Hi, Are there any comment for it? It is a motivation that Evernote windows client cannot connect its server on Wine/OpenSSL 1.0.1. it is caused by server is only support TLS1.0/SSL3.0 , apache2/openssl 0.9.8 thing, but client ask TLS1.1/1.2 and then server returns that session is fails. I know wininet(in Microsoft implementation) has a behavior to re-try by TLS1.0 after TLS1.2 fails. It is discussed in IETF TLS maillist http://www.ietf.org/mail-archive/web/tls/current/msg08218.html How do you think whether we should implement similar way or not? If we adopt similar fall back mechanism, compatibility may become well, but is it good behavior? Hiroshi On 2012.08.26 11:51, Hiroshi Miura wrote:

OpenSSL 1.0.x now support TLSv1.1 and TLSv1.2 but Windows7 is disabled by default.

Schannel registry indicate TLSv1.1/1.2 config.

It fixes the error of Evernote client connection. http://bugs.winehq.org/show_bug.cgi?id=30598

Signed-off-by: Hiroshi Miura <miurahr(a)linux.com> --- dlls/wininet/netconnection.c | 68 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+)