crypt32: Correct error when the subject alternate name can't be decoded.

2009-11-09 16:47:54 -08:00 · 2009-11-09 16:47:54 -08:00 · ae6e884142
parent 865f3df35b
commit ae6e884142
2 changed files with 5 additions and 1 deletions
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@ -695,6 +695,10 @@ static void CRYPT_CheckNameConstraints(
                     0, CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT);
                LocalFree(subjectName);
            }
+            else
+                *trustErrorStatus |=
+                 CERT_TRUST_INVALID_EXTENSION |
+                 CERT_TRUST_INVALID_NAME_CONSTRAINTS;
        }
        else
        {
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@ -2793,7 +2793,7 @@ static ChainCheck chainCheck[] = {
     { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_INVALID_NAME_CONSTRAINTS |
       CERT_TRUST_INVALID_EXTENSION, 0 },
     1, simpleStatus27 },
-   TODO_ERROR },
+   0 },
 { { sizeof(chain28) / sizeof(chain28[0]), chain28 },
   { { CERT_TRUST_IS_NOT_TIME_NESTED | CERT_TRUST_IS_NOT_VALID_FOR_USAGE,
       CERT_TRUST_HAS_PREFERRED_ISSUER },