'Re: [PATCH(1/1)] wininet: TLS fallback mechanism'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wine-devel
Subject:    Re: [PATCH(1/1)] wininet: TLS fallback mechanism
From:       Hiroshi Miura <miurahr () linux ! com>
Date:       2012-10-25 22:35:21
Message-ID: 5089BEA9.2090205 () linux ! com
[Download RAW message or body]

Alexandre Julliard wrote:
> "Hiroshi Miura(@osmf)" <miurahr@osmf.jp> writes:
> 
> > OpenSSL 1.0.x now support TLSv1.1 and TLSv1.2.
> > Sometimes TLSv1.1/1.2 negotiation fails because of combination
> > of server/client ssl library versions.
> > It fixes the error connecting Evernote server with evernote client.
> > http://bugs.winehq.org/show_bug.cgi?id=30598
> > 
> > It has a mechanism to fallback to SSLv3/TLSv1 when fails with TLSv1.1/1.2.
> > 
> > It has also mechanism enable/disable TLSv1.1/1.2 by registry entry under
> > SYSTEM/CurrentControlSet/Control/SecurityProvider/SCHANNEL/Protocols/
> > where is as same place as Windows7.
> > TLSv1.1/1.2 is enabled when the registry entry does not exist.
> It doesn't build on older openssl:
> 
> gcc -m32 -c -I. -I. -I../../include -I../../include  -D__WINESRC__ -D_WINX32_ \
> -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing -Wdeclaration-after-statement \
> -Wstrict-prototypes -Wwrite-strings -gstabs+ -fno-omit-frame-pointer \
> -Wpointer-arith -I/usr/local/include/freetype2 -I/usr/local/include  -g -O2  -o \
>                 netconnection.o netconnection.c
> netconnection.c: In function 'get_tls_option':
> netconnection.c:478: error: 'SSL_OP_NO_TLSv1_2' undeclared (first use in this \
> function) netconnection.c:478: error: (Each undeclared identifier is reported only \
> once netconnection.c:478: error: for each function it appears in.)
> netconnection.c:486: error: 'SSL_OP_NO_TLSv1_1' undeclared (first use in this \
>                 function)
> netconnection.c: In function 'NETCON_secure_connect':
> netconnection.c:925: error: 'SSL_OP_NO_TLSv1_1' undeclared (first use in this \
> function) netconnection.c:925: error: 'SSL_OP_NO_TLSv1_2' undeclared (first use in \
> this function) make[1]: *** [netconnection.o] Error 1
> 

Thanks,
I added '#ifdef SSL_OP_NO_TLSv1_2' related chunk and repost patch.

Hiroshi


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic