ReceiveTempSMS/Sweden-Number
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

crypt32: Correct CertIsValidCRLForCertificate for certificates that do not contain a CRL dist points extension.

Browse Source
This commit is contained in:
Juan Lang 2009-11-19 11:48:53 -08:00 committed by Alexandre Julliard
parent bcbfddd82a
commit f378394acd
2 changed files with 6 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
dlls/crypt32/crl.c
View File

@ -649,16 +649,12 @@ BOOL WINAPI CertIsValidCRLForCertificate(PCCERT_CONTEXT pCert,
} }
else else
{ {
/* no CRL dist points extension in cert, compare CRL's issuer /* no CRL dist points extension in cert, can't match the CRL
* to cert's issuer. * (which has an issuing dist point extension)
*/ */
if (!CertCompareCertificateName(pCrl->dwCertEncodingType,
&pCrl->pCrlInfo->Issuer, &pCert->pCertInfo->Issuer))
{
ret = FALSE; ret = FALSE;
SetLastError(CRYPT_E_NO_MATCH); SetLastError(CRYPT_E_NO_MATCH);
} }
}
LocalFree(idp); LocalFree(idp);
} }
} }

4
dlls/crypt32/tests/crl.c
View File

@ -530,6 +530,7 @@ static void testFindCRL(void)
* match cert's issuer, but verisignCRL does not, so the expected count * match cert's issuer, but verisignCRL does not, so the expected count
* is 0. * is 0.
*/ */
todo_wine {
ok(count == 3 || broken(count == 0 /* NT4, Win9x */), ok(count == 3 || broken(count == 0 /* NT4, Win9x */),
"expected 3 matching CRLs, got %d\n", count); "expected 3 matching CRLs, got %d\n", count);
/* Only v1CRLWithIssuerAndEntry and v2CRLWithIssuingDistPoint contain /* Only v1CRLWithIssuerAndEntry and v2CRLWithIssuingDistPoint contain
@ -537,6 +538,7 @@ static void testFindCRL(void)
*/ */
ok(revoked_count == 2 || broken(revoked_count == 0 /* NT4, Win9x */), ok(revoked_count == 2 || broken(revoked_count == 0 /* NT4, Win9x */),
"expected 2 matching CRL entries, got %d\n", revoked_count); "expected 2 matching CRL entries, got %d\n", revoked_count);
}
CertFreeCertificateContext(cert); CertFreeCertificateContext(cert);
@ -1000,11 +1002,9 @@ static void testIsValidCRLForCert(void)
sizeof(v2CRLWithIssuingDistPoint)); sizeof(v2CRLWithIssuingDistPoint));
ok(crl != NULL, "CertCreateCRLContext failed: %08x\n", GetLastError()); ok(crl != NULL, "CertCreateCRLContext failed: %08x\n", GetLastError());
todo_wine {
ret = pCertIsValidCRLForCertificate(cert1, crl, 0, NULL); ret = pCertIsValidCRLForCertificate(cert1, crl, 0, NULL);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH, ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError()); "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());
}
ret = pCertIsValidCRLForCertificate(cert2, crl, 0, NULL); ret = pCertIsValidCRLForCertificate(cert2, crl, 0, NULL);
ok(!ret && GetLastError() == CRYPT_E_NO_MATCH, ok(!ret && GetLastError() == CRYPT_E_NO_MATCH,
"expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError()); "expected CRYPT_E_NO_MATCH, got %08x\n", GetLastError());