[RAPPS] Fix pinned certificate issuer check

This commit is contained in:
Stanislav Motylkov 2021-01-11 19:16:16 +03:00
parent 35f3034879
commit f77f5a30cf
No known key found for this signature in database
GPG key ID: AFE513258CBA9E92

View file

@ -50,7 +50,8 @@
#include "misc.h" #include "misc.h"
#ifdef USE_CERT_PINNING #ifdef USE_CERT_PINNING
#define CERT_ISSUER_INFO "US\r\nLet's Encrypt\r\nLet's Encrypt Authority X3" #define CERT_ISSUER_INFO_OLD "US\r\nLet's Encrypt\r\nLet's Encrypt Authority X3"
#define CERT_ISSUER_INFO_NEW "US\r\nLet's Encrypt\r\nR3"
#define CERT_SUBJECT_INFO "rapps.reactos.org" #define CERT_SUBJECT_INFO "rapps.reactos.org"
#endif #endif
@ -832,7 +833,8 @@ unsigned int WINAPI CDownloadManager::ThreadFunc(LPVOID param)
else else
{ {
if (strcmp(subjectName, CERT_SUBJECT_INFO) || if (strcmp(subjectName, CERT_SUBJECT_INFO) ||
strcmp(issuerName, CERT_ISSUER_INFO)) (strcmp(issuerName, CERT_ISSUER_INFO_OLD) &&
strcmp(issuerName, CERT_ISSUER_INFO_NEW)))
{ {
szMsgText.Format(IDS_MISMATCH_CERT_INFO, (char*)subjectName, (const char*)issuerName); szMsgText.Format(IDS_MISMATCH_CERT_INFO, (char*)subjectName, (const char*)issuerName);
bAskQuestion = true; bAskQuestion = true;