cURL / Mailing Lists / curl-library / Single Mail


Re: Windows SSPI Schannel implementation ready

From: Marc Hoersken <>
Date: Wed, 13 Jun 2012 17:04:47 +0200

Hello everyone,

2012/6/13 Yang Tse <>:
> One of the reasons for which I personally dislike big patches is that
> these usually hide changes which are not properly discussed, or
> discussed with such lengthy threads that no one knows finally what's
> going on, making it necessary to fully analyze resulting patch in
> order to know what changes it really introduces. This is what I'm
> doing now. I might have further objections, so don't be surprised if I
> mention or fix something else.

This is why I posted the full commit history during the early
development stages and especially separated even squashed commits to
avoid mixing up changes to different areas. While you say that an
updated patch wasn't provided until June, the other changes have been
around since April and the full commit history including separate
small patches was available from the beginning. The new changes
introducing the updated version information were also separated and
can be easily identified in the history.

> Given that it seems we've reached consensus on that you can live
> without the numeric part of the string, and that I can live with some
> schannel specific identifier, I'm pushing right now a patch with the
> following commit message:
> schannel: remove version number and identify its use with 'schannel' literal
> Version number is removed in order to make this info consistent with
> how we do it with other MS and Linux system libraries for which we
> don't provide this info.
> Identifier changed from 'WinSSPI' to 'schannel' given that this is the
> actual provider of the SSL/TLS support. libcurl can still be built
> with SSPI and without SCHANNEL support.

Actually "schannel" is not the correct identifier. It's either
"Schannel" or "Secure Schannel". Please take a look at the MSDN
documentation before doing such changes:

I see that you changed the winbuild scripts to automatically set
USE_SSPI to yes and USE_SCHANNEL to true if USE_SSL is false. Why did
you do that? That makes it impossible to build a Windows version
without SSL support. Before your changes Schannel was only enabled if
SSPI was enabled and OpenSSL was not.
Besides that, I liked the idea of having the low level Windows
libaries in a separate WINLIBS variable in the makefile. Why did you
revert this cleanup change, too?

Best regards,
List admin:
Received on 2012-06-13