Commit 67de946c authored by Paul Gofman's avatar Paul Gofman Committed by Alexandre Julliard

cryptnet: Check cached revocation status in verify_cert_revocation().

parent c23c43e9
...@@ -1696,9 +1696,6 @@ static DWORD verify_cert_revocation_from_dist_points_ext(const CRYPT_DATA_BLOB * ...@@ -1696,9 +1696,6 @@ static DWORD verify_cert_revocation_from_dist_points_ext(const CRYPT_DATA_BLOB *
return CRYPT_E_REVOCATION_OFFLINE; return CRYPT_E_REVOCATION_OFFLINE;
} }
if (find_cached_revocation_status(&cert->pCertInfo->SerialNumber, time, status))
return status->dwError;
if (!CRYPT_GetUrlFromCRLDistPointsExt(value, NULL, &url_array_size, NULL, NULL)) if (!CRYPT_GetUrlFromCRLDistPointsExt(value, NULL, &url_array_size, NULL, NULL))
return GetLastError(); return GetLastError();
...@@ -2146,6 +2143,12 @@ static DWORD verify_cert_revocation(const CERT_CONTEXT *cert, FILETIME *pTime, ...@@ -2146,6 +2143,12 @@ static DWORD verify_cert_revocation(const CERT_CONTEXT *cert, FILETIME *pTime,
DWORD error = ERROR_SUCCESS; DWORD error = ERROR_SUCCESS;
PCERT_EXTENSION ext; PCERT_EXTENSION ext;
if (find_cached_revocation_status(&cert->pCertInfo->SerialNumber, pTime, pRevStatus))
{
if (pRevStatus->dwError == ERROR_SUCCESS || pRevStatus->dwError == CRYPT_E_REVOKED)
return pRevStatus->dwError;
}
if ((ext = CertFindExtension(szOID_AUTHORITY_INFO_ACCESS, cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension))) if ((ext = CertFindExtension(szOID_AUTHORITY_INFO_ACCESS, cert->pCertInfo->cExtension, cert->pCertInfo->rgExtension)))
{ {
error = verify_cert_revocation_from_aia_ext(&ext->Value, cert, pTime, dwFlags, pRevPara, pRevStatus); error = verify_cert_revocation_from_aia_ext(&ext->Value, cert, pTime, dwFlags, pRevPara, pRevStatus);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment