[PATCH(1/1)] wininet: TLS fallback mechanism
Alexandre Julliard
julliard at winehq.org
Thu Oct 25 13:19:14 CDT 2012
"Hiroshi Miura(@osmf)" <miurahr at osmf.jp> writes:
> OpenSSL 1.0.x now support TLSv1.1 and TLSv1.2.
> Sometimes TLSv1.1/1.2 negotiation fails because of combination
> of server/client ssl library versions.
> It fixes the error connecting Evernote server with evernote client.
> http://bugs.winehq.org/show_bug.cgi?id=30598
>
> It has a mechanism to fallback to SSLv3/TLSv1 when fails with TLSv1.1/1.2.
>
> It has also mechanism enable/disable TLSv1.1/1.2 by registry entry under
> SYSTEM/CurrentControlSet/Control/SecurityProvider/SCHANNEL/Protocols/
> where is as same place as Windows7.
> TLSv1.1/1.2 is enabled when the registry entry does not exist.
It doesn't build on older openssl:
gcc -m32 -c -I. -I. -I../../include -I../../include -D__WINESRC__ -D_WINX32_ -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing -Wdeclaration-after-statement -Wstrict-prototypes -Wwrite-strings -gstabs+ -fno-omit-frame-pointer -Wpointer-arith -I/usr/local/include/freetype2 -I/usr/local/include -g -O2 -o netconnection.o netconnection.c
netconnection.c: In function 'get_tls_option':
netconnection.c:478: error: 'SSL_OP_NO_TLSv1_2' undeclared (first use in this function)
netconnection.c:478: error: (Each undeclared identifier is reported only once
netconnection.c:478: error: for each function it appears in.)
netconnection.c:486: error: 'SSL_OP_NO_TLSv1_1' undeclared (first use in this function)
netconnection.c: In function 'NETCON_secure_connect':
netconnection.c:925: error: 'SSL_OP_NO_TLSv1_1' undeclared (first use in this function)
netconnection.c:925: error: 'SSL_OP_NO_TLSv1_2' undeclared (first use in this function)
make[1]: *** [netconnection.o] Error 1
--
Alexandre Julliard
julliard at winehq.org
More information about the wine-devel
mailing list