Juan Lang : crypt32: Let caller set error codes when name constraints aren' t met.
Alexandre Julliard
julliard at winehq.org
Wed Nov 18 09:40:39 CST 2009
Module: wine
Branch: master
Commit: 9a40de08dec33cf1cba0ed2b508300d8286060a3
URL: http://source.winehq.org/git/wine.git/?a=commit;h=9a40de08dec33cf1cba0ed2b508300d8286060a3
Author: Juan Lang <juan.lang at gmail.com>
Date: Mon Nov 16 18:16:34 2009 -0800
crypt32: Let caller set error codes when name constraints aren't met.
---
dlls/crypt32/chain.c | 24 +++++++++++++++---------
1 files changed, 15 insertions(+), 9 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index 89ce807..f92b906 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -720,9 +720,8 @@ static BOOL ip_address_matches(const CRYPT_DATA_BLOB *constraint,
return match;
}
-static void CRYPT_FindMatchingNameEntry(const CERT_ALT_NAME_ENTRY *constraint,
- const CERT_ALT_NAME_INFO *subjectName, DWORD *trustErrorStatus,
- DWORD errorIfFound, DWORD errorIfNotFound)
+static BOOL CRYPT_FindMatchingNameEntry(const CERT_ALT_NAME_ENTRY *constraint,
+ const CERT_ALT_NAME_INFO *subjectName, DWORD *trustErrorStatus)
{
DWORD i;
BOOL match = FALSE;
@@ -759,7 +758,7 @@ static void CRYPT_FindMatchingNameEntry(const CERT_ALT_NAME_ENTRY *constraint,
}
}
}
- *trustErrorStatus |= match ? errorIfFound : errorIfNotFound;
+ return match;
}
static inline PCERT_EXTENSION get_subject_alt_name_ext(const CERT_INFO *cert)
@@ -793,14 +792,21 @@ static void CRYPT_CheckNameConstraints(
DWORD i;
for (i = 0; i < nameConstraints->cExcludedSubtree; i++)
- CRYPT_FindMatchingNameEntry(
+ {
+ if (CRYPT_FindMatchingNameEntry(
&nameConstraints->rgExcludedSubtree[i].Base, subjectName,
- trustErrorStatus, CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT, 0);
+ trustErrorStatus))
+ *trustErrorStatus |=
+ CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT;
+ }
for (i = 0; i < nameConstraints->cPermittedSubtree; i++)
- CRYPT_FindMatchingNameEntry(
+ {
+ if (!CRYPT_FindMatchingNameEntry(
&nameConstraints->rgPermittedSubtree[i].Base, subjectName,
- trustErrorStatus, 0,
- CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT);
+ trustErrorStatus))
+ *trustErrorStatus |=
+ CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT;
+ }
LocalFree(subjectName);
}
else
More information about the wine-cvs
mailing list