ReceiveTempSMS
/
Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

winhttp: Fix handling of WINHTTP_OPTION_SECURITY_FLAGS. 

Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Hans Leidekker 2018-12-17 12:26:35 +01:00 committed by Alexandre Julliard
parent d8a27a78dd
commit 51f7680dcc
2 changed files with 35 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
dlls/winhttp/session.c
View File

@ -695,7 +695,7 @@ static BOOL request_query_option( struct object_header *hdr, DWORD option, void
{
case WINHTTP_OPTION_SECURITY_FLAGS:
{
DWORD flags = 0;
DWORD flags;
int bits;
if (!buffer || *buflen < sizeof(flags))
@ -705,9 +705,7 @@ static BOOL request_query_option( struct object_header *hdr, DWORD option, void
return FALSE;
}
flags = 0;
if (hdr->flags & WINHTTP_FLAG_SECURE) flags |= SECURITY_FLAG_SECURE;
flags |= request->security_flags;
flags = request->security_flags;
if (request->netconn)
{
bits = netconn_get_cipher_strength( request->netconn );
@ -929,6 +927,10 @@ static BOOL request_set_option( struct object_header *hdr, DWORD option, void *b
case WINHTTP_OPTION_SECURITY_FLAGS:
{
DWORD flags;
static const DWORD accepted = SECURITY_FLAG_IGNORE_CERT_CN_INVALID |
SECURITY_FLAG_IGNORE_CERT_DATE_INVALID |
SECURITY_FLAG_IGNORE_UNKNOWN_CA |
SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE;
if (buflen < sizeof(DWORD))
{
@ -937,10 +939,7 @@ static BOOL request_set_option( struct object_header *hdr, DWORD option, void *b
}
flags = *(DWORD *)buffer;
TRACE("0x%x\n", flags);
if (!(flags & (SECURITY_FLAG_IGNORE_CERT_CN_INVALID |
SECURITY_FLAG_IGNORE_CERT_DATE_INVALID |
SECURITY_FLAG_IGNORE_UNKNOWN_CA |
SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE)))
if (flags && (flags & ~accepted))
{
SetLastError( ERROR_INVALID_PARAMETER );
return FALSE;

29
dlls/winhttp/tests/winhttp.c
View File

@ -1033,7 +1033,7 @@ static void test_secure_connection(void)
{
static const char data_start[] = "<!DOCTYPE html PUBLIC";
HINTERNET ses, con, req;
DWORD size, status, policy, bitness, read_size, err, available_size, protocols;
DWORD size, status, policy, bitness, read_size, err, available_size, protocols, flags;
BOOL ret;
CERT_CONTEXT *cert;
WINHTTP_CERTIFICATE_INFO info;
@ -1087,6 +1087,33 @@ static void test_secure_connection(void)
req = WinHttpOpenRequest(con, NULL, NULL, NULL, NULL, NULL, WINHTTP_FLAG_SECURE);
ok(req != NULL, "failed to open a request %u\n", GetLastError());
flags = 0xdeadbeef;
size = sizeof(flags);
ret = WinHttpQueryOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, &size);
ok(ret, "failed to query security flags %u\n", GetLastError());
ok(!flags, "got %08x\n", flags);
flags = SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(ret, "failed to set security flags %u\n", GetLastError());
flags = SECURITY_FLAG_SECURE;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(!ret, "success\n");
flags = SECURITY_FLAG_STRENGTH_STRONG;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(!ret, "success\n");
flags = SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_FLAG_IGNORE_CERT_DATE_INVALID |
SECURITY_FLAG_IGNORE_CERT_CN_INVALID;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(ret, "failed to set security flags %u\n", GetLastError());
flags = 0;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(ret, "failed to set security flags %u\n", GetLastError());
ret = WinHttpSetOption(req, WINHTTP_OPTION_CLIENT_CERT_CONTEXT, WINHTTP_NO_CLIENT_CERT_CONTEXT, 0);
err = GetLastError();
ok(ret || broken(!ret && err == ERROR_INVALID_PARAMETER) /* winxp */, "failed to set client cert context %u\n", err);