Juan Lang : crypt32: Accept end certificates with no extended key usage extension if a particular key usage is requested .
Alexandre Julliard
julliard at winehq.org
Fri Dec 11 11:04:50 CST 2009
Module: wine
Branch: master
Commit: 01a7cbf843213459495790e01be6dfa0fbc2e2b2
URL: http://source.winehq.org/git/wine.git/?a=commit;h=01a7cbf843213459495790e01be6dfa0fbc2e2b2
Author: Juan Lang <juan.lang at gmail.com>
Date: Fri Dec 11 08:12:54 2009 -0800
crypt32: Accept end certificates with no extended key usage extension if a particular key usage is requested.
---
dlls/crypt32/chain.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index dd92af2..e5ad7dc 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -2541,10 +2541,11 @@ static void CRYPT_CheckUsages(PCERT_CHAIN_CONTEXT chain,
* key usage extension be present and that a particular purpose
* be indicated in order for the certificate to be acceptable to
* that application."
- * For now I'm being more conservative and disallowing it.
+ * Not all web sites include the extended key usage extension, so
+ * accept chains without it.
*/
- WARN_(chain)("requested usage from a certificate with no usages\n");
- validForUsage = FALSE;
+ TRACE_(chain)("requested usage from certificate with no usages\n");
+ validForUsage = TRUE;
}
if (!validForUsage)
{
More information about the wine-cvs
mailing list