-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Paranoia for overflow of sprintf buffer in the year 10000 #1106
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OJ7
added a commit
to OJ7/cpprestsdk
that referenced
this pull request
Nov 7, 2019
* Fix for compilation with MSVC permissive- (microsoft#809) Related Visual Studio issue: https://developercommunity.visualstudio.com/content/problem/238445/template-class-cant-access-protected-member-when-c.html Problem is with code compiling with /permissive-, so the template functions are affected by this issue. * Fix test issues under /permissive- * Add root CMakeLists.txt * Do not fail on unrecognized content encoding (such as chunked) when compression is enabled. * Delete open() from _http_client_communicator (microsoft#819) * Delete open() from _http_client_communicator and move its functionality into WinHTTP, as that is the only backend using that thing. * Some CR comments from Robert. * Fix boost1.63 build failure Fixes: microsoft#813 (microsoft#815) * Fix gcc8 error/warning -Werror=format-truncation= (microsoft#787) utilities::datetime::to_string(): datetime_str and buf were oversized for fitting into output without possible trunctation * [gcc-8][clang++-6] disable more -Werror warnings (microsoft#779) gcc-8: -Wno-format-truncation clang-6: -Wdelete-non-virtual-dtor clang-6: -Wunused-lambda-capture removed duplicated: -Wno-reorder This fixes microsoft#778 * Fix some issues with gcc-5 * Remove empty objects when using CMake on Windows * Don't enable certificate revocation check if client config has validate certificates set to false * Add tests for set_validate_certificates(false). * Unbreak ASIO build on Windows. (microsoft#821) * Add branchless is_alnum borrowed from MSVC++'s std::regex' _Is_word; should be about 5x faster. (microsoft#823) The _Is_word change resulted in the following results in microbenchmarks; the previous is_alnum looks like branching_ranges. .\word_character_test.exe 08/01/18 16:33:03 Running .\word_character_test.exe Run on (12 X 2904 MHz CPU s) CPU Caches: L1 Data 32K (x6) L1 Instruction 32K (x6) L2 Unified 262K (x6) L3 Unified 12582K (x1) -------------------------------------------------------- Benchmark Time CPU Iterations -------------------------------------------------------- strchr_search 19426572900 ns 19421875000 ns 1 branching_ranges 7582129000 ns 7578125000 ns 1 branching_search 6592977800 ns 6593750000 ns 1 table_index 1091321300 ns 1078125000 ns 1 * Unify handling of tolower operations to avoid locale sensitivity. (microsoft#822) * Push version to 2.10.3 * Update changelog * Deduplicate some code in HTTP headers. (microsoft#825) * microsoft#436 Building iOS doesn’t seem to work (microsoft#776) This moves iOS.cmake into the file so there is on need to add it. Also allows for boost to be static libs versus framework * Improve error handling in on_accept (microsoft#750) * Improve error handling in on_accept * Move lock to the top of the function * Lock shared data at the right locations. * [http_listener] improve refcount and lifetime management by using RAII. * Fix handling of timed out connections kept alive in connection pool under Unix (microsoft#762) * Add asio_connection::was_closed_by_server() to reduce duplication Reduce code duplication between ssl_proxy_tunnel::handle_status_line() and the method with the same name in asio_context itself by moving the common handling of connections closed by server into a new function. No real changes, this is a pure refactoring. * Fix checking for server-side closure of HTTPS connections When an SSL connection times out due to being closed by server, a different error code is returned, so we need to check for it too in was_closed_by_server(). Without this, losing connection was not detected at all when using HTTPS, resulting in "Failed to read HTTP status line" errors whenever the same http_client was reused after more than the server keep alive timeout of inactivity. See microsoft#592. * Fix bug with using re-opened connections with ASIO Creating a new request when the existing connection being used was closed by the server didn't work correctly because the associated input stream was already exhausted, as its contents had been already "sent" to the server using the now discarded connection, so starting a new request using the same body stream never worked. Fix this by explicitly rewinding the stream to the beginning before using it again. Note that even with this fix using a custom body stream which is not positioned at the beginning initially (or which doesn't support rewinding) still wouldn't work, but at least it fixes the most common use case. See microsoft#592. * Reduce