Juan Lang : wininet: Set error and fail if a secure connection' s certificate couldn't be verified.
Alexandre Julliard
julliard at winehq.org
Wed Dec 16 09:41:29 CST 2009
Module: wine
Branch: master
Commit: 09246aa1a73f039bc6676a890781a06f351a3e0f
URL: http://source.winehq.org/git/wine.git/?a=commit;h=09246aa1a73f039bc6676a890781a06f351a3e0f
Author: Juan Lang <juan.lang at gmail.com>
Date: Mon Dec 14 16:02:33 2009 -0800
wininet: Set error and fail if a secure connection's certificate couldn't be verified.
---
dlls/wininet/netconnection.c | 19 +++++++++++++++----
1 files changed, 15 insertions(+), 4 deletions(-)
diff --git a/dlls/wininet/netconnection.c b/dlls/wininet/netconnection.c
index f897570..db57e1d 100644
--- a/dlls/wininet/netconnection.c
+++ b/dlls/wininet/netconnection.c
@@ -116,6 +116,7 @@ static void *OpenSSL_crypto_handle;
static SSL_METHOD *meth;
static SSL_CTX *ctx;
static int hostname_idx;
+static int error_idx;
#define MAKE_FUNCPTR(f) static typeof(f) * p##f
@@ -321,7 +322,7 @@ static int netconn_secure_verify(int preverify_ok, X509_STORE_CTX *ctx)
if (err)
{
- INTERNET_SetLastError(err);
+ pSSL_set_ex_data(ssl, error_idx, (void *)err);
ret = FALSE;
}
}
@@ -445,6 +446,15 @@ DWORD NETCON_init(WININET_NETCONNECTION *connection, BOOL useSSL)
LeaveCriticalSection(&init_ssl_cs);
return ERROR_OUTOFMEMORY;
}
+ error_idx = pSSL_get_ex_new_index(0, (void *)"error index",
+ NULL, NULL, NULL);
+ if (error_idx == -1)
+ {
+ ERR("SSL_get_ex_new_index failed; %s\n",
+ pERR_error_string(pERR_get_error(), 0));
+ LeaveCriticalSection(&init_ssl_cs);
+ return ERROR_OUTOFMEMORY;
+ }
pSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, netconn_secure_verify);
pCRYPTO_set_id_callback(ssl_thread_id);
@@ -650,9 +660,10 @@ DWORD NETCON_secure_connect(WININET_NETCONNECTION *connection, LPWSTR hostname)
if (pSSL_connect(connection->ssl_s) <= 0)
{
- ERR("SSL_connect failed: %s\n",
- pERR_error_string(pERR_get_error(), 0));
- res = ERROR_INTERNET_SECURITY_CHANNEL_ERROR;
+ res = (DWORD)pSSL_get_ex_data(connection->ssl_s, error_idx);
+ if (!res)
+ res = ERROR_INTERNET_SECURITY_CHANNEL_ERROR;
+ ERR("SSL_connect failed: %d\n", res);
goto fail;
}
pSSL_set_ex_data(connection->ssl_s, hostname_idx, hostname);
More information about the wine-cvs
mailing list