Commit Graph

46 Commits

Author SHA1 Message Date
Alistair Leslie-Hughes 353c16f0d6 secur32: Fix compile for older gnutls libraries.
GNUTLS_ALPN_SERVER_PRECEDENCE was introduced into 3.5.

Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-04-10 12:41:52 +02:00
Hans Leidekker 0527cf89fb secur32: Add TLS application protocol negotiation support.
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-04-09 21:04:04 +02:00
Hans Leidekker af5f9e6d0f secur32: Map GNUTLS_E_REHANDSHAKE to SEC_I_RENEGOTIATE.
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-04-07 20:55:49 +02:00
Alexandre Julliard 55434d4539 secur32: Use standard dlopen() instead of the libwine wrappers.
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2020-04-07 14:26:19 +02:00
Alistair Leslie-Hughes fb78d19881 secur32: Stop memory leak (Coverity).
CID 1442946

Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-03-04 14:50:16 +01:00
Hans Leidekker ba14773187 secur32: Fix the username fallback in get_key_container_path.
Spotted by Sven Baars.

Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-02-22 18:21:57 +01:00
Alistair Leslie-Hughes 9bbe5c3613 secur32: Fix compile error on older gnutls.
Signed-off-by: Alistair Leslie-Hughes <leslie_alistair@hotmail.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-02-08 22:18:16 +01:00
Hans Leidekker 16d9f62bdf secur32: Add support for client certificate authentication.
Signed-off-by: Hans Leidekker <hans@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2019-02-07 12:54:35 +01:00
Jacek Caban 179ee89e65 secur32: Use VERS-ALL priority string only on recent gnutls versions.
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-12-07 16:43:37 +01:00
Jacek Caban 9dd0f8f4b7 secur32: Check for supported protocols when loading gnutls.
We mostly need to know if TLS1.3 is supported before attempting to
handle it. It's just in gnutls backend now, so it will not be actually
enabled yet.

Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-12-07 16:43:35 +01:00
Jacek Caban 5cc5b102c1 secur32: Use -VERS-ALL gnutls priority string to disable not enabled protocols.
Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=46161
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-12-06 19:23:55 +01:00
Michael Stefaniuc baf4cb3958 secur32: Use the ARRAY_SIZE() macro.
Signed-off-by: Michael Stefaniuc <mstefani@winehq.org>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2018-07-19 08:07:10 +02:00
Jacek Caban 855d73e927 secur32: Fixed compilation with prediluvian gnutls.
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-04-28 17:07:43 +02:00
Akihiro Sagawa ffefa721ba secur32: Return PRF algorithm value when using GCM.
Signed-off-by: Akihiro Sagawa <sagawa.aki@gmail.com>
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-04-27 22:22:34 +02:00
Akihiro Sagawa b6d32239d6 secur32: Add support for SECPKG_ATTR_KEY_INFO.
Signed-off-by: Akihiro Sagawa <sagawa.aki@gmail.com>
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-04-25 20:53:04 +02:00
Akihiro Sagawa d5bc3c7bce secur32: 3DES has a different ALG_ID.
Signed-off-by: Akihiro Sagawa <sagawa.aki@gmail.com>
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-04-19 20:02:53 +02:00
Akihiro Sagawa 8981dac859 secur32: Return correct key exchange algorithm value.
Signed-off-by: Akihiro Sagawa <sagawa.aki@gmail.com>
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2017-04-19 20:02:53 +02:00
Sebastian Lackner e6c85e8436 secur32: Define missing gnutls_kx_algorithm_t constants for gnutls versions < 3.
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-07-14 22:10:31 +09:00
Max Qian cf9cd32df3 secur32: Added support for a few more algids.
Signed-off-by: Max Qian <public@maxqia.com>
Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-07-06 23:10:08 +09:00
Michael Cronenworth bf5ac531a0 secur32: Provide a static declaration for gnutls_cipher_get_block_size.
Instead of providing an extern provide a static declaration. The
function return type changed from signed to unsigned in GnuTLS 3.5.

Signed-off-by: Michael Cronenworth <mike@cchtml.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-06-17 00:09:20 +09:00
Jacek Caban f198b5a45a secur32: Use %LATEST_RECORD_VERSION gnutls priority.
It's based on [1], where it's reported to fix issues with older gnutls.
I tested what client hello packages Windows reports for different sets
of used protocol versions, and it always uses newest possible version.
There may be a concern about not using SSL3 client hello, which still
may negotiate newer protocol and was recommended for compatibility
reasons, but it's known to be problematic the other way those days and
recent gnutls won't use it by default anyway [2].

