curl: Enable schannel TLS 1.3 support on Windows 11

Revert commit c0a4536cec (curl: Disable schannel TLS 1.3 support on Windows 11, 2022-11-09, v3.25.0~13^2). The curl bug it avoided was fixed by upstream curl commit `4f42150d0` (sendf: change Curl_read_plain to wrap Curl_recv_plain , 2022-11-14, curl-7_87_0~129), which we have since recently updating to curl 7.87.0. Issue: #24147
2026-01-09 15:20:56 -06:00 · 2023-02-08 14:53:17 -05:00
parent fc4e31d703
commit 8675d8bdb0
1 changed files with 0 additions and 7 deletions
--- a/Utilities/cmcurl/lib/vtls/schannel.c
+++ b/Utilities/cmcurl/lib/vtls/schannel.c
@@ -220,7 +220,6 @@ set_ssl_version_min_max(DWORD *enabled_protocols,
  case CURL_SSLVERSION_MAX_NONE:
  case CURL_SSLVERSION_MAX_DEFAULT:

-#if 0 /* Disabled in CMake due to issue 24147 (curl issue 9431) */
    /* Windows Server 2022 and newer (including Windows 11) support TLS 1.3
       built-in. Previous builds of Windows 10 had broken TLS 1.3
       implementations that could be enabled via registry.
@@ -230,7 +229,6 @@ set_ssl_version_min_max(DWORD *enabled_protocols,
      ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_3;
    }
    else /* Windows 10 and older */
-#endif
      ssl_version_max = CURL_SSLVERSION_MAX_TLSv1_2;

    break;
@@ -249,7 +247,6 @@ set_ssl_version_min_max(DWORD *enabled_protocols,
      break;
    case CURL_SSLVERSION_TLSv1_3:

-#if 0 /* Disabled in CMake due to issue 24147 (curl issue 9431) */
      /* Windows Server 2022 and newer */
      if(curlx_verify_windows_version(10, 0, 20348, PLATFORM_WINNT,
                                      VERSION_GREATER_THAN_EQUAL)) {
@@ -260,10 +257,6 @@ set_ssl_version_min_max(DWORD *enabled_protocols,
        failf(data, "schannel: TLS 1.3 not supported on Windows prior to 11");
        return CURLE_SSL_CONNECT_ERROR;
      }
-#else
-      failf(data, "schannel: TLS 1.3 is not yet supported");
-      return CURLE_SSL_CONNECT_ERROR;
-#endif
    }
  }
  return CURLE_OK;