Limit the number of http headers when receiving the http response

Change introduces a default limit on HTTP headers we expect to receive from server to 256. If limit is exceeded http client library indicates HTTP_R_RESPONSE_TOO_MANY_HDRLINES error. Application can use OSSL_HTTP_REQ_CTX_set_max_response_hdr_lines() to change default. Setting limit to 0 implies no limit (current behavior). Fixes #22264 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23781)
author: Alexandr Nedvedicky <sashan@openssl.org> 2024-03-08 11:21:18 +0100
committer: Tomas Mraz <tomas@openssl.org> 2024-03-12 19:35:41 +0100
commit: 7f8aba2f44e9ca65b8a95987fa6c46020e1bdd6d (patch)
tree: 5647518eee7a0d5b854f42d78bfab5ab3535219c /util
parent: bc930bed20d7462afecbb9d947286a335975c04a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 7f646cbba9..89a211d2f6 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5547,3 +5547,4 @@ ERR_pop                                 ?	3_3_0	EXIST::FUNCTION:
 X509_STORE_get1_objects                 ?	3_3_0	EXIST::FUNCTION:
 OPENSSL_LH_set_thunks                   ?	3_3_0	EXIST::FUNCTION:
 OPENSSL_LH_doall_arg_thunk              ?	3_3_0	EXIST::FUNCTION:
+OSSL_HTTP_REQ_CTX_set_max_response_hdr_lines ?	3_3_0	EXIST::FUNCTION:HTTP
author	Alexandr Nedvedicky <sashan@openssl.org>	2024-03-08 11:21:18 +0100
committer	Tomas Mraz <tomas@openssl.org>	2024-03-12 19:35:41 +0100
commit	7f8aba2f44e9ca65b8a95987fa6c46020e1bdd6d (patch)
tree	5647518eee7a0d5b854f42d78bfab5ab3535219c /util
parent	bc930bed20d7462afecbb9d947286a335975c04a (diff)