }

+ if(errors & CERT_TRUST_IS_NOT_SIGNATURE_VALID) { + WARN("CERT_TRUST_IS_NOT_SIGNATURE_VALID\n"); + if(!(conn->security_flags & SECURITY_FLAG_IGNORE_UNKNOWN_CA)) { + err = conn->mask_errors && err ? ERROR_INTERNET_SEC_CERT_ERRORS : ERROR_INTERNET_INVALID_CA; + if(!conn->mask_errors) + break; + conn->security_flags |= _SECURITY_FLAG_CERT_INVALID_CA; + } + errors &= ~CERT_TRUST_IS_NOT_SIGNATURE_VALID; + } + if(errors & CERT_TRUST_IS_NOT_VALID_FOR_USAGE) { WARN("CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n"); if(!(conn->security_flags & SECURITY_FLAG_IGNORE_WRONG_USAGE)) {