Limit the number of http headers when receiving the http response

Change introduces a default limit on HTTP headers we expect to receive from server to 256. If limit is exceeded http client library indicates HTTP_R_RESPONSE_TOO_MANY_HDRLINES error. Application can use OSSL_HTTP_REQ_CTX_set_max_response_hdr_lines() to change default. Setting limit to 0 implies no limit (current behavior). Fixes #22264 Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/23781)
author: Alexandr Nedvedicky <sashan@openssl.org> 2024-03-08 11:21:18 +0100
committer: Tomas Mraz <tomas@openssl.org> 2024-03-12 19:35:41 +0100
commit: 7f8aba2f44e9ca65b8a95987fa6c46020e1bdd6d (patch)
tree: 5647518eee7a0d5b854f42d78bfab5ab3535219c /include/crypto
parent: bc930bed20d7462afecbb9d947286a335975c04a (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/include/crypto/httperr.h b/include/crypto/httperr.h
index 969df17b83..827d61a235 100644
--- a/include/crypto/httperr.h
+++ b/include/crypto/httperr.h
@@ -1,6 +1,6 @@
 /*
  * Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -19,7 +19,10 @@
 extern "C" {
 # endif
 
+# ifndef OPENSSL_NO_HTTP
+
 int ossl_err_load_HTTP_strings(void);
+# endif
 
 # ifdef  __cplusplus
 }
author	Alexandr Nedvedicky <sashan@openssl.org>	2024-03-08 11:21:18 +0100
committer	Tomas Mraz <tomas@openssl.org>	2024-03-12 19:35:41 +0100
commit	7f8aba2f44e9ca65b8a95987fa6c46020e1bdd6d (patch)
tree	5647518eee7a0d5b854f42d78bfab5ab3535219c /include/crypto
parent	bc930bed20d7462afecbb9d947286a335975c04a (diff)