secur32: Use -VERS-ALL gnutls priority string to disable not enabled protocols.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=46161
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Jacek Caban 2018-12-06 18:09:18 +01:00 committed by Alexandre Julliard
parent 2d61c5f379
commit 5cc5b102c1
1 changed files with 3 additions and 2 deletions

View File

@ -166,7 +166,7 @@ DWORD schan_imp_enabled_protocols(void)
BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred) BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred)
{ {
gnutls_session_t *s = (gnutls_session_t*)session; gnutls_session_t *s = (gnutls_session_t*)session;
char priority[128] = "NORMAL:%LATEST_RECORD_VERSION", *p; char priority[128] = "NORMAL:%LATEST_RECORD_VERSION:-VERS-ALL", *p;
unsigned i; unsigned i;
int err = pgnutls_init(s, cred->credential_use == SECPKG_CRED_INBOUND ? GNUTLS_SERVER : GNUTLS_CLIENT); int err = pgnutls_init(s, cred->credential_use == SECPKG_CRED_INBOUND ? GNUTLS_SERVER : GNUTLS_CLIENT);
@ -178,8 +178,9 @@ BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cre
p = priority + strlen(priority); p = priority + strlen(priority);
for(i = 0; i < ARRAY_SIZE(protocol_priority_flags); i++) { for(i = 0; i < ARRAY_SIZE(protocol_priority_flags); i++) {
if (!(cred->enabled_protocols & protocol_priority_flags[i].enable_flag)) continue;
*p++ = ':'; *p++ = ':';
*p++ = (cred->enabled_protocols & protocol_priority_flags[i].enable_flag) ? '+' : '-'; *p++ = '+';
strcpy(p, protocol_priority_flags[i].gnutls_flag); strcpy(p, protocol_priority_flags[i].gnutls_flag);
p += strlen(p); p += strlen(p);
} }