Need help to disable 'Check for server certificate revocation' by program
xie bo
I have a program which uses wininet to connect to a SSL site and it
works well on Win2003. But in Win2003 SP1, it fails. If I disable
'Check for server certificate revocation' in IE->tool->option->advanced
option, it works again.
http://groups-beta.google.com/group/microsoft.public.inetsdk.programming.wininet/browse_thread/thread/f6864c0e08da313d
mentioned this bug one year ago, and it seems no fix/update right now.
I can not disable 'Check for server certificate revocation' because I
think some other applications might depends on 'check for server
certificate revocation'. What I want to do is ONLY disable my wininet
application (e.g., process) by program (not uncheck the button
manually).
Any suggestion?
Thanks very much!
Vladimir Scherbina
Have you tried setting SECURITY_FLAG_IGNORE_REVOCATION flag in
HttpSendRequestEx ?
--
Vladimir (Windows SDK MVP)
"xie bo" <xiebo...@gmail.com> wrote in message
news:1163430972.5...@b28g2000cwb.googlegroups.com...
xie bo
> HttpSendRequestEx ?
(http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wininet/wininet/httpsendrequestex.asp).
-------------------------------
BOOL HttpSendRequestEx(
HINTERNET hRequest,
LPINTERNET_BUFFERS lpBuffersIn,
LPINTERNET_BUFFERS lpBuffersOut,
DWORD dwFlags,
DWORD_PTR dwContext
);
...
dwFlags
[in] Reserved. Must be zero.
-------------------------------
Where to set SECURITY_FLAG_IGNORE_REVOCATION flag in HttpSendRequestEx?
Could you please show me a sample code?
Thanks very much!
Vladimir Scherbina
Even if the flag is documented as "non-used" it's value is still passed to
the wininet internal routines. Look at the disassembly of wininet.dll:
(Here is the code from my HttpSendRequestEx(A))
.text:77266375 ; BOOL __stdcall HttpSendRequestExA(HINTERNET
hRequest,LPINTERNET_BUFFERSA lpBuffersIn,LPINTERNET_BUFFERSA
lpBuffersOut,DWORD dwFlags,DWORD dwContext)
.text:77266375 public HttpSendRequestExA
.text:77266375 HttpSendRequestExA proc near
.text:77266375
.text:77266375 hRequest = dword ptr 8
.text:77266375 lp = dword ptr 0Ch
.text:77266375 lpBuffersOut = dword ptr 10h
.text:77266375 dwFlags = dword ptr 14h
.text:77266375 dwContext = dword ptr 18h
;[...]
.text:772663A5 mov eax, [esi+8]
.text:772663A8 mov ecx, [esi+0Ch]
;*Here we see that value of dwFlags is storing in edx*
.text:772663AB mov edx, [esi+14h]
.text:772663AE mov edi, [esi+18h]
.text:772663B1 mov ebx, [esi+1Ch]
.text:772663B4
.text:772663B4 loc_772663B4: ; CODE XREF:
HttpSendRequestExA+1C j
.text:772663B4 push 14h
.text:772663B6 push ebx
.text:772663B7 push edi
.text:772663B8 push edx
;*Value of edx is placed into the stack*
.text:772663B9 push ecx
.text:772663BA push eax
.text:772663BB push [ebp+hRequest]
.text:772663BE call sub_77221D26 ; *finally, it's passed
to sub_77221D26*
Anyway, try setting the flag. It might help, IIRC there were the same issue
on this newsgroup, and setting this flag helped.
--
Vladimir (Windows SDK MVP)
"xie bo" <xiebo...@gmail.com> wrote in message
news:1163467059.6...@i42g2000cwa.googlegroups.com...