crypt32/tests: print a better error if no Verisign root certificates available

Austin English austinenglish at gmail.com
Sun May 3 19:05:00 CDT 2009 

The error is very cryptic...currently only shows up on OpenSolaris and
FreeBSD (if /usr/ports/security/ca_root_nss isn't installed). It
apparently also shows up on some Linux distributions that don't ship
OpenSSL with any certificates.

This explains the error a bit better, so it doesn't seem as scary.
Similar to what we do in ws2_32/tests for IPV6.

See bug 15704.

-- 
-Austin
-------------- next part --------------
diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c
index f7efe64..c880df9 100644
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@@ -1184,9 +1184,10 @@ static void checkElementStatus(const CERT_TRUST_STATUS *expected,
         ok(got->dwErrorStatus == expected->dwErrorStatus ||
          broken((got->dwErrorStatus & ~ignore->dwErrorStatus) ==
          (expected->dwErrorStatus & ~ignore->dwErrorStatus)),
-         "Chain %d, element [%d,%d]: expected error %08x, got %08x\n",
+         "Chain %d, element [%d,%d]: expected error %08x, got %08x. %08x is "
+         "expected if no valid Verisign root certificate is available.\n",
          testIndex, chainIndex, elementIndex, expected->dwErrorStatus,
-         got->dwErrorStatus);
+         got->dwErrorStatus, CERT_TRUST_IS_UNTRUSTED_ROOT);
     if (got->dwInfoStatus == expected->dwInfoStatus)
         ok(got->dwInfoStatus == expected->dwInfoStatus,
          "Chain %d, element [%d,%d]: expected info %08x, got %08x\n",
@@ -1264,9 +1265,10 @@ static void checkChainStatus(PCCERT_CHAIN_CONTEXT chain,
          ~chainStatus->statusToIgnore.dwErrorStatus) ==
          (chainStatus->status.dwErrorStatus &
          ~chainStatus->statusToIgnore.dwErrorStatus)),
-         "Chain %d: expected error %08x, got %08x\n",
+         "Chain %d: expected error %08x, got %08x. %08x is expected if no valid "
+         "Verisign root certificate is available.\n",
          testIndex, chainStatus->status.dwErrorStatus,
-         chain->TrustStatus.dwErrorStatus);
+         chain->TrustStatus.dwErrorStatus, CERT_TRUST_IS_UNTRUSTED_ROOT);
     if (todo & TODO_INFO &&
      chain->TrustStatus.dwInfoStatus != chainStatus->status.dwInfoStatus)
         todo_wine ok(chain->TrustStatus.dwInfoStatus ==

More information about the wine-patches mailing list