INSTALL: Advise use of non-native SSL for Windows <= XP

Advise that WinSSL in versions <= XP will not be able to connect to servers that no longer support the legacy handshakes and algorithms used by those versions, and to use an alternate backend like OpenSSL instead. Bug: https://github.com/bagder/curl/issues/253 Reported-by: zenden2k <zenden2k@gmail.com>
2015-06-20 18:45:25 -04:00 · 2015-06-20 18:45:25 -04:00 · 6842afbf44
parent ea1eec8ea8
commit 6842afbf44
3 changed files with 29 additions and 2 deletions
--- a/docs/INSTALL
+++ b/docs/INSTALL
@ -471,6 +471,15 @@ Win32
   add '-DCURL_STATICLIB' to your CFLAGS.  Otherwise the linker will look for
   dynamic import symbols.

+   Legacy Windows and SSL
+   ----------------------
+   WinSSL (Windows SSPI, more specifically Schannel), is the native SSL library
+   that comes with the Windows OS. WinSSL in Windows <= XP is not able to
+   connect to servers that no longer support the legacy handshakes and
+   algorithms used by those versions. If you will be using curl in one of those
+   earlier versions of Windows you should choose another SSL backend like
+   OpenSSL.
+
 Apple iOS and Mac OS X
 ======================

--- a/projects/README
+++ b/projects/README
@ -110,6 +110,15 @@ Notes
   stored in the git repositoty) will need to be modified rather than the
   generated project files that Visual Studio uses.

+Legacy Windows and SSL
+======================
+Some of the project configurations use as an SSL backend WinSSL (Windows SSPI,
+more specifically Schannel), the native SSL library that comes with the Windows
+OS. WinSSL in Windows <= XP is not able to connect to servers that no longer
+support the legacy handshakes and algorithms used by those versions. If you
+will be using curl in one of those earlier versions of Windows you should
+choose another SSL backend like OpenSSL.
+
 TODO
 ====

--- a/winbuild/BUILD.WINDOWS.txt
+++ b/winbuild/BUILD.WINDOWS.txt
@ -1,5 +1,5 @@
-Building with Visual C++, prerequises
-=====================================
+Building with Visual C++, prerequisites
+=======================================

   This document describes how to compile, build and install curl and libcurl
   from sources using the Visual C++ build tool. To build with VC++, you will
@ -87,3 +87,12 @@ therefore rarely tested. When passing RTLIBCFG for a configuration that was
 already built but not with that option, or if the option was specified
 differently, you must destroy the build directory containing the configuration
 so that nmake can build it from scratch.
+
+Legacy Windows and SSL
+======================
+When you build curl using the build files in this directory the default SSL
+backend will be WinSSL (Windows SSPI, more specifically Schannel), the native
+SSL library that comes with the Windows OS. WinSSL in Windows <= XP is not able
+to connect to servers that no longer support the legacy handshakes and
+algorithms used by those versions. If you will be using curl in one of those
+earlier versions of Windows you should choose another SSL backend like OpenSSL.