From d3db308853123653fc333fce027900a17c17a3c6 Mon Sep 17 00:00:00 2001
From: Juan Lang <juan.lang@gmail.com>
Date: Wed, 19 May 2010 18:06:54 -0700
Subject: [PATCH] crypt32: Update definition of CERT_CHAIN_ENGINE_CONFIG.

---
 dlls/crypt32/chain.c       | 17 ++++++++++++++++-
 dlls/crypt32/tests/chain.c | 30 ++++++++++++++++++++++--------
 include/wincrypt.h         |  2 ++
 3 files changed, 40 insertions(+), 9 deletions(-)

diff --git a/dlls/crypt32/chain.c b/dlls/crypt32/chain.c
index 1724f4254fe..ec7f602936d 100644
--- a/dlls/crypt32/chain.c
+++ b/dlls/crypt32/chain.c
@@ -152,6 +152,20 @@ HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root,
     return engine;
 }
 
+typedef struct _CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT
+{
+    DWORD       cbSize;
+    HCERTSTORE  hRestrictedRoot;
+    HCERTSTORE  hRestrictedTrust;
+    HCERTSTORE  hRestrictedOther;
+    DWORD       cAdditionalStore;
+    HCERTSTORE *rghAdditionalStore;
+    DWORD       dwFlags;
+    DWORD       dwUrlRetrievalTimeout;
+    DWORD       MaximumCachedCertificates;
+    DWORD       CycleDetectionModulus;
+} CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT;
+
 BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
  HCERTCHAINENGINE *phChainEngine)
 {
@@ -159,7 +173,8 @@ BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
 
     TRACE("(%p, %p)\n", pConfig, phChainEngine);
 
-    if (pConfig->cbSize != sizeof(*pConfig))
+    if (pConfig->cbSize != sizeof(CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT)
+     && pConfig->cbSize != sizeof(CERT_CHAIN_ENGINE_CONFIG))
     {
         SetLastError(E_INVALIDARG);
         return FALSE;
diff --git a/dlls/crypt32/tests/chain.c b/dlls/crypt32/tests/chain.c
index f9ccaed78b1..6b23361b132 100644
--- a/dlls/crypt32/tests/chain.c
+++ b/dlls/crypt32/tests/chain.c
@@ -60,11 +60,25 @@ static BOOL (WINAPI *pCertVerifyCertificateChainPolicy)(LPCSTR,PCCERT_CHAIN_CONT
 
 #define IS_INTOID(x)    (((ULONG_PTR)(x) >> 16) == 0)
 
+typedef struct _CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT
+{
+    DWORD       cbSize;
+    HCERTSTORE  hRestrictedRoot;
+    HCERTSTORE  hRestrictedTrust;
+    HCERTSTORE  hRestrictedOther;
+    DWORD       cAdditionalStore;
+    HCERTSTORE *rghAdditionalStore;
+    DWORD       dwFlags;
+    DWORD       dwUrlRetrievalTimeout;
+    DWORD       MaximumCachedCertificates;
+    DWORD       CycleDetectionModulus;
+} CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT;
 
 static void testCreateCertChainEngine(void)
 {
     BOOL ret;
-    CERT_CHAIN_ENGINE_CONFIG config = { 0 };
+    CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT config = { 0 };
+    CERT_CHAIN_ENGINE_CONFIG *pConfig = (CERT_CHAIN_ENGINE_CONFIG *)&config;
     HCERTCHAINENGINE engine;
     HCERTSTORE store;
 
@@ -77,21 +91,21 @@ static void testCreateCertChainEngine(void)
     /* Crash
     ret = pCertCreateCertificateChainEngine(NULL, NULL);
     ret = pCertCreateCertificateChainEngine(NULL, &engine);
-    ret = pCertCreateCertificateChainEngine(&config, NULL);
+    ret = pCertCreateCertificateChainEngine(pConfig, NULL);
      */
-    ret = pCertCreateCertificateChainEngine(&config, &engine);
+    ret = pCertCreateCertificateChainEngine(pConfig, &engine);
     ok(!ret && GetLastError() == E_INVALIDARG,
      "Expected E_INVALIDARG, got %08x\n", GetLastError());
     /* Crashes
     config.cbSize = sizeof(config);
-    ret = pCertCreateCertificateChainEngine(&config, NULL);
+    ret = pCertCreateCertificateChainEngine(pConfig, NULL);
      */
     config.cbSize = sizeof(config);
-    ret = pCertCreateCertificateChainEngine(&config, &engine);
+    ret = pCertCreateCertificateChainEngine(pConfig, &engine);
     ok(ret, "CertCreateCertificateChainEngine failed: %08x\n", GetLastError());
     pCertFreeCertificateChainEngine(engine);
     config.dwFlags = 0xff000000;
-    ret = pCertCreateCertificateChainEngine(&config, &engine);
+    ret = pCertCreateCertificateChainEngine(pConfig, &engine);
     ok(ret, "CertCreateCertificateChainEngine failed: %08x\n", GetLastError());
     pCertFreeCertificateChainEngine(engine);
 
@@ -99,7 +113,7 @@ static void testCreateCertChainEngine(void)
     store = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0,
      CERT_STORE_CREATE_NEW_FLAG, NULL);
     config.hRestrictedRoot = store;
-    ret = pCertCreateCertificateChainEngine(&config, &engine);
+    ret = pCertCreateCertificateChainEngine(pConfig, &engine);
     ok(ret, "CertCreateCertificateChainEngine failed: %08x\n", GetLastError());
     pCertFreeCertificateChainEngine(engine);
 
@@ -108,7 +122,7 @@ static void testCreateCertChainEngine(void)
      */
     CertAddEncodedCertificateToStore(store, X509_ASN_ENCODING, selfSignedCert,
      sizeof(selfSignedCert), CERT_STORE_ADD_ALWAYS, NULL);
-    ret = pCertCreateCertificateChainEngine(&config, &engine);
+    ret = pCertCreateCertificateChainEngine(pConfig, &engine);
     ok(!ret && GetLastError() == CRYPT_E_NOT_FOUND,
      "Expected CRYPT_E_NOT_FOUND, got %08x\n", GetLastError());
 
diff --git a/include/wincrypt.h b/include/wincrypt.h
index e536213a771..d3f56b9d493 100644
--- a/include/wincrypt.h
+++ b/include/wincrypt.h
@@ -3389,6 +3389,8 @@ typedef struct _CERT_CHAIN_ENGINE_CONFIG
     DWORD       dwUrlRetrievalTimeout;
     DWORD       MaximumCachedCertificates;
     DWORD       CycleDetectionModulus;
+    HCERTSTORE  hExclusiveRoot;
+    HCERTSTORE  hExclusiveRootTrustedPeople;
 } CERT_CHAIN_ENGINE_CONFIG, *PCERT_CHAIN_ENGINE_CONFIG;
 
 /* message-related definitions */