f198b5a45a
secur32: Use %LATEST_RECORD_VERSION gnutls priority.
...
It's based on [1], where it's reported to fix issues with older gnutls.
I tested what client hello packages Windows reports for different sets
of used protocol versions, and it always uses newest possible version.
There may be a concern about not using SSL3 client hello, which still
may negotiate newer protocol and was recommended for compatibility
reasons, but it's known to be problematic the other way those days and
recent gnutls won't use it by default anyway [2].
[1] http://us.battle.net/wow/en/forum/topic/20742995286?page=11
[2] 25ed275043
2016-03-29 10:39:41 +09:00
52e68a7823
secur32: Avoid ssize_t type that causes printf format warnings.
2015-08-17 15:34:35 +09:00
cae3f98c69
secur32: Fixed compilation on very old gnutls versions.
2015-06-18 21:41:02 +09:00
72747526b1
secur32: Fixed compilation on with gnutls.
2015-06-17 20:01:30 +09:00
dedbd18836
secur32: Use gnutls_cipher_get_block_size to get cupher block size.
2015-06-16 23:56:46 +09:00
3617e2b2a9
secur32: Added support for a few more algorithms in schannel_get_cipher_algid.
2015-06-16 23:56:45 +09:00
f54a9f4db4
secur32: Add a loop around gnutls_record_send since it may send a partial record.
2015-04-29 13:07:54 +09:00
54b5660378
secur32: Always tell the user that libgnutls could not be loaded.
2015-01-05 20:29:19 +01:00
b8719ff852
secur32: Declare debug channels only when needed (Clang).
2014-12-04 14:03:25 +01:00
e3fa52a636
secur32: Ignore GNUTLS_A_UNRECOGNIZED_NAME warning alert.
2014-01-28 19:38:45 +01:00
6c2f7d01c8
secur32: Don't use deprecated gnutls_certificate_credentials.
2013-06-28 19:41:33 +02:00
c518801495
secur32: Set the SSL server name to enable the SNI extension.
2013-06-13 17:10:02 +02:00
fee9cd3b24
configure: In gnutls-3.2, gnutls_mac_get_key_size() moved to crypto.h.
...
Based on a patch by Ben Kohler <bkohler@gmail.com>.
2013-06-11 11:37:21 +02:00
66f80b57a4
secur32: Pass enabled protocols to GnuTLS.
2013-04-01 12:15:37 +02:00
fe474e3b6a
secur32: Take schannel backend capabilities into account when configuring enabled protocols.
2013-03-28 18:54:01 +01:00
b7a75b468a
secur32: Pass whole schan_credentials struct to schannel backend implementations.
2013-03-25 16:28:18 +01:00
64c84ef5c4
secur32: Report SecPkgContext_ConnectionInfo in bits, not bytes.
2013-02-27 19:23:36 +01:00
5c5d12c8bc
secur32: Return a cert context with context store in SECPKG_ATTR_REMOTE_CERT_CONTEXT GnuTLS implementation.
2013-01-21 16:19:05 +01:00
62e77128c5
secur32: Get rid of deprecated types.
2012-11-16 11:40:17 +01:00
8abcfeddd8
secur32: Recognize some more TLS versions.
2012-07-18 17:12:34 +02:00
929598fd00
secur32: Properly handle GNUTLS_E_AGAIN in (GnuTLS) schan_imp_recv().
2011-10-03 14:38:49 -05:00
65aed972c0
secur32: Properly handle GNUTLS_E_AGAIN in (GnuTLS) schan_imp_send().
2011-10-03 14:38:44 -05:00
0903855456
secur32: Use gnutls_record_get_max_size() to get the maximum message size.
2011-10-03 14:38:21 -05:00
52fa3bf42d
secur32: Avoid size_t and fix some printf formats.
2011-09-05 19:34:55 +02:00
5015f388d1
secur32: Add alternative schannel implementation for Mac OS X.
...
It uses the native Secure Transport API rather than GnuTLS.
2011-03-14 19:31:07 +01:00
0b396208db
secur32: Separate GnuTLS schannel implementation into separate file.
2011-03-14 14:16:13 +01:00
Jacek Caban