From: "Rémi Bernon" Subject: Re: [PATCH 4/5] secur32: Perform TLS handshake even if input is empty. Message-Id: <6bc572ee-e05c-d6ee-6c8e-c241e129de8c@codeweavers.com> Date: Wed, 17 Feb 2021 12:23:52 +0100 In-Reply-To: <522e1621781981d6b23f69be961ecf728d1c99a8.camel@codeweavers.com> References: <20210215114723.3898056-4-rbernon@codeweavers.com> <78456e41-4993-2d6a-6151-1d78bba111ff@codeweavers.com> <522e1621781981d6b23f69be961ecf728d1c99a8.camel@codeweavers.com> On 2/15/21 3:32 PM, Hans Leidekker wrote: > On Mon, 2021-02-15 at 13:26 +0100, Rémi Bernon wrote: >> On 2/15/21 1:22 PM, Marvin wrote: >>> === debiant2 (64 bit WoW report) === >>> >>> secur32: >>> schannel.c:818: Test failed: Output buffer size changed. >>> schannel.c:833: Test failed: Output buffer size changed. >>> schannel.c:842: Test failed: Output buffer size changed. >>> schannel: Timeout >>> >> >> I guess that speaks for itself, but I'm still interested to discuss how >> to properly test the re-handshake, if there are ways. > > We could set up a test on test.winehq.org. Apache docs suggest that > changing SSL parameters trigger a re-handshake. Maybe something like > this will work: > > > SSLVerifyClient require > > > I don't really know much about Apache configuration, but isn't this going to require a client certificate, which we don't have? Is it going to fail but after the re-handshake (which would allow us to test it)? -- Rémi Bernon