[Bug 46161] New: Wine: Wrong GnuTLS usage?

wine-bugs at winehq.org wine-bugs at winehq.org
Sat Nov 17 15:34:53 CST 2018 

https://bugs.winehq.org/show_bug.cgi?id=46161

            Bug ID: 46161
           Summary: Wine: Wrong GnuTLS usage?
           Product: Wine
           Version: 3.20
          Hardware: x86-64
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: -unknown
          Assignee: wine-bugs at winehq.org
          Reporter: jaapbuurman at gmail.com
      Distribution: ---

I am using Wine from WineHQ's official repository to run World of Warcraft. I
use the Twitch client to keep my addons updated. On my desktop PC that is
running Arch with GnuTLS 3.5.19 this is working fine. However, on my Laptop
running Ubuntu 18.10 (Fresh install) with GnuTLS 3.6.4 it is unable to find and
sync my addons. When I start the Twitch client from the terminal, the log is
being spammed with the following messages:

GnuTLS error: A packet with illegal or unsupported version was received.

Said errors are missing when I do the same to run Twitch on my Arch Desktop PC
and it syncs just fine.

I first assumed this was a GnuTLS bug and opened an issue there, but one of the
developers recommended to open a bug here since according to him it looked like
a Wine bug instead.

Issue tracker at GnuTLS: https://gitlab.com/gnutls/gnutls/issues/621

I quote:

I suspect something is wrong in wine. The application via wine seems to
advertise TLS1.3 and TLS1.0, and that confuses the server who selects TLS1.2
(advertising protocols which are not continuous is quite risky, as we see from
the server's behavior):

gnutls[2]: Advertizing version 3.4
gnutls[2]: Advertizing version 3.1

My high level understanding of the wine code is that it allows an application
to specifically remove some versions of TLS and keep some others, however it is
not ready for TLS1.3. That's the reason the application you use ends up
advertising TLS1.3 and TLS1.0, although probably the intention was to only have
TLS1.0 there. Seeing wine's schan_imp_create_session it did not anticipate a
new protocol being added to the list. I suggest opening an issue at the wine
issue tracker.

I think they need to either add support for TLS1.3 if schannel has it, or
remove all enabled versions using -VERS-ALL before adding one explicitly
selected by the application. It is a long shot though, as I do not claim to
fully comprehend the code.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.

More information about the wine-bugs mailing list