Juan Lang : crypt32: Correct combining trust status of a chain'
s elements into the chain's trust status.
Alexandre Julliard
julliard at wine.codeweavers.com
Fri Aug 31 14:01:20 CDT 2007
Module: wine
Branch: master
Commit: 03d76d97ecc427d534069c5e0194ca0eadacfcca
URL: http://source.winehq.org/git/wine.git/?a=commit;h=03d76d97ecc427d534069c5e0194ca0eadacfcca
Author: Juan Lang <juan.lang at gmail.com>
Date: Thu Aug 30 17:57:15 2007 -0700
crypt32: Correct combining trust status of a chain's elements into the chain's trust status.
---
dlls/crypt32/chain.c | 23 +++++++++++++++--------
1 files changed, 15 insertions(+), 8 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index e6a0df8..f0f3e56 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -262,6 +262,17 @@ static PCCERT_CONTEXT CRYPT_GetIssuerFromStore(HCERTSTORE store,
return CertGetIssuerCertificateFromStore(store, cert, NULL, pdwFlags);
}
+static inline void CRYPT_CombineTrustStatus(CERT_TRUST_STATUS *chainStatus,
+ CERT_TRUST_STATUS *elementStatus)
+{
+ /* Any error that applies to an element also applies to a chain.. */
+ chainStatus->dwErrorStatus |= elementStatus->dwErrorStatus;
+ /* but the bottom nibble of an element's info status doesn't apply to the
+ * chain.
+ */
+ chainStatus->dwInfoStatus |= (elementStatus->dwInfoStatus & 0xfffffff0);
+}
+
static BOOL CRYPT_AddCertToSimpleChain(PCertificateChainEngine engine,
PCERT_SIMPLE_CHAIN chain, PCCERT_CONTEXT cert, DWORD dwFlags)
{
@@ -307,10 +318,8 @@ static BOOL CRYPT_AddCertToSimpleChain(PCertificateChainEngine engine,
chain->rgpElement[chain->cElement++] = element;
if (chain->cElement % engine->CycleDetectionModulus)
CRYPT_CheckSimpleChainForCycles(chain);
- chain->TrustStatus.dwErrorStatus |=
- element->TrustStatus.dwErrorStatus;
- chain->TrustStatus.dwInfoStatus |=
- element->TrustStatus.dwInfoStatus;
+ CRYPT_CombineTrustStatus(&chain->TrustStatus,
+ &element->TrustStatus);
ret = TRUE;
}
else
@@ -412,10 +421,8 @@ static BOOL CRYPT_BuildSimpleChain(HCERTCHAINENGINE hChainEngine,
}
CRYPT_CheckTrustedStatus(engine->hRoot, rootElement);
}
- chain->TrustStatus.dwErrorStatus |=
- rootElement->TrustStatus.dwErrorStatus;
- chain->TrustStatus.dwInfoStatus |=
- rootElement->TrustStatus.dwInfoStatus & ~CERT_TRUST_IS_SELF_SIGNED;
+ CRYPT_CombineTrustStatus(&chain->TrustStatus,
+ &rootElement->TrustStatus);
}
if (!ret)
{
More information about the wine-cvs
mailing list