diff options
author | Steve Holme <steve_holme@hotmail.com> | 2016-06-06 20:53:30 +0100 |
---|---|---|
committer | Steve Holme <steve_holme@hotmail.com> | 2016-06-06 20:53:30 +0100 |
commit | 34855feeb4c2991f7a158064abef16829bd4425f (patch) | |
tree | f2da1b12aeb2f167b780dd7cc3a788e7be550e4a | |
parent | 84a48e5732d9dd0c98fda3597352e4b16f35a7ad (diff) |
schannel: Disable ALPN on Windows < 8.1
Calling QueryContextAttributes with SECPKG_ATTR_APPLICATION_PROTOCOL
fails on Windows < 8.1 so we need to disable ALPN on these OS versions.
Inspiration provide by: Daniel Seither
Closes #848
Fixes #840
-rw-r--r-- | lib/vtls/schannel.c | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index 23019f812..90b6addcf 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -64,8 +64,11 @@ #include "curl_memory.h" #include "memdebug.h" -/* ALPN requires version 8.1 of the Windows SDK, which was - shipped with Visual Studio 2013, aka _MSC_VER 1800*/ +/* ALPN requires version 8.1 of the Windows SDK, which was + shipped with Visual Studio 2013, aka _MSC_VER 1800: + + https://technet.microsoft.com/en-us/library/hh831771%28v=ws.11%29.aspx +*/ #if defined(_MSC_VER) && (_MSC_VER >= 1800) && !defined(_USING_V110_SDK71_) # define HAS_ALPN 1 #endif @@ -245,7 +248,10 @@ schannel_connect_step1(struct connectdata *conn, int sockindex) } #ifdef HAS_ALPN - if(conn->bits.tls_enable_alpn) { + /* ALPN is only supported on Windows 8.1 / Server 2012 R2 and above */ + if(conn->bits.tls_enable_alpn && + Curl_verify_windows_version(6, 3, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) { int cur = 0; int list_start_index = 0; unsigned int* extension_len = NULL; @@ -645,7 +651,10 @@ schannel_connect_step3(struct connectdata *conn, int sockindex) } #ifdef HAS_ALPN - if(conn->bits.tls_enable_alpn) { + /* ALPN is only supported on Windows 8.1 / Server 2012 R2 and above */ + if(conn->bits.tls_enable_alpn && + Curl_verify_windows_version(6, 3, PLATFORM_WINNT, + VERSION_GREATER_THAN_EQUAL)) { sspi_status = s_pSecFn->QueryContextAttributes(&connssl->ctxt->ctxt_handle, SECPKG_ATTR_APPLICATION_PROTOCOL, &alpn_result); |