schannel_verify: Fix concurrent openings of CA file

- Open the CA file using FILE_SHARE_READ mode so that others can read from it as well. Prior to this change our schannel code opened the CA file without sharing which meant concurrent openings (eg an attempt from another thread or process) would fail during the time it was open without sharing, which in curl's case would cause error: "schannel: failed to open CA file". Bug: https://curl.haxx.se/mail/lib-2019-10/0104.html Reported-by: Richard Alcock
author: Jay Satiro <raysatiro@yahoo.com> 2019-11-01 18:02:59 -0400
committer: Jay Satiro <raysatiro@yahoo.com> 2019-11-01 18:02:59 -0400
commit: 9c49824902834bb12e26e66f4a8db74f4b9ea217 (patch)
tree: f90c5ae05efb69e16913d7a0b915842922e64734
parent: c2b01cce5ca4ddab04a6e1978be6281d30a55567 (diff)
download: curl-9c49824902834bb12e26e66f4a8db74f4b9ea217.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/vtls/schannel_verify.c b/lib/vtls/schannel_verify.c
index 5a09e969e..1bdf50a55 100644
--- a/lib/vtls/schannel_verify.c
+++ b/lib/vtls/schannel_verify.c
@@ -111,7 +111,7 @@ static CURLcode add_certs_to_store(HCERTSTORE trust_store,
    */
   ca_file_handle = CreateFile(ca_file_tstr,
                               GENERIC_READ,
-                              0,
+                              FILE_SHARE_READ,
                               NULL,
                               OPEN_EXISTING,
                               FILE_ATTRIBUTE_NORMAL,
author	Jay Satiro <raysatiro@yahoo.com>	2019-11-01 18:02:59 -0400
committer	Jay Satiro <raysatiro@yahoo.com>	2019-11-01 18:02:59 -0400
commit	9c49824902834bb12e26e66f4a8db74f4b9ea217 (patch)
tree	f90c5ae05efb69e16913d7a0b915842922e64734
parent	c2b01cce5ca4ddab04a6e1978be6281d30a55567 (diff)
download	curl-9c49824902834bb12e26e66f4a8db74f4b9ea217.tar.gz