[PATCH(1/1)] wininet: TLS fallback mechanism
miurahr at linux.com
Thu Oct 25 17:35:21 CDT 2012
Alexandre Julliard wrote:
> "Hiroshi Miura(@osmf)" <miurahr at osmf.jp> writes:
>> OpenSSL 1.0.x now support TLSv1.1 and TLSv1.2.
>> Sometimes TLSv1.1/1.2 negotiation fails because of combination
>> of server/client ssl library versions.
>> It fixes the error connecting Evernote server with evernote client.
>> It has a mechanism to fallback to SSLv3/TLSv1 when fails with TLSv1.1/1.2.
>> It has also mechanism enable/disable TLSv1.1/1.2 by registry entry under
>> where is as same place as Windows7.
>> TLSv1.1/1.2 is enabled when the registry entry does not exist.
> It doesn't build on older openssl:
> gcc -m32 -c -I. -I. -I../../include -I../../include -D__WINESRC__ -D_WINX32_ -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing -Wdeclaration-after-statement -Wstrict-prototypes -Wwrite-strings -gstabs+ -fno-omit-frame-pointer -Wpointer-arith -I/usr/local/include/freetype2 -I/usr/local/include -g -O2 -o netconnection.o netconnection.c
> netconnection.c: In function 'get_tls_option':
> netconnection.c:478: error: 'SSL_OP_NO_TLSv1_2' undeclared (first use in this function)
> netconnection.c:478: error: (Each undeclared identifier is reported only once
> netconnection.c:478: error: for each function it appears in.)
> netconnection.c:486: error: 'SSL_OP_NO_TLSv1_1' undeclared (first use in this function)
> netconnection.c: In function 'NETCON_secure_connect':
> netconnection.c:925: error: 'SSL_OP_NO_TLSv1_1' undeclared (first use in this function)
> netconnection.c:925: error: 'SSL_OP_NO_TLSv1_2' undeclared (first use in this function)
> make: *** [netconnection.o] Error 1
I added '#ifdef SSL_OP_NO_TLSv1_2' related chunk and repost patch.
More information about the wine-devel