Commit Graph

81 Commits

Author SHA1 Message Date
Eric Pouech 0db20c448a cryptnet: Enable compilation with long types.
Signed-off-by: Eric Pouech <eric.pouech@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2022-02-09 18:37:32 +01:00
Zebediah Figura c51bf452ba cryptnet: Open the revocation cache file in binary mode.
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2022-01-07 11:58:14 +01:00
Zebediah Figura b49ffc574c cryptnet: Cache the result of revocation checks on disk.
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-07-22 13:17:15 +02:00
Zebediah Figura 13a349540a cryptnet: Check only the first successfully retrieved CRL in verify_cert_revocation_from_dist_points_ext().
From RFC 5280 § 4.2.1.13:

   If the DistributionPointName contains multiple values, each name
   describes a different mechanism to obtain the same CRL.  For example,
   the same CRL could be available for retrieval through both LDAP and
   HTTP.

Steam attempts to validate a certificate containing what are apparently two
different mirrored URLs to the same 20 MB CRL, which currently takes over 400ms
to parse in Wine. According to my reading of the RFC, we should only need to
parse one of them, cutting the time in half.

Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-07-22 13:17:11 +02:00
Zebediah Figura 3a9d51bf36 cryptnet: Respect the timeout also if CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG is not set.
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-07-22 13:17:06 +02:00
Zebediah Figura 17f4407453 cryptnet: Specify half of the remaining timeout for each CRL if CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG was specified.
Instead of wasting the whole timeout on the first CRL.

Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-07-22 13:17:01 +02:00
Zebediah Figura 18e46df9d1 cryptnet: Set dwIndex in CertDllVerifyRevocation().
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-07-21 22:02:52 +02:00
Zebediah Figura d12ca0dd84 cryptnet: Use RTL_SIZEOF_THROUGH_FIELD.
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2021-07-21 22:02:39 +02:00
Francois Gouget 44e76ea3c7 cryptnet: Fix the spelling of the x-pkcs7-certificates MIME type.
This may fix connections to some encrypted websites.

Signed-off-by: Francois Gouget <fgouget@free.fr>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-11-09 20:15:11 +01:00
Michael Stefaniuc 081f5ae24f cryptnet: Use wide-char string literals.
Signed-off-by: Michael Stefaniuc <mstefani@winehq.org>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-10-22 22:02:02 +02:00
Alexandre Julliard 7ca2c13ea9 cryptnet: Build with msvcrt.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-05-29 11:38:39 +02:00
Francois Gouget 16a77b89e9 cryptnet: Remove an unneeded NONAMELESSSTRUCT directive. 2015-03-10 15:18:20 +09:00
Hans Leidekker 5e6490a835 cryptnet: Add support for base64 encoded certificates, CRLs and CTLs in CryptRetrieveObjectByUrl. 2014-12-09 13:16:16 +01:00
Daniel Lehman 3be7f3079c cryptnet: Continue checking the revocation urls if one is offline. 2014-07-24 09:21:54 +02:00
Jacek Caban e739f040c0 crypt32: Simplified getting context expiration. 2014-03-07 16:36:36 +01:00
Dmitry Timoshkov 876cc598c3 cryptnet: Avoid preliminary blob size initialization. 2013-10-28 10:52:27 +01:00
Jacek Caban 533730de7f cryptnet: Removed unused typedefs. 2013-09-05 15:56:46 +02:00
Piotr Caban c3a23a99a2 cryptnet: Handle SystemTimeToFileTime failure in HTTP_RetrieveEncodedObjectW. 2013-04-01 18:17:35 +02:00
Piotr Caban b8e2edf19c cryptnet: Don't ignore HttpEndRequestW error in HTTP_RetrieveEncodedObjectW. 2013-03-08 18:11:05 +01:00
Piotr Caban 437df58dce cryptnet: Open file with FILE_SHARE_READ flag in File_RetrieveEncodedObjectW. 2013-03-08 18:11:04 +01:00
Piotr Caban 4f89321577 cryptnet: Lock cache file while accessing it. 2013-03-08 18:11:04 +01:00
Alexandre Julliard a4cdc0e90d cryptnet: Remove an unnecessary DllMain entry point. 2013-02-14 21:37:52 +01:00
Marcus Meissner 919a789f45 cryptnet: Avoid memory leak of info (Coverity). 2012-10-15 13:31:05 +02:00
Piotr Caban 5e6e26e1df cryptnet: Fixed cache functions usage in CRYPT_CacheURL function. 2012-10-03 11:25:12 +02:00
Juan Lang eee39b12ab cryptnet: Don't call HttpEndRequest on a request that was never sent. 2012-02-20 11:39:13 +01:00
Andrew Talbot 9192a20132 cryptnet: Remove unused file-static variable. 2011-11-14 15:25:20 +01:00
Hans Leidekker a552a7a9f5 cryptnet: Respect proxy settings. 2011-10-13 19:57:19 +02:00
André Hentschel 220191abe1 cryptnet: Use the constants from the wininet header. 2011-09-05 19:32:32 +02:00
Frédéric Delanoy f932abf326 dlls: Assorted spelling fixes. 2011-08-01 18:26:27 +02:00
Juan Lang 1ce0799dae wininet: Differentiate checking online and offline CRLs. 2011-03-14 12:16:40 +01:00
Juan Lang ec223a2129 cryptnet: Trace more reasons for revocation failure. 2011-03-14 12:16:33 +01:00
Juan Lang 648b91a9f3 cryptnet: Let DeleteUrlCacheEntryW remove the cache file. 2011-03-10 15:17:32 +01:00
Juan Lang 2a53eb7087 cryptnet: Delete existing cache entries when out of date. 2011-02-23 14:58:32 +01:00
Andrew Talbot d68c0d1dd5 cryptnet: Constify a variable. 2010-08-24 12:30:46 +02:00
Michael Stefaniuc 1dcbbfe1ee cryptnet: Don't use HIWORD() on a string pointer. 2010-01-29 14:59:02 +01:00
Marcus Meissner e235bfcca7 cryptnet: Remove an unnecessary variable (Coverity). 2009-12-22 13:48:26 +01:00
Juan Lang 41b3b8e4eb cryptnet: Add stub for verifying revocation via OCSP. 2009-12-18 11:37:48 +01:00
Juan Lang 7a987b7714 cryptnet: Use helper function to check revocation with a CRL distribution points extension. 2009-12-18 11:37:42 +01:00
Juan Lang f1f231ca40 cryptnet: Use helper function to get a URL from a CRL distribution points extension. 2009-12-18 11:37:38 +01:00
Juan Lang 0bfb7951a4 cryptnet: Make sure an issuer certificate can sign CRLs before looking for a CRL. 2009-12-18 11:37:31 +01:00
Juan Lang 60ddb1365d cryptnet: If the caller specifies the location of a CRL, check a cert's revocation status against it. 2009-12-17 12:53:03 +01:00
Juan Lang 44e4ac2128 cryptnet: Use helper function to check a cert against a CRL. 2009-12-17 12:52:52 +01:00
Juan Lang 165d380852 cryptnet: Change guard variable to simplify loop. 2009-12-17 12:52:47 +01:00
Juan Lang 4729cdd1e9 cryptnet: Use helper function to verify a certificate's revocation. 2009-12-17 12:52:43 +01:00
Juan Lang 9072050906 cryptnet: Store the bytes actually read, not the bytes available to be read. 2009-12-04 12:05:38 +01:00
Juan Lang 59820c2e5c cryptnet: Implement getting the certificate issuer URL from a cert's authority info access extension. 2009-12-04 12:01:53 +01:00
Marcus Meissner 28c6c44df4 cryptnet: Added a potentially missing NULL ptr check (Coverity). 2009-12-01 13:14:31 +01:00
Juan Lang 51eee4e7c9 cryptnet: Improve CryptGetObjectUrl stub for URL_OID_CERTIFICATE_ISSUER. 2009-11-23 10:38:33 +01:00
Juan Lang ff57ba9d7c cryptnet: Check CRL with verify time in CertDllVerifyRevocation. 2009-11-21 14:31:44 +01:00
Juan Lang a82678da97 cryptnet: Check number of contexts in CertDllVerifyRevocation. 2009-11-20 11:13:49 +01:00