Commit d654ff6d authored by Bruno Jesus's avatar Bruno Jesus Committed by Alexandre Julliard

wininet: Handle CERT_TRUST_IS_NOT_SIGNATURE_VALID in netconn_verify_cert().

parent 9d9e1cc9
......@@ -112,6 +112,7 @@ static DWORD netconn_verify_cert(netconn_t *conn, PCCERT_CONTEXT cert, HCERTSTOR
CERT_TRUST_IS_NOT_TIME_VALID |
CERT_TRUST_IS_UNTRUSTED_ROOT |
CERT_TRUST_IS_PARTIAL_CHAIN |
CERT_TRUST_IS_NOT_SIGNATURE_VALID |
CERT_TRUST_IS_NOT_VALID_FOR_USAGE;
TRACE("verifying %s\n", debugstr_w(conn->server->name));
......@@ -178,6 +179,17 @@ static DWORD netconn_verify_cert(netconn_t *conn, PCCERT_CONTEXT cert, HCERTSTOR
errors &= ~CERT_TRUST_IS_PARTIAL_CHAIN;
}
if(errors & CERT_TRUST_IS_NOT_SIGNATURE_VALID) {
WARN("CERT_TRUST_IS_NOT_SIGNATURE_VALID\n");
if(!(conn->security_flags & SECURITY_FLAG_IGNORE_UNKNOWN_CA)) {
err = conn->mask_errors && err ? ERROR_INTERNET_SEC_CERT_ERRORS : ERROR_INTERNET_INVALID_CA;
if(!conn->mask_errors)
break;
conn->security_flags |= _SECURITY_FLAG_CERT_INVALID_CA;
}
errors &= ~CERT_TRUST_IS_NOT_SIGNATURE_VALID;
}
if(errors & CERT_TRUST_IS_NOT_VALID_FOR_USAGE) {
WARN("CERT_TRUST_IS_NOT_VALID_FOR_USAGE\n");
if(!(conn->security_flags & SECURITY_FLAG_IGNORE_WRONG_USAGE)) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment