[PATCH v2 0/3] MR6797: winhttp: Add support WinHttpRequestOption_SslErrorIgnoreFlags in IWinHttpRequest_{get,put}_Option.
-- v2: winhttp: Add support WinHttpRequestOption_SslErrorIgnoreFlags in IWinHttpRequest_get_Option. winhttp: Add support WinHttpRequestOption_SslErrorIgnoreFlags in IWinHttpRequest_put_Option. winhttp/tests: Add some tests for WinHttpRequestOption_SslErrorIgnoreFlags in IWinHttpRequest_{put,get}_Option.
From: Haoyang Chen chenhaoyang@kylinos.cn
--- dlls/winhttp/tests/winhttp.c | 69 +++++++++++++++++++++++++++++++++++- 1 file changed, 68 insertions(+), 1 deletion(-)
diff --git a/dlls/winhttp/tests/winhttp.c b/dlls/winhttp/tests/winhttp.c index 5ea0c45b183..1588a2b1261 100644 --- a/dlls/winhttp/tests/winhttp.c +++ b/dlls/winhttp/tests/winhttp.c @@ -4607,7 +4607,7 @@ static void test_IWinHttpRequest(int port) IWinHttpRequest *req; BSTR method, url, username, password, response = NULL, status_text = NULL, headers = NULL; BSTR date, today, connection, value = NULL; - VARIANT async, empty, timeout, body, body2, proxy_server, bypass_list, data, cp; + VARIANT async, empty, timeout, body, body2, proxy_server, bypass_list, data, cp, flags; VARIANT_BOOL succeeded; LONG status; WCHAR todayW[WINHTTP_TIME_FORMAT_BUFSIZE]; @@ -4683,6 +4683,24 @@ static void test_IWinHttpRequest(int port) hr = IWinHttpRequest_Open( req, method, url, async ); ok( hr == HRESULT_FROM_WIN32( ERROR_WINHTTP_UNRECOGNIZED_SCHEME ), "got %#lx\n", hr );
+ V_VT( &flags ) = VT_ERROR; + V_ERROR( &flags ) = 0xdeadbeef; + hr = IWinHttpRequest_get_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, &flags ); + ok( hr == S_OK, "got %#lx\n", hr ); + ok( V_VT( &flags ) == VT_I4, "got %#x\n", V_VT( &flags ) ); + ok( V_I4( &flags ) == 0, "got %lx\n", V_I4( &flags ) ); + + V_VT( &flags ) = VT_I4; + V_I4( &flags ) = SECURITY_FLAG_IGNORE_UNKNOWN_CA; + hr = IWinHttpRequest_put_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, flags ); + ok( hr == S_OK, "got %#lx\n", hr ); + + V_VT( &flags ) = VT_ERROR; + V_ERROR( &flags ) = 0xdeadbeef; + hr = IWinHttpRequest_get_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, &flags ); + ok( hr == S_OK, "got %#lx\n", hr ); + ok( V_I4( &flags ) == SECURITY_FLAG_IGNORE_UNKNOWN_CA, "got %lx\n", V_I4( &flags ) ); + SysFreeString( method ); method = SysAllocString( L"GET" ); SysFreeString( url ); @@ -4725,6 +4743,44 @@ static void test_IWinHttpRequest(int port) ok( V_VT( &cp ) == VT_I4, "got %#x\n", V_VT( &cp ) ); ok( V_I4( &cp ) == CP_UTF8, "got %ld\n", V_I4( &cp ) );
+ V_VT( &flags ) = VT_ERROR; + V_ERROR( &flags ) = 0xdeadbeef; + hr = IWinHttpRequest_get_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, &flags ); + ok( hr == S_OK, "got %#lx\n", hr ); + ok( V_I4( &flags ) == SECURITY_FLAG_IGNORE_UNKNOWN_CA, "got %lx\n", V_I4( &flags ) ); + + V_VT( &flags ) = VT_I4; + V_I4( &flags ) = 0x321; + hr = IWinHttpRequest_put_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, flags ); + ok( hr == E_INVALIDARG, "got %#lx\n", hr ); + + V_VT( &flags ) = VT_UI4; + V_UI4( &flags ) = 0x123; + hr = IWinHttpRequest_put_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, flags ); + ok( hr == E_INVALIDARG, "got %#lx\n", hr ); + + V_VT( &flags ) = VT_UI4; + V_UI4( &flags ) = SECURITY_FLAG_IGNORE_CERT_DATE_INVALID; + hr = IWinHttpRequest_put_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, flags); + ok( hr == S_OK, "got %#lx\n", hr ); + + V_VT( &flags ) = VT_ERROR; + V_ERROR( &flags ) = 0xdeadbeef; + hr = IWinHttpRequest_get_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, &flags ); + ok( hr == S_OK, "got %#lx\n", hr ); + ok( V_I4( &flags ) == SECURITY_FLAG_IGNORE_CERT_DATE_INVALID, "got %lx\n", V_I4( &flags ) ); + + V_VT( &flags ) = VT_I4; + V_I4( &flags ) = SECURITY_FLAG_IGNORE_UNKNOWN_CA|SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE; + hr = IWinHttpRequest_put_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, flags ); + ok( hr == S_OK, "got %#lx\n", hr ); + + V_VT( &flags ) = VT_ERROR; + V_ERROR( &flags ) = 0xdeadbeef; + hr = IWinHttpRequest_get_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, &flags ); + ok( hr == S_OK, "got %#lx\n", hr ); + ok( V_I4( &flags ) == (SECURITY_FLAG_IGNORE_UNKNOWN_CA|SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE), "got %lx\n", V_I4( &flags ) ); + hr = IWinHttpRequest_Abort( req ); ok( hr == S_OK, "got %#lx\n", hr );
@@ -4857,6 +4913,11 @@ static void test_IWinHttpRequest(int port) hr = IWinHttpRequest_SetCredentials( req, username, password, HTTPREQUEST_SETCREDENTIALS_FOR_SERVER ); ok( hr == S_OK, "got %#lx\n", hr );
+ V_VT( &flags ) = VT_I4; + V_I4( &flags ) = SECURITY_FLAG_IGNORE_UNKNOWN_CA|SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE; + hr = IWinHttpRequest_put_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, flags ); + ok( hr == S_OK, "got %#lx\n", hr ); + V_VT( &proxy_server ) = VT_BSTR; V_BSTR( &proxy_server ) = SysAllocString( L"proxyserver" ); V_VT( &bypass_list ) = VT_BSTR; @@ -4891,6 +4952,12 @@ static void test_IWinHttpRequest(int port) hr = IWinHttpRequest_Send( req, empty ); ok( hr == S_OK, "got %#lx\n", hr );
+ V_VT( &flags ) = VT_ERROR; + V_ERROR( &flags ) = 0xdeadbeef; + hr = IWinHttpRequest_get_Option( req, WinHttpRequestOption_SslErrorIgnoreFlags, &flags ); + ok( hr == S_OK, "got %#lx\n", hr ); + ok( V_I4( &flags ) == (SECURITY_FLAG_IGNORE_UNKNOWN_CA|SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE), "got %lx\n", V_I4( &flags ) ); + hr = IWinHttpRequest_get_ResponseText( req, NULL ); ok( hr == E_INVALIDARG, "got %#lx\n", hr );
From: Haoyang Chen chenhaoyang@kylinos.cn
--- dlls/winhttp/request.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
diff --git a/dlls/winhttp/request.c b/dlls/winhttp/request.c index b86ff0beb1e..e8c84fec5d8 100644 --- a/dlls/winhttp/request.c +++ b/dlls/winhttp/request.c @@ -4628,6 +4628,7 @@ struct winhttp_request WINHTTP_PROXY_INFO proxy; BOOL async; UINT url_codepage; + DWORD security_flags; };
static inline struct winhttp_request *impl_from_IWinHttpRequest( IWinHttpRequest *iface ) @@ -5378,6 +5379,9 @@ static DWORD request_set_parameters( struct winhttp_request *request ) if (!WinHttpSetOption( request->hrequest, WINHTTP_OPTION_DISABLE_FEATURE, &request->disable_feature, sizeof(request->disable_feature) )) return GetLastError();
