[CRYPT32]
authorChristoph von Wittich <christoph_vw@reactos.org>
Sat, 29 May 2010 13:14:05 +0000 (13:14 +0000)
committerChristoph von Wittich <christoph_vw@reactos.org>
Sat, 29 May 2010 13:14:05 +0000 (13:14 +0000)
sync to wine 1.2 RC2

svn path=/trunk/; revision=47410

reactos/dll/win32/crypt32/cert.c
reactos/dll/win32/crypt32/chain.c
reactos/dll/win32/crypt32/regstore.c
reactos/dll/win32/crypt32/store.c
reactos/include/psdk/wincrypt.h

index c25e612..12c013e 100644 (file)
@@ -113,9 +113,21 @@ BOOL WINAPI CertAddCertificateLinkToStore(HCERTSTORE hCertStore,
  PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition,
  PCCERT_CONTEXT *ppCertContext)
 {
-    FIXME("(%p, %p, %08x, %p)\n", hCertStore, pCertContext, dwAddDisposition,
-     ppCertContext);
-    return FALSE;
+    static int calls;
+    PWINECRYPT_CERTSTORE store = (PWINECRYPT_CERTSTORE)hCertStore;
+
+    if (!(calls++))
+        FIXME("(%p, %p, %08x, %p): semi-stub\n", hCertStore, pCertContext,
+         dwAddDisposition, ppCertContext);
+    if (store->dwMagic != WINE_CRYPTCERTSTORE_MAGIC)
+        return FALSE;
+    if (store->type == StoreTypeCollection)
+    {
+        SetLastError(E_INVALIDARG);
+        return FALSE;
+    }
+    return CertAddCertificateContextToStore(hCertStore, pCertContext,
+     dwAddDisposition, ppCertContext);
 }
 
 PCCERT_CONTEXT WINAPI CertCreateCertificateContext(DWORD dwCertEncodingType,
index 1724f42..e951ef8 100644 (file)
@@ -152,6 +152,20 @@ HCERTCHAINENGINE CRYPT_CreateChainEngine(HCERTSTORE root,
     return engine;
 }
 
+typedef struct _CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT
+{
+    DWORD       cbSize;
+    HCERTSTORE  hRestrictedRoot;
+    HCERTSTORE  hRestrictedTrust;
+    HCERTSTORE  hRestrictedOther;
+    DWORD       cAdditionalStore;
+    HCERTSTORE *rghAdditionalStore;
+    DWORD       dwFlags;
+    DWORD       dwUrlRetrievalTimeout;
+    DWORD       MaximumCachedCertificates;
+    DWORD       CycleDetectionModulus;
+} CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT;
+
 BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
  HCERTCHAINENGINE *phChainEngine)
 {
@@ -159,7 +173,8 @@ BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
 
     TRACE("(%p, %p)\n", pConfig, phChainEngine);
 
-    if (pConfig->cbSize != sizeof(*pConfig))
+    if (pConfig->cbSize != sizeof(CERT_CHAIN_ENGINE_CONFIG_NO_EXCLUSIVE_ROOT)
+     && pConfig->cbSize != sizeof(CERT_CHAIN_ENGINE_CONFIG))
     {
         SetLastError(E_INVALIDARG);
         return FALSE;
@@ -171,7 +186,10 @@ BOOL WINAPI CertCreateCertificateChainEngine(PCERT_CHAIN_ENGINE_CONFIG pConfig,
         HCERTSTORE root;
         HCERTCHAINENGINE engine;
 
