secur32: Use %LATEST_RECORD_VERSION gnutls priority.

It's based on [1], where it's reported to fix issues with older gnutls.
I tested what client hello packages Windows reports for different sets
of used protocol versions, and it always uses newest possible version.
There may be a concern about not using SSL3 client hello, which still
may negotiate newer protocol and was recommended for compatibility
reasons, but it's known to be problematic the other way those days and
recent gnutls won't use it by default anyway [2].

[1] http://us.battle.net/wow/en/forum/topic/20742995286?page=11
[2] 25ed275043

Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
This commit is contained in:
Jacek Caban 2016-03-28 12:42:05 +02:00 committed by Alexandre Julliard
parent 5e27e6b5d8
commit f198b5a45a
1 changed files with 1 additions and 1 deletions

View File

@ -160,7 +160,7 @@ DWORD schan_imp_enabled_protocols(void)
BOOL schan_imp_create_session(schan_imp_session *session, schan_credentials *cred)
{
gnutls_session_t *s = (gnutls_session_t*)session;
char priority[64] = "NORMAL", *p;
char priority[128] = "NORMAL:%LATEST_RECORD_VERSION", *p;
unsigned i;
int err = pgnutls_init(s, cred->credential_use == SECPKG_CRED_INBOUND ? GNUTLS_SERVER : GNUTLS_CLIENT);