cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: SSL/TLS support using Windows SSPI Schannel API

From: Marc Hoersken <info_at_marc-hoersken.de>
Date: Mon, 16 Apr 2012 07:53:46 +0200

2012/4/15 Steve Holme <steve_holme_at_hotmail.com>:
> Hi Guys,
>
> On Sat, Apr 14, 201 Marc Hoersken wrote:
>
>> Inside curl_schannel.c the string is appended to "Schannel-", so that
>> a complete version string looks like this:
>>
>> D:\Dev\curl>src\curl -V
>> curl 7.25.1-DEV (i386-pc-win32) libcurl/7.25.1-DEV
>> Schannel-SSPI/6.1.7601.17725
>> Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3
>> pop3s rtsp smtp smtps telnet tftp
>> Features: AsynchDNS GSS-Negotiate Largefile NTLM SSL SSPI
>
> As a minor point I was wondering whether curl's version information should output the following instead:
>
>> curl 7.25.1-DEV (i386-pc-win32) libcurl/7.25.1-DEV SSPI/6.1.7601.17725
>> Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp smtp smtps telnet tftp
>> Features: AsynchDNS GSS-Negotiate Largefile NTLM SSL SCHANNEL
>
> So list SSPI in the library information and SCHANNEL in the features list as GSS-Negotiate, NTLM and SCHANNEL are all features of Windows SSPI.
>
> So even if someone build curl with SSPI but without SCHANNEL, SSPI would be listed in the library info rather than in the feature list as it is at present ;-)
>

That's probably a good idea, but it requires changes to parts of
libcurl which I haven't seen yet. Maybe someone else can pitch in here
and do the required changes or point to the right direction?

We may also need to think about a privacy issue here, because the
first line is actually used as the HTTP user-agent and now reveals the
Windows version. The first two numbers of the SSPI DLL version
indicate the Windows NT version number, in this case NT 6.1 == Windows
7.

Best regards,
Marc
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-04-16