[PATCH 1/2] crypt32/test: additional test for skipping unknown CAs
Ilia Mirkin
imirkin at alum.mit.edu
Wed Jan 22 09:45:23 CST 2020
This is already tested by setting a flag in the ssl policy parameters,
but apparently the flag in base policy parameters also needs to be
respected. Tested on Win7.
Signed-off-by: Ilia Mirkin <imirkin at alum.mit.edu>
---
dlls/crypt32/tests/chain.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c
index e2a7633526..1bf78b084d 100644
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@@ -4743,6 +4743,11 @@ static void check_ssl_policy(void)
CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL,
ignoredUnknownCAPolicyCheck, &oct2007, &policyPara);
sslPolicyPara.fdwChecks = 0;
+ /* And again, but specifying the ignore in dwFlags */
+ policyPara.dwFlags = CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG;
+ CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL,
+ ignoredUnknownCAPolicyCheck, &oct2007, &policyPara);
+ policyPara.dwFlags = 0;
/* And again, but checking the Google chain at a bad date */
sslPolicyPara.pwszServerName = google_dot_com;
CHECK_CHAIN_POLICY_STATUS(CERT_CHAIN_POLICY_SSL, NULL,
--
2.24.1
More information about the wine-devel
mailing list