Juan Lang : winhttp: Honor more SECURITY_FLAG_IGNORE flags.
Alexandre Julliard
julliard at winehq.org
Fri Oct 1 11:38:43 CDT 2010
Module: wine
Branch: master
Commit: 756c17165990351bc43446bdf3f8d5807a0666aa
URL: http://source.winehq.org/git/wine.git/?a=commit;h=756c17165990351bc43446bdf3f8d5807a0666aa
Author: Juan Lang <juan.lang at gmail.com>
Date: Wed Sep 29 08:36:28 2010 -0700
winhttp: Honor more SECURITY_FLAG_IGNORE flags.
---
dlls/winhttp/net.c | 12 ++++++++++--
1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/dlls/winhttp/net.c b/dlls/winhttp/net.c
index a85eecd..398c0b7 100644
--- a/dlls/winhttp/net.c
+++ b/dlls/winhttp/net.c
@@ -276,6 +276,11 @@ static DWORD netconn_verify_cert( PCCERT_CONTEXT cert, HCERTSTORE store,
{
if (chain->TrustStatus.dwErrorStatus)
{
+ static const DWORD supportedErrors =
+ CERT_TRUST_IS_NOT_TIME_VALID |
+ CERT_TRUST_IS_UNTRUSTED_ROOT |
+ CERT_TRUST_IS_NOT_VALID_FOR_USAGE;
+
if (chain->TrustStatus.dwErrorStatus & CERT_TRUST_IS_NOT_TIME_VALID)
{
if (!(security_flags & SECURITY_FLAG_IGNORE_CERT_DATE_INVALID))
@@ -283,7 +288,10 @@ static DWORD netconn_verify_cert( PCCERT_CONTEXT cert, HCERTSTORE store,
}
else if (chain->TrustStatus.dwErrorStatus &
CERT_TRUST_IS_UNTRUSTED_ROOT)
- err = ERROR_WINHTTP_SECURE_INVALID_CA;
+ {
+ if (!(security_flags & SECURITY_FLAG_IGNORE_UNKNOWN_CA))
+ err = ERROR_WINHTTP_SECURE_INVALID_CA;
+ }
else if ((chain->TrustStatus.dwErrorStatus &
CERT_TRUST_IS_OFFLINE_REVOCATION) ||
(chain->TrustStatus.dwErrorStatus &
@@ -297,7 +305,7 @@ static DWORD netconn_verify_cert( PCCERT_CONTEXT cert, HCERTSTORE store,
if (!(security_flags & SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE))
err = ERROR_WINHTTP_SECURE_CERT_WRONG_USAGE;
}
- else
+ else if (chain->TrustStatus.dwErrorStatus & ~supportedErrors)
err = ERROR_WINHTTP_SECURE_INVALID_CERT;
}
else
More information about the wine-cvs
mailing list