On Thu, Mar 28, 2013 at 12:31 PM, Ken Thomases <k...@codeweavers.com> wrote:
> On Mar 28, 2013, at 6:05 AM, Jacek Caban wrote: > > > --- a/dlls/secur32/schannel_macosx.c > > +++ b/dlls/secur32/schannel_macosx.c > > @@ -630,6 +630,11 @@ static OSStatus schan_push_adapter(SSLConnectionRef > transport, const void *buff, > > return ret; > > } > > > > +DWORD schan_imp_enabled_protocols(void) > > +{ > > + /* NOTE: No support for TLS 1.1 and TLS 1.2 */ > > + return SP_PROT_SSL2_CLIENT | SP_PROT_SSL3_CLIENT | > SP_PROT_TLS1_0_CLIENT; > Do we really want to continue supporting SSL2? It's got a number of vulnerabilities, and is disabled pretty much everywhere by now: http://en.wikipedia.org/wiki/Transport_Layer_Security#SSL_2.0 --Juan