http://bugs.winehq.org/show_bug.cgi?id=19144 --- Comment #2 from Andras Kovacs <andras(a)csevego.net> 2009-07-01 10:54:42 --- Created an attachment (id=22132) --> (http://bugs.winehq.org/attachment.cgi?id=22132) secur32 log -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

http://bugs.winehq.org/show_bug.cgi?id=19144 --- Comment #4 from Juan Lang <juan_lang(a)yahoo.com> 2009-08-05 15:35:36 --- (In reply to comment #0)

A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: SSL Provider, error: 0 - SSL Provider: ) (Microsoft SQL Server, Error: -2146893048)

Notice that the first error is 0, which is what schannel returns. The second error, the "Microsoft SQL Server" error, is SEC_E_INVALID_TOKEN. I suspect that by changing schannel.c to return 1, you're affecting the first error, but that's not really where the problem is. Googling more leads me to suspect that returning 0 is what's expected, as several snippets of sample code check against SEC_E_OK rather than using FAILED. Here are a few examples: http://msdn.microsoft.com/en-us/library/aa375205(VS.85).aspx http://exodus.googlecode.com/svn/trunk/exodus/idSSLSchannel.pas http://www.eggheadcafe.com/forumarchives/platformsdksecurity/Jul2005/post233... Perhaps a +secur32,+relay trace might give us some idea where the SEC_E_INVALID_TOKEN is coming from? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

http://bugs.winehq.org/show_bug.cgi?id=19144 --- Comment #6 from Andras Kovacs <andras(a)csevego.net> 2009-08-05 16:50:14 --- Look at this sniplet: trace:secur32:schan_QueryContextAttributesW context_handle 0x1bc010, attribute 0x4, buffer 0x35cdb48 trace:secur32:schan_QueryContextAttributesW Using 16 mac bytes, block size 1 (...) 001d:Call KERNEL32.TlsSetValue(0000000c,80090308) ret=65001800 001d:Ret KERNEL32.TlsSetValue() retval=00000001 ret=65001800 (...) I think it checks something, what QueryContextAttributesW returns, and set into a TLS. (80090308 is SEC_E_INVALID_TOKEN) Debug log (its huge, because it's a .net app): http://mgmt.sth.sze.hu/~andras/wine/hatar/relay_secur32.log.bz2 -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

http://bugs.winehq.org/show_bug.cgi?id=19144 --- Comment #8 from Juan Lang <juan_lang(a)yahoo.com> 2009-08-05 17:14:48 --- Created an attachment (id=22840) --> (http://bugs.winehq.org/attachment.cgi?id=22840) Patch: Trace values of SCHANNEL_CRED structure Could you upload a +secur32 log with this patch applied? -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

http://bugs.winehq.org/show_bug.cgi?id=19144 --- Comment #10 from Juan Lang <juan_lang(a)yahoo.com> 2009-08-05 18:03:22 --- Okay, from your log: trace:secur32:schan_CheckCreds grbitEnabledProtocols = 000000f0 That's SP_PROT_TLS1_CLIENT | SP_PROT_TLS1_SERVER | SP_PROT_SSL3_CLIENT | SP_PROT_SSL3_SERVER. I'm not sure whether gnutls supports SSL2 or not, but the log also shows: trace:secur32:schan_gnutls_log <3> HSK[7c8946a0]: Server's version: 3.1 That's TLS1, so I think that's fine. Next up, flags: trace:secur32:schan_CheckCreds dwFlags = 00000034 That's SCH_CRED_AUTO_CRED_VALIDATION | SCH_CRED_NO_DEFAULT_CREDS | SCH_CRED_NO_SERVERNAME_CHECK. SCH_CRED_NO_DEFAULT_CREDS is fine, since we don't have automatic client credentials in Wine. SCH_CRED_AUTO_CRED_VALIDATION is also fine, that's all we ever do at the moment. SCH_CRED_NO_SERVERNAME_CHECK is also fine, because we never check the server name against the supplied certificate, even when we should. So I don't think there should be any mismatch between what the application requested and the connection we actually made. Some test cases for what native secur32 returns for the QueryContextAttributesW would sure be helpful. Even if they're not proper regression tests, just a little test application that connects to your server and prints out what the values of the returned SecPkgContext_StreamSizes are, to see if they're different between native and Wine, would help. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

http://bugs.winehq.org/show_bug.cgi?id=19144 --- Comment #12 from Andras Kovacs <andras(a)csevego.net> 2010-08-02 14:59:51 --- The first problem: We set 16 + 256 in cbTrailer elem, windows sets simply 16. If I change to 16 (mac_size), it goes further. The next error is: A connection was successfully established with the server, but then an error occurred during the login process. (provider: TCP Provider, error: 0 - TCP Provider: ) (Microsoft SQL Server, Error: 10054) AFAIK 10054 is connection reset. Finally windows's values of stream sizes: header=5 trailer=16 maximummsg=16384 buffers=4 blocksize=1 -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

http://bugs.winehq.org/show_bug.cgi?id=19144 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, testcase URL| |http://mgmt.sth.sze.hu/~and | |ras/wine/scanneltest.tar.gz -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

http://bugs.winehq.org/show_bug.cgi?id=19144 --- Comment #15 from Andras Kovacs <andras(a)sth.sze.hu> 2013-02-19 00:33:37 CST --- I can not test it right now, the original problem has gone. It is possible nowadays to connect to mssql with management studio. If you can test it, here is the file: http://home.sth.sze.hu/~andras/wine/scanneltest.tar.gz -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

http://bugs.winehq.org/show_bug.cgi?id=19144 --- Comment #17 from Alexandre Julliard <julliard(a)winehq.org> 2013-03-01 14:50:30 CST --- Closing bugs fixed in 1.5.25. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.

http://bugs.winehq.org/show_bug.cgi?id=19144 Muhammad Zafar Iqbal <mohammadzafariqbal(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mohammadzafariqbal(a)gmail.co | |m -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.