[RAPPS] Fix pinned certificate issuer check
authorStanislav Motylkov <x86corez@gmail.com>
Mon, 11 Jan 2021 16:16:16 +0000 (19:16 +0300)
committerStanislav Motylkov <x86corez@gmail.com>
Mon, 11 Jan 2021 16:16:16 +0000 (19:16 +0300)
base/applications/rapps/loaddlg.cpp

index fb06035..836bb15 100644 (file)
@@ -50,7 +50,8 @@
 #include "misc.h"
 
 #ifdef USE_CERT_PINNING
-#define CERT_ISSUER_INFO "US\r\nLet's Encrypt\r\nLet's Encrypt Authority X3"
+#define CERT_ISSUER_INFO_OLD "US\r\nLet's Encrypt\r\nLet's Encrypt Authority X3"
+#define CERT_ISSUER_INFO_NEW "US\r\nLet's Encrypt\r\nR3"
 #define CERT_SUBJECT_INFO "rapps.reactos.org"
 #endif
 
@@ -832,7 +833,8 @@ unsigned int WINAPI CDownloadManager::ThreadFunc(LPVOID param)
             else
             {
                 if (strcmp(subjectName, CERT_SUBJECT_INFO) ||
-                    strcmp(issuerName, CERT_ISSUER_INFO))
+                    (strcmp(issuerName, CERT_ISSUER_INFO_OLD) &&
+                    strcmp(issuerName, CERT_ISSUER_INFO_NEW)))
                 {
                     szMsgText.Format(IDS_MISMATCH_CERT_INFO, (char*)subjectName, (const char*)issuerName);
                     bAskQuestion = true;