[Bug 31159] League of Legends: store doesn't load with builtin wininet

wine-bugs at winehq.org wine-bugs at winehq.org
Mon Jul 9 22:20:54 CDT 2012 

http://bugs.winehq.org/show_bug.cgi?id=31159

--- Comment #8 from Juan Lang <juan.lang at gmail.com> 2012-07-09 22:20:54 CDT ---
Hang on: it does work with native wininet?  Please verify that for me.

Here's something that throws me:
trace:wininet:create_netconn using SSL connection
trace:crypt:CertOpenStore (#0002, 00000000, 00000000, 00002000, (nil))
trace:crypt:CRYPT_MemOpenStore (0, 00002000, (nil))
trace:crypt:CertCreateCertificateContext (00000001, 0x77012bb8, 1755)
trace:crypt:CryptDecodeObjectEx (0x00000001, #0002, 0x77012bb8, 1755,
0x00008000, (nil), 0x187ecd34, 0x187ecd30)
trace:crypt:CryptDecodeObjectEx returning 1
trace:crypt:CertAddCertificateContextToStore (0x6e505a28, 0x6e505b88, 00000004,
0x187ecdc8)
trace:crypt:CertDuplicateCertificateContext (0x6e505b88)
trace:crypt:CRYPT_MemAddCert (0x6e505a28, 0x6e505b88, (nil), 0x187ecdc8)
trace:crypt:CertDuplicateCertificateContext (0x6e5019d8)
trace:crypt:CertFreeCertificateContext (0x6e505b88)
trace:crypt:CertFreeCertificateContext ((nil))
trace:crypt:CertAddCertificateContextToStore returning 1
trace:crypt:CertFreeCertificateContext (0x6e505b88)
trace:wininet:netconn_verify_cert verifying L"store.eun1.lol.riotgames.com"

This shows that wininet creates a memory store, as expected, then adds a single
certificate to it.  From dlls/wininet/netconnection.c:

    HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
        CERT_STORE_CREATE_NEW_FLAG, NULL);
(snip)

        struct stack_st *chain = (struct stack_st *)pX509_STORE_CTX_get_chain(
ctx );

        ret = TRUE;
        for (i = 0; ret && i < psk_num(chain); i++)
        {
            PCCERT_CONTEXT context;

            cert = (X509 *)psk_value(chain, i);
            if ((context = X509_to_cert_context(cert)))
            {
                ret = CertAddCertificateContextToStore(store, context,
                        CERT_STORE_ADD_ALWAYS, i ? NULL : &endCert);
                CertFreeCertificateContext(context);
            }
        }

That is, it should get every certificate OpenSSL sees, and add each to the
memory store.  Back to the log:

trace:chain:CRYPT_CheckSimpleChain checking chain with 1 elements for time
(null)

Only a single certificate is found, and, looking at the log earlier, this makes
sense: only a single certificate was added to the memory store.

This suggests that either the server is not including the intermediate
certificates in the TLS handshake, or that OpenSSL is not reporting them.

I'm a little less sure where to go from here.  Maybe a wireshark trace of the
TLS handshake could tell us whether the server is indeed sending intermediate
certificates.

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the wine-bugs mailing list