Checkout
kotkov
committed
on 13 Jul
Win32: tweak the SSL certificate validation override to avoid hitting the wire
for URL based objects and revocation checks.

The primary pur… Show more
Win32: tweak the SSL certificate validation override to avoid hitting the wire

for URL based objects and revocation checks.

The primary purpose of this callback is to resolve SVN_AUTH_SSL_UNKNOWNCA

failures using CryptoAPI and Windows local certificate stores.  To do so, we

should be fine with just using the immediately available data on the local

machine.

Doing the opposite of that appears to be troublesome, as always connecting

to remote CRL and OCSP endpoints can result in spurious errors or significant

(user-reported) network stalls caused by timeouts if the endpoints are

inaccessible or unreliable.

The new approach should also be in par with the default basic behavior of

several major browsers, for example:

 https://chromium.googlesource.com/chromium/src/net/+/3d1dad1c17ae3ff59e7c35841af94b66f4bca1ba/cert/cert_verify_proc_win.cc#919

* subversion/libsvn_subr/win32_crypto.c

  (windows_validate_certificate): Use the CERT_CHAIN_CACHE_ONLY_URL_RETRIEVAL

   and CERT_CHAIN_REVOCATION_CHECK_CACHE_ONLY flags when preparing the

   certificate chain.  Ignore errors in obtaining valid revocation information

   when verifying the chain, as they could be induced by the new cache-only

   behavior.

Show less