From b5c245045e9606508a50d7d4eefcbffdb814339d Mon Sep 17 00:00:00 2001
From: Viktor Szakats <commit@vsz.me>
Date: Thu, 31 Jul 2025 00:59:39 +0200
Subject: [PATCH] windows: drop two interim, single-use macros

Follow-up to e77d8670685d38d80c940877a4fdfa3382c4d6cc

Closes #18114
---
 lib/curl_sspi.c     |  7 ++++++-
 lib/curl_sspi.h     |  8 --------
 lib/vtls/schannel.c | 16 +++++++---------
 3 files changed, 13 insertions(+), 18 deletions(-)

diff --git a/lib/curl_sspi.c b/lib/curl_sspi.c
index 5e4abefa67..635f560b68 100644
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -177,7 +177,12 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
   curlx_unicodefree(passwd.tchar_ptr);
 
   /* Setup the identity's flags */
-  identity->Flags = SECFLAG_WINNT_AUTH_IDENTITY;
+  identity->Flags = (unsigned long)
+#ifdef UNICODE
+    SEC_WINNT_AUTH_IDENTITY_UNICODE;
+#else
+    SEC_WINNT_AUTH_IDENTITY_ANSI;
+#endif
 
   return CURLE_OK;
 }
diff --git a/lib/curl_sspi.h b/lib/curl_sspi.h
index 5119f34230..8ecd81fdea 100644
--- a/lib/curl_sspi.h
+++ b/lib/curl_sspi.h
@@ -340,14 +340,6 @@ extern PSecurityFunctionTable Curl_pSecFn;
 #endif
 #endif /* __MINGW32CE__ */
 
-#ifdef UNICODE
-#  define SECFLAG_WINNT_AUTH_IDENTITY \
-     (unsigned long)SEC_WINNT_AUTH_IDENTITY_UNICODE
-#else
-#  define SECFLAG_WINNT_AUTH_IDENTITY \
-     (unsigned long)SEC_WINNT_AUTH_IDENTITY_ANSI
-#endif
-
 /*
  * Definitions required from ntsecapi.h are directly provided below this point
  * to avoid including ntsecapi.h due to a conflict with OpenSSL's safestack.h
diff --git a/lib/vtls/schannel.c b/lib/vtls/schannel.c
index 6226f427bf..89d5a83d08 100644
--- a/lib/vtls/schannel.c
+++ b/lib/vtls/schannel.c
@@ -73,14 +73,6 @@
 #define SCH_DEV(x) do { } while(0)
 #endif
 
-#ifdef HAS_CLIENT_CERT_PATH
-#ifdef UNICODE
-#define CURL_CERT_STORE_PROV_SYSTEM CERT_STORE_PROV_SYSTEM_W
-#else
-#define CURL_CERT_STORE_PROV_SYSTEM CERT_STORE_PROV_SYSTEM_A
-#endif
-#endif
-
 /* Offered by mingw-w64 v8+. MS SDK 7.0A+. */
 #ifndef SP_PROT_TLS1_0_CLIENT
 #define SP_PROT_TLS1_0_CLIENT           SP_PROT_TLS1_CLIENT
@@ -692,7 +684,13 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
     }
     else {
       cert_store =
-        CertOpenStore(CURL_CERT_STORE_PROV_SYSTEM, 0,
+        CertOpenStore(
+#ifdef UNICODE
+                      CERT_STORE_PROV_SYSTEM_W,
+#else
+                      CERT_STORE_PROV_SYSTEM_A,
+#endif
+                      0,
                       (HCRYPTPROV)NULL,
                       CERT_STORE_OPEN_EXISTING_FLAG | cert_store_name,
                       cert_store_path);