Buy commercial curl support from WolfSSL. We help you work
out your issues, debug your libcurl applications, use the API, port to new
platforms, add new features and more. With a team lead by the curl founder
himself.
Re: SCHANNEL failing in 7.77 when it worked in 7.74
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Joel DePooter via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 6 Jul 2021 16:02:09 -0700
Are you using libcurl with http2 enabled? If so, this sounds exactly like
the issue fixed in this change:
https://github.com/curl/curl/pull/7138
I submitted that fix shortly after the 7.77 release. If this is indeed the
solution to your problem, you will need to either wait for the 7.78
release, or manually patch your build with this change. It's a very simple
change, so patching your build should be easy. An alternative solution
would be to remove nghttp2 from your build, thus disabling http/2 and
avoiding this problem.
The difference in behaviour between your executable and the other process
is likely due to the application manifest. On Windows, http/2 is only
enabled if the executable manifest contains the right compatibility flags.
The default curl executable does not include any manifest, so http/2 is not
enabled. The other executable is likely built with a manifest which enabled
http/2. I have been meaning to look into including the appropriate manifest
flags in the curl.exe build when I have some time for a project like that.
-Joel Depooter
On Tue, Jul 6, 2021 at 3:35 PM Roland Rabien via curl-library <
curl-library_at_cool.haxx.se> wrote:
> I have an application / plugin that uses a static build of libcurl. All
> was working fine with 7.74
>
> When I upgraded to 7.77, the command line options to compile schannel had
> changed, which I upgraded.
>
> My standalone application works fine with 7.77
>
> However, my program is also a DLL that can also be hosted as a plugin and
> run in another program's process space. In this case, schannel connect
> fails with:
>
> "schannel: initial InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE
> (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is
> received (e.g. handshake failed). More detail may be available in the
> Windows System event log."
>
> Any idea how to debug this? Are there global parameters of schannel that
> could be configured differently that is causing it to fail? Could running
> two different versions of libcurl in the same process be an issue? Any
> other guesses?
>
> Roland
> -------------------------------------------------------------------
> Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
> Etiquette: https://curl.se/mail/etiquette.html
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.se/mail/etiquette.html
Received on 2021-07-07
Date: Tue, 6 Jul 2021 16:02:09 -0700
Are you using libcurl with http2 enabled? If so, this sounds exactly like
the issue fixed in this change:
https://github.com/curl/curl/pull/7138
I submitted that fix shortly after the 7.77 release. If this is indeed the
solution to your problem, you will need to either wait for the 7.78
release, or manually patch your build with this change. It's a very simple
change, so patching your build should be easy. An alternative solution
would be to remove nghttp2 from your build, thus disabling http/2 and
avoiding this problem.
The difference in behaviour between your executable and the other process
is likely due to the application manifest. On Windows, http/2 is only
enabled if the executable manifest contains the right compatibility flags.
The default curl executable does not include any manifest, so http/2 is not
enabled. The other executable is likely built with a manifest which enabled
http/2. I have been meaning to look into including the appropriate manifest
flags in the curl.exe build when I have some time for a project like that.
-Joel Depooter
On Tue, Jul 6, 2021 at 3:35 PM Roland Rabien via curl-library <
curl-library_at_cool.haxx.se> wrote:
> I have an application / plugin that uses a static build of libcurl. All
> was working fine with 7.74
>
> When I upgraded to 7.77, the command line options to compile schannel had
> changed, which I upgraded.
>
> My standalone application works fine with 7.77
>
> However, my program is also a DLL that can also be hosted as a plugin and
> run in another program's process space. In this case, schannel connect
> fails with:
>
> "schannel: initial InitializeSecurityContext failed: SEC_E_ILLEGAL_MESSAGE
> (0x80090326) - This error usually occurs when a fatal SSL/TLS alert is
> received (e.g. handshake failed). More detail may be available in the
> Windows System event log."
>
> Any idea how to debug this? Are there global parameters of schannel that
> could be configured differently that is causing it to fail? Could running
> two different versions of libcurl in the same process be an issue? Any
> other guesses?
>
> Roland
> -------------------------------------------------------------------
> Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
> Etiquette: https://curl.se/mail/etiquette.html
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.se/mail/etiquette.html
Received on 2021-07-07