+ if (!WinHttpSetOption( request->hrequest, WINHTTP_OPTION_SECURITY_FLAGS, &request->security_flags, + sizeof(request->security_flags) )) return GetLastError(); + if (!WinHttpSetTimeouts( request->hrequest, request->resolve_timeout, request->connect_timeout, @@ -5985,6 +5989,20 @@ static HRESULT WINAPI winhttp_request_put_Option( FIXME("URL codepage %s is not recognized\n", debugstr_variant( &value )); break; } + case WinHttpRequestOption_SslErrorIgnoreFlags: + { + static const DWORD accepted = SECURITY_FLAG_IGNORE_CERT_CN_INVALID | + SECURITY_FLAG_IGNORE_CERT_DATE_INVALID | + SECURITY_FLAG_IGNORE_UNKNOWN_CA | + SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE; + + DWORD flags = V_I4( &value ); + if (flags && (flags & ~accepted)) + hr = E_INVALIDARG; + else + request->security_flags = flags; + break; + } default: FIXME("unimplemented option %u\n", option); hr = E_NOTIMPL;
From: Haoyang Chen chenhaoyang@kylinos.cn
--- dlls/winhttp/request.c | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/dlls/winhttp/request.c b/dlls/winhttp/request.c index e8c84fec5d8..cd3e4200e73 100644 --- a/dlls/winhttp/request.c +++ b/dlls/winhttp/request.c @@ -5939,6 +5939,12 @@ static HRESULT WINAPI winhttp_request_get_Option( V_VT( value ) = VT_I4; V_I4( value ) = request->url_codepage; break; + case WinHttpRequestOption_SslErrorIgnoreFlags: + { + V_VT( value ) = VT_I4; + V_I4( value ) = request->security_flags; + break; + } default: FIXME("unimplemented option %u\n", option); hr = E_NOTIMPL;
Hi,
It looks like your patch introduced the new failures shown below. Please investigate and fix them before resubmitting your patch. If they are not new, fixing them anyway would help a lot. Otherwise please ask for the known failures list to be updated.
The tests also ran into some preexisting test failures. If you know how to fix them that would be helpful. See the TestBot job for the details:
The full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=149613
Your paranoid android.
=== w8 (32 bit report) ===
winhttp: winhttp.c:473: Test failed: Read 255 bytes winhttp.c:474: Test failed: Data read did not match. winhttp.c:5859: Test failed: WinHttpReceiveResponse succeeded, expected failure winhttp.c:5860: Test failed: Expected ERROR_WINHTTP_REDIRECT_FAILED, got 0 winhttp.c:5866: Test failed: got L"http://test.winehq.org/tests/redirecttest.php?max=3"
=== w1064v1507 (64 bit report) ===
winhttp: winhttp.c:473: Test failed: Read 255 bytes winhttp.c:474: Test failed: Data read did not match. winhttp.c:5859: Test failed: WinHttpReceiveResponse succeeded, expected failure winhttp.c:5860: Test failed: Expected ERROR_WINHTTP_REDIRECT_FAILED, got 0 winhttp.c:5866: Test failed: got L"http://test.winehq.org/tests/redirecttest.php?max=3"
=== w1064v1809 (64 bit report) ===
winhttp: winhttp.c:473: Test failed: Read 255 bytes winhttp.c:474: Test failed: Data read did not match. winhttp.c:5859: Test failed: WinHttpReceiveResponse succeeded, expected failure winhttp.c:5860: Test failed: Expected ERROR_WINHTTP_REDIRECT_FAILED, got 0 winhttp.c:5866: Test failed: got L"http://test.winehq.org/tests/redirecttest.php?max=3"
=== w1064_2qxl (64 bit report) ===
