Signed-off-by: Daniel Lehman dlehman25@gmail.com
--- v3: no \r 'null' isn't translated --- dlls/wininet/http.c | 103 +++++++++++++++++++++++++++++++ dlls/wininet/resource.h | 11 ++++ dlls/wininet/tests/http.c | 127 +++++++++++++++++++++++++++++++++++++- dlls/wininet/wininet.rc | 11 ++++ 4 files changed, 250 insertions(+), 2 deletions(-)
diff --git a/dlls/wininet/http.c b/dlls/wininet/http.c index 220493718c..dd7c23dcea 100644 --- a/dlls/wininet/http.c +++ b/dlls/wininet/http.c @@ -54,6 +54,7 @@
#include "internet.h" #include "zlib.h" +#include "resource.h" #include "wine/debug.h" #include "wine/exception.h"
@@ -2277,6 +2278,108 @@ static DWORD HTTPREQ_QueryOption(object_header_t *hdr, DWORD option, void *buffe
return get_security_cert_struct(req, (INTERNET_CERTIFICATE_INFOA*)buffer); } + case INTERNET_OPTION_SECURITY_CERTIFICATE: { + DWORD err; + int needed; + char subject[64]; + char issuer[64]; + char effective[64]; + char expiration[64]; + char protocol[64]; + char signature[64]; + char encryption[64]; + char privacy[64]; + char bits[16]; + char strength[16]; + char start_date[32]; + char start_time[32]; + char expiry_date[32]; + char expiry_time[32]; + SYSTEMTIME start, expiry; + INTERNET_CERTIFICATE_INFOA info; + + if(!size) + return ERROR_INVALID_PARAMETER; + + if(!req->netconn) { + *size = 0; + return ERROR_INTERNET_INVALID_OPERATION; + } + + if(!buffer) { + *size = 1; + return ERROR_INSUFFICIENT_BUFFER; + } + + if((err = get_security_cert_struct(req, &info))) + return err; + + if (PRIMARYLANGID(GetUserDefaultLangID()) != LANG_ENGLISH) + FIXME("INTERNET_OPTION_SECURITY_CERTIFICATE currently English-only\n"); + + LoadStringA(WININET_hModule, IDS_CERT_SUBJECT, subject, sizeof(subject)); + LoadStringA(WININET_hModule, IDS_CERT_ISSUER, issuer, sizeof(issuer)); + LoadStringA(WININET_hModule, IDS_CERT_EFFECTIVE, effective, sizeof(effective)); + LoadStringA(WININET_hModule, IDS_CERT_EXPIRATION, expiration, sizeof(expiration)); + LoadStringA(WININET_hModule, IDS_CERT_PROTOCOL, protocol, sizeof(protocol)); + LoadStringA(WININET_hModule, IDS_CERT_SIGNATURE, signature, sizeof(signature)); + LoadStringA(WININET_hModule, IDS_CERT_ENCRYPTION, encryption, sizeof(encryption)); + LoadStringA(WININET_hModule, IDS_CERT_PRIVACY, privacy, sizeof(privacy)); + LoadStringA(WININET_hModule, info.dwKeySize >= 128 ? IDS_CERT_HIGH : IDS_CERT_LOW, + strength, sizeof(strength)); + LoadStringA(WININET_hModule, IDS_CERT_BITS, bits, sizeof(bits)); + + FileTimeToSystemTime(&info.ftStart, &start); + FileTimeToSystemTime(&info.ftExpiry, &expiry); + GetDateFormatA(LOCALE_USER_DEFAULT, 0, &start, NULL, start_date, sizeof(start_date)); + GetTimeFormatA(LOCALE_USER_DEFAULT, 0, &start, NULL, start_time, sizeof(start_time)); + GetDateFormatA(LOCALE_USER_DEFAULT, 0, &expiry, NULL, expiry_date, sizeof(expiry_date)); + GetTimeFormatA(LOCALE_USER_DEFAULT, 0, &expiry, NULL, expiry_time, sizeof(expiry_time)); + + needed = _scprintf("%s:\r\n%s\r\n" + "%s:\r\n%s\r\n" + "%s:\t%s %s\r\n" + "%s:\t%s %s\r\n" + "%s:\t(null)\r\n" + "%s:\t(null)\r\n" + "%s:\t(null)\r\n" + "%s:\t%s (%u %s)", + subject, info.lpszSubjectInfo, + issuer, info.lpszIssuerInfo, + effective, start_date, start_time, + expiration, expiry_date, expiry_time, + protocol, signature, encryption, + privacy, strength, info.dwKeySize, bits); + + if(needed < *size) { + err = ERROR_SUCCESS; + *size = snprintf(buffer, *size, + "%s:\r\n%s\r\n" + "%s:\r\n%s\r\n" + "%s:\t%s %s\r\n" + "%s:\t%s %s\r\n" + "%s:\t(null)\r\n" + "%s:\t(null)\r\n" + "%s:\t(null)\r\n" + "%s:\t%s (%u %s)", + subject, info.lpszSubjectInfo, + issuer, info.lpszIssuerInfo, + effective, start_date, start_time, + expiration, expiry_date, expiry_time, + protocol, signature, encryption, + privacy, strength, info.dwKeySize, bits); + }else { + err = ERROR_INSUFFICIENT_BUFFER; + *size = 1; + } + + LocalFree(info.lpszSubjectInfo); + LocalFree(info.lpszIssuerInfo); + LocalFree(info.lpszProtocolName); + LocalFree(info.lpszSignatureAlgName); + LocalFree(info.lpszEncryptionAlgName); + return err; + } case INTERNET_OPTION_CONNECT_TIMEOUT: if (*size < sizeof(DWORD)) return ERROR_INSUFFICIENT_BUFFER; diff --git a/dlls/wininet/resource.h b/dlls/wininet/resource.h index 256a374af0..a9ccd19cf3 100644 --- a/dlls/wininet/resource.h +++ b/dlls/wininet/resource.h @@ -38,3 +38,14 @@ #define IDS_CERT_DATE_INVALID 0x502 #define IDS_CERT_CN_INVALID 0x503 #define IDS_CERT_ERRORS 0x504 +#define IDS_CERT_SUBJECT 0x505 +#define IDS_CERT_ISSUER 0x506 +#define IDS_CERT_EFFECTIVE 0x507 +#define IDS_CERT_EXPIRATION 0x508 +#define IDS_CERT_PROTOCOL 0x509 +#define IDS_CERT_SIGNATURE 0x50a +#define IDS_CERT_ENCRYPTION 0x50b +#define IDS_CERT_PRIVACY 0x50c +#define IDS_CERT_HIGH 0x50d +#define IDS_CERT_LOW 0x50e +#define IDS_CERT_BITS 0x50f diff --git a/dlls/wininet/tests/http.c b/dlls/wininet/tests/http.c index c07d60d2a9..ca355d3c75 100644 --- a/dlls/wininet/tests/http.c +++ b/dlls/wininet/tests/http.c @@ -6112,9 +6112,26 @@ static const cert_struct_test_t test_winehq_com_cert = { "webmaster@winehq.org" };
+static const char *cert_string_fmt = + "Subject:\r\n%s\r\n" + "Issuer:\r\n%s\r\n" + "Effective Date:\t%s %s\r\n" + "Expiration Date:\t%s %s\r\n" + "Security Protocol:\t%s\r\n" + "Signature Type:\t%s\r\n" + "Encryption Type:\t%s\r\n" + "Privacy Strength:\t%s (%u bits)"; + static void test_cert_struct(HINTERNET req, const cert_struct_test_t *test) { INTERNET_CERTIFICATE_INFOA info; + SYSTEMTIME start, expiry; + char expiry_date[32]; + char expiry_time[32]; + char start_date[32]; + char start_time[32]; + char expect[512]; + char actual[512]; DWORD size; BOOL res;
@@ -6138,6 +6155,42 @@ static void test_cert_struct(HINTERNET req, const cert_struct_test_t *test) ok(!info.lpszProtocolName, "lpszProtocolName = %s\n", info.lpszProtocolName); ok(info.dwKeySize >= 128 && info.dwKeySize <= 256, "dwKeySize = %u\n", info.dwKeySize);
+ if (PRIMARYLANGID(GetUserDefaultLangID()) != LANG_ENGLISH) + { + skip("Non-English locale (test with hardcoded English)\n"); + release_cert_info(&info); + return; + } + + size = sizeof(actual); + SetLastError(0xdeadbeef); + memset(actual, 0x55, sizeof(actual)); + res = InternetQueryOptionA(req, INTERNET_OPTION_SECURITY_CERTIFICATE, actual, &size); + ok(res, "InternetQueryOption failed: %u\n", GetLastError()); + + FileTimeToSystemTime(&info.ftStart, &start); + FileTimeToSystemTime(&info.ftExpiry, &expiry); + + GetDateFormatA(LOCALE_USER_DEFAULT, 0, &start, NULL, start_date, sizeof(start_date)); + GetTimeFormatA(LOCALE_USER_DEFAULT, 