From 9ed34cc45b4d5e7c80edd16ba137f7f420a07ce4 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Sun, 25 May 2025 13:42:22 +0200 Subject: [PATCH] schannel: drop Windows 2000 compatibility logic curl requires Windows XP as a minimum. Co-authored-by: Jay Satiro Closes #17447 --- lib/vtls/schannel.c | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c index bea8eef8c0..7bd9268947 100644 --- a/lib/vtls/schannel.c +++ b/lib/vtls/schannel.c @@ -2142,23 +2142,11 @@ cleanup: The behavior here is a matter of debate. We do not want to be vulnerable to a truncation attack however there is some browser precedent for ignoring the close_notify for compatibility reasons. - - Additionally, Windows 2000 (v5.0) is a special case since it seems it - does not return close_notify. In that case if the connection was closed we - assume it was graceful (close_notify) since there does not seem to be a - way to tell. */ if(len && !backend->decdata_offset && backend->recv_connection_closed && !backend->recv_sspi_close_notify) { - bool isWin2k = curlx_verify_windows_version(5, 0, 0, PLATFORM_WINNT, - VERSION_EQUAL); - - if(isWin2k && sspi_status == SEC_E_OK) - backend->recv_sspi_close_notify = TRUE; - else { - *err = CURLE_RECV_ERROR; - failf(data, "schannel: server closed abruptly (missing close_notify)"); - } + *err = CURLE_RECV_ERROR; + failf(data, "schannel: server closed abruptly (missing close_notify)"); } /* Any error other than CURLE_AGAIN is an unrecoverable error. */ -- 2.47.3