From 428fc17934017dfda2ceff0c1143c8379c10be00 Mon Sep 17 00:00:00 2001 From: Juan Lang Date: Wed, 27 Jan 2010 14:20:26 -0800 Subject: [PATCH] wintrust: Return error directly from WINTRUST_CreateChainForSigner. --- dlls/wintrust/softpub.c | 49 +++++++++++++++++++++++-------------------------- 1 file changed, 23 insertions(+), 26 deletions(-) diff --git a/dlls/wintrust/softpub.c b/dlls/wintrust/softpub.c index a0a34556b04..3e7917230e1 100644 --- a/dlls/wintrust/softpub.c +++ b/dlls/wintrust/softpub.c @@ -753,11 +753,11 @@ static void WINTRUST_CreateChainPolicyCreateInfo( info->pvReserved = NULL; } -static BOOL WINTRUST_CreateChainForSigner(CRYPT_PROVIDER_DATA *data, +static DWORD WINTRUST_CreateChainForSigner(CRYPT_PROVIDER_DATA *data, DWORD signer, PWTD_GENERIC_CHAIN_POLICY_CREATE_INFO createInfo, PCERT_CHAIN_PARA chainPara) { - BOOL ret = TRUE; + DWORD err = ERROR_SUCCESS; HCERTSTORE store = NULL; if (data->chStores) @@ -772,15 +772,17 @@ static BOOL WINTRUST_CreateChainForSigner(CRYPT_PROVIDER_DATA *data, CertAddStoreToCollection(store, data->pahStores[i], 0, 0); } else - ret = FALSE; + err = GetLastError(); } - if (ret) + if (!err) { /* Expect the end certificate for each signer to be the only cert in * the chain: */ if (data->pasSigners[signer].csCertChain) { + BOOL ret; + /* Create a certificate chain for each signer */ ret = CertGetCertificateChain(createInfo->hChainEngine, data->pasSigners[signer].pasCertChain[0].pCert, @@ -792,45 +794,41 @@ static BOOL WINTRUST_CreateChainForSigner(CRYPT_PROVIDER_DATA *data, if (data->pasSigners[signer].pChainContext->cChain != 1) { FIXME("unimplemented for more than 1 simple chain\n"); - ret = FALSE; + err = E_NOTIMPL; } else { - DWORD err; - if (!(err = WINTRUST_CopyChain(data, signer))) { if (data->psPfns->pfnCertCheckPolicy) + { ret = data->psPfns->pfnCertCheckPolicy(data, signer, FALSE, 0); + if (!ret) + err = GetLastError(); + } else TRACE( "no cert check policy, skipping policy check\n"); } - else - { - SetLastError(err); - ret = FALSE; - } } } + else + err = GetLastError(); } CertCloseStore(store, 0); } - return ret; + return err; } HRESULT WINAPI WintrustCertificateTrust(CRYPT_PROVIDER_DATA *data) { - BOOL ret; + DWORD err; TRACE("(%p)\n", data); if (!data->csSigners) - { - ret = FALSE; - SetLastError(TRUST_E_NOSIGNATURE); - } + err = TRUST_E_NOSIGNATURE; else { DWORD i; @@ -838,17 +836,16 @@ HRESULT WINAPI WintrustCertificateTrust(CRYPT_PROVIDER_DATA *data) CERT_CHAIN_PARA chainPara; WINTRUST_CreateChainPolicyCreateInfo(data, &createInfo, &chainPara); - ret = TRUE; - for (i = 0; i < data->csSigners; i++) - ret = WINTRUST_CreateChainForSigner(data, i, &createInfo, + err = ERROR_SUCCESS; + for (i = 0; !err && i < data->csSigners; i++) + err = WINTRUST_CreateChainForSigner(data, i, &createInfo, &chainPara); } - if (!ret) - data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_CERTPROV] = - GetLastError(); - TRACE("returning %d (%08x)\n", ret ? S_OK : S_FALSE, + if (err) + data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_CERTPROV] = err; + TRACE("returning %d (%08x)\n", !err ? S_OK : S_FALSE, data->padwTrustStepErrors[TRUSTERROR_STEP_FINAL_CERTPROV]); - return ret ? S_OK : S_FALSE; + return !err ? S_OK : S_FALSE; } HRESULT WINAPI GenericChainCertificateTrust(CRYPT_PROVIDER_DATA *data) -- 2.11.4.GIT