0, &start, NULL, start_time, sizeof(start_time)); + GetDateFormatA(LOCALE_USER_DEFAULT, 0, &expiry, NULL, expiry_date, sizeof(expiry_date)); + GetTimeFormatA(LOCALE_USER_DEFAULT, 0, &expiry, NULL, expiry_time, sizeof(expiry_time)); + + snprintf(expect, sizeof(expect), cert_string_fmt, info.lpszSubjectInfo, info.lpszIssuerInfo, + start_date, start_time, expiry_date, expiry_time, + info.lpszSignatureAlgName, info.lpszEncryptionAlgName, info.lpszProtocolName, + info.dwKeySize >= 128 ? "High" : "Low", info.dwKeySize); + ok(size == strlen(actual), "size = %u\n", size); + ok(!strcmp(actual, expect), "expected:\n%s\nactual:\n%s\n", expect, actual); + + --size; + SetLastError(0xdeadbeef); + memset(actual, 0x55, sizeof(actual)); + res = InternetQueryOptionA(req, INTERNET_OPTION_SECURITY_CERTIFICATE, actual, &size); + ok(!res && GetLastError() == ERROR_INSUFFICIENT_BUFFER, "InternetQueryOption failed: %d\n", GetLastError()); + ok(size == 1, "unexpected size: %u\n", size); + ok(actual[0] == 0x55, "unexpected byte: %02x\n", actual[0]); + release_cert_info(&info); }
@@ -6217,7 +6270,7 @@ static void test_security_flags(void) INTERNET_CERTIFICATE_INFOA *cert; HINTERNET ses, conn, req; DWORD size, flags; - char buf[100]; + char buf[512]; BOOL res;
if (!https_support) @@ -6378,6 +6431,30 @@ static void test_security_flags(void) } HeapFree(GetProcessHeap(), 0, cert);
+ SetLastError(0xdeadbeef); + res = InternetQueryOptionW(req, INTERNET_OPTION_SECURITY_CERTIFICATE, NULL, NULL); + ok(!res && GetLastError() == ERROR_INVALID_PARAMETER, "InternetQueryOption failed: %d\n", GetLastError()); + + size = 0; + SetLastError(0xdeadbeef); + res = InternetQueryOptionW(req, INTERNET_OPTION_SECURITY_CERTIFICATE, NULL, &size); + ok(!res && GetLastError() == ERROR_INSUFFICIENT_BUFFER, "InternetQueryOption failed: %d\n", GetLastError()); + ok(size == 1, "unexpected size: %u\n", size); + + size = 42; + SetLastError(0xdeadbeef); + memset(buf, 0x55, sizeof(buf)); + res = InternetQueryOptionW(req, INTERNET_OPTION_SECURITY_CERTIFICATE, buf, &size); + ok(!res && GetLastError() == ERROR_INSUFFICIENT_BUFFER, "InternetQueryOption failed: %d\n", GetLastError()); + ok(size == 1, "unexpected size: %u\n", size); + ok(buf[0] == 0x55, "unexpected byte: %02x\n", buf[0]); + + size = sizeof(buf); + SetLastError(0xdeadbeef); + res = InternetQueryOptionW(req, INTERNET_OPTION_SECURITY_CERTIFICATE, buf, &size); + ok(res && GetLastError() == ERROR_SUCCESS, "InternetQueryOption failed: %d\n", GetLastError()); + ok(size < sizeof(buf), "unexpected size: %u\n", size); + CHECK_NOTIFIED2(INTERNET_STATUS_CONNECTING_TO_SERVER, 2); CHECK_NOTIFIED2(INTERNET_STATUS_CONNECTED_TO_SERVER, 2); CHECK_NOTIFIED2(INTERNET_STATUS_CLOSING_CONNECTION, 2); @@ -6562,9 +6639,10 @@ static void test_secure_connection(void) static const WCHAR get[] = {'G','E','T',0}; static const WCHAR testpage[] = {'/','t','e','s','t','s','/','h','e','l','l','o','.','h','t','m','l',0}; HINTERNET ses, con, req; - DWORD size, flags, err; + DWORD size, size2, flags, err; INTERNET_CERTIFICATE_INFOA *certificate_structA = NULL; INTERNET_CERTIFICATE_INFOW *certificate_structW = NULL; + char certstr1[512], certstr2[512]; BOOL ret;
