Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-cw
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-cw
Commits
79259064
Commit
79259064
authored
May 28, 2012
by
Jacek Caban
Committed by
Alexandre Julliard
May 29, 2012
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
wininet: Handle error flags only for masked-error mode.
parent
ef309733
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
76 additions
and
17 deletions
+76
-17
netconnection.c
dlls/wininet/netconnection.c
+21
-11
http.c
dlls/wininet/tests/http.c
+55
-6
No files found.
dlls/wininet/netconnection.c
View file @
79259064
...
...
@@ -247,41 +247,47 @@ static DWORD netconn_verify_cert(netconn_t *conn, PCCERT_CONTEXT cert, HCERTSTOR
errors
=
chain
->
TrustStatus
.
dwErrorStatus
;
if
(
chain
->
TrustStatus
.
dwErrorStatus
&
~
supportedErrors
)
{
WARN
(
"CERT_TRUST_IS_NOT_TIME_VALID, unknown error flags
\n
"
);
if
(
conn
->
mask_errors
)
WARN
(
"CERT_TRUST_IS_NOT_TIME_VALID, unknown error flags
\n
"
);
err
=
ERROR_INTERNET_SEC_INVALID_CERT
;
errors
&=
supportedErrors
;
}
if
(
errors
&
CERT_TRUST_IS_NOT_TIME_VALID
)
{
WARN
(
"CERT_TRUST_IS_NOT_TIME_VALID, unknown error flags
\n
"
);
if
(
conn
->
mask_errors
)
WARN
(
"CERT_TRUST_IS_NOT_TIME_VALID, unknown error flags
\n
"
);
if
(
!
(
conn
->
security_flags
&
SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
))
err
=
ERROR_INTERNET_SEC_CERT_DATE_INVALID
;
errors
&=
~
CERT_TRUST_IS_NOT_TIME_VALID
;
}
if
(
errors
&
(
CERT_TRUST_IS_UNTRUSTED_ROOT
|
CERT_TRUST_IS_PARTIAL_CHAIN
))
{
conn
->
security_flags
|=
_SECURITY_FLAG_CERT_INVALID_CA
;
if
(
conn
->
mask_errors
)
conn
->
security_flags
|=
_SECURITY_FLAG_CERT_INVALID_CA
;
if
(
!
(
conn
->
security_flags
&
SECURITY_FLAG_IGNORE_UNKNOWN_CA
))
err
=
ERROR_INTERNET_INVALID_CA
;
errors
&=
~
(
CERT_TRUST_IS_UNTRUSTED_ROOT
|
CERT_TRUST_IS_PARTIAL_CHAIN
);
}
if
(
errors
&
(
CERT_TRUST_IS_OFFLINE_REVOCATION
|
CERT_TRUST_REVOCATION_STATUS_UNKNOWN
))
{
WARN
(
"TRUST_IS_OFFLINE_REVOCATION | CERT_TRUST_REVOCATION_STATUS_UNKNOWN, unknown error flags
\n
"
);
if
(
conn
->
mask_errors
)
WARN
(
"TRUST_IS_OFFLINE_REVOCATION | CERT_TRUST_REVOCATION_STATUS_UNKNOWN, unknown error flags
\n
"
);
if
(
!
(
conn
->
security_flags
&
SECURITY_FLAG_IGNORE_REVOCATION
))
err
=
ERROR_INTERNET_SEC_CERT_NO_REV
;
errors
&=
~
(
CERT_TRUST_IS_OFFLINE_REVOCATION
|
CERT_TRUST_REVOCATION_STATUS_UNKNOWN
);
}
if
(
errors
&
CERT_TRUST_IS_REVOKED
)
{
WARN
(
"TRUST_IS_OFFLINE_REVOCATION | CERT_TRUST_REVOCATION_STATUS_UNKNOWN, unknown error flags
\n
"
);
if
(
conn
->
mask_errors
)
WARN
(
"TRUST_IS_OFFLINE_REVOCATION | CERT_TRUST_REVOCATION_STATUS_UNKNOWN, unknown error flags
\n
"
);
if
(
!
(
conn
->
security_flags
&
SECURITY_FLAG_IGNORE_REVOCATION
))
err
=
ERROR_INTERNET_SEC_CERT_REVOKED
;
errors
&=
~
CERT_TRUST_IS_REVOKED
;
}
if
(
errors
&
CERT_TRUST_IS_NOT_VALID_FOR_USAGE
)
{
WARN
(
"CERT_TRUST_IS_NOT_VALID_FOR_USAGE, unknown error flags
\n
"
);
if
(
conn
->
mask_errors
)
WARN
(
"CERT_TRUST_IS_NOT_VALID_FOR_USAGE, unknown error flags
\n
"
);
if
(
!
(
conn
->
security_flags
&
SECURITY_FLAG_IGNORE_WRONG_USAGE
))
err
=
ERROR_INTERNET_SEC_INVALID_CERT
;
errors
&=
~
CERT_TRUST_IS_NOT_VALID_FOR_USAGE
;
...
...