duplicate code between ssl_proxy and asio_context in handle_read_status_line. Avoid increasing public surface with rewind function. * Update CMakeLists.txt to install the cmake bindings in the right location (microsoft#737) * Update CMakeLists.txt to install the cmake bindings in the right location /usr/lib/cpprestsdk is not the correct FHS standard cmake location. It should be placed in /usr/lib/<triplet>/cmake/cpprestsdk instead. Same goes for libraries, support multiarch location if we use UNIX * Revert changes to CPPREST_EXPORT_DIR. Use GNUInstallDirs on all platforms. * Various micro perf fixes and cleanup found while implementing CN overrides so far (microsoft#818) * Microperf: Use lock_guard instead of unique_lock. * Bill hates lock_guard more. * Ref them connections. * Demacroize. * Commonize port and merge some CRLFs into adjacent string literals. * Add missing template keyword. * Avoid stringstream in constructing the proxy_str. * Remove unused forward declarations of some HTTP things. * Use NOMINMAX instead of undef min and max everywhere. * Bunch of inheritance hygiene. * What do you mean you want examples to compile? * More CR comments from Robert. * Add static. * Use existing to_string_t. * fix template whitespace syntax (microsoft#715) Some files don't have a space inbetween the '<' and '::' charachters, which will cause build failures on older toolchains. Adding a space inbetween these two characters fixes the issue. See http://autobuild.buildroot.net/results/797a9b5fdf6ab0f16f2249324b48292dfab61d9f/build-end.log for more information. * Fix a build problem on Clang. (microsoft#732) AND_CAPTURE_MEMBER_FUNCTION_POINTERS workaround had a check for GCC, but did not exclude Clang. Clang has a fake GCC version of 4.2, thus caused problems. * set the default open() O_CREAT file permissions to 666 (microsoft#736) * Factor shared threadpool setup/teardown behavior out of platform dependent policies. * Add initialize_with_threads feature to control thread count. * Use double checked locking instead of call_once on Android due to paranoia. * Workaround Apple clang bugs in constexpr evaluation. (microsoft#829) * Add .clang-format file from vcpkg to cpprestsdk. * Set namespace indentation to none. * Apply clang-format to the asio implementation. * Attempt to repair VS2013 builds. (microsoft#833) * Implement host override of CN checking in the WinHTTP backend (microsoft#824) * Implement CN overrides via the Host: header in the WinHTTP backend. * Repair lack of fallback CN verification on Windows. * Set security settings even for non-HTTPS URIs in WinHTTP, in case we get upgraded to SSL/TLS later. * Add test to make sure this doesn't explode. * Repair CPPREST_EXCLUDE_WEBSOCKETS support. * Move x509_cert_utilities.h out of public headers. * Avoid saying constexpr for VS2013. (microsoft#834) * Implement host override of CN checking in the ASIO backend (microsoft#832) * Implement host override of CN checking in the ASIO backend Add new function calc_cn_host which applies our host header override policy. Add the CN hostname used to asio_connection. Change the protocol such that the SSL upgrade request needs to come with the target hostname to use. Replace std::deque in connection pooling with a version that has constant amortized time per insertion. (std::deque is only constant amortized time for insertions in terms of element operations, not overall). Factor out the replacement policy from the overall pool machinery. Change release() to take shared_ptr&& to make sure the caller has let go. Enable verify_cert_chain_platform_specific on Windows; otherwise OpenSSL says that the root CAs are untrusted and all SSL tests fail on Windows. This accidentially repairs these test cases on Windows: **** outside_tests:outside_wikipedia_compressed_http_response FAILED **** **** outside_tests:multiple_https_requests FAILED **** **** outside_tests:outside_ssl_json FAILED **** * Add missing std::move. * Use hot connections instead of cold connections in connection pool. * Put timer start code back. * Reset the shared_ptr when it is being dropped. * Fix end comment broken by merge hell. * Mint version 2.10.4 * Fix incorrect version.h. Fixes microsoft#942 * Fix another clang build failure (Fixes: microsoft#747) (microsoft#844) * Fix another clang build failure (Fixes: microsoft#747) ===> Building for cpprestsdk-2.9.1_5 [1/161] /usr/local/libexec/ccache/c++ -Dcpprest_EXPORTS -Iinclude -isystem /usr/local/include -isystem libs/websocketpp -Isrc/../include -Isrc/pch -O2 -pipe -fstack-protector -fno-strict-aliasing -stdlib=libc++ -Wno-return-type-c-linkage -Wno-unneeded-internal-declaration -std=c++11 -fno-strict-aliasing -O2 -pipe -fstack-protector -fno-strict-aliasing -fPIC -Wall -Wextra -Wcast-qual -Wconversion -Wformat=2 -Winit-self -Winvalid-pch -Wmissing-format-attribute -Wmissing-include-dirs -Wpacked -Wredundant-decls -Wno-overloaded-virtual -Wno-sign-conversion -Wno-deprecated -Wno-unknown-pragmas -Wno-reorder -Wno-char-subscripts -Wno-switch -Wno-unused-parameter -Wno-unused-variable -Wno-deprecated -Wno-unused-value -Wno-unknown-warning-option -Wno-return-type-c-linkage -Wno-unused-function -Wno-sign-compare -Wno-shorten-64-to-32 -Wno-reorder -Wno-unused-local-typedefs -Werror -pedantic -MD -MT src/CMakeFiles/cpprest.dir/pplx/pplx.cpp.o -MF src/CMakeFiles/cpprest.dir/pplx/pplx.cpp.o.d -o src/CMakeFiles/cpprest.dir/pplx/pplx.cpp.o -c src/pplx/pplx.cpp FAILED: src/CMakeFiles/cpprest.dir/pplx/pplx.cpp.o /usr/local/libexec/ccache/c++ -Dcpprest_EXPORTS -Iinclude -isystem /usr/local/include -isystem libs/websocketpp -Isrc/../include -Isrc/pch -O2 -pipe -fstack-protector -fno-strict-aliasing -stdlib=libc++ -Wno-return-type-c-linkage -Wno-unneeded-internal-declaration -std=c++11 -fno-strict-aliasing -O2 -pipe -fstack-protector -fno-strict-aliasing -fPIC -Wall -Wextra -Wcast-qual -Wconversion -Wformat=2 -Winit-self -Winvalid-pch -Wmissing-format-attribute -Wmissing-include-dirs -Wpacked -Wredundant-decls -Wno-overloaded-virtual -Wno-sign-conversion -Wno-deprecated -Wno-unknown-pragmas -Wno-reorder -Wno-char-subscripts -Wno-switch -Wno-unused-parameter -Wno-unused-variable -Wno-deprecated -Wno-unused-value -Wno-unknown-warning-option -Wno-return-type-c-linkage -Wno-unused-function -Wno-sign-compare -Wno-shorten-64-to-32 -Wno-reorder -Wno-unused-local-typedefs -Werror -pedantic -MD -MT src/CMakeFiles/cpprest.dir/pplx/pplx.cpp.o -MF src/CMakeFiles/cpprest.dir/pplx/pplx.cpp.o.d -o src/CMakeFiles/cpprest.dir/pplx/pplx.cpp.o -c src/pplx/pplx.cpp In file included from src/pplx/pplx.cpp:14: In file included from src/pch/stdafx.h:23: In file included from include/cpprest/details/basic_types.h:16: In file included from /usr/include/c++/v1/string:477: In file included from /usr/include/c++/v1/string_view:176: In file included from /usr/include/c++/v1/__string:56: In file included from /usr/include/c++/v1/algorithm:643: /usr/include/c++/v1/memory:3656:5: error: destructor called on non-final 'pplx::details::linux_scheduler' that has virtual functions but non-virtual destructor [-Werror,-Wdelete-non-virtual-dtor] __data_.second().~_Tp(); ^ /usr/include/c++/v1/memory:3612:5: note: in instantiation of member function 'std::__1::__shared_ptr_emplace<pplx::details::linux_scheduler, std::__1::allocator<pplx::details::linux_scheduler> >::__on_zero_shared' requested here __shared_ptr_emplace(_Alloc __a) ^ /usr/include/c++/v1/memory:4277:26: note: in instantiation of member function 'std::__1::__shared_ptr_emplace<pplx::details::linux_scheduler, std::__1::allocator<pplx::details::linux_scheduler> >::__shared_ptr_emplace' requested here ::new(__hold2.get()) _CntrlBlk(__a2, _VSTD::forward<_Args>(__args)...); ^ /usr/include/c++/v1/memory:4656:29: note: in instantiation of function template specialization 'std::__1::shared_ptr<pplx::details::linux_scheduler>::make_shared<>' requested here return shared_ptr<_Tp>::make_shared(_VSTD::forward<_Args>(__args)...); ^ src/pplx/pplx.cpp:94:40: note: in instantiation of function template specialization 'std::__1::make_shared<pplx::details::linux_scheduler>' requested here m_scheduler = std::make_shared< ::pplx::default_scheduler_t>(); ^ /usr/include/c++/v1/memory:3656:23: note: qualify call to silence this warning __data_.second().~_Tp(); ^ 1 error generated. * Fix apple build, by defining apple_scheduler there. * Fix compiler errors and mint v2.10.6 * Add Transfer-Encoding compression/decompression support and extensible compress/decompress API * Linkify Visual Studio reference in README.md (microsoft#882) * Use the same cmake_minimum_required version 3.1 (microsoft#847) as in Release/CMakeLists.txt * Fix install (microsoft#879) * Fix default installation path * Fixup previous commit. This makes the install location not correct for Debian and similar linux distro, but upstream don't plan to change "lib/cpprestsdk" location, so at least we can override the location with -DCPPREST_EXPORT_DIR=cmake and keep the CMAKE_INSTALL_LIBDIR multiarch location * address review comments * Fix build breaks on GCC 5.4, iOS, and OSX (microsoft#894) * Move up bind_impl so that it can be found by non-MSVC. * Avoid useless qualification making GCC unhappy. * Make GZIP/DEFLATE/BROTLI constant chars. * Remove unneeded ; * Remove broken qualification attempting to forward declare web::http::compression::decompress_factory. * Don't