[1] http://us.battle.net/wow/en/forum/topic/20742995286?page=11
[2] 25ed275043

Signed-off-by: Jacek Caban <jacek@codeweavers.com>
Signed-off-by: Alexandre Julliard <julliard@winehq.org>
2016-03-29 10:39:41 +09:00
Alexandre Julliard 52e68a7823 secur32: Avoid ssize_t type that causes printf format warnings. 2015-08-17 15:34:35 +09:00
Jacek Caban cae3f98c69 secur32: Fixed compilation on very old gnutls versions. 2015-06-18 21:41:02 +09:00
Jacek Caban 72747526b1 secur32: Fixed compilation on with gnutls. 2015-06-17 20:01:30 +09:00
Jacek Caban dedbd18836 secur32: Use gnutls_cipher_get_block_size to get cupher block size. 2015-06-16 23:56:46 +09:00
Jacek Caban 3617e2b2a9 secur32: Added support for a few more algorithms in schannel_get_cipher_algid. 2015-06-16 23:56:45 +09:00
Alexandre Julliard f54a9f4db4 secur32: Add a loop around gnutls_record_send since it may send a partial record. 2015-04-29 13:07:54 +09:00
Bruno Jesus 54b5660378 secur32: Always tell the user that libgnutls could not be loaded. 2015-01-05 20:29:19 +01:00
André Hentschel b8719ff852 secur32: Declare debug channels only when needed (Clang). 2014-12-04 14:03:25 +01:00
Jacek Caban e3fa52a636 secur32: Ignore GNUTLS_A_UNRECOGNIZED_NAME warning alert. 2014-01-28 19:38:45 +01:00
Jacek Caban 6c2f7d01c8 secur32: Don't use deprecated gnutls_certificate_credentials. 2013-06-28 19:41:33 +02:00
Alexandre Julliard c518801495 secur32: Set the SSL server name to enable the SNI extension. 2013-06-13 17:10:02 +02:00
Alexandre Rostovtsev fee9cd3b24 configure: In gnutls-3.2, gnutls_mac_get_key_size() moved to crypto.h.
Based on a patch by Ben Kohler <bkohler@gmail.com>.
2013-06-11 11:37:21 +02:00
Jacek Caban 66f80b57a4 secur32: Pass enabled protocols to GnuTLS. 2013-04-01 12:15:37 +02:00
Jacek Caban fe474e3b6a secur32: Take schannel backend capabilities into account when configuring enabled protocols. 2013-03-28 18:54:01 +01:00
Jacek Caban b7a75b468a secur32: Pass whole schan_credentials struct to schannel backend implementations. 2013-03-25 16:28:18 +01:00
Jacek Caban 64c84ef5c4 secur32: Report SecPkgContext_ConnectionInfo in bits, not bytes. 2013-02-27 19:23:36 +01:00
Jacek Caban 5c5d12c8bc secur32: Return a cert context with context store in SECPKG_ATTR_REMOTE_CERT_CONTEXT GnuTLS implementation. 2013-01-21 16:19:05 +01:00
Austin English 62e77128c5 secur32: Get rid of deprecated types. 2012-11-16 11:40:17 +01:00
Henri Verbeet 8abcfeddd8 secur32: Recognize some more TLS versions. 2012-07-18 17:12:34 +02:00
Henri Verbeet 929598fd00 secur32: Properly handle GNUTLS_E_AGAIN in (GnuTLS) schan_imp_recv(). 2011-10-03 14:38:49 -05:00
Henri Verbeet 65aed972c0 secur32: Properly handle GNUTLS_E_AGAIN in (GnuTLS) schan_imp_send(). 2011-10-03 14:38:44 -05:00
Henri Verbeet 0903855456 secur32: Use gnutls_record_get_max_size() to get the maximum message size. 2011-10-03 14:38:21 -05:00
Alexandre Julliard 52fa3bf42d secur32: Avoid size_t and fix some printf formats. 2011-09-05 19:34:55 +02:00
Ken Thomases 5015f388d1 secur32: Add alternative schannel implementation for Mac OS X.
It uses the native Secure Transport API rather than GnuTLS.
2011-03-14 19:31:07 +01:00
Ken Thomases 0b396208db secur32: Separate GnuTLS schannel implementation into separate file. 2011-03-14 14:16:13 +01:00