@@ -313,10 +319,12 @@ static DWORD netconn_verify_cert(netconn_t *conn, PCCERT_CONTEXT cert, HCERTSTOR
*/
if
(
ret
)
{
if
(
policyStatus
.
dwError
==
CERT_E_CN_NO_MATCH
)
{
conn
->
security_flags
|=
_SECURITY_FLAG_CERT_INVALID_CN
;
if
(
conn
->
mask_errors
)
conn
->
security_flags
|=
_SECURITY_FLAG_CERT_INVALID_CN
;
err
=
ERROR_INTERNET_SEC_CERT_CN_INVALID
;
}
else
if
(
policyStatus
.
dwError
)
{
WARN
(
"unknown error flags for policy status %x
\n
"
,
policyStatus
.
dwError
);
if
(
conn
->
mask_errors
)
WARN
(
"unknown error flags for policy status %x
\n
"
,
policyStatus
.
dwError
);
err
=
ERROR_INTERNET_SEC_INVALID_CERT
;
}
}
else
{
...
...
@@ -328,9 +336,10 @@ static DWORD netconn_verify_cert(netconn_t *conn, PCCERT_CONTEXT cert, HCERTSTOR
if
(
err
)
{
WARN
(
"failed %u
\n
"
,
err
);
conn
->
server
->
security_flags
|=
conn
->
security_flags
&
_SECURITY_ERROR_FLAGS_MASK
;
if
(
conn
->
mask_errors
)
if
(
conn
->
mask_errors
)
{
conn
->
server
->
security_flags
|=
conn
->
security_flags
&
_SECURITY_ERROR_FLAGS_MASK
;
return
err
==
ERROR_INTERNET_INVALID_CA
?
ERROR_INTERNET_SEC_CERT_REV_FAILED
:
ERROR_INTERNET_SEC_CERT_ERRORS
;
}
return
err
;
}
...
...
@@ -772,7 +781,8 @@ DWORD NETCON_secure_connect(netconn_t *connection)
connection
->
security_flags
|=
SECURITY_FLAG_STRENGTH_WEAK
;
connection
->
security_flags
|=
SECURITY_FLAG_SECURE
;
connection
->
server
->
security_flags
=
connection
->
security_flags
;
if
(
connection
->
mask_errors
)
connection
->
server
->
security_flags
=
connection
->
security_flags
;
return
ERROR_SUCCESS
;
fail:
...
...
dlls/wininet/tests/http.c
View file @
79259064
...
...
@@ -2929,12 +2929,63 @@ static void test_security_flags(void)
ok
(
req
!=
NULL
,
"HttpOpenRequest failed
\n
"
);
CHECK_NOTIFIED
(
INTERNET_STATUS_HANDLE_CREATED
);
test_secflags_option
(
req
,
0
);
set_secflags
(
req
,
SECURITY_FLAG_IGNORE_UNKNOWN_CA
|
SECURITY_FLAG_IGNORE_REVOCATION
);
test_secflags_option
(
req
,
SECURITY_FLAG_IGNORE_UNKNOWN_CA
|
SECURITY_FLAG_IGNORE_REVOCATION
);
SET_EXPECT
(
INTERNET_STATUS_RESOLVING_NAME
);
SET_EXPECT
(
INTERNET_STATUS_NAME_RESOLVED
);
SET_EXPECT
(
INTERNET_STATUS_CONNECTING_TO_SERVER
);
SET_EXPECT
(
INTERNET_STATUS_CONNECTED_TO_SERVER
);
SET_EXPECT
(
INTERNET_STATUS_SENDING_REQUEST
);
SET_EXPECT
(
INTERNET_STATUS_REQUEST_SENT
);
SET_EXPECT
(
INTERNET_STATUS_RECEIVING_RESPONSE
);
SET_EXPECT
(
INTERNET_STATUS_RESPONSE_RECEIVED
);
SET_EXPECT
(
INTERNET_STATUS_REQUEST_COMPLETE
);
SET_OPTIONAL
(
INTERNET_STATUS_DETECTING_PROXY
);
SET_OPTIONAL
(
INTERNET_STATUS_COOKIE_SENT
);
res
=
HttpSendRequest
(
req
,
NULL
,
0
,
NULL
,
0
);
ok
(
!