ses = InternetOpenA("Gizmo5", INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, 0); @@ -6629,6 +6707,19 @@ static void test_secure_connection(void) } HeapFree(GetProcessHeap(), 0, certificate_structW);
+ SetLastError(0xdeadbeef); + size = sizeof(certstr1); + ret = InternetQueryOptionW(req, INTERNET_OPTION_SECURITY_CERTIFICATE, certstr1, &size); + ok(ret && GetLastError() == ERROR_SUCCESS, "InternetQueryOption failed: %d\n", GetLastError()); + + SetLastError(0xdeadbeef); + size2 = sizeof(certstr2); + ret = InternetQueryOptionA(req, INTERNET_OPTION_SECURITY_CERTIFICATE, certstr2, &size2); + ok(ret && GetLastError() == ERROR_SUCCESS, "InternetQueryOption failed: %d\n", GetLastError()); + + ok(size == size2, "expected same size\n"); + ok(!strcmp(certstr1, certstr2), "expected same string\n"); + InternetCloseHandle(req); InternetCloseHandle(con); InternetCloseHandle(ses); @@ -7517,6 +7608,37 @@ static void test_concurrent_header_access(void) CloseHandle( wait ); }
+static void test_cert_string(void) +{ + HINTERNET ses, con, req; + char actual[512]; + DWORD size; + BOOL res; + + ses = InternetOpenA( "winetest", 0, NULL, NULL, 0 ); + ok( ses != NULL, "InternetOpenA failed\n" ); + + con = InternetConnectA( ses, "test.winehq.org", INTERNET_DEFAULT_HTTP_PORT, NULL, NULL, + INTERNET_SERVICE_HTTP, 0, 0 ); + ok( con != NULL, "InternetConnectA failed %u\n", GetLastError() ); + + req = HttpOpenRequestA( con, NULL, "/", NULL, NULL, NULL, 0, 0 ); + ok( req != NULL, "HttpOpenRequestA failed %u\n", GetLastError() ); + + size = sizeof(actual); + SetLastError( 0xdeadbeef ); + memset( actual, 0x55, sizeof(actual) ); + res = InternetQueryOptionA( req, INTERNET_OPTION_SECURITY_CERTIFICATE, actual, &size ); + ok( !res && GetLastError() == ERROR_INTERNET_INVALID_OPERATION, + "InternetQueryOption failed: %u\n", GetLastError() ); + ok( size == 0, "unexpected size: %u\n", size ); + ok( actual[0] == 0x55, "unexpected byte: %02x\n", actual[0] ); + + InternetCloseHandle( req ); + InternetCloseHandle( con ); + InternetCloseHandle( ses ); +} + START_TEST(http) { HMODULE hdll; @@ -7566,5 +7688,6 @@ START_TEST(http) test_connection_failure(); test_default_service_port(); test_concurrent_header_access(); + test_cert_string(); free_events(); } diff --git a/dlls/wininet/wininet.rc b/dlls/wininet/wininet.rc index b6e35629ca..485c80793e 100644 --- a/dlls/wininet/wininet.rc +++ b/dlls/wininet/wininet.rc @@ -29,6 +29,17 @@ STRINGTABLE IDS_CERT_DATE_INVALID "The date on the certificate is invalid." IDS_CERT_CN_INVALID "The name on the certificate does not match the site." IDS_CERT_ERRORS "There is at least one unspecified security problem with this certificate." + IDS_CERT_SUBJECT "Subject" + IDS_CERT_ISSUER "Issuer" + IDS_CERT_EFFECTIVE "Effective Date" + IDS_CERT_EXPIRATION "Expiration Date" + IDS_CERT_PROTOCOL "Security Protocol" + IDS_CERT_SIGNATURE "Signature Type" + IDS_CERT_ENCRYPTION "Encryption Type" + IDS_CERT_PRIVACY "Privacy Strength" + IDS_CERT_HIGH "High" + IDS_CERT_LOW "Low" + IDS_CERT_BITS "bits" }
IDD_PROXYDLG DIALOG 36, 24, 220, 146
Hi,
While running your changed tests, I think I found new failures. Being a bot and all I'm not very good at pattern recognition, so I might be wrong, but could you please double-check?