use nonstandard for each. * Remove another unnecessary const. * Mark unused parameters with (void). * Guard -Wno-format-truncation from GCC 5.4. * Fix bogus writtenSize warning from GCC 5.4. * Attempt to avoid std::make_unique in compression tests. * Avoid Concurrency::task_group_status because gcc 5.4 hates it for some reason. * typo a an -> an (microsoft#886) * Correct exception messages and comments in asyncrt_utils (microsoft#889) * Various fixes on microsoft#866 which broke building for iOS and Mac (microsoft#888) * Various fixes on microsoft#866 which broke building for iOS and Mac * Remove trailing semicolon from namespace since flags error when building on Ubuntu * Ubuntu builds needs to factor in unused arguments/variables * Remove trailing spaces from empty lines * Remove duplicate bind_impls. * Fix some merge fallout with master. * Fix narrowing conversion warnings on Windows. (microsoft#895) * Harden winrt_encryption slightly and avoid a potential reallocation. (microsoft#896) * Remove unused variables to avoid warnings in some compilers (microsoft#855) * Enable multi-processor compilation (microsoft#890) * Enable precompiled headers for test/functional (microsoft#891) * Add Ubuntu 16.04 Azure Pipelines Validation (microsoft#898) * Add Azure Pipelines badge. * Added URI resolution according to RFC3986 (microsoft#897) Added URI resolution according to RFC3986, Section 5 (https://tools.ietf.org/html/rfc3986#section-5) * Add MacOS pipelines build support. (microsoft#902) * Attempt to add MacOS pipelines support; increase parallelism to 4. * Fix "expression unused" warnings on MacOS. * Adding test runs to Azure Pipelines. (microsoft#899) * Adding test runs to Pipelines. * Use get instead of then/wait in compression tests. * Fix typo to not write to *done. * Use dylib on MacOS. * Move dotSegment and dotDotSegment back into local variables, as suggested by @toughengineer * Revert "Enable precompiled headers for test/functional (microsoft#891)" (microsoft#904) This reverts commit 2aa4a64 because it fails to compile: D:\cpprestsdk\build.debug>ninja ninja: error: dependency cycle: Release/tests/functional/http/client/stdafx.pch -> Release/tests/functional/http/client/CMakeFiles/httpclient_test.dir/stdafx.cpp.obj -> Release/tests/functional/http/client/stdafx.pch * Burninate internal use of ostringstream, and done a ref (microsoft#905) * Burninate internal use of ostringstream, and make compressors' done parameter required. * Remove errant ::details. * Remove even more errant ::details. * Reduce stdafx.h header inclusion to avoid running out of memory on *nix boxes in Pipelines (microsoft#906) * Pare down stdafx.h to avoid running out of memory on the Linux builders with ninja. * Remove ninja -j. * Add Windows CI to Pipelines using vcpkg for dependencies; merge debug and release for other platforms. (microsoft#911) * Enable Brotli in CI. (microsoft#912) * Enable Brotli in CI. * Restore PCHes and delete unmaintained / broken legacy project files. (microsoft#914) * Add vcpkg based dependency resolution for *nix platforms. (microsoft#913) * Correct .gitmodules to point to upstream vcpkg. * Add install instructions for Fedora (microsoft#919) * Fix off-by-one error in connection pooling introduced with asio certificate changes in 2.10.4 (microsoft#920) * Fix off-by-one error introduced in connection pool stack. This got introduced when the connection pool queue was changed into a stack to reuse hot connections. * Make connection_pool_stack testable and add tests. * Update embedded websockets to 0.8.1 and use submodule instead of checkin (microsoft#921) * Delete checked in websocketpp. * Add submodule reference to websocketpp 0.8.1. * Re-enable no-unused-lamda-capture and no-format-trucation (microsoft#923) * Re-enable no-unused-lamda-capture and no-format-trucation These were disabled as a quick fix for microsoft#778 in microsoft#779. * no-format-truncation was properly fixed in microsoft#787 * no-unused-lamda-capture was worked around in microsoft#732 * gaurds for gcc 5.4 were added in microsoft#849 but with microsoft#787 aren't needed * re-enable warning: -Wdelete-non-virtual-dtor - Was disabled in microsoft#779 and fixed in microsoft#844 * Enable build for iOS in Pipelines. (microsoft#925) * Reduce intermittent test failures in CI by fixing bugs found by asan and tsan (microsoft#926) * Fix intermittent crashes in TestContinuationsWithTask. The one now marked 7 was creating a task that wrote to a stack variable, but never joined with that stack variable. This would cause random crashes whenever that stack position got clobbered. * Fix several errors found by thread sanitizer. * Fix more data races :/ * Fix data races in the asio server found by tsan. * Avoid VS2015 warning C4800. * Enable Android build in CI, update NDK to 17c. (microsoft#922) * This merges parts of: * PR microsoft#662 "Overhaul the build process for the OpenSSL dependency on Android" by jwtowner * PR microsoft#711 "Update the build process for Boost on Android", also by jwtowner * PR microsoft#714 "Improved the build process for cpprestsdk on Android", also by jwtowner. The changes which required patching upstream Boost-for-Android in those PRs has been stripped. The NDK version targeted has been updated to 17c because that's what's avaialble in Azure Pipelines. Various compile failures this uncovered in cpprestsdk on Android were fixed. * Added Jesse Towner (jwtowner) to contributors. * Deal with even more flaky tests! (microsoft#928) * Add message for missing submodule if websocketspp is missing. (microsoft#930) * Update NDK to r18b, as that's what's in Pipelines. (microsoft#931) * Fix VS 2013 builds. (microsoft#932) * Fix VS 2013 builds. * Fixed up bad #endif and constexpr. * Improve utf8_to_utf16 speed for common path (microsoft#892) * Improve utf8_to_utf16 speed for common path Conversion from UTF 8 to UTF 16 will consist mostly of single byte code points (e.g. parsing json bodies). This allows running single byte conversion in a tight loop that is only interrupted if multi byte handling becomes necessary. Measurements for a very long string showed ~30% speed improvement * Use UtilCharInternal_t as character type to avoid issues with platform dependent definition of char * Export methods to set/get the ambient scheduler in cpprest dll (microsoft#670) * Export methods to set/get the ambient scheduler in cpprest dll * move the definiation of get/set_cpprestsdk_ambient_scheduler to pplxwin.cpp * Add test for http request with ambient scheduler * Fix spelling mistakes across the library (microsoft#935) * Use pplx namespace consistently (microsoft#936) * Remove _ASYNCRTIMP from ~http_listener() and implement inline (microsoft#937) * blackjack sample: use vector instead of shared pointer for array (microsoft#943) * Avoid using identifiers reserved by C++ in header guards (microsoft#940) * Mint 2.10.7. (microsoft#933) * Allow ppltasks.h and pplxtasks.h to co-exist (microsoft#938) * Fix incorrect const in reinterpret_cast (microsoft#950) (microsoft#951) * Fix UWP missing header (microsoft#955) * Fix UWP missing header. * Add UWP validation build to Pipelines. * Adds support for OpenSSL 1.1.1 (microsoft#956) Adds support for OpenSSL 1.1.1, given updated websocketpp and boost/asio, at least on macOS and iOS. (see microsoft#949) * fix anroid build issue by remove the crossplt name space before android parameters (microsoft#959) * Update vcpkg to latest master to fix VS2015 build. (microsoft#960) * Update vcpkg to latest master to fix VS2013 build. * Update again! * Fix string size for error message generated by windows_category (microsoft#966) Due to the initial allocation of the error message, the returned std::string had a size of 4096. Since FormatMessageW already returns the number of characters written to the buffer an additional call to resize using the returned count will neatly trim the string. * Add uri_builder::append_path_raw(...) to allow adding elements to path intentionally beginning with '/' ("//" will results in the final path value) (microsoft#958) * add append_path_raw() to uri_builder * modify implementation details * modified test case * fixed append_path_raw and included a testscase for a trailing slash with that API * update submodule to vcpkg master due to the NuGet hash changes * Avoid double encoding through set_path and add tests. Extract single slash string comparison. Reduce string copy count. Add VS Code settings and launch. * Optimize append_path similarly. * Also optimize append_query. * Also optimize other uri_builder things. * Avoid self references. * cmake: add code to detect system brotli library (microsoft#952) * Fix Brotli compress_helper early termination issue (microsoft#963) * Fixes iOS builds and makes it more future proof (microsoft#961) * Fixed builds for iOS to be more future proof * Added possibility to change OpenSSL version * Add leetal to CONTRIBUTORS.txt * Mint 2.10.8. (microsoft#970) * Mint 2.10.8 * Lesssssssssss ssssssssssssss * Address gcc warnings-as-errors in compression code, test improvements (microsoft#973) Thanks for your contribution! * Prevent infinite loop during proxy authentication (microsoft#986) * Remove use of aligned_union that broke CentOS 7. (microsoft#987) * Update vcpkg dependencies. (microsoft#997) * Add tests reported in Github issues. (microsoft#1001) * Add tests reported in Github issues. * Fix lying ampersand comment. * Fix missing string escape. * microsoft#993, microsoft#1002: Add flexibility for iOS building. Adds command line args… (microsoft#1004) * microsoft#993, microsoft#1002: Add flexibility for iOS building. Adds command line args to configure.sh to allow more customization of iOS lib * Add mobileben to CONTRIBUTORS.txt * clang-format cpprestsdk (microsoft#1005) * gcc: Fix compilation with -fno-operator-names (microsoft#1009) * FIX: crash with std::logic_error when reusing a connection that timed out on the server (microsoft#1019) * FIX: check whether instream() is valid before trying to rewind * add .can_seek() as a second line of defense * apply clang-format * improve error reporting for unrewindable streams * Add René Meusel (reneme) to CONTRIBUTORS.txt. * microsoft#1020 handle null bytes when parsing utf8 (microsoft#1021) * add regression test for conversion of null byte * handle null bytes like single byte characters * microsoft#1015 Add in support for adding i386 slice when building for 32-bit targets. Also improve messaging and add means to clean (microsoft#1017) * http_compression.cpp: fix build with gcc 4.7 (microsoft#1024) At GCC 4.7, C++11 rules for noexcept specification of implicit destructors (and default specification on explicit destructors without exception specifications) aren't perfectly implemented, see: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=53613 Fixes: - http://autobuild.buildroot.org/results/a080dbe2977cd35e4f8351d864bd71aaa8f9b743 Signed-off-by: Fabrice Fontaine <[email protected]> * Resolve double free when WinHttpSendRequest fails (microsoft#1022) * Update vcpkg. * Resolve double free when WinHttpSendRequest fails A customer reported that win WinHttpSendRequest fails, WinHTTP still delivers WINHTTP_CALLBACK_STATUS_HANDLE_CLOSING callbacks. When _start_request_send encountered a failure, it deleted the context weak_ptr, and then the WINHTTP_CALLBACK_STATUS_HANDLE_CLOSING also tried to delete it, resulting in double frees. This change binds the weak_ptr to the handle more directly and avoids paying attention to WinHttpSendRequest. * Mint 2.10.9. (microsoft#1025) * Handle multi-byte unicode characters in json parsing (microsoft#1023) * handle multi-byte unicode characters in json parsing * Properly check high surrogate start and end Co-Authored-By: Tymolc <[email protected]> * Temporary fix for VS2013. (microsoft#1033) * Workaround some VS2013 bugs. * Fix threadpool.cpp under VS2013. * Mint 2.10.10 to unblock Azure storage folks. (microsoft#1034) * Disable WINHTTP_AUTOPROXY_OPTIONS machinery when using WINHTTP_ACCESS_TYPE_AUTOMATIC_PROXY. (microsoft#1040) * Fix HTTP/1.0 'Keep-Alive' handling in http_client (microsoft#1032) * Add exception handling for the ssl_context_callback so it has a means to report errors * Fix upgrade to SSL after a proxy connect (hostname is required) * Add the obvious missing constructor from a std::error_code and 'what' string message; cf. websocket_exception * Update vcpkg. (microsoft#1053) * Update vcpkg. * Work around Azure Pipelines bug caused by global VCPKG_ROOT environment variable. * Syntax error! * Returns int64 value in function of seeking to file end on x64 Windows. (microsoft#1057) * Don't close the output stream when reporting errors reading the body. (microsoft#1068) This matches the asio implementation to what the winhttp implementation was doing. Also turned on a test that looked related; I'm not positive that this change fixed that test but it passes for me now. * Enable testing from root directory (microsoft#1064) * Add --vcpkg-root to repair UWP. * Update Boost_for_android for Android R19 (microsoft#1041) This was forced on us by a change made in Azure Pipelines. This change also builds Android with an updated copy of CMake; the version included with Ubuntu didn't have the Boost_ARCHITECTURE knob we need to change for the new -a32 and -x32 library suffixes. * Gate stdext::checked_array_iterator usage on _ITERATOR_DEBUG_LEVEL (microsoft#1072) * Add the missing ssl::context callback in websocket_client_config (microsoft#1049) * Add the missing ssl::context callback in websocket_client_config, borrowing heavily from http_client * Add dependency on Boost and OpenSSL when websocketpp is used for Secure WebSocket, just like for http_client when CPPREST_HTTP_CLIENT_IMPL STREQUAL "asio" * Move get_jvm_env back into the crossplat namespace (microsoft#1073) * Move get_jvm_env back into the crossplat namespace as it is declared in a header and used elsewhere. * Add more missing crossplat:: qualifications. * Mint v2.10.11. (microsoft#1074) * Rewrite date formatting and parsing (microsoft#1076) This overhauls the RFC 1123 and ISO 8601 parsing with bits copied from the autorest C prototype, giving more consistent behavior across platforms, and removing unintended locale dependencies. (For example, before on POSIX on a German machine we might emit Die, 19 Mär 2019 09:59:57 which would be rejected by servers) There is a subtle breaking change in that we previously accepted a time with no date, e.g. "12:12:12Z", and this change rejects that. However, such input is not a valid ISO 8601 input, and we were crazy about how we handled it before. Before, on Windows we would fill in the date with whatever the current date is, but on POSIX we would fill in January 1, 1970. Considering this was never consistent, and considering 99.999% of internet customers are going to be using RFC 3339 which requires all the components, I've dropped that special case. Lots of tests also added. * Fix oauth nonces containing nulls. (microsoft#1084) * Workaround data-race on websocketpp's _htonll function (microsoft#1082) * Workaround data-race on websocketpp's _htonll function * Add URI to discussion. * Fix thread not joined (microsoft#1080) * Add locks to guarantee asio io_service thread is joined * Use lock_guard instead of unique_lock and add unlock comments. * Fix data race, GitHub microsoft#1085 (microsoft#1088) * Fix data race, GitHub microsoft#1085 * Fix *nix typos. * Mint v2.10.12. (microsoft#1089) * Don't initialize atomic_flag with 0. (microsoft#1093) * Avoid tripping over 32 bit time_t mistakes. (microsoft#1094) Resolves microsoft#1090 * Allow error handling for time out in http_client_asio handle_connect (microsoft#1097) * Update request_timeout_microsecond timeout (microsoft#1101) Occasionally, on heavy loaded servers, or slow machines, 500 micro seconds is a too strict timeout. Bump to 900 micro seconds instead * Paranoia for overflow of sprintf buffer in the year 10000 (microsoft#1106) * Parse and emit years from 1900 to 9999, and remove environment variable dependence on Android (microsoft#1117) Update date formatting and parsing to accept all years between 1900 and 9999. This unblocks the Azure Storage SDK which uses 9999-12-31 as a sentinel value for "no expiration time" which was broken by the locale insensitive date formatting's dependence on _mkgmtime, with its 1970-3000 range. By morally reimplementing _mkgmtime, this change also lets us remove the Android workaround of changing the TZ environment variable. Release\tests\functional\utils\datetime.cpp Turn on tests for values that would need 64 bits represented as a time_t, even for 32 bit time_t platforms. Add year 1900 and 9999 test cases, and remove year 3000+ and 1969- negative tests. Release\tests\functional\http* Drive by fix for new VS2019 warnings about narrowing. Release\src\utilities\asyncrt_utils.cpp Remove dependence on _mkgmtime and gmtime_r/gmtime_s by implementing replacements loosely inspired by both the C runtime's date operations and .NET's handling of the Gregorian calendar's 400 year cycle. * Remove needless cast. * Fix off by one error in leap years before year 2000, and bad day names (microsoft#1120) * Mint v2.10.13. (microsoft#1122) * Add switches to make apiscan happy. (microsoft#1133) * json: {"meow"} is not a valid object (microsoft#1130) * json: {"meow"} is not a valid object * Add to contributors - eighteenth PR seemed like the time! :-) * Undefine compress if it is defined by zconf.h (microsoft#1150) * Fix broken CI Builds (microsoft#1156) * Update vcpkg. * Attempt to fix Ubuntu apt and update MacOS. * Workaround Azure Pipelines forcing an updated copy of boost that doesn't work with default Ubuntu libs. * Add test runs back. * Update boost-for-android and block Boost 1.69 on the image. * Update boost and openssl on iOS. * Use right path to test binaries. * Shut off iOS builds. * Use EVP_MAX_MD_SIZE instead of HMAC_MAX_MD_CBLOCK (microsoft#1155) * Remove the address_configured flag on tcp::resolver::query (microsoft#1145) The default behavior for tcp::resolver::query uses the address_configured flag, which only returns addresses if a non-loopback address is available on the system. If this is called before a real network interface is brought up, then resolution will fail and the server won't be functional, even for requests on the loopback interface. Explicitly set the flags to default so that the address_configured flag is not specified. This allows the server to start up normally even when the system has no active network interfaces. * add ping and pong to message handler (microsoft#1143) Add ping and pong to message handler, and optional pong timeout * Fix reusing ASIO http_client connecting to HTTPS server via proxy (microsoft#539) Calling request() twice on the same client configured to connect to a server via HTTPS didn't work under Unix because we issues CONNECT for every request, meaning that, for the second one, we sent CONNECT via an already established connection to the end server itself which, unsurprisingly, didn't work at all. Fix this by only setting up SSL tunnelling for a new connection but not for the already used one. * Fix issue microsoft#1171: Order of object destruction (microsoft#1175) - Connection object is now destroyed before client object - Client is destroyed only when wspp_callback_client is destroyed to prevent race condition with the destructor * FIX: SSL proxy tunnel support with basic auth (microsoft#1183) * Fix profile being set on the compiler instead of the linker. (microsoft#1184) * Update boost-for-android for Android NDK r20 and disable macOS Homebrew. (microsoft#1185) * Update boost-for-android for Android NDK r20. * Also disable homebrew. * I mean homebrew I said! * Apparently Android isn't ready for Boost 1.70 yet. * Remove invalid nondependent static assert (microsoft#1186) * Remove invalid static_assert(false). * Turn on permissive-. * clang-format * Replace CPPREST_TARGET_XP with version checks, remove ""s, and other cleanup (microsoft#1187) * Audit for "" and use std::string default ctor instead. * Fix Linux ambiguity. * Exclude common build directories. * Replace CPPREST_TARGET_XP with checks against _WIN32_WINNT to allow more fine grained controls going forward (e.g. assume Win10). Also fix a few typos. * Delete CASABLANCA_UNREFERENCED_PARAMETER and attempt Linux compile fix. * Defend NOMINMAX. * Another _WIN32 guard. * With && this time. * Fix more spelling errors. * Optimize trim_nulls slightly. * And actually make the optimization correct this time. * Fix unit test failure. * clang-format * Remove proxy settings detection behavior in "default proxy mode." (microsoft#1188) * Remove proxy settings detection behavior in "default proxy mode." This commit partially reverts microsoft@eb108ad in order to work around a reliability problem with WinHttpGetProxyForUrl. That function hangs unless there is an available thread pool thread to complete the WPAD request. As a result, if a customer issued ~512 concurrent HTTP requests, or otherwise needed that many thread pool threads, there would not be a thread available for WinHTTP to complete the operation, and the program would deadlock. Moreover this call to WinHttpGetDefaultProxyConfiguration is extremely expensive, taking ~20% of overall CPU for the entire program for some Azure Storage SDK customers. The function WinHttpGetProxyForUrlEx is supposed to help with this problem by being asynchronous, but that function was added in Windows 8, so we can't use it unconditionally. And on Windows 8.1 we already are using WINHTTP_ACCESS_TYPE_AUTOMATIC_PROXY instead of trying to do proxy autodetect ourselves. * Mint v2.10.14. (microsoft#1193) * Missed one defence against no NOMINMAX in bed8fa5. (microsoft#1202) * Workarounds for two GCC 4.7.2 bugs with lambda functions (microsoft#1209) * Workarounds for two GCC 4.7.2 bugs with lambda functions using implicit this, surfacing as incorrect const-qualification and an internal compiler error. Resolves immediate issues identified in microsoft#1200. * Restore compatibility with modern compilers * fix SxS debug-release builds with Visual Studio (microsoft#1220) * On basic_string_view_support: fix SxS debug-release builds with Visual Studio place precompiled header implicitly in Debug/Release path with VS and explicitly in bin dir otherwise standardize pch setup across libraries with helper function * nudge pipeline to rerun * Fix "Data" to "Date" in the HTTP Server API mapping, and clarify that the indices of these values match the HTTP_HEADER_ID values for HTTP_REQUEST_HEADERS but *not* HTTP_RESPONSE_HEADERS (microsoft#1219) * Fixing of connections_and_errors::cancel_with_error test which sometimes fires false positive error "There are no pending calls to next_request." (microsoft#1196) * Trim whitespace and nulls the same way. (microsoft#1233) * Avoid using permissive- with ZW which breaks VS2019 (microsoft#1248) * Also add VS2019 configurations to Azure Pipelines. * Also turn on vcpkg caching from @lukka * Support for WinHTTPAL curl-to-WinHTTP adapter (microsoft#1182) * http_server_httpsys.cpp requires linking against httpapi.lib, http_client_winhttp.cpp does not. (microsoft#1253) * Update README.md (microsoft#1256) * remove trailing slash on websocketpp submodule url, which causes checkout failure on CircleCI with git 2.22.0 (microsoft#1263)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.