* ssl-verify-host: fix verifying ip addresses containing zero's
If the subject alternate name contained an ip address with an zero
(like 10.42.0.1) it could not successfully verify.
It is because in c++ strings are null-terminated
and therefore strlen(name) would return a wrong result.
As I can not see why we can not trust the length returned by openssl,
lets drop this check.
* ssl-verify-host: add test case
lets try to validate against 127.0.0.1
Co-authored-by: Daniel Ottiger <daniel.ottiger@ch.schindler.com>
SSL connection is performed in two steps:
First, a regular socket connection is established.
Then, SSL_connect/SSL_accept is called to establish SSL handshake.
If a network problem occurs during the second stage, SSL_connect on
the client may hang indefinitely.
The non-blocking mode solves this problem.
Co-authored-by: Michael Tseitlin <michael.tseitlin@concertio.com>
* Backport std::make_unique from C++14.
* Replace shared_ptr with unique_ptr for better performance.
Co-authored-by: Ella <maxutong16@otcaix.iscas.ac.cn>
* Use move semantics instead of copy for functions
In some cases, a few more copies could be prevented by changing function definitions to accept parameters by const-ref, rather than by value, but I didn't want to change public signatures.
* Fix two use-after-move errors
* Add `cache_control` parameter to `set_mount_point`
Specifies the Cache-Control header value to return when specified. For example:
```
svr.set_mount_point("/assets", "public/assets", "public, max-age=604800, immutable");
```
* Add default for cache_control
Default to "no-cache", which is implicitly what is happening today.
* Change set_mount_point to accept Headers
* Don't use C++17 destructuring
* Fix memory leak due caused due to X509_STORE
* Add test for repro and address sanitizer to compiler flags
* Add comment
* Sync
* Associate ca_store with ssl context within set_ca_cert_store()
* Split SlowPost test
* Fix#674
Co-authored-by: yhirose <yuji.hirose.bug@gmail.com>
* Fix parsing to parse query string with single space char.
When passed ' ' as a query string, the server crashes cause of illegal memory access done in httplib::detail::split. Have added checks to make sure the split function has a valid string with length > 0.
* Fix parsing to parse query string with single space char.
* Fix server crash caused due to regex complexity while matching headers.
While parsing content-type header in multipart form request the server crashes due to the exhaustion of max iterations performed while matching the input string with content-type regex.
Have removed the regex which might use backtracking while matching and replaced it with manual string processing. Have added tests as well.
* Remove magic number
Co-authored-by: Ivan Fefer <fefer.ivan@gmail.com>
Co-authored-by: yhirose <yhirose@users.noreply.github.com>
Co-authored-by: Ivan Fefer <fefer.ivan@gmail.com>
* Fix parsing to parse query string with single space char.
When passed ' ' as a query string, the server crashes cause of illegal memory access done in httplib::detail::split. Have added checks to make sure the split function has a valid string with length > 0.
* Fix parsing to parse query string with single space char.
