> On 12 Apr 2022, at 23:56, Tuomas Kaikkonen via curl-library > <curl-library@lists.haxx.se> wrote: > > I had to comment out few lines that check Windows NT version number in order > to get curl mutual auth to work with 90m/CAC cards (Windows certificates). > > Without this change, the curl would close TLS connection after sending only > partial data response to all my requests to the IIS. > I suspect the curlx_verify_windows_version(5, 0, 0, PLATFORM_WINNT, > VERSION_EQUAL) is the culprit. > I run curl lib on Windows 10 Professional.
> - bool isWin2k = curlx_verify_windows_version(5, 0, 0, PLATFORM_WINNT, > - VERSION_EQUAL); > - > - if(isWin2k && sspi_status == SEC_E_OK) > + //bool isWin2k = curlx_verify_windows_version(5, 0, 0, PLATFORM_WINNT, > + // VERSION_EQUAL); > + // > + //if(isWin2k && sspi_status == SEC_E_OK) > + if (sspi_status == SEC_E_OK) /* TPS TKKZZZ */ This hammer seems fairly blunt, is there a way in which we can detect this case (CAC 90m cards)? As an aside, the API used in curlx_verify_windows_version was deprecated with Windows 10 so we might need to look at updating the code there. -- Daniel Gustafsson https://vmware.com/ -- Unsubscribe: https://lists.haxx.se/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
