ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

wininet: Don't make use of OpenSSL's security checks, as crypt32 also verifies certificate chain.

This commit is contained in:
Juan Lang 2010-09-28 16:14:21 -07:00 committed by Alexandre Julliard
parent 9387810dab
commit 3e51313e37
1 changed files with 31 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
dlls/wininet/netconnection.c
View File

@ -290,15 +290,12 @@ static int netconn_secure_verify(int preverify_ok, X509_STORE_CTX *ctx)
SSL *ssl;
WCHAR *server;
BOOL ret = FALSE;
HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
ssl = pX509_STORE_CTX_get_ex_data(ctx,
pSSL_get_ex_data_X509_STORE_CTX_idx());
server = pSSL_get_ex_data(ssl, hostname_idx);
if (preverify_ok)
{
HCERTSTORE store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
CERT_STORE_CREATE_NEW_FLAG, NULL);
if (store)
{
X509 *cert;
@ -336,9 +333,6 @@ static int netconn_secure_verify(int preverify_ok, X509_STORE_CTX *ctx)
CertFreeCertificateContext(endCert);
CertCloseStore(store, 0);
}
} else
pSSL_set_ex_data(ssl, error_idx, (void *)ERROR_INTERNET_SEC_CERT_ERRORS);
return ret;
}