-
Zebediah Figura authored
cryptnet: Check only the first successfully retrieved CRL in verify_cert_revocation_from_dist_points_ext(). From RFC 5280 § 4.2.1.13: If the DistributionPointName contains multiple values, each name describes a different mechanism to obtain the same CRL. For example, the same CRL could be available for retrieval through both LDAP and HTTP. Steam attempts to validate a certificate containing what are apparently two different mirrored URLs to the same 20 MB CRL, which currently takes over 400ms to parse in Wine. According to my reading of the RFC, we should only need to parse one of them, cutting the time in half. Signed-off-by:
Zebediah Figura <zfigura@codeweavers.com> Signed-off-by:
Alexandre Julliard <julliard@winehq.org>
13a34954
| Name |
Last commit
|
Last update |
|---|---|---|
| dlls | ||
| documentation | ||
| fonts | ||
| include | ||
| libs | ||
| loader | ||
| nls | ||
| po | ||
| programs | ||
| server | ||
| tools | ||
| .editorconfig | ||
| .mailmap | ||
| ANNOUNCE | ||
| AUTHORS | ||
| COPYING.LIB | ||
| LICENSE | ||
| LICENSE.OLD | ||
| MAINTAINERS | ||
| Makefile.in | ||
| README | ||
| VERSION | ||
| aclocal.m4 | ||
| configure | ||
| configure.ac |