Skip to content

W
wine-cw
Commit 51f7680d authored by Hans Leidekker's avatar Hans Leidekker Committed by Alexandre Julliard
Browse files
Options

winhttp: Fix handling of WINHTTP_OPTION_SECURITY_FLAGS.

Signed-off-by: 's avatarHans Leidekker <hans@codeweavers.com> Signed-off-by: 's avatarAlexandre Julliard <julliard@winehq.org>
parent d8a27a78
Hide whitespace changes
Inline Side-by-side
Showing with 35 additions and 9 deletions
dlls/winhttp/session.c
View file @ 51f7680d
......@@ -695,7 +695,7 @@ static BOOL request_query_option( struct object_header *hdr, DWORD option, void
{
case WINHTTP_OPTION_SECURITY_FLAGS:
{
DWORD flags = 0;
DWORD flags;
int bits;
if (!buffer || *buflen < sizeof(flags))
......@@ -705,9 +705,7 @@ static BOOL request_query_option( struct object_header *hdr, DWORD option, void
return FALSE;
}
flags = 0;
if (hdr->flags & WINHTTP_FLAG_SECURE) flags |= SECURITY_FLAG_SECURE;
flags |= request->security_flags;
flags = request->security_flags;
if (request->netconn)
{
bits = netconn_get_cipher_strength( request->netconn );
......@@ -929,6 +927,10 @@ static BOOL request_set_option( struct object_header *hdr, DWORD option, void *b
case WINHTTP_OPTION_SECURITY_FLAGS:
{
DWORD flags;
static const DWORD accepted = SECURITY_FLAG_IGNORE_CERT_CN_INVALID |
SECURITY_FLAG_IGNORE_CERT_DATE_INVALID |
SECURITY_FLAG_IGNORE_UNKNOWN_CA |
SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE;
if (buflen < sizeof(DWORD))
{
......@@ -937,10 +939,7 @@ static BOOL request_set_option( struct object_header *hdr, DWORD option, void *b
}
flags = *(DWORD *)buffer;
TRACE("0x%x\n", flags);
if (!(flags & (SECURITY_FLAG_IGNORE_CERT_CN_INVALID |
SECURITY_FLAG_IGNORE_CERT_DATE_INVALID |
SECURITY_FLAG_IGNORE_UNKNOWN_CA |
SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE)))
if (flags && (flags & ~accepted))
{
SetLastError( ERROR_INVALID_PARAMETER );
return FALSE;
......
dlls/winhttp/tests/winhttp.c
View file @ 51f7680d
......@@ -1033,7 +1033,7 @@ static void test_secure_connection(void)
{
static const char data_start[] = "<!DOCTYPE html PUBLIC";
HINTERNET ses, con, req;
DWORD size, status, policy, bitness, read_size, err, available_size, protocols;
DWORD size, status, policy, bitness, read_size, err, available_size, protocols, flags;
BOOL ret;
CERT_CONTEXT *cert;
WINHTTP_CERTIFICATE_INFO info;
......@@ -1087,6 +1087,33 @@ static void test_secure_connection(void)
req = WinHttpOpenRequest(con, NULL, NULL, NULL, NULL, NULL, WINHTTP_FLAG_SECURE);
ok(req != NULL, "failed to open a request %u\n", GetLastError());
flags = 0xdeadbeef;
size = sizeof(flags);
ret = WinHttpQueryOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, &size);
ok(ret, "failed to query security flags %u\n", GetLastError());
ok(!flags, "got %08x\n", flags);
flags = SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(ret, "failed to set security flags %u\n", GetLastError());
flags = SECURITY_FLAG_SECURE;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(!ret, "success\n");
flags = SECURITY_FLAG_STRENGTH_STRONG;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(!ret, "success\n");
flags = SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_FLAG_IGNORE_CERT_DATE_INVALID |
SECURITY_FLAG_IGNORE_CERT_CN_INVALID;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(ret, "failed to set security flags %u\n", GetLastError());
flags = 0;
ret = WinHttpSetOption(req, WINHTTP_OPTION_SECURITY_FLAGS, &flags, sizeof(flags));
ok(ret, "failed to set security flags %u\n", GetLastError());
ret = WinHttpSetOption(req, WINHTTP_OPTION_CLIENT_CERT_CONTEXT, WINHTTP_NO_CLIENT_CERT_CONTEXT, 0);
err = GetLastError();
ok(ret || broken(!ret && err == ERROR_INVALID_PARAMETER) /* winxp */, "failed to set client cert context %u\n", err);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment