Juan Lang : winhttp: Let CertVerifyCertificateChainPolicy handle certain security flags.
Alexandre Julliard
julliard at winehq.org
Mon Oct 4 11:03:57 CDT 2010
Module: wine
Branch: master
Commit: 938767cae33888983adb3e26ce9924f837d80d86
URL: http://source.winehq.org/git/wine.git/?a=commit;h=938767cae33888983adb3e26ce9924f837d80d86
Author: Juan Lang <juan.lang at gmail.com>
Date: Fri Oct 1 11:05:36 2010 -0700
winhttp: Let CertVerifyCertificateChainPolicy handle certain security flags.
---
dlls/winhttp/net.c | 6 ++----
1 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/dlls/winhttp/net.c b/dlls/winhttp/net.c
index 7db7a66..6727707 100644
--- a/dlls/winhttp/net.c
+++ b/dlls/winhttp/net.c
@@ -326,6 +326,7 @@ static DWORD netconn_verify_cert( PCCERT_CONTEXT cert, HCERTSTORE store,
sslExtraPolicyPara.u.cbSize = sizeof(sslExtraPolicyPara);
sslExtraPolicyPara.dwAuthType = AUTHTYPE_SERVER;
sslExtraPolicyPara.pwszServerName = server;
+ sslExtraPolicyPara.fdwChecks = security_flags;
policyPara.cbSize = sizeof(policyPara);
policyPara.dwFlags = 0;
policyPara.pvExtraPolicyPara = &sslExtraPolicyPara;
@@ -338,10 +339,7 @@ static DWORD netconn_verify_cert( PCCERT_CONTEXT cert, HCERTSTORE store,
if (ret && policyStatus.dwError)
{
if (policyStatus.dwError == CERT_E_CN_NO_MATCH)
- {
- if (!(security_flags & SECURITY_FLAG_IGNORE_CERT_CN_INVALID))
- err = ERROR_WINHTTP_SECURE_CERT_CN_INVALID;
- }
+ err = ERROR_WINHTTP_SECURE_CERT_CN_INVALID;
else
err = ERROR_WINHTTP_SECURE_INVALID_CERT;
}
More information about the wine-cvs
mailing list