[Bug 53344] HPLOCONS (legacy TLS applications): GnuTLS priority string overrides are ignored in schan_create_session() (patch included)
WineHQ Bugzilla
wine-bugs at winehq.org
Wed Jul 13 14:53:30 CDT 2022
https://bugs.winehq.org/show_bug.cgi?id=53344
--- Comment #6 from Hans Leidekker <hans at meelstraat.net> ---
(In reply to iLOveBugs from comment #5)
> With patch:
> 1. priority is initialized with "%LATEST_RECORD_VERSION" (not a valid
> priority string anymore, maybe name it priority_append instead?)
> 2. system default priority string is prepended to session priority (the
> default is "NORMAL", set by "--with-default-priority-string" during
> compilation or overridden by GNUTLS_SYSTEM_PRIORITY_FILE at runtime)
> 3. ":-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0" is appended to
> priority
> 4. priority is appended to session priority
> (gnutls_set_default_priority_append adds leading ":")
> 5. Result: "<system default priority
> string>:%LATEST_RECORD_VERSION:-VERS-ALL:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-
> TLS1.0"
>
> The reason I do it like this is that there is no getter function
> gnutls_get_default_priority and I tried to interact with GnuTLS in a stable
> way.
The downside is that this make it less predictable which priority is used
because distributions may choose to change the default through
--with-default-priority-string.
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list