[PATCH v2 1/3] bcrypt: Prevent gnutls from using system priority file.
Paul Gofman
pgofman at codeweavers.com
Wed Nov 11 10:01:31 CST 2020
Fedora 33 disabled protocols below TLS 1.2 through crypto policy [1].
https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2#Strong_crypto_settings:_phase_2
Signed-off-by: Paul Gofman <pgofman at codeweavers.com>
---
v2:
- print warning.
dlls/bcrypt/gnutls.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/dlls/bcrypt/gnutls.c b/dlls/bcrypt/gnutls.c
index e85085499ca..41df88ca8f6 100644
--- a/dlls/bcrypt/gnutls.c
+++ b/dlls/bcrypt/gnutls.c
@@ -222,8 +222,19 @@ static void gnutls_log( int level, const char *msg )
static BOOL gnutls_initialize(void)
{
+ const char *env_str;
int ret;
+ if ((env_str = getenv("GNUTLS_SYSTEM_PRIORITY_FILE")))
+ {
+ WARN("GNUTLS_SYSTEM_PRIORITY_FILE is %s.\n", debugstr_a(env_str));
+ }
+ else
+ {
+ WARN("Setting GNUTLS_SYSTEM_PRIORITY_FILE to \"/dev/null\".\n");
+ setenv("GNUTLS_SYSTEM_PRIORITY_FILE", "/dev/null", 0);
+ }
+
if (!(libgnutls_handle = dlopen( SONAME_LIBGNUTLS, RTLD_NOW )))
{
ERR_(winediag)( "failed to load libgnutls, no support for encryption\n" );
--
2.28.0
More information about the wine-devel
mailing list