Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make CURLOPT_CAINFO work on Windows 7 #4761

Closed
wants to merge 1 commit into from

Conversation

faizur
Copy link
Contributor

@faizur faizur commented Dec 26, 2019

CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a
result CertGetNameString doesn't quite work on those versions of
Windows. This change provides an alternative solution for
CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier
versions of Windows.

@faizur
Copy link
Contributor Author

faizur commented Dec 26, 2019

This should fix the issue reported here #3711

@faizur faizur force-pushed the schannel_win7 branch 2 times, most recently from 9be23de to 3e7d828 Compare December 26, 2019 17:39
@jay
Copy link
Member

jay commented Dec 26, 2019

Neat. Does this handle wildcards like *.foo.amazon.com?

/cc @jeroen

@faizur
Copy link
Contributor Author

faizur commented Dec 26, 2019

@jay It does handle wildcards. Actually, the logic(Curl_cert_hostcheck) to handle those hasn't changed.

@faizur
Copy link
Contributor Author

faizur commented Dec 26, 2019

AFAICT, the failing two checks seem to be flaky.

@jay
Copy link
Member

jay commented Dec 28, 2019

AFAICT, the failing two checks seem to be flaky.

Yes. I've set it to re-run the failed checks.

@jay jay added the feature-window A merge of this requires an open feature window label Dec 28, 2019
@faizur
Copy link
Contributor Author

faizur commented Dec 28, 2019

AFAICT, the failing two checks seem to be flaky.

Yes. I've set it to re-run the failed checks.

Thanks! Down to one failing check now.

CERT_NAME_SEARCH_ALL_NAMES_FLAG doesn't exist before Windows 8. As a
result CertGetNameString doesn't quite work on those versions of
Windows. This change provides an alternative solution for
CertGetNameString by iterating through CERT_ALT_NAME_INFO for earlier
versions of Windows.
@jay
Copy link
Member

jay commented Jan 12, 2020

Thanks

@jay jay removed the feature-window A merge of this requires an open feature window label Jan 12, 2020
jay added a commit that referenced this pull request Jan 13, 2020
Follow-up to 29e40a6 from two days ago, which added that feature for
Windows 7 and earlier. The bug only occurred in same.

Ref: #4761
@jay
Copy link
Member

jay commented Jan 13, 2020

I missed a bug, a char * was used to advance a tchar * which caused problems in Unicode builds. Fixed in 16da8bc.

@lock lock bot locked as resolved and limited conversation to collaborators Apr 15, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
TLS Windows Windows-specific
Development

Successfully merging this pull request may close these issues.

2 participants