Juan Lang : crypt32: Correct CertIsValidCRLForCertificate for certificates that do not contain a CRL dist points extension .
Alexandre Julliard
julliard at winehq.org
Fri Nov 20 10:48:00 CST 2009
Module: wine
Branch: master
Commit: f378394acda10cb7b9daa9889cf4774940c944ac
URL: http://source.winehq.org/git/wine.git/?a=commit;h=f378394acda10cb7b9daa9889cf4774940c944ac
Author: Juan Lang <juan.lang at gmail.com>
Date: Thu Nov 19 11:48:53 2009 -0800
crypt32: Correct CertIsValidCRLForCertificate for certificates that do not contain a CRL dist points extension.
---
dlls/crypt32/crl.c | 12 ++++--------
dlls/crypt32/tests/crl.c | 4 ++--
2 files changed, 6 insertions(+), 10 deletions(-)
diff --git a/dlls/crypt32/crl.c b/dlls/crypt32/crl.c
index 03f9b78..5b93d3a 100644
--- a/dlls/crypt32/crl.c
+++ b/dlls/crypt32/crl.c
@@ -649,15 +649,11 @@ BOOL WINAPI CertIsValidCRLForCertificate(PCCERT_CONTEXT pCert,
}
else
{
- /* no CRL dist points extension in cert, compare CRL's issuer
- * to cert's issuer.
+ /* no CRL dist points extension in cert, can't match the CRL
+ * (which has an issuing dist point extension)
*/
- if (!CertCompareCertificateName(pCrl->dwCertEncodingType,
- &pCrl->pCrlInfo->Issuer, &pCert->pCertInfo->Issuer))
- {
- ret = FALSE;
- SetLastError(CRYPT_E_NO_MATCH);
- }
+ ret = FALSE;
+ SetLastError(CRYPT_E_NO_MATCH);
}
LocalFree(idp);
}
diff --git a/dlls/crypt32/tests/crl.c b/dlls/crypt32/tests/crl.c
index bd70d32..dfb9356 100644
--- a/dlls/crypt32/tests/crl.c
+++ b/dlls/crypt32/tests/crl.c
@@ -530,6 +530,7 @@ static void testFindCRL(void)
* match cert's issuer, but verisignCRL does not, so the expected count
* is 0.
*/
+ todo_wine {
ok(count == 3 || broken(count == 0 /* NT4, Win9x */),
"expected 3 matching CRLs, got %d\n", count);
/* Only v1CRLWithIssuerAndEntry and v2CRLWithIssuingDistPoint contain
@@ -537,6 +538,7 @@ static void testFindCRL(void)
*/
ok(revoked_count == 2 || broken(revoked_count == 0 /* NT4, Win9x */),
"expected 2 matching CRL entries, got %d\n", revoked_count);
+ }
CertFreeCertificateContext(cert);
@@ -1000,11 +1002,9 @@ static void testIsValidCRLForCert(void)
sizeof(v2CRLWithIssuingDistPoint));
ok(crl != NULL, "CertCreateCRLContext failed: %08x\n", GetLastError());
- todo_wine {
ret = pCertIsValidCRLForCertificate(cert1, crl, 0, NULL);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
- }
ret = pCertIsValidCRLForCertificate(cert2, crl, 0, NULL);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
More information about the wine-cvs
mailing list