From: Viktor Szakats <commit@vsz.me>
Date: Tue, 18 Feb 2025 22:30:54 +0000 (+0100)
Subject: schannel: enable ALPN with MinGW, fix ALPN for UWP builds
X-Git-Tag: curl-8_13_0~424
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=397088e8f4e5b1b2bfe31c5931548d25df99dd5f;p=thirdparty%2Fcurl.git

schannel: enable ALPN with MinGW, fix ALPN for UWP builds

ALPN requires mingw-w64 9.0 or newer.

Also fix ALPN-enabled builds for UWP. This assumes that WINE doesn't
support UWP, which seems to be the case when writing this.

Closes #16385
---

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 8167dd5952..ab938816c1 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -689,7 +689,7 @@ endif()
 if(CURL_USE_SCHANNEL)
   set(_ssl_enabled ON)
   set(USE_SCHANNEL ON)  # Windows native SSL/TLS support
-  set(USE_WINDOWS_SSPI ON)  # CURL_USE_SCHANNEL implies CURL_WINDOWS_SSPI
+  set(USE_WINDOWS_SSPI ON)  # CURL_USE_SCHANNEL requires CURL_WINDOWS_SSPI
 
   if(CURL_DEFAULT_SSL_BACKEND AND CURL_DEFAULT_SSL_BACKEND STREQUAL "schannel")
     set(_valid_default_ssl_backend TRUE)
@@ -2134,7 +2134,7 @@ curl_add_if("SPNEGO"        NOT CURL_DISABLE_NEGOTIATE_AUTH AND
                             (HAVE_GSSAPI OR USE_WINDOWS_SSPI))
 curl_add_if("Kerberos"      NOT CURL_DISABLE_KERBEROS_AUTH AND
                             (HAVE_GSSAPI OR USE_WINDOWS_SSPI))
-curl_add_if("NTLM"          NOT (CURL_DISABLE_NTLM) AND
+curl_add_if("NTLM"          NOT CURL_DISABLE_NTLM AND
                             (_use_curl_ntlm_core OR USE_WINDOWS_SSPI))
 curl_add_if("TLS-SRP"       USE_TLS_SRP)
 curl_add_if("HTTP2"         USE_NGHTTP2)
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 4e6ed052d7..24a8f68a47 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -74,10 +74,11 @@
 
 /* ALPN requires version 8.1 of the Windows SDK, which was
    shipped with Visual Studio 2013, aka _MSC_VER 1800:
-
-   https://technet.microsoft.com/en-us/library/hh831771%28v=ws.11%29.aspx
+     https://technet.microsoft.com/en-us/library/hh831771%28v=ws.11%29.aspx
+   Or mingw-w64 9.0 or upper.
 */
-#if defined(_MSC_VER) && (_MSC_VER >= 1800) && !defined(_USING_V110_SDK71_)
+#if (defined(__MINGW32__) && __MINGW64_VERSION_MAJOR >= 9) || \
+  (defined(_MSC_VER) && (_MSC_VER >= 1800) && !defined(_USING_V110_SDK71_))
 #  define HAS_ALPN_SCHANNEL
 #endif
 
@@ -904,17 +905,26 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
           "connect to some servers due to lack of SNI, algorithms, etc.");
   }
 
+  {
 #ifdef HAS_ALPN_SCHANNEL
-  /* ALPN is only supported on Windows 8.1 / Server 2012 R2 and above.
-     Also it does not seem to be supported for WINE, see curl bug #983. */
-  backend->use_alpn = connssl->alpn &&
-    !GetProcAddress(GetModuleHandle(TEXT("ntdll")),
-                    "wine_get_version") &&
-    curlx_verify_windows_version(6, 3, 0, PLATFORM_WINNT,
-                                 VERSION_GREATER_THAN_EQUAL);
+    bool wine;
+#ifdef CURL_WINDOWS_UWP
+    /* GetModuleHandle() not available for UWP.
+       Assume no WINE because WINE has no UWP support. */
+    wine = FALSE;
 #else
-  backend->use_alpn = FALSE;
+    wine = !!GetProcAddress(GetModuleHandle(TEXT("ntdll")),
+                            "wine_get_version");
+#endif
+    /* ALPN is only supported on Windows 8.1 / Server 2012 R2 and above.
+       Also it does not seem to be supported for WINE, see curl bug #983. */
+    backend->use_alpn = connssl->alpn && !wine &&
+      curlx_verify_windows_version(6, 3, 0, PLATFORM_WINNT,
+                                   VERSION_GREATER_THAN_EQUAL);
+#else
+    backend->use_alpn = FALSE;
 #endif
+  }
 
 #ifdef _WIN32_WCE
 #ifdef HAS_MANUAL_VERIFY_API