ded/cpp-httplib
1
0
Fork 0
mirror of https://github.com/yhirose/cpp-httplib.git synced 2026-06-10 08:37:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
latest
cpp-httplib/test
History
yhirose fa981cedae Fix TLS chain verification bypass for IP hosts on Mbed TLS and wolfSSL 
For connections to IP-literal hosts with server certificate
verification enabled, the Mbed TLS and wolfSSL backends downgraded the
verification mode before the handshake because no hostname could be
bound for in-handshake checks:

- SSLClient skipped certificate chain validation entirely; only the
  post-handshake identity check (IP SAN match) remained, so any
  untrusted certificate carrying a matching IP SAN was accepted
- The WebSocket client skipped verification altogether on Mbed TLS,
  accepting any certificate

Keep the verification mode enabled for IP hosts and verify the
certificate identity post-handshake via tls::verify_hostname(), which
supports IP SANs on all backends. The WebSocket path now performs the
same post-handshake identity check as SSLClient. On Mbed TLS, sessions
explicitly opt out of in-handshake hostname verification (mandatory
since Mbed TLS 3.6.4) and the post-handshake check covers identity
instead; DNS hosts still bind the hostname during the handshake. Also
stop sending SNI for IP hosts on Mbed TLS and wolfSSL (RFC 6066).
2026-06-10 00:07:27 -04:00
..
fuzzing
Fix OSS-Fuzz #508087118: avoid stack overflow in str2tag
2026-05-01 21:39:46 +09:00
gtest
chore: fix some typos in comments (#2282)
2025-11-27 20:34:18 -05:00
proxy
Fix the proxy test error
2026-03-12 23:15:10 -04:00
www
build(meson): copy MountTest.MultibytesPathName files (#2098)
2025-03-11 13:10:30 -04:00
www2/dir
meson: add tests (#1044)
2021-09-11 14:26:48 -04:00
www3/dir
meson: add tests (#1044)
2021-09-11 14:26:48 -04:00
ca-bundle.crt
Wildcard support for verifying server certificate. fix #87
2019-05-07 21:40:03 -04:00
CMakeLists.txt
Detect additional CMake build failures (#2058)
2025-02-16 15:45:28 -05:00
dns_test_fixture.py
Reproducer test for #2431 (getaddrinfo_a use-after-free) (#2433)
2026-04-28 18:17:19 +09:00
gen-certs.sh
Abstract TLS API support (Resolve #2309) (#2342)
2026-02-01 23:48:03 -05:00
image.jpg
Add a file for test
2017-12-29 22:34:59 -05:00
include_httplib.cc
Add test of httplib.h split into .h + .cc (#1015)
2021-07-31 09:53:30 -04:00
include_windows_h.cc
Detect additional CMake build failures (#2058)
2025-02-16 15:45:28 -05:00
lsan_suppressions.txt
Suppress wolfSSL library leaks; remove fail-fast from test matrix
2026-04-29 07:55:09 +09:00
make-shared-library.sh
Improve ABI check tool on macOS
2025-02-12 12:49:20 -05:00
Makefile
Make ThreadPool ctor exception-safe on partial thread creation (#2445)
2026-05-09 21:13:40 -04:00
meson.build
build(meson): use C++17 for gtest >= 1.17.0 (#2241)
2025-09-20 15:06:49 -04:00
run_issue_2431_repro.sh
Reproducer test for #2431 (getaddrinfo_a use-after-free) (#2433)
2026-04-28 18:17:19 +09:00
test_32bit_build.cpp
Remove 32-bit limitation (#2388)
2026-03-06 23:07:21 -05:00
test_benchmark.cc
Add benchmark tests and related configurations for performance evaluation
2026-03-14 22:16:53 -04:00
test_proxy.cc
Guard nullptr res in KeepAliveTest proxy template (#2443)
2026-05-06 08:36:38 -04:00
test_thread_pool.cc
Make ThreadPool ctor exception-safe on partial thread creation (#2445)
2026-05-09 21:13:40 -04:00
test_websocket_heartbeat.cc
Enhance WebSocket support with unresponsive-peer detection and documentation updates
2026-04-11 22:17:38 -04:00
test.cc
Fix TLS chain verification bypass for IP hosts on Mbed TLS and wolfSSL
2026-06-10 00:07:27 -04:00
test.conf
ssl-verify-host: fix verifying ip addresses containing zero's (#732)
2020-11-02 20:27:34 -05:00
test.rootCA.conf
setup test cases for client certificates
2019-06-07 01:23:22 +08:00
test.sln
static file support. vc12 support.
2013-07-04 18:18:52 -04:00
test.vcxproj
Update vcxproj files
2024-11-16 11:14:13 -05:00