secur32: Take schannel backend capabilities into account when configuring enabled protocols.

[Jacek Caban]

Hi Ken,

On 04/10/13 16:16, Ken Thomases wrote:
> Hi Jacek,
>
> On Apr 10, 2013, at 4:24 AM, Jacek Caban wrote:
>
>> On 3/28/13 8:31 PM, Ken Thomases wrote:
>>> Mac OS X 10.8 introduced support for TLS 1.1 and 1.2.
>> Can someone with Mac OS X 10.8 test the attached patch for me, please. All I need is to verify that it compiles and when running dlls/secur32/tests/secur32_test.exe.so schannel, TLS 1.1 and TLS 1.2 are listed as supported protocol.
> Thanks for doing this.  I don't have a 10.8 build system handy, myself, or I would have done it or would test what you've done.
>
> However, Apple's guidance on using weak linking says that you must explicitly compare against NULL.  They don't quite say that testing the symbol as a standalone boolean expression won't work, but they do say that using negation (the ! operator) isn't sufficient.
> https://developer.apple.com/library/mac/documentation/developertools/conceptual/cross_development/Using/using.html#//apple_ref/doc/uid/20002000-SW4
>
> I'm not sure what the rationale is, but I think there's a peculiarity of what the compiler thinks it knows versus what the linker actually knows.  Basically, the compiler figures there's a symbol that will be resolved (or cause a link error), so the check can be optimized away somehow.  I think.

Oh, such restriction seem to indicate a broken design of this weak
linking... Following this is fine, through, but perhaps we should use
nil to be sure that NULL override in winnt.h won't confuse the heuristic?

> Other than that, the patch looks good to me.

Thanks for the review.

Cheers,
Jacek