Swiftdiff options
| author | Remko Tronçon <git@el-tramo.be> | 2012-04-30 21:05:54 (GMT) |
|---|---|---|
| committer | Remko Tronçon <git@el-tramo.be> | 2012-05-05 16:05:08 (GMT) |
| commit | 44928c6e006e0263bcb54472d6cae2794e75da67 (patch) | |
| tree | 4c8ef35806351773cbfcca353f14d35a0e3325d0 | |
| parent | 5b61ad968d61a2281e194eb8444dff4e105739f3 (diff) | |
| download | swift-44928c6e006e0263bcb54472d6cae2794e75da67.zip swift-44928c6e006e0263bcb54472d6cae2794e75da67.tar.bz2 | |
Revert "* Added additional cert store to chain validation. * Turned off revocation checking."
This reverts commit e33b7a309e0424450ab00bc6180df95c6c049195.
| -rw-r--r-- | Swiften/TLS/Schannel/SchannelContext.cpp | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/Swiften/TLS/Schannel/SchannelContext.cpp b/Swiften/TLS/Schannel/SchannelContext.cpp index 2f2f2ae..13b57b4 100644 --- a/Swiften/TLS/Schannel/SchannelContext.cpp +++ b/Swiften/TLS/Schannel/SchannelContext.cpp @@ -192,9 +192,7 @@ SECURITY_STATUS SchannelContext::validateServerCertificate() { chainParams.RequestedUsage.Usage.cUsageIdentifier = ARRAYSIZE(usage); chainParams.RequestedUsage.Usage.rgpszUsageIdentifier = const_cast<LPSTR*>(usage); - // NOTE: We've turned off revocation checking due to some certificate providers causing timeouts when attempting - // to talk to their revocation server, such as Starfield) - DWORD chainFlags = CERT_CHAIN_CACHE_END_CERT /*| CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT*/; + DWORD chainFlags = CERT_CHAIN_CACHE_END_CERT | CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT; ScopedCertChainContext pChainContext; @@ -202,7 +200,7 @@ SECURITY_STATUS SchannelContext::validateServerCertificate() { NULL, // Use the chain engine for the current user (assumes a user is logged in) pServerCert->getCertContext(), NULL, - pServerCert->getCertContext()->hCertStore, + NULL, &chainParams, chainFlags, NULL, |