Jacek Caban : secur32: Use %LATEST_RECORD_VERSION gnutls priority.
julliard at winehq.org
Mon Dec 19 13:10:37 CST 2016
Author: Jacek Caban <jacek at codeweavers.com>
Date: Mon Mar 28 12:42:05 2016 +0200
secur32: Use %LATEST_RECORD_VERSION gnutls priority.
It's based on , where it's reported to fix issues with older gnutls.
I tested what client hello packages Windows reports for different sets
of used protocol versions, and it always uses newest possible version.
There may be a concern about not using SSL3 client hello, which still
may negotiate newer protocol and was recommended for compatibility
reasons, but it's known to be problematic the other way those days and
recent gnutls won't use it by default anyway .
Signed-off-by: Jacek Caban <jacek at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
(cherry picked from commit f198b5a45a52aa0bcf79f1909c8f6dc4e56c4143)
Signed-off-by: Michael Stefaniuc <mstefani at winehq.org>
dlls/secur32/schannel_gnutls.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/dlls/secur32/schannel_gnutls.c b/dlls/secur32/schannel_gnutls.c
index 4f95e4d..bcadd47 100644
@@ -159,7 +159,7 @@ DWORD schan_imp_enabled_protocols(void)
BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred)
gnutls_session_t *s = (gnutls_session_t*)session;
- char priority = "NORMAL", *p;
+ char priority = "NORMAL:%LATEST_RECORD_VERSION", *p;
int err = pgnutls_init(s, cred->credential_use == SECPKG_CRED_INBOUND ? GNUTLS_SERVER : GNUTLS_CLIENT);
More information about the wine-cvs