Juan Lang : crypt32: Fix more test failures on older crypt32 versions.
Alexandre Julliard
julliard at winehq.org
Thu Nov 12 10:22:08 CST 2009
Module: wine
Branch: master
Commit: 574de15f515adb94b502e69285816e1d34bd0f4f
URL: http://source.winehq.org/git/wine.git/?a=commit;h=574de15f515adb94b502e69285816e1d34bd0f4f
Author: Juan Lang <juan.lang at gmail.com>
Date: Wed Nov 11 12:40:19 2009 -0800
crypt32: Fix more test failures on older crypt32 versions.
---
dlls/crypt32/tests/chain.c | 53 ++++++++++++++++++++++++++++++++++++++-----
1 files changed, 46 insertions(+), 7 deletions(-)
diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c
index d3d33ac..65be7ec 100644
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@@ -2547,6 +2547,15 @@ static const CERT_TRUST_STATUS elementStatus27[] = {
static const SimpleChainStatusCheck simpleStatus27[] = {
{ sizeof(elementStatus27) / sizeof(elementStatus27[0]), elementStatus27 },
};
+static const CERT_TRUST_STATUS elementStatus27Broken[] = {
+ { CERT_TRUST_NO_ERROR, CERT_TRUST_HAS_NAME_MATCH_ISSUER },
+ { CERT_TRUST_IS_UNTRUSTED_ROOT,
+ CERT_TRUST_IS_SELF_SIGNED | CERT_TRUST_HAS_NAME_MATCH_ISSUER },
+};
+static const SimpleChainStatusCheck simpleStatus27Broken[] = {
+ { sizeof(elementStatus27Broken) / sizeof(elementStatus27Broken[0]),
+ elementStatus27Broken },
+};
static CONST_DATA_BLOB chain28[] = {
{ sizeof(chain28_0), chain28_0 },
{ sizeof(chain28_1), chain28_1 },
@@ -2797,13 +2806,7 @@ static ChainCheck chainCheck[] = {
CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT, 0 },
1, simpleStatus26 },
0 },
- { { sizeof(chain27) / sizeof(chain27[0]), chain27 },
- { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE,
- CERT_TRUST_HAS_PREFERRED_ISSUER },
- { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_INVALID_NAME_CONSTRAINTS |
- CERT_TRUST_INVALID_EXTENSION, 0 },
- 1, simpleStatus27 },
- 0 },
+ /* chain27 is handled separately elsewhere */
{ { sizeof(chain28) / sizeof(chain28[0]), chain28 },
{ { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE |
CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT |
@@ -2852,6 +2855,29 @@ static ChainCheck chainCheckNoStore[] = {
0 },
};
+/* Chain27 checks a certificate with a subject alternate name containing an
+ * embedded NULL. Newer crypt32 versions fail to decode such alternate names,
+ * correctly prohibiting them. Older crypt32 versions do not. Rather than
+ * ignoring the expected error bits, check each version separately depending
+ * on the chain's error status.
+ */
+static ChainCheck chainCheckEmbeddedNull = {
+ { sizeof(chain27) / sizeof(chain27[0]), chain27 },
+ { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE,
+ CERT_TRUST_HAS_PREFERRED_ISSUER },
+ { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_INVALID_NAME_CONSTRAINTS |
+ CERT_TRUST_INVALID_EXTENSION, 0 },
+ 1, simpleStatus27 },
+ 0 };
+static ChainCheck chainCheckEmbeddedNullBroken = {
+ { sizeof(chain27) / sizeof(chain27[0]), chain27 },
+ { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE |
+ CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT,
+ CERT_TRUST_HAS_PREFERRED_ISSUER },
+ { CERT_TRUST_IS_UNTRUSTED_ROOT, 0 },
+ 1, simpleStatus27Broken },
+ 0 };
+
/* Wednesday, Oct 1, 2007 */
static SYSTEMTIME oct2007 = { 2007, 10, 1, 1, 0, 0, 0, 0 };
/* Wednesday, Oct 28, 2009 */
@@ -2946,6 +2972,19 @@ static void testGetCertChain(void)
pCertFreeCertificateChain(chain);
}
}
+ chain = getChain(&chainCheckEmbeddedNull.certs, 0, TRUE, &oct2007,
+ chainCheckEmbeddedNull.todo, 0);
+ if (chain)
+ {
+ if (chainCheckEmbeddedNull.status.status.dwErrorStatus ==
+ chain->TrustStatus.dwErrorStatus)
+ checkChainStatus(chain, &chainCheckEmbeddedNull.status,
+ chainCheckEmbeddedNull.todo, 0);
+ else
+ checkChainStatus(chain, &chainCheckEmbeddedNullBroken.status,
+ chainCheckEmbeddedNullBroken.todo, 0);
+ pCertFreeCertificateChain(chain);
+ }
}
static void test_CERT_CHAIN_PARA_cbSize(void)
More information about the wine-cvs
mailing list