res
&&
GetLastError
()
==
ERROR_IO_PENDING
,
"HttpSendRequest failed: %u
\n
"
,
GetLastError
());
WaitForSingleObject
(
hCompleteEvent
,
INFINITE
);
ok
(
req_error
==
ERROR_SUCCESS
,
"req_error = %d
\n
"
,
req_error
);
todo_wine
CHECK_NOT_NOTIFIED
(
INTERNET_STATUS_RESOLVING_NAME
);
todo_wine
CHECK_NOT_NOTIFIED
(
INTERNET_STATUS_NAME_RESOLVED
);
CHECK_NOTIFIED
(
INTERNET_STATUS_CONNECTING_TO_SERVER
);
CHECK_NOTIFIED
(
INTERNET_STATUS_CONNECTED_TO_SERVER
);
CHECK_NOTIFIED
(
INTERNET_STATUS_SENDING_REQUEST
);
CHECK_NOTIFIED
(
INTERNET_STATUS_REQUEST_SENT
);
CHECK_NOTIFIED
(
INTERNET_STATUS_RECEIVING_RESPONSE
);
CHECK_NOTIFIED
(
INTERNET_STATUS_RESPONSE_RECEIVED
);
CHECK_NOTIFIED
(
INTERNET_STATUS_REQUEST_COMPLETE
);
CLEAR_NOTIFIED
(
INTERNET_STATUS_DETECTING_PROXY
);
CLEAR_NOTIFIED
(
INTERNET_STATUS_COOKIE_SENT
);
test_request_flags
(
req
,
0
);
test_secflags_option
(
req
,
SECURITY_FLAG_SECURE
|
SECURITY_FLAG_IGNORE_UNKNOWN_CA
|
SECURITY_FLAG_IGNORE_REVOCATION
|
SECURITY_FLAG_STRENGTH_STRONG
);
res
=
InternetReadFile
(
req
,
buf
,
sizeof
(
buf
),
&
size
);
ok
(
res
,
"InternetReadFile failed: %u
\n
"
,
GetLastError
());
ok
(
size
,
"size = 0
\n
"
);
/* Collect all existing persistent connections */
res
=
InternetSetOptionA
(
NULL
,
INTERNET_OPTION_SETTINGS_CHANGED
,
NULL
,
0
);
ok
(
res
,
"InternetSetOption(INTERNET_OPTION_END_BROWSER_SESSION) failed: %u
\n
"
,
GetLastError
());
SET_EXPECT
(
INTERNET_STATUS_HANDLE_CREATED
);
req
=
HttpOpenRequest
(
conn
,
"GET"
,
"/tests/hello.html"
,
NULL
,
NULL
,
NULL
,
INTERNET_FLAG_SECURE
|
INTERNET_FLAG_KEEP_CONNECTION
|
INTERNET_FLAG_RELOAD
|
INTERNET_FLAG_NO_CACHE_WRITE
,
0xdeadbeef
);
ok
(
req
!=
NULL
,
"HttpOpenRequest failed
\n
"
);
CHECK_NOTIFIED
(
INTERNET_STATUS_HANDLE_CREATED
);
flags
=
INTERNET_ERROR_MASK_COMBINED_SEC_CERT
|
INTERNET_ERROR_MASK_LOGIN_FAILURE_DISPLAY_ENTITY_BODY
;
res
=
InternetSetOption
(
req
,
INTERNET_OPTION_ERROR_MASK
,
(
void
*
)
&
flags
,
sizeof
(
flags
));
ok
(
res
,
"InternetQueryOption(INTERNET_OPTION_ERROR_MASK failed: %u
\n
"
,
GetLastError
());
SET_EXPECT
(
INTERNET_STATUS_RESOLVING_NAME
);
SET_EXPECT
(
INTERNET_STATUS_NAME_RESOLVED
);
SET_EXPECT
(
INTERNET_STATUS_CONNECTING_TO_SERVER
);
SET_EXPECT
(
INTERNET_STATUS_CONNECTED_TO_SERVER
);
SET_EXPECT
(
INTERNET_STATUS_CLOSING_CONNECTION
);
...
...
@@ -2950,8 +3001,6 @@ static void test_security_flags(void)
ok
(
req_error
==
ERROR_INTERNET_SEC_CERT_REV_FAILED
||
broken
(
req_error
==
ERROR_INTERNET_SEC_CERT_ERRORS
),
"req_error = %d
\n
"
,
req_error
);
todo_wine
CHECK_NOT_NOTIFIED
(
INTERNET_STATUS_RESOLVING_NAME
);
todo_wine
CHECK_NOT_NOTIFIED
(
INTERNET_STATUS_NAME_RESOLVED
);
CHECK_NOTIFIED
(
INTERNET_STATUS_CONNECTING_TO_SERVER
);
CHECK_NOTIFIED
(
INTERNET_STATUS_CONNECTED_TO_SERVER
);
CHECK_NOTIFIED
(
INTERNET_STATUS_CLOSING_CONNECTION
);
...
...
@@ -2963,7 +3012,7 @@ static void test_security_flags(void)
if
(
req_error
!=
ERROR_INTERNET_SEC_CERT_REV_FAILED
)
{
win_skip
(
"Unexpected cert errors, skipping security flags tests
\n
"
);
close_async_handle
(
ses
,
hCompleteEvent
,
2
);
close_async_handle
(
ses
,
hCompleteEvent
,
3
);
CloseHandle
(
hCompleteEvent
);
return
;
}
...
...
@@ -3013,7 +3062,7 @@ static void test_security_flags(void)
ok
(
res
,
"InternetReadFile failed: %u
\n
"
,
GetLastError
());
ok
(
size
,
"size = 0
\n
"
);
close_async_handle
(
ses
,
hCompleteEvent
,
2
);
close_async_handle
(
ses
,
hCompleteEvent
,
3
);
/* Collect all existing persistent connections */
res
=
InternetSetOptionA
(
NULL
,
INTERNET_OPTION_SETTINGS_CHANGED
,
NULL
,
0
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment