cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL/TLS support using Windows SSPI Schannel API

From: Marc Hoersken <info_at_marc-hoersken.de>
Date: Sat, 14 Apr 2012 15:08:47 +0200

2012/4/14 Gisle Vanem <gvanem_at_broadpark.no>:
> "Marc Hoersken" <info_at_marc-hoersken.de> wrote:
>
>> functionality of SSL/TLS encryption behind the API. This is the whole
>> purpose of the general SSPI API and provider approach. It might be
>> hard to get some information out of it.
>
>
> I think I see. I've played a little at enumerating and getting the
> version of the security packages. Used '->QuerySecurityPackageInfo'.
> But they all seemed to be '1' !

Yes, I made the same observation. It seems to be a simple int value
which is incremented for struct/interfaces changes.

> My motive was to get a better version info from secur32.dll. Maybe we
> should retrieve the file-version of secur32.dll / security.dll itself? Like:
>
> filever -v f:\windows\system32\secur32.dll
> --a-- W32i DLL ENU 5.1.2600.5834 shp 56,832 06-25-2009 secur32.dll
> Language 0x0409 (Engelsk (USA))
> CharSet 0x04b0 Unicode
> OleSelfRegister Disabled
> CompanyName Microsoft Corporation
> FileDescription Security Support Provider Interface
> InternalName security.dll
> OriginalFilenam security.dll
> ProductName Microsoft« Windows« Operating System
> ProductVersion 5.1.2600.5834 <<< !!
>
> Can be obtained using GetFileVersion().

Yes, that's a good idea. I added a new function called
Curl_sspi_version to curl_sspi.[ch] to the product version of the
loaded DLL. This is based upon version.lib, which is available since
Windows 2000 Professional or Windows 2000 Server.

Inside curl_schannel.c the string is appended to "Schannel-", so that
a complete version string looks like this:

D:\Dev\curl>src\curl -V
curl 7.25.1-DEV (i386-pc-win32) libcurl/7.25.1-DEV Schannel-SSPI/6.1.7601.17725
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3
pop3s rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate Largefile NTLM SSL SSPI

I have attached two patches, schannel_2012-04-14_1.patch includes
everything and schannel_2012-04-14_1_diff.patch only the changes since
my last patch.
Git repository is also up-to-date:
https://github.com/mback2k/curl/commit/d38f3da4822c8585cfaa865a4db8b9308316db95

Best regards,
Marc

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html

application/octet-stream attachment: schannel_2012-04-14_1.patch

application/octet-stream attachment: schannel_2012-04-14_1_diff.patch

Received on 2012-04-14

This message: [ Message body ]
Next message: Yang Tse: "Re: [PATCH curl] headers: surround GCC attribute names with double underscores"
Previous message: Gisle Vanem: "Re: SSL/TLS support using Windows SSPI Schannel API"
In reply to: Gisle Vanem: "Re: SSL/TLS support using Windows SSPI Schannel API"
Next in thread: Guenter: "Re: SSL/TLS support using Windows SSPI Schannel API"
Reply: Guenter: "Re: SSL/TLS support using Windows SSPI Schannel API"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]