wininet: Don't retrieve a certificate that isn't used.
This commit is contained in:
parent
77c4ade08b
commit
181a367a1f
@ -646,7 +646,6 @@ DWORD NETCON_secure_connect(WININET_NETCONNECTION *connection, LPWSTR hostname)
|
|||||||
DWORD res = ERROR_NOT_SUPPORTED;
|
DWORD res = ERROR_NOT_SUPPORTED;
|
||||||
#ifdef SONAME_LIBSSL
|
#ifdef SONAME_LIBSSL
|
||||||
long verify_res;
|
long verify_res;
|
||||||
X509 *cert;
|
|
||||||
|
|
||||||
/* can't connect if we are already connected */
|
/* can't connect if we are already connected */
|
||||||
if (connection->useSSL)
|
if (connection->useSSL)
|
||||||
@ -694,14 +693,6 @@ DWORD NETCON_secure_connect(WININET_NETCONNECTION *connection, LPWSTR hostname)
|
|||||||
res = ERROR_INTERNET_SECURITY_CHANNEL_ERROR;
|
res = ERROR_INTERNET_SECURITY_CHANNEL_ERROR;
|
||||||
goto fail;
|
goto fail;
|
||||||
}
|
}
|
||||||
cert = pSSL_get_peer_certificate(connection->ssl_s);
|
|
||||||
if (!cert)
|
|
||||||
{
|
|
||||||
ERR("no certificate for server %s\n", debugstr_w(hostname));
|
|
||||||
/* FIXME: is this the best error? */
|
|
||||||
res = ERROR_INTERNET_INVALID_CA;
|
|
||||||
goto fail;
|
|
||||||
}
|
|
||||||
verify_res = pSSL_get_verify_result(connection->ssl_s);
|
verify_res = pSSL_get_verify_result(connection->ssl_s);
|
||||||
if (verify_res != X509_V_OK)
|
if (verify_res != X509_V_OK)
|
||||||
{
|
{
|
||||||
|
Loading…
x
Reference in New Issue
Block a user