Juan Lang : crypt32: Set error status on issued certificate,
not on issuer.
Alexandre Julliard
julliard at wine.codeweavers.com
Fri Aug 31 14:01:21 CDT 2007
Module: wine
Branch: master
Commit: 14b0df1fef5258ab6bb84acde166389cdc7947e5
URL: http://source.winehq.org/git/wine.git/?a=commit;h=14b0df1fef5258ab6bb84acde166389cdc7947e5
Author: Juan Lang <juan.lang at gmail.com>
Date: Thu Aug 30 17:59:43 2007 -0700
crypt32: Set error status on issued certificate, not on issuer.
---
dlls/crypt32/chain.c | 22 +++++++++++++++-------
dlls/crypt32/tests/chain.c | 2 +-
2 files changed, 16 insertions(+), 8 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index 5a2b8ef..d15f551 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -287,17 +287,25 @@ static BOOL CRYPT_AddCertToSimpleChain(PCertificateChainEngine engine,
(chain->cElement + 1) * sizeof(PCERT_CHAIN_ELEMENT));
if (chain->rgpElement)
{
+ chain->rgpElement[chain->cElement++] = element;
memset(element, 0, sizeof(CERT_CHAIN_ELEMENT));
element->cbSize = sizeof(CERT_CHAIN_ELEMENT);
element->pCertContext = CertDuplicateCertificateContext(cert);
- if (dwFlags & CERT_STORE_REVOCATION_FLAG &&
- !(dwFlags & CERT_STORE_NO_CRL_FLAG))
- element->TrustStatus.dwErrorStatus |= CERT_TRUST_IS_REVOKED;
- if (dwFlags & CERT_STORE_SIGNATURE_FLAG)
- element->TrustStatus.dwErrorStatus |=
- CERT_TRUST_IS_NOT_SIGNATURE_VALID;
+ /* Flags, if set, refer to the element this cert issued, so set
+ * the preceding element's error accordingly
+ */
+ if (chain->cElement > 1)
+ {
+ if (dwFlags & CERT_STORE_REVOCATION_FLAG &&
+ !(dwFlags & CERT_STORE_NO_CRL_FLAG))
+ chain->rgpElement[chain->cElement - 2]->TrustStatus.
+ dwErrorStatus |= CERT_TRUST_IS_REVOKED;
+ if (dwFlags & CERT_STORE_SIGNATURE_FLAG)
+ chain->rgpElement[chain->cElement - 2]->TrustStatus.
+ dwErrorStatus |=
+ CERT_TRUST_IS_NOT_SIGNATURE_VALID;
+ }
/* FIXME: initialize the rest of element */
- chain->rgpElement[chain->cElement++] = element;
if (chain->cElement % engine->CycleDetectionModulus)
CRYPT_CheckSimpleChainForCycles(chain);
CRYPT_CombineTrustStatus(&chain->TrustStatus,
diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c
index a7e1928..849310e 100644
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@@ -1491,7 +1491,7 @@ static ChainCheck chainCheck[] = {
{ CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_SIGNATURE_VALID |
CERT_TRUST_IS_NOT_TIME_VALID, 0 },
1, simpleStatus1 },
- TODO_ERROR | TODO_INFO },
+ TODO_INFO },
{ { sizeof(chain2) / sizeof(chain2[0]), chain2 },
{ { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
{ CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_IS_NOT_TIME_VALID, 0 },
More information about the wine-cvs
mailing list