marko10_000
/
wine-wine
forked from Mirrors/wine-wine
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

crypt32: Correct CertIsValidCRLForCertificate for certificates that do not contain a CRL dist points extension.

oldstable
Juan Lang 2009-11-19 11:48:53 -08:00 committed by Alexandre Julliard
parent bcbfddd82a
commit f378394acd
2 changed files with 6 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
dlls/crypt32/crl.c
View File

@ -649,15 +649,11 @@ BOOL WINAPI CertIsValidCRLForCertificate(PCCERT_CONTEXT pCert,
}
else
{
/* no CRL dist points extension in cert, compare CRL's issuer
* to cert's issuer.
/* no CRL dist points extension in cert, can't match the CRL
* (which has an issuing dist point extension)
*/
if (!CertCompareCertificateName(pCrl->dwCertEncodingType,
&pCrl->pCrlInfo->Issuer, &pCert->pCertInfo->Issuer))
{
ret = FALSE;
SetLastError(CRYPT_E_NO_MATCH);
}
ret = FALSE;
SetLastError(CRYPT_E_NO_MATCH);
}
LocalFree(idp);
}

4
dlls/crypt32/tests/crl.c
View File

@ -530,6 +530,7 @@ static void testFindCRL(void)
* match cert's issuer, but verisignCRL does not, so the expected count
* is 0.
*/
todo_wine {
ok(count == 3 || broken(count == 0 /* NT4, Win9x */),
"expected 3 matching CRLs, got %d\n", count);
/* Only v1CRLWithIssuerAndEntry and v2CRLWithIssuingDistPoint contain
@ -537,6 +538,7 @@ static void testFindCRL(void)
*/
ok(revoked_count == 2 || broken(revoked_count == 0 /* NT4, Win9x */),
"expected 2 matching CRL entries, got %d\n", revoked_count);
}
CertFreeCertificateContext(cert);
@ -1000,11 +1002,9 @@ static void testIsValidCRLForCert(void)
sizeof(v2CRLWithIssuingDistPoint));
ok(crl != NULL, "CertCreateCRLContext failed: %08x\n", GetLastError());
todo_wine {
ret = pCertIsValidCRLForCertificate(cert1, crl, 0, NULL);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
}
ret = pCertIsValidCRLForCertificate(cert2, crl, 0, NULL);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());