system/wine
system/wine
1
0
Fork 0
mirror of git://source.winehq.org/git/wine.git synced 2024-11-01 13:09:57 +00:00
Code Issues Projects Releases Packages Wiki Activity
163338 commits 3 branches 785 tags 324 MiB
Commit graph

135 commits

Author SHA1 Message Date
Paul Gofman
66b1a4f333 cryptnet: Also hash issuer cert for cache id. 
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=54353
 2023-01-25 18:28:06 +01:00
Paul Gofman
f114ab57d2 cryptnet: Use cert data hash as cache id instead of serial number. 2023-01-25 18:28:06 +01:00
Paul Gofman
6e782449ab cryptnet: Cache revocation status in verify_cert_revocation(). 2023-01-25 18:28:06 +01:00
Paul Gofman
ca40454f47 cryptnet: Also cache revocation status when using OCSP. 2023-01-13 19:23:48 +01:00
Paul Gofman
67de946ca9 cryptnet: Check cached revocation status in verify_cert_revocation(). 2023-01-13 19:23:48 +01:00
Hans Leidekker
987d637e31 cryptnet: Fall back to online CRL verification if OCSP verification fails. 
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=53136
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=53138
 2022-06-15 15:35:01 +02:00
Hans Leidekker
f08dcbf894 cryptnet: Move revocation cache check to verify_cert_revocation_from_dist_points_ext(). 
Paves the way for falling back from OCSP to online CRL verification. It's not clear if a
cache is needed for OCSP responses, or if the wininet cache wouldn't be sufficient.
 2022-06-15 15:34:58 +02:00
Hans Leidekker
bbb3990c91 cryptnet: Fail CRL verification if there's no issuer certificate. 2022-06-15 15:34:58 +02:00
Torge Matthies
16e6067dbf cryptnet: Resolve object id to algorithm id when verifying OCSP response. 
Instead of only allowing the SHA256RSA algorithm.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=53102
Signed-off-by: Torge Matthies <tmatthies@codeweavers.com>
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-06-06 13:16:58 +02:00
Hans Leidekker
f742716487 cryptnet: Give precedence to OID_AUTHORITY_INFO_ACCESS in verify_cert_revocation(). 
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-05-24 12:03:58 +02:00
Hans Leidekker
60e10a0571 cryptnet: Support verifying certificate revocation with OCSP. 
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-04-06 23:07:20 +02:00
Eric Pouech
9aeb6d4198 cryptnet/tests: Enable compilation with long types. 
Signed-off-by: Eric Pouech <eric.pouech@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-02-23 10:17:26 +01:00
Eric Pouech
0db20c448a cryptnet: Enable compilation with long types. 
Signed-off-by: Eric Pouech <eric.pouech@gmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-02-09 18:37:32 +01:00
Alexandre Julliard
f0cd33c69e include: Add support for defining Win32 types as 'long' where possible. 
Add -DWINE_NO_LONG_TYPES to modules that still have compilation
warnings with long types.

Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-27 20:38:22 +01:00
Zebediah Figura
c51bf452ba cryptnet: Open the revocation cache file in binary mode. 
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2022-01-07 11:58:14 +01:00
Huw Davies
be00048203 cryptnet/tests: Explicitly set cbSize before each test. 
This is clearer and also avoids out-of-bounds compiler warnings
relating to the memset()s.

Signed-off-by: Huw Davies <huw@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-10-06 20:29:35 +02:00
Alexandre Julliard
088a787a2c makefiles: Make -mno-cygwin the default. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-09-20 22:45:48 +02:00
Zebediah Figura
b49ffc574c cryptnet: Cache the result of revocation checks on disk. 
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-22 13:17:15 +02:00
Zebediah Figura
13a349540a cryptnet: Check only the first successfully retrieved CRL in verify_cert_revocation_from_dist_points_ext(). 
From RFC 5280 § 4.2.1.13:

   If the DistributionPointName contains multiple values, each name
   describes a different mechanism to obtain the same CRL.  For example,
   the same CRL could be available for retrieval through both LDAP and
   HTTP.

Steam attempts to validate a certificate containing what are apparently two
different mirrored URLs to the same 20 MB CRL, which currently takes over 400ms
to parse in Wine. According to my reading of the RFC, we should only need to
parse one of them, cutting the time in half.

Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-22 13:17:11 +02:00
Zebediah Figura
3a9d51bf36 cryptnet: Respect the timeout also if CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG is not set. 
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-22 13:17:06 +02:00
Zebediah Figura
17f4407453 cryptnet: Specify half of the remaining timeout for each CRL if CERT_VERIFY_REV_ACCUMULATIVE_TIMEOUT_FLAG was specified. 
Instead of wasting the whole timeout on the first CRL.

Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-22 13:17:01 +02:00
Zebediah Figura
18e46df9d1 cryptnet: Set dwIndex in CertDllVerifyRevocation(). 
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-21 22:02:52 +02:00
Zebediah Figura
0429df4aac cryptnet/tests: Clean up and expand tests for CertDllVerifyRevocation. 
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-21 22:02:46 +02:00
Zebediah Figura
d12ca0dd84 cryptnet: Use RTL_SIZEOF_THROUGH_FIELD. 
Signed-off-by: Zebediah Figura <zfigura@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2021-07-21 22:02:39 +02:00
Francois Gouget
44e76ea3c7 cryptnet: Fix the spelling of the x-pkcs7-certificates MIME type. 
This may fix connections to some encrypted websites.

Signed-off-by: Francois Gouget <fgouget@free.fr>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-11-09 20:15:11 +01:00
Michael Stefaniuc
081f5ae24f cryptnet: Use wide-char string literals. 
Signed-off-by: Michael Stefaniuc <mstefani@winehq.org>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-10-22 22:02:02 +02:00
Michael Stefaniuc
c7c49ab57d cryptnet/tests: Change the scope of a variable from global to local. 
Signed-off-by: Michael Stefaniuc <mstefani@winehq.org>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2020-10-22 22:02:02 +02:00
Alexandre Julliard
7ca2c13ea9 cryptnet: Build with msvcrt. 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-05-29 11:38:39 +02:00
Alexandre Julliard
740c1c37cb cryptnet/tests: Avoid using snprintf(). 
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2019-04-23 23:50:44 +02:00
André Hentschel
9a4739810c cryptnet: Fix CryptGetObjectUrl spec file entry. 
Signed-off-by: André Hentschel <nerv@dawncrow.de>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
 2017-05-26 08:05:37 +02:00
Francois Gouget
d30c037a1e cryptnet/tests: Remove an uneeded NONAMELESSUNION directive. 2015-03-10 15:18:21 +09:00
Francois Gouget
16a77b89e9 cryptnet: Remove an unneeded NONAMELESSSTRUCT directive. 2015-03-10 15:18:20 +09:00
Hans Leidekker
5e6490a835 cryptnet: Add support for base64 encoded certificates, CRLs and CTLs in CryptRetrieveObjectByUrl. 2014-12-09 13:16:16 +01:00
Daniel Lehman
3be7f3079c cryptnet: Continue checking the revocation urls if one is offline. 2014-07-24 09:21:54 +02:00
Jacek Caban
e739f040c0 crypt32: Simplified getting context expiration. 2014-03-07 16:36:36 +01:00
Alexandre Julliard
99ef0d6ff0 makefiles: Get rid of the MAKE_TEST_RULES variable. 2014-01-02 12:13:16 +01:00
Alexandre Julliard
5e7416e5c8 makefiles: Get rid of the MAKE_DLL_RULES variable. 2014-01-02 12:08:18 +01:00
Dmitry Timoshkov
876cc598c3 cryptnet: Avoid preliminary blob size initialization. 2013-10-28 10:52:27 +01:00
Jacek Caban
533730de7f cryptnet: Removed unused typedefs. 2013-09-05 15:56:46 +02:00
Piotr Caban
c3a23a99a2 cryptnet: Handle SystemTimeToFileTime failure in HTTP_RetrieveEncodedObjectW. 2013-04-01 18:17:35 +02:00
Piotr Caban
b8e2edf19c cryptnet: Don't ignore HttpEndRequestW error in HTTP_RetrieveEncodedObjectW. 2013-03-08 18:11:05 +01:00
Piotr Caban
437df58dce cryptnet: Open file with FILE_SHARE_READ flag in File_RetrieveEncodedObjectW. 2013-03-08 18:11:04 +01:00
Piotr Caban
4f89321577 cryptnet: Lock cache file while accessing it. 2013-03-08 18:11:04 +01:00
Alexandre Julliard
a4cdc0e90d cryptnet: Remove an unnecessary DllMain entry point. 2013-02-14 21:37:52 +01:00
Marcus Meissner
919a789f45 cryptnet: Avoid memory leak of info (Coverity). 2012-10-15 13:31:05 +02:00
Piotr Caban
5e6e26e1df cryptnet: Fixed cache functions usage in CRYPT_CacheURL function. 2012-10-03 11:25:12 +02:00
Juan Lang
eee39b12ab cryptnet: Don't call HttpEndRequest on a request that was never sent. 2012-02-20 11:39:13 +01:00
Juan Lang
0439500f2c cryptnet/tests: Fix test failures on older NT4. 2012-02-13 13:09:45 +01:00
Andrew Talbot
9192a20132 cryptnet: Remove unused file-static variable. 2011-11-14 15:25:20 +01:00
Hans Leidekker
a552a7a9f5 cryptnet: Respect proxy settings. 2011-10-13 19:57:19 +02:00