generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-29 04:17:55 +01:00
Code Issues Projects Releases Wiki Activity

#2834: Wrong cancelation of the fix: incorrect type of store name parameter in CertOpenStore API call into NetSSL_Win. Release 1.10.0

Browse Source
This commit is contained in:
Günter Obiltschnig
2020-02-04 09:53:47 +01:00
parent 6e321e6256
commit bfa7ca5c82
2 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
NetSSL_Win/src/Context.cpp
View File

@@ -163,14 +163,14 @@ Poco::Net::X509Certificate Context::certificate()
void Context::loadCertificate() void Context::loadCertificate()
{ {
std::wstring wcertStore; std::wstring wcertStoreName;
Poco::UnicodeConverter::convert(_certStoreName, wcertStore); Poco::UnicodeConverter::convert(_certStoreName, wcertStoreName);
if (!_hCertStore) if (!_hCertStore)
{ {
if (_options & OPT_USE_MACHINE_STORE) if (_options & OPT_USE_MACHINE_STORE)
_hCertStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, _certStoreName.c_str()); _hCertStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, wcertStoreName.c_str());
else else
_hCertStore = CertOpenSystemStoreW(0, wcertStore.c_str()); _hCertStore = CertOpenSystemStoreW(0, wcertStoreName.c_str());
} }
if (!_hCertStore) throw CertificateException("Failed to open certificate store", _certStoreName, GetLastError()); if (!_hCertStore) throw CertificateException("Failed to open certificate store", _certStoreName, GetLastError());
@@ -502,16 +502,16 @@ void Context::requireMinimumProtocol(Protocols protocol)
case PROTO_SSLV3: case PROTO_SSLV3:
_disabledProtocols = PROTO_SSLV2; _disabledProtocols = PROTO_SSLV2;
break; break;
case PROTO_TLSV1: case PROTO_TLSV1:
_disabledProtocols = PROTO_SSLV2 | PROTO_SSLV3; _disabledProtocols = PROTO_SSLV2 | PROTO_SSLV3;
break; break;
case PROTO_TLSV1_1: case PROTO_TLSV1_1:
_disabledProtocols = PROTO_SSLV2 | PROTO_SSLV3 | PROTO_TLSV1; _disabledProtocols = PROTO_SSLV2 | PROTO_SSLV3 | PROTO_TLSV1;
break; break;
case PROTO_TLSV1_2: case PROTO_TLSV1_2:
_disabledProtocols = PROTO_SSLV2 | PROTO_SSLV3 | PROTO_TLSV1 | PROTO_TLSV1_1; _disabledProtocols = PROTO_SSLV2 | PROTO_SSLV3 | PROTO_TLSV1 | PROTO_TLSV1_1;
break; break;
case PROTO_TLSV1_3: case PROTO_TLSV1_3:
_disabledProtocols = PROTO_SSLV2 | PROTO_SSLV3 | PROTO_TLSV1 | PROTO_TLSV1_1 | PROTO_TLSV1_2; _disabledProtocols = PROTO_SSLV2 | PROTO_SSLV3 | PROTO_TLSV1 | PROTO_TLSV1_1 | PROTO_TLSV1_2;
break; break;
} }

8
NetSSL_Win/src/X509Certificate.cpp
View File

@@ -381,13 +381,13 @@ void* X509Certificate::nid2oid(NID nid)
void X509Certificate::loadCertificate(const std::string& certName, const std::string& certStoreName, bool useMachineStore) void X509Certificate::loadCertificate(const std::string& certName, const std::string& certStoreName, bool useMachineStore)
{ {
std::wstring wcertStore; std::wstring wcertStoreName;
Poco::UnicodeConverter::convert(certStoreName, wcertStore); Poco::UnicodeConverter::convert(certStoreName, wcertStoreName);
HCERTSTORE hCertStore; HCERTSTORE hCertStore;
if (useMachineStore) if (useMachineStore)
hCertStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, certStoreName.c_str()); hCertStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, wcertStoreName.c_str());
else else
hCertStore = CertOpenSystemStoreW(0, wcertStore.c_str()); hCertStore = CertOpenSystemStoreW(0, wcertStoreName.c_str());
if (!hCertStore) throw CertificateException("Failed to open certificate store", certStoreName, GetLastError()); if (!hCertStore) throw CertificateException("Failed to open certificate store", certStoreName, GetLastError());