cURL / Mailing Lists / curl-library / Single Mail


Re: Windows SSPI Schannel implementation ready

From: Yang Tse <>
Date: Wed, 13 Jun 2012 21:42:34 +0200

Steve Holme <> wrote:

>> > I'm not opposed to not including the version number - this would be
>> > consistent to what WinIDN displays, [...]
>> Ok, then we have consensus then.
> On the version number yes, on the SChannel literal no as this should be SSPI
> - you wouldn't list either libssl32 or libeay32 for OpenSSL !!

Nope. libcurl can be built with SSPI support using other SSL libraries
as it has been done up to nowadays. And this is one of the things that
must be kept around.

>> > I also think, as per the discussion I started 6 weeks ago which I
>> > thought we had decided to do, hence my work here, was that the package
>> > name "WinSSPI", "Windows SSPI" or "SSPI-Windows-native" should be
>> > displayed for the other features that SSPI offers not just the
>> > SChannel SSL support - again this is synonymous to the other Security
>> > Providers that curl uses and provides consistency.
>> I asked for a patch april 23.
> As Marc has already mentioned the commit history of the original work has
> been available for a long time now. My rework has been available since the
> 22nd April. The work you reverted on the 23 April was made because of some
> points over SSPI vs SSO #defines and not the version number rework itself -
> these issues were then addressed on the forums between the 13 May and the 16
> May - no additional input was provided by you during that conversation.

Given that no answer, neither with patch nor without it, to my april
23 mail requesting a patch was given by any of you. I lost any
interest in any development that was going outside of libcurl repo.
Assuming that the time would come when you would bring all that work
either as a patch or somehow and that would be the moment to review

>> schannel: remove version number and identify
>>  its use with 'schannel' literal
> This is the exact opposite of what I have been saying - Windows SSPI is a
> provider of security features like GNUTLS is and should be recognised as
> such. Like you also said we don't list the individual features in the
> package / version string so why list SChannel on its own?

Because it is the one thanks to which SSL works on Windows. As an
exercise remove schannel.dll and you'll see that SSL stops working. MS
loves to put layers and layers in between things.

SSPI is a 'user' of schannel, the same as many other windows parts.

>> Identifier changed from 'WinSSPI' to 'schannel'
>> given that this is the actual provider of the
>> SSL/TLS support. libcurl can still be built with
>> SSPI and without SCHANNEL support.
> I will have a look at the change you are putting in but from reading your
> reply here, you seem to have completely ignored everything I have said on
> this matter and any contribution I have made.

I really appreciate every one's work. The fact that it might need some
adjustments doesn't imply the contrary.

> I have provided good argument for including Windows SSPI as the package name
> and for the inclusion in the version string for both SChannel based SSL and
> for without. I have had agreement from others here and to that degree I can
> only conclude that you simple do what you want when you don't agree with
> what has been said. In that respect I can only thank you for wasting my time
> on this - 2 days of development and several hours of emails.

Hmmm, when you calm down and read this when some time passes by you
might realize how groundless this last paragraph is. Good luck and get
well soon.

List admin:
Received on 2012-06-13