crypt32: Set CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT when appropriate.

2010-10-05 19:09:36 -07:00 · 2010-10-05 19:09:36 -07:00 · b1899c2066
parent d5bcf21c91
commit b1899c2066
2 changed files with 3 additions and 2 deletions
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@ -1971,7 +1971,8 @@ static void CRYPT_CheckSimpleChain(PCertificateChainEngine engine,
        if (!CRYPT_CriticalExtensionsSupported(
         chain->rgpElement[i]->pCertContext))
            chain->rgpElement[i]->TrustStatus.dwErrorStatus |=
-             CERT_TRUST_INVALID_EXTENSION;
+             CERT_TRUST_INVALID_EXTENSION |
+             CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT;
        CRYPT_CombineTrustStatus(&chain->TrustStatus,
         &chain->rgpElement[i]->TrustStatus);
    }
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@ -3491,7 +3491,7 @@ static ChainCheck chainCheck[] = {
     { CERT_TRUST_IS_UNTRUSTED_ROOT | CERT_TRUST_INVALID_EXTENSION |
       CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT, 0 },
     1, simpleStatus30 },
-   TODO_ERROR },
+   0 },
 { { sizeof(selfSignedChain) / sizeof(selfSignedChain[0]), selfSignedChain },
   { { 0, CERT_TRUST_HAS_PREFERRED_ISSUER },
     { CERT_TRUST_IS_NOT_TIME_VALID | CERT_TRUST_IS_UNTRUSTED_ROOT, 0 },