Full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=78236
Your paranoid android.
=== w8adm (32 bit report) ===
wininet: http.c:683: Test failed: req_error = 12007 http.c:694: Test failed: expected status 11 (INTERNET_STATUS_NAME_RESOLVED) 1 times, received 0 times http.c:707: Test failed: expected status 30 (INTERNET_STATUS_SENDING_REQUEST) 1 times, received 0 times http.c:708: Test failed: expected status 31 (INTERNET_STATUS_REQUEST_SENT) 1 times, received 0 times http.c:709: Test failed: expected status 40 (INTERNET_STATUS_RECEIVING_RESPONSE) 1 times, received 0 times http.c:710: Test failed: expected status 41 (INTERNET_STATUS_RESPONSE_RECEIVED) 1 times, received 0 times http.c:719: Test failed: flags = 8, expected 0 http.c:733: Test failed: Expected any header character, got 0x00 http.c:760: Test failed: Expected 0x0000, got 7777 http.c:890: Test failed: Returned zero size in response to request complete http.c:356: Test failed: unexpected status 10 (INTERNET_STATUS_RESOLVING_NAME) http.c:356: Test failed: unexpected status 11 (INTERNET_STATUS_NAME_RESOLVED) http.c:704: Test failed: expected status 10 (INTERNET_STATUS_RESOLVING_NAME) 0 times, received 1 times http.c:705: Test failed: expected status 11 (INTERNET_STATUS_NAME_RESOLVED) 0 times, received 1 times
=== w10pro64 (32 bit report) ===
wininet: http.c:356: Test failed: unexpected status 20 (INTERNET_STATUS_CONNECTING_TO_SERVER)
=== w10pro64_he (32 bit report) ===
wininet: http.c:6184: Test failed: expected: http.c:6184: Test failed: expected:
=== w10pro64_ja (32 bit report) ===
wininet: http.c:6184: Test failed: expected: http.c:6184: Test failed: expected:
=== w10pro64_zh_CN (32 bit report) ===
wininet: http.c:6184: Test failed: expected: http.c:6184: Test failed: expected:
=== w10pro64 (64 bit report) ===
wininet: http.c:356: Test failed: unexpected status 20 (INTERNET_STATUS_CONNECTING_TO_SERVER)
=== w10pro64_he (64 bit report) ===
wininet: http.c:6184: Test failed: expected: http.c:6184: Test failed: expected:
=== w10pro64_ja (64 bit report) ===
wininet: http.c:6184: Test failed: expected: http.c:6184: Test failed: expected:
=== w10pro64_zh_CN (64 bit report) ===
wininet: http.c:6184: Test failed: expected: http.c:6184: Test failed: expected:
=== debiant (64 bit WoW report) ===
wininet: http.c:4947: Test failed: expected 1 pending read, got 2
Hi Daniel,
On 07.09.2020 18:15, Daniel Lehman wrote:
if (PRIMARYLANGID(GetUserDefaultLangID()) != LANG_ENGLISH)
FIXME("INTERNET_OPTION_SECURITY_CERTIFICATE currently English-only\n");
The patch looks good to me except for the FIXME which is back.
Thanks,
Jacek