Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make CURLOPT_CAINFO work on Windows 7 #4761

Closed
wants to merge 1 commit into from
Closed

Conversation

@faizur
Copy link
Contributor

@faizur faizur commented Dec 26, 2019

CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a
result CertGetNameString doesn't quite work on those versions of
Windows. This change provides an alternative solution for
CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier
versions of Windows.

@faizur
Copy link
Contributor Author

@faizur faizur commented Dec 26, 2019

This should fix the issue reported here #3711

@faizur faizur force-pushed the faizur:schannel_win7 branch 2 times, most recently from 9be23de to 3e7d828 Dec 26, 2019
@jay
Copy link
Member

@jay jay commented Dec 26, 2019

Neat. Does this handle wildcards like *.foo.amazon.com?

/cc @jeroen

@faizur faizur force-pushed the faizur:schannel_win7 branch from 3e7d828 to 0204c38 Dec 26, 2019
@faizur
Copy link
Contributor Author

@faizur faizur commented Dec 26, 2019

@jay It does handle wildcards. Actually, the logic(Curl_cert_hostcheck) to handle those hasn't changed.

@faizur
Copy link
Contributor Author

@faizur faizur commented Dec 26, 2019

AFAICT, the failing two checks seem to be flaky.

@faizur faizur force-pushed the faizur:schannel_win7 branch from 0204c38 to f2f89f9 Dec 26, 2019
@jay
Copy link
Member

@jay jay commented Dec 28, 2019

AFAICT, the failing two checks seem to be flaky.

Yes. I've set it to re-run the failed checks.

@faizur
Copy link
Contributor Author

@faizur faizur commented Dec 28, 2019

AFAICT, the failing two checks seem to be flaky.

Yes. I've set it to re-run the failed checks.

Thanks! Down to one failing check now.

CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a
result CertGetNameString doesn't quite work on those versions of
Windows. This change provides an alternative solution for
CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier
versions of Windows.
@faizur faizur force-pushed the faizur:schannel_win7 branch from f2f89f9 to 2c67f8f Jan 2, 2020
@jay jay closed this in 29e40a6 Jan 12, 2020
@jay
Copy link
Member

@jay jay commented Jan 12, 2020

Thanks

jay added a commit that referenced this pull request Jan 13, 2020
Follow-up to 29e40a6 from two days ago, which added that feature for
Windows 7 and earlier. The bug only occurred in same.

Ref: #4761
@jay
Copy link
Member

@jay jay commented Jan 13, 2020

I missed a bug, a char * was used to advance a tchar * which caused problems in Unicode builds. Fixed in 16da8bc.

@lock lock bot locked as resolved and limited conversation to collaborators Apr 15, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

2 participants
You can’t perform that action at this time.