Skip to content

Commit eb5a65e

Browse files
yhiroseyhirose
committed
Fix #2217 
1 parent 7a3b92b commit eb5a65e

File tree

2 files changed

+44
-1
lines changed

2 files changed

+44
-1
lines changed

httplib.h

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8984,7 +8984,9 @@ inline bool ClientImpl::create_redirect_client(
89848984
}
89858985

89868986
// Handle CA certificate store and paths if available
8987-
if (ca_cert_store_) { redirect_client.set_ca_cert_store(ca_cert_store_); }
8987+
if (ca_cert_store_ && X509_STORE_up_ref(ca_cert_store_)) {
8988+
redirect_client.set_ca_cert_store(ca_cert_store_);
8989+
}
89888990
if (!ca_cert_file_path_.empty()) {
89898991
redirect_client.set_ca_cert_path(ca_cert_file_path_, ca_cert_dir_path_);
89908992
}
@@ -10878,6 +10880,7 @@ inline void SSLClient::set_ca_cert_store(X509_STORE *ca_cert_store) {
1087810880
if (SSL_CTX_get_cert_store(ctx_) != ca_cert_store) {
1087910881
// Free memory allocated for old cert and use new store `ca_cert_store`
1088010882
SSL_CTX_set_cert_store(ctx_, ca_cert_store);
10883+
ca_cert_store_ = ca_cert_store;
1088110884
}
1088210885
} else {
1088310886
X509_STORE_free(ca_cert_store);

test/test.cc

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9012,6 +9012,46 @@ TEST(HttpToHttpsRedirectTest, CertFile) {
90129012
ASSERT_EQ(StatusCode::OK_200, res->status);
90139013
}
90149014

9015+
TEST(SSLClientRedirectTest, CertFile) {
9016+
SSLServer ssl_svr1(SERVER_CERT2_FILE, SERVER_PRIVATE_KEY_FILE);
9017+
ASSERT_TRUE(ssl_svr1.is_valid());
9018+
ssl_svr1.Get("/index", [&](const Request &, Response &res) {
9019+
res.set_redirect("https://127.0.0.1:1235/index");
9020+
ssl_svr1.stop();
9021+
});
9022+
9023+
SSLServer ssl_svr2(SERVER_CERT2_FILE, SERVER_PRIVATE_KEY_FILE);
9024+
ASSERT_TRUE(ssl_svr2.is_valid());
9025+
ssl_svr2.Get("/index", [&](const Request &, Response &res) {
9026+
res.set_content("test", "text/plain");
9027+
ssl_svr2.stop();
9028+
});
9029+
9030+
thread t = thread([&]() { ASSERT_TRUE(ssl_svr1.listen("127.0.0.1", PORT)); });
9031+
thread t2 =
9032+
thread([&]() { ASSERT_TRUE(ssl_svr2.listen("127.0.0.1", 1235)); });
9033+
auto se = detail::scope_exit([&] {
9034+
t2.join();
9035+
t.join();
9036+
ASSERT_FALSE(ssl_svr1.is_running());
9037+
});
9038+
9039+
ssl_svr1.wait_until_ready();
9040+
ssl_svr2.wait_until_ready();
9041+
9042+
SSLClient cli("127.0.0.1", PORT);
9043+
std::string cert;
9044+
read_file(SERVER_CERT2_FILE, cert);
9045+
cli.load_ca_cert_store(cert.c_str(), cert.size());
9046+
cli.enable_server_certificate_verification(true);
9047+
cli.set_follow_location(true);
9048+
cli.set_connection_timeout(30);
9049+
9050+
auto res = cli.Get("/index");
9051+
ASSERT_TRUE(res);
9052+
ASSERT_EQ(StatusCode::OK_200, res->status);
9053+
}
9054+
90159055
TEST(MultipartFormDataTest, LargeData) {
90169056
SSLServer svr(SERVER_CERT_FILE, SERVER_PRIVATE_KEY_FILE);
90179057

0 commit comments

Comments
 (0)