-        if (pConfig->hRestrictedRoot)
+        if (pConfig->cbSize >= sizeof(CERT_CHAIN_ENGINE_CONFIG) &&
+         pConfig->hExclusiveRoot)
+            root = CertDuplicateStore(pConfig->hExclusiveRoot);
+        else if (pConfig->hRestrictedRoot)
             root = CertDuplicateStore(pConfig->hRestrictedRoot);
         else
             root = CertOpenSystemStoreW(0, rootW);
@@ -3017,7 +3035,31 @@ static BOOL match_dns_to_subject_alt_name(PCERT_EXTENSION ext,
             {
                 TRACE_(chain)("dNSName: %s\n", debugstr_w(
                  subjectName->rgAltEntry[i].u.pwszDNSName));
-                if (!strcmpiW(server_name,
+                if (subjectName->rgAltEntry[i].u.pwszDNSName[0] == '*')
+                {
+                    LPCWSTR server_name_dot;
+
+                    /* Matching a wildcard: a wildcard matches a single name
+                     * component, which is terminated by a dot.  RFC 1034
+                     * doesn't define whether multiple wildcards are allowed,
+                     * but I will assume that they are not until proven
+                     * otherwise.  RFC 1034 also states that 'the "*" label
+                     * always matches at least one whole label and sometimes
+                     * more, but always whole labels.'  Native crypt32 does not
+                     * match more than one label with a wildcard, so I do the
+                     * same here.  Thus, a wildcard only accepts the first
+                     * label, then requires an exact match of the remaining
+                     * string.
+                     */
+                    server_name_dot = strchrW(server_name, '.');
+                    if (server_name_dot)
+                    {
+                        if (!strcmpiW(server_name_dot,
+                         subjectName->rgAltEntry[i].u.pwszDNSName + 1))
+                            matches = TRUE;
+                    }
+                }
+                else if (!strcmpiW(server_name,
                  subjectName->rgAltEntry[i].u.pwszDNSName))
                     matches = TRUE;
             }
index 296b0c9..f4b4295 100644 (file)
@@ -479,6 +479,10 @@ static BOOL WINAPI CRYPT_RegControl(HCERTSTORE hCertStore, DWORD dwFlags,
         ret = CRYPT_RegFlushStore(store,
          dwFlags & CERT_STORE_CTRL_COMMIT_FORCE_FLAG);
         break;
+    case CERT_STORE_CTRL_AUTO_RESYNC:
+        FIXME("CERT_STORE_CTRL_AUTO_RESYNC: stub\n");
+        ret = TRUE;
+        break;
     default:
         FIXME("%d: stub\n", dwCtrlType);
         ret = FALSE;
index a892394..da3de56 100644 (file)
@@ -855,7 +855,16 @@ BOOL WINAPI CertAddCertificateContextToStore(HCERTSTORE hCertStore,
     TRACE("(%p, %p, %08x, %p)\n", hCertStore, pCertContext,
      dwAddDisposition, ppStoreContext);
 
-    if (dwAddDisposition != CERT_STORE_ADD_ALWAYS)
+    switch (dwAddDisposition)
+    {
+    case CERT_STORE_ADD_ALWAYS:
+        break;
+    case CERT_STORE_ADD_NEW:
+    case CERT_STORE_ADD_REPLACE_EXISTING:
+    case CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES:
+    case CERT_STORE_ADD_USE_EXISTING:
+    case CERT_STORE_ADD_NEWER:
+    case CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES:
     {
         BYTE hashToAdd[20];
         DWORD size = sizeof(hashToAdd);
@@ -870,6 +879,12 @@ BOOL WINAPI CertAddCertificateContextToStore(HCERTSTORE hCertStore,
              pCertContext->dwCertEncodingType, 0, CERT_FIND_SHA1_HASH, &blob,
              NULL);
         }
+        break;
+    }
+    default:
+        FIXME("Unimplemented add disposition %d\n", dwAddDisposition);
+        SetLastError(E_INVALIDARG);
+        ret = FALSE;
     }
 
     switch (dwAddDisposition)
@@ -940,10 +955,6 @@ BOOL WINAPI CertAddCertificateContextToStore(HCERTSTORE hCertStore,
         else
             toAdd = CertDuplicateCertificateContext(pCertContext);
         break;
-    default:
-        FIXME("Unimplemented add disposition %d\n", dwAddDisposition);
-        SetLastError(E_INVALIDARG);
-        ret = FALSE;
     }
 
     if (toAdd)
index 3f7f4ed..540169b 100644 (file)
@@ -3389,6 +3389,8 @@ typedef struct _CERT_CHAIN_ENGINE_CONFIG
     DWORD       dwUrlRetrievalTimeout;
     DWORD       MaximumCachedCertificates;
     DWORD       CycleDetectionModulus;
+    HCERTSTORE  hExclusiveRoot;
+    HCERTSTORE  hExclusiveRootTrustedPeople;
 } CERT_CHAIN_ENGINE_CONFIG, *PCERT_CHAIN_ENGINE_CONFIG;
 
 /* message-related definitions */