Jacek Caban : secur32: Use %LATEST_RECORD_VERSION gnutls priority.

Alexandre Julliard julliard at winehq.org
Mon Dec 19 13:10:37 CST 2016

Module: wine
Branch: stable
Commit: c02915d0dde1094106783db93c84020a582d40c4
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=c02915d0dde1094106783db93c84020a582d40c4

Author: Jacek Caban <jacek at codeweavers.com>
Date:   Mon Mar 28 12:42:05 2016 +0200

secur32: Use %LATEST_RECORD_VERSION gnutls priority.

It's based on [1], where it's reported to fix issues with older gnutls.
I tested what client hello packages Windows reports for different sets
of used protocol versions, and it always uses newest possible version.
There may be a concern about not using SSL3 client hello, which still
may negotiate newer protocol and was recommended for compatibility
reasons, but it's known to be problematic the other way those days and
recent gnutls won't use it by default anyway [2].

[1] http://us.battle.net/wow/en/forum/topic/20742995286?page=11
[2] https://gitlab.com/gnutls/gnutls/commit/25ed2750438178ff65d555a49212dc7b5a37c644

Signed-off-by: Jacek Caban <jacek at codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
(cherry picked from commit f198b5a45a52aa0bcf79f1909c8f6dc4e56c4143)
Signed-off-by: Michael Stefaniuc <mstefani at winehq.org>


 dlls/secur32/schannel_gnutls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dlls/secur32/schannel_gnutls.c b/dlls/secur32/schannel_gnutls.c
index 4f95e4d..bcadd47 100644
--- a/dlls/secur32/schannel_gnutls.c
+++ b/dlls/secur32/schannel_gnutls.c
@@ -159,7 +159,7 @@ DWORD schan_imp_enabled_protocols(void)
 BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred)
     gnutls_session_t *s = (gnutls_session_t*)session;
-    char priority[64] = "NORMAL", *p;
+    char priority[128] = "NORMAL:%LATEST_RECORD_VERSION", *p;
     unsigned i;
     int err = pgnutls_init(s, cred->credential_use == SECPKG_CRED_INBOUND ? GNUTLS_SERVER : GNUTLS_CLIENT);

More information about the wine-cvs mailing list