winhttp: winhttp.c:473: Test failed: Read 255 bytes winhttp.c:474: Test failed: Data read did not match. winhttp.c:5859: Test failed: WinHttpReceiveResponse succeeded, expected failure winhttp.c:5860: Test failed: Expected ERROR_WINHTTP_REDIRECT_FAILED, got 0 winhttp.c:5866: Test failed: got L"http://test.winehq.org/tests/redirecttest.php?max=3"
=== w1064_adm (64 bit report) ===
winhttp: winhttp.c:473: Test failed: Read 255 bytes winhttp.c:474: Test failed: Data read did not match. winhttp.c:5859: Test failed: WinHttpReceiveResponse succeeded, expected failure winhttp.c:5860: Test failed: Expected ERROR_WINHTTP_REDIRECT_FAILED, got 0 winhttp.c:5866: Test failed: got L"http://test.winehq.org/tests/redirecttest.php?max=3"
=== w1064_tsign (64 bit report) ===
winhttp: winhttp.c:473: Test failed: Read 255 bytes winhttp.c:474: Test failed: Data read did not match. winhttp.c:5859: Test failed: WinHttpReceiveResponse succeeded, expected failure winhttp.c:5860: Test failed: Expected ERROR_WINHTTP_REDIRECT_FAILED, got 0 winhttp.c:5866: Test failed: got L"http://test.winehq.org/tests/redirecttest.php?max=3"
=== w10pro64 (64 bit report) ===
winhttp: winhttp.c:473: Test failed: Read 255 bytes winhttp.c:474: Test failed: Data read did not match. winhttp.c:5859: Test failed: WinHttpReceiveResponse succeeded, expected failure winhttp.c:5860: Test failed: Expected ERROR_WINHTTP_REDIRECT_FAILED, got 0 winhttp.c:5866: Test failed: got L"http://test.winehq.org/tests/redirecttest.php?max=3"
=== w10pro64_ar (64 bit report) ===
winhttp: winhttp.c:473: Test failed: Read 255 bytes winhttp.c:474: Test failed: Data read did not match. winhttp.c:5859: Test failed: WinHttpReceiveResponse succeeded, expected failure winhttp.c:5860: Test failed: Expected ERROR_WINHTTP_REDIRECT_FAILED, got 0 winhttp.c:5866: Test failed: got L"http://test.winehq.org/tests/redirecttest.php?max=3"
=== w10pro64_zh_CN (64 bit report) ===
winhttp: winhttp.c:473: Test failed: Read 255 bytes winhttp.c:474: Test failed: Data read did not match. winhttp.c:5859: Test failed: WinHttpReceiveResponse succeeded, expected failure winhttp.c:5860: Test failed: Expected ERROR_WINHTTP_REDIRECT_FAILED, got 0 winhttp.c:5866: Test failed: got L"http://test.winehq.org/tests/redirecttest.php?max=3"
=== debian11b (64 bit WoW report) ===
kernel32: comm.c:1586: Test failed: Unexpected time 1002, expected around 500
On Tue Nov 12 02:42:16 2024 +0000, Hans Leidekker wrote:
This doesn't work if Open() hasn't been called which creates the inner request. You should add a security_flags field to struct winhttp_request and set the flags in request_set_parameters().
Ok, I will modify it to meet your expectations.
On Tue Nov 12 02:41:52 2024 +0000, Haoyang Chen wrote:
changed this line in [version 2 of the diff](/wine/wine/-/merge_requests/6797/diffs?diff_id=142527&start_sha=1c77f2bf391c2c6f3fec3b62a6308b01da95b10a#25828ec85937a729c394182abf50faf3f08c268f_4733_4750)
Ok, thanks.
Looks good, thanks. There are new test failures but they are not related to this MR. Looks like something changed on the webserver. It's returning the PHP test script rather then executing it.
This merge request was approved by Hans Leidekker.
-
Hans Leidekker (@hans) -
Haoyang Chen
-
Haoyang Chen (@chenhaoyang)
-
Marvin