wininet: Store certificate error information in security flags.

868575a4 · Jacek Caban · Alexandre Julliard · f8f2273b · 868575a4 · 868575a4
Commit 868575a4 authored May 25, 2012 by Jacek Caban Committed by Alexandre Julliard May 25, 2012
Expand all Hide whitespace changes
Inline Side-by-side

Showing with 123 additions and 94 deletions

http.c dlls/wininet/http.c +3 -15

internet.h dlls/wininet/internet.h +10 -1

netconnection.c dlls/wininet/netconnection.c +110 -78

No files found.
--- a/dlls/wininet/http.c
+++ b/dlls/wininet/http.c
@@ -4641,7 +4641,9 @@ static DWORD open_http_connection(http_request_t *request, BOOL *reusing)
                          request->server->addr_str,
                          strlen(request->server->addr_str)+1);

-    res = create_netconn(is_https, request->server, request->security_flags, request->connect_timeout, &netconn);
+    res = create_netconn(is_https, request->server, request->security_flags,
+                         (request->hdr.ErrorMask & INTERNET_ERROR_MASK_COMBINED_SEC_CERT) != 0,
+                         request->connect_timeout, &netconn);
    if(res != ERROR_SUCCESS) {
        ERR("create_netconn failed: %u\n", res);
        return res;
@@ -4664,20 +4666,6 @@ static DWORD open_http_connection(http_request_t *request, BOOL *reusing)
            res = HTTP_SecureProxyConnect(request);
        if(res == ERROR_SUCCESS)
            res = NETCON_secure_connect(request->netconn);
-        if(res != ERROR_SUCCESS)
-        {
-            WARN("Couldn't connect securely to host\n");
-
-            if((request->hdr.ErrorMask&INTERNET_ERROR_MASK_COMBINED_SEC_CERT) && (
-                    res == ERROR_INTERNET_SEC_CERT_DATE_INVALID
-                    || res == ERROR_INTERNET_INVALID_CA
-                    || res == ERROR_INTERNET_SEC_CERT_NO_REV
-                    || res == ERROR_INTERNET_SEC_CERT_REV_FAILED
-                    || res == ERROR_INTERNET_SEC_CERT_REVOKED
-                    || res == ERROR_INTERNET_SEC_INVALID_CERT
-                    || res == ERROR_INTERNET_SEC_CERT_CN_INVALID))
-                res = ERROR_INTERNET_SEC_CERT_ERRORS;
-        }
    }

    if(res != ERROR_SUCCESS) {

--- a/dlls/wininet/internet.h
+++ b/dlls/wininet/internet.h
@@ -86,6 +86,7 @@ typedef struct
    void *ssl_s;
    server_t *server;
    DWORD security_flags;
+    BOOL mask_errors;

    BOOL keep_alive;
    DWORD64 keep_until;
@@ -532,7 +533,7 @@ VOID INTERNET_SendCallback(object_header_t *hdr, DWORD_PTR dwContext,
                           DWORD dwStatusInfoLength) DECLSPEC_HIDDEN;
 BOOL INTERNET_FindProxyForProtocol(LPCWSTR szProxy, LPCWSTR proto, WCHAR *foundProxy, DWORD *foundProxyLen) DECLSPEC_HIDDEN;

-DWORD create_netconn(BOOL, server_t *, DWORD, DWORD, netconn_t **) DECLSPEC_HIDDEN;
+DWORD create_netconn(BOOL,server_t*,DWORD,BOOL,DWORD,netconn_t**) DECLSPEC_HIDDEN;
 void free_netconn(netconn_t*) DECLSPEC_HIDDEN;
 void NETCON_unload(void) DECLSPEC_HIDDEN;
 DWORD NETCON_secure_connect(netconn_t *connection) DECLSPEC_HIDDEN;
@@ -559,4 +560,12 @@ typedef struct
    const char* name;
 } wininet_flag_info;

+/* Undocumented security flags */
+#define _SECURITY_FLAG_CERT_INVALID_CA  0x00800000
+#define _SECURITY_FLAG_CERT_INVALID_CN  0x02000000
+
+#define _SECURITY_ERROR_FLAGS_MASK              \
+    (_SECURITY_FLAG_CERT_INVALID_CA             \
+    |_SECURITY_FLAG_CERT_INVALID_CN)
+
 #endif /* _WINE_INTERNET_H_ */
--- a/dlls/wininet/netconnection.c
+++ b/dlls/wininet/netconnection.c