[ros-diffs] [akhaldi] 73353: [CRYPT32] Bring back the code path that had r64026 and r66349 until we adapt our changes to the new code. CORE-12409 CORE-12446

Author: akhaldi Date: Wed Nov 23 09:22:56 2016 New Revision: 73353 URL: http://svn.reactos.org/svn/reactos?rev=73353&view=rev Log: [CRYPT32] Bring back the code path that had r64026 and r66349 until we adapt our changes to the new code. CORE-12409 CORE-12446 Modified: trunk/reactos/dll/win32/crypt32/rootstore.c Modified: trunk/reactos/dll/win32/crypt32/rootstore.c URL: http://svn.reactos.org/svn/reactos/trunk/reactos/dll/win32/crypt32/rootstor… ============================================================================== --- trunk/reactos/dll/win32/crypt32/rootstore.c [iso-8859-1] (original) +++ trunk/reactos/dll/win32/crypt32/rootstore.c [iso-8859-1] Wed Nov 23 09:22:56 2016 @@ -427,6 +427,57 @@ } return ret; } + +#ifdef __REACTOS__ + +static BOOL WINAPI CRYPT_RootWriteCert(HCERTSTORE hCertStore, + PCCERT_CONTEXT cert, DWORD dwFlags) +{ + /* The root store can't have certs added */ + return FALSE; +} + +static BOOL WINAPI CRYPT_RootDeleteCert(HCERTSTORE hCertStore, + PCCERT_CONTEXT cert, DWORD dwFlags) +{ + /* The root store can't have certs deleted */ + return FALSE; +} + +static BOOL WINAPI CRYPT_RootWriteCRL(HCERTSTORE hCertStore, + PCCRL_CONTEXT crl, DWORD dwFlags) +{ + /* The root store can have CRLs added. At worst, a malicious application + * can DoS itself, as the changes aren't persisted in any way. + */ + return TRUE; +} + +static BOOL WINAPI CRYPT_RootDeleteCRL(HCERTSTORE hCertStore, + PCCRL_CONTEXT crl, DWORD dwFlags) +{ + /* The root store can't have CRLs deleted */ + return FALSE; +} + +static void *rootProvFuncs[] = { + NULL, /* CERT_STORE_PROV_CLOSE_FUNC */ + NULL, /* CERT_STORE_PROV_READ_CERT_FUNC */ + CRYPT_RootWriteCert, + CRYPT_RootDeleteCert, + NULL, /* CERT_STORE_PROV_SET_CERT_PROPERTY_FUNC */ + NULL, /* CERT_STORE_PROV_READ_CRL_FUNC */ + CRYPT_RootWriteCRL, + CRYPT_RootDeleteCRL, + NULL, /* CERT_STORE_PROV_SET_CRL_PROPERTY_FUNC */ + NULL, /* CERT_STORE_PROV_READ_CTL_FUNC */ + NULL, /* CERT_STORE_PROV_WRITE_CTL_FUNC */ + NULL, /* CERT_STORE_PROV_DELETE_CTL_FUNC */ + NULL, /* CERT_STORE_PROV_SET_CTL_PROPERTY_FUNC */ + NULL, /* CERT_STORE_PROV_CONTROL_FUNC */ +}; + +#endif /* __REACTOS__ */ static const char * const CRYPT_knownLocations[] = { "/etc/ssl/certs/ca-certificates.crt", @@ -736,17 +787,48 @@ static HCERTSTORE create_root_store(void) { +#ifdef __REACTOS__ + HCERTSTORE root = NULL; +#endif HCERTSTORE memStore = CertOpenStore(CERT_STORE_PROV_MEMORY, X509_ASN_ENCODING, 0, CERT_STORE_CREATE_NEW_FLAG, NULL); if (memStore) { +#ifdef __REACTOS__ + HCERTSTORE regStore; + CERT_STORE_PROV_INFO provInfo = { + sizeof(CERT_STORE_PROV_INFO), + sizeof(rootProvFuncs) / sizeof(rootProvFuncs[0]), + rootProvFuncs, + NULL, + 0, + NULL + }; +#endif + read_trusted_roots_from_known_locations(memStore); add_ms_root_certs(memStore); - } - +#ifdef __REACTOS__ + root = CRYPT_ProvCreateStore(0, memStore, &provInfo); + regStore = CertOpenStore(CERT_STORE_PROV_SYSTEM_W, 0, 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, L"AuthRoot"); + if (regStore) + { + HCERTSTORE collStore = CertOpenStore(CERT_STORE_PROV_COLLECTION, 0, 0, + CERT_STORE_CREATE_NEW_FLAG, NULL); + CertAddStoreToCollection(collStore, regStore, 0, 0); + CertAddStoreToCollection(collStore, root, 0, 0); + root = collStore; + } +#endif + } +#ifdef __REACTOS__ + TRACE("returning %p\n", root); + return root; +#else TRACE("returning %p\n", memStore); return memStore; +#endif } static const WCHAR certs_root_pathW[] =