TRACE("\n");
CertDuplicateStore(to);
- engine = CRYPT_CreateChainEngine(to, &chainEngineConfig);
+ engine = CRYPT_CreateChainEngine(to, CERT_SYSTEM_STORE_CURRENT_USER, &chainEngineConfig);
if (engine)
{
PCCERT_CONTEXT cert = NULL;
{
CERT_CHAIN_PARA chainPara = { sizeof(chainPara), { 0 } };
PCCERT_CHAIN_CONTEXT chain;
- BOOL ret = CertGetCertificateChain(engine, cert, NULL, from,
- &chainPara, 0, NULL, &chain);
+ BOOL ret;
+ ret = CertGetCertificateChain(engine, cert, NULL, from,
+ &chainPara, CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL, NULL, &chain);
if (!ret)
TRACE("rejecting %s: %s\n", get_cert_common_name(cert),
"chain creation failed");
"/etc/ssl/certs/ca-certificates.crt",
"/etc/ssl/certs",
"/etc/pki/tls/certs/ca-bundle.crt",
+ "/usr/share/ca-certificates/ca-bundle.crt",
"/usr/local/share/certs/",
"/etc/sfw/openssl/certs",
};
return root;
}
-static PWINECRYPT_CERTSTORE CRYPT_rootStore;
+static WINECRYPT_CERTSTORE *CRYPT_rootStore;
-PWINECRYPT_CERTSTORE CRYPT_RootOpenStore(HCRYPTPROV hCryptProv, DWORD dwFlags)
+WINECRYPT_CERTSTORE *CRYPT_RootOpenStore(HCRYPTPROV hCryptProv, DWORD dwFlags)
{
TRACE("(%ld, %08x)\n", hCryptProv, dwFlags);
if (CRYPT_rootStore != root)
CertCloseStore(root, 0);
}
- CertDuplicateStore(CRYPT_rootStore);
+ CRYPT_rootStore->vtbl->addref(CRYPT_rootStore);
return CRYPT_rootStore;
}