[GNUnet-SVN] [gnurl] 01/163: schannel: disable client cert option if API

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [gnurl] 01/163: schannel: disable client cert option if API

From:	gnunet
Subject:	[GNUnet-SVN] [gnurl] 01/163: schannel: disable client cert option if APIs not available
Date:	Sun, 05 Aug 2018 12:35:27 +0200

This is an automated email from the git hooks/post-receive script.

ng0 pushed a commit to branch master
in repository gnurl.

commit 1592ea979220c28d240492a0ea2e127478e2089c
Author: Archangel_SDY <address@hidden>
AuthorDate: Mon Apr 23 22:12:43 2018 +0800

    schannel: disable client cert option if APIs not available
    
    Original MinGW targets Windows 2000 by default, which lacks some APIs and
    definitions for this feature. Disable it if these APIs are not available.
    
    Closes https://github.com/curl/curl/pull/2522
---
 lib/vtls/schannel.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 2cfd5c19f..9a20b8eff 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -90,11 +90,17 @@
 #endif
 #endif
 
+#if defined(CryptStringToBinary) && defined(CRYPT_STRING_HEX)
+#define HAS_CLIENT_CERT_PATH
+#endif
+
+#ifdef HAS_CLIENT_CERT_PATH
 #ifdef UNICODE
 #define CURL_CERT_STORE_PROV_SYSTEM CERT_STORE_PROV_SYSTEM_W
 #else
 #define CURL_CERT_STORE_PROV_SYSTEM CERT_STORE_PROV_SYSTEM_A
 #endif
+#endif
 
 #ifndef SP_PROT_SSL2_CLIENT
 #define SP_PROT_SSL2_CLIENT             0x00000008
@@ -199,6 +205,7 @@ set_ssl_version_min_max(SCHANNEL_CRED *schannel_cred, 
struct connectdata *conn)
   return CURLE_OK;
 }
 
+#ifdef HAS_CLIENT_CERT_PATH
 static CURLcode
 get_cert_location(TCHAR *path, DWORD *store_name, TCHAR **store_path,
                   TCHAR **thumbprint)
@@ -248,6 +255,7 @@ get_cert_location(TCHAR *path, DWORD *store_name, TCHAR 
**store_path,
 
   return CURLE_OK;
 }
+#endif
 
 static CURLcode
 schannel_connect_step1(struct connectdata *conn, int sockindex)
@@ -401,6 +409,7 @@ schannel_connect_step1(struct connectdata *conn, int 
sockindex)
       return CURLE_SSL_CONNECT_ERROR;
     }
 
+#ifdef HAS_CLIENT_CERT_PATH
     /* client certificate */
     if(data->set.ssl.cert) {
       DWORD cert_store_name;
@@ -453,6 +462,12 @@ schannel_connect_step1(struct connectdata *conn, int 
sockindex)
 
       CertCloseStore(cert_store, 0);
     }
+#else
+    if(data->set.ssl.cert) {
+      failf(data, "schannel: client cert support not built in");
+      return CURLE_NOT_BUILT_IN;
+    }
+#endif
 
     /* allocate memory for the re-usable credential handle */
     BACKEND->cred = (struct curl_schannel_cred *)

-- 
To stop receiving notification emails like this one, please contact
address@hidden

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [gnurl] branch master updated (cb5937f5c -> 2a23ac742), gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 03/163: rand: fix typo, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 02/163: schannel: disable manual verify if APIs not available, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 12/163: checksrc: fix too long line, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 04/163: schannel_verify: fix build for non-schannel, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 07/163: openssl: acknowledge --tls-max for default version too, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 13/163: curl_fnmatch: only allow two asterisks for matching, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 09/163: stub_gssapi: fix numerous 'unused parameter' warnings, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 10/163: examples/progressfunc: make it build on older libcurls, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 01/163: schannel: disable client cert option if APIs not available, gnunet <=
- [GNUnet-SVN] [gnurl] 05/163: tests/libtest/Makefile: Do not unconditionally add gcc-specific flags, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 15/163: configure: replace AC_TRY_RUN with CURL_RUN_IFELSE, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 23/163: schannel: make CAinfo parsing resilient to CR/LF, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 35/163: schannel: add failf calls for client certificate failures, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 25/163: tftp: make sure error is zero terminated before printfing it, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 06/163: bump: start working on the pending 7.61.0, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 20/163: KNOWN_BUGS: mention the -O with %-encoded file names, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 22/163: CURLOPT_ACCEPT_ENCODING.3: add brotli and clarify a bit, gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 11/163: docs: mention HAproxy protocol "version 1", gnunet, 2018/08/05
- [GNUnet-SVN] [gnurl] 16/163: configure: compile-time SIZEOF checks, gnunet, 2018/08/05

Prev by Date: [GNUnet-SVN] [gnurl] 10/163: examples/progressfunc: make it build on older libcurls
Next by Date: [GNUnet-SVN] [gnurl] 05/163: tests/libtest/Makefile: Do not unconditionally add gcc-specific flags
Previous by thread: [GNUnet-SVN] [gnurl] 10/163: examples/progressfunc: make it build on older libcurls
Next by thread: [GNUnet-SVN] [gnurl] 05/163: tests/libtest/Makefile: Do not unconditionally add gcc-specific flags
Index(es):
- Date
- Thread