Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
W
wine-winehq
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
wine
wine-winehq
Commits
2503e9ec
Commit
2503e9ec
authored
Nov 09, 2009
by
Juan Lang
Committed by
Alexandre Julliard
Nov 10, 2009
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
crypt32: Use helper function to find the subject alternate name extension wherever it's needed.
parent
ae6e8841
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
14 additions
and
19 deletions
+14
-19
chain.c
dlls/crypt32/chain.c
+14
-19
No files found.
dlls/crypt32/chain.c
View file @
2503e9ec
...
...
@@ -657,6 +657,18 @@ static void CRYPT_FindMatchingNameEntry(const CERT_ALT_NAME_ENTRY *constraint,
*
trustErrorStatus
|=
match
?
errorIfFound
:
errorIfNotFound
;
}
static
inline
PCERT_EXTENSION
get_subject_alt_name_ext
(
const
CERT_INFO
*
cert
)
{
PCERT_EXTENSION
ext
;
ext
=
CertFindExtension
(
szOID_SUBJECT_ALT_NAME2
,
cert
->
cExtension
,
cert
->
rgExtension
);
if
(
!
ext
)
ext
=
CertFindExtension
(
szOID_SUBJECT_ALT_NAME
,
cert
->
cExtension
,
cert
->
rgExtension
);
return
ext
;
}
static
void
CRYPT_CheckNameConstraints
(
const
CERT_NAME_CONSTRAINTS_INFO
*
nameConstraints
,
const
CERT_INFO
*
cert
,
DWORD
*
trustErrorStatus
)
...
...
@@ -664,13 +676,8 @@ static void CRYPT_CheckNameConstraints(
/* If there aren't any existing constraints, don't bother checking */
if
(
nameConstraints
->
cPermittedSubtree
||
nameConstraints
->
cExcludedSubtree
)
{
CERT_EXTENSION
*
ext
;
CERT_EXTENSION
*
ext
=
get_subject_alt_name_ext
(
cert
)
;
ext
=
CertFindExtension
(
szOID_SUBJECT_ALT_NAME2
,
cert
->
cExtension
,
cert
->
rgExtension
);
if
(
!
ext
)
ext
=
CertFindExtension
(
szOID_SUBJECT_ALT_NAME
,
cert
->
cExtension
,
cert
->
rgExtension
);
if
(
ext
)
{
CERT_ALT_NAME_INFO
*
subjectName
;
...
...
@@ -2346,18 +2353,6 @@ static BOOL WINAPI verify_basic_constraints_policy(LPCSTR szPolicyOID,
return
TRUE
;
}
static
inline
PCERT_EXTENSION
get_subject_alt_name_ext
(
PCCERT_CONTEXT
cert
)
{
PCERT_EXTENSION
ext
;
ext
=
CertFindExtension
(
szOID_SUBJECT_ALT_NAME2
,
cert
->
pCertInfo
->
cExtension
,
cert
->
pCertInfo
->
rgExtension
);
if
(
!
ext
)
ext
=
CertFindExtension
(
szOID_SUBJECT_ALT_NAME
,
cert
->
pCertInfo
->
cExtension
,
cert
->
pCertInfo
->
rgExtension
);
return
ext
;
}
static
BOOL
match_dns_to_subject_alt_name
(
PCERT_EXTENSION
ext
,
LPCWSTR
server_name
)
{
...
...
@@ -2545,7 +2540,7 @@ static BOOL WINAPI verify_ssl_policy(LPCSTR szPolicyOID,
BOOL
matches
;
cert
=
pChainContext
->
rgpChain
[
0
]
->
rgpElement
[
0
]
->
pCertContext
;
altNameExt
=
get_subject_alt_name_ext
(
cert
);
altNameExt
=
get_subject_alt_name_ext
(
cert
->
pCertInfo
);
/* If the alternate name extension exists, the name it contains
* is bound to the certificate, so make sure the name matches
* it. Otherwise, look for the server name in the subject
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
