Hello everyone, this weekend I took the time to create a new SSL/TLS module für libcurl. It is now possible to use the Windows SSPI Schannel API for SSL and TLS connections.
The new module makes use of the existing SSPI functionality in * curl_sspi.[ch]* and also re-uses the DLL/library context if it has been loaded. Basically *Curl_schannel_init* calls *Curl_sspi_global_init* and * Curl_schannel_cleanup* calls *Curl_sspi_global_cleanup*. More information about SSPI and the Schannel API: http://msdn.microsoft.com/en-us/library/windows/desktop/aa374731(v=vs.85).aspx#sspi_functions http://msdn.microsoft.com/en-us/library/windows/desktop/ms678421(v=vs.85).aspx http://msdn.microsoft.com/en-us/library/windows/desktop/aa375924(v=vs.85).aspx TLSv1, SSLv3 and SSLv2, including SNI is already supported. The following aspects/features are still on my TODO list: - implement session handling and re-use - implement write buffering - implement verification options - implement verification results - implement SSL/TLS shutdown - special cases: negotiation, certificates, algorithms The great news behind all this is, that it is now possible to do SSL/TLS with curl, but without openssl on Windows. This means that the Windows certificate store is used and there are no other dependencies which need to be installed. (Using user supplied certificates and client-auth is on my TODO list, but not implemented yet.) You can find the current implementation in my fork at github.com: https://github.com/mback2k/curl/tree/schannel https://github.com/mback2k/curl/compare/schannel I am not attaching patches yet, because I am still cleaning up some things and consider the project a work-in-progress. I also haven't modified the autotools buildscripts yet. I only added a new option to the winbuild scripts. You can now pass WITH_SSL=schannel to them, for example: > nmake /f Makefile.vc mode=dll ENABLE_IDN=no WITH_SSL=schannel I would appreciate it if some of you could start testing this and give me feedback on functionality and code. Also I would appreciate any help modifying the autotools scripts to make cross-compilation using mingw possible. That's it for now, thanks in advance and please give it a try! Best regards, Marc
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
