Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit e9ff810

Browse filesBrowse files
ShogunPandaShogunPanda
authored
deps: update llhttp to 9.1.2
PR-URL: #48981 Reviewed-By: Robert Nagy <ronagy@icloud.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
1 parent 71b90fa commit e9ff810
Copy full SHA for e9ff810
Expand file treeCollapse file tree

19 files changed

+1967
-9850
lines changed
Open diff view settings
Collapse file

‎deps/llhttp/.gitignore‎

Copy file name to clipboard
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
libllhttp.pc
Collapse file

‎deps/llhttp/CMakeLists.txt‎

Copy file name to clipboardExpand all lines: deps/llhttp/CMakeLists.txt
+8-6Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
cmake_minimum_required(VERSION 3.5.1)
22
cmake_policy(SET CMP0069 NEW)
33

4-
project(llhttp VERSION 8.1.1)
4+
project(llhttp VERSION 9.1.2)
55
include(GNUInstallDirs)
66

77
set(CMAKE_C_STANDARD 99)
@@ -47,8 +47,9 @@ configure_file(
4747
function(config_library target)
4848
target_sources(${target} PRIVATE ${LLHTTP_SOURCES} ${LLHTTP_HEADERS})
4949

50-
target_include_directories(${target} PRIVATE
51-
${CMAKE_CURRENT_SOURCE_DIR}/include
50+
target_include_directories(${target} PUBLIC
51+
$<BUILD_INTERFACE:${CMAKE_CURRENT_SOURCE_DIR}/include>
52+
$<INSTALL_INTERFACE:include>
5253
)
5354

5455
set_target_properties(${target} PROPERTIES
@@ -72,9 +73,10 @@ function(config_library target)
7273

7374
# This is required to work with FetchContent
7475
install(EXPORT llhttp
75-
FILE llhttp-config.cmake
76-
NAMESPACE llhttp::
77-
DESTINATION ${CMAKE_INSTALL_LIBDIR}/cmake/llhttp)
76+
FILE llhttp-config.cmake
77+
NAMESPACE llhttp::
78+
DESTINATION ${CMAKE_INSTALL_LIBDIR}/cmake/llhttp
79+
)
7880
endfunction(config_library target)
7981

8082
if(BUILD_SHARED_LIBS)
Collapse file

‎deps/llhttp/README.md‎

Copy file name to clipboardExpand all lines: deps/llhttp/README.md
+114-30Lines changed: 114 additions & 30 deletions
  • Display the source diff
  • Display the rich diff
Original file line numberDiff line numberDiff line change
@@ -61,33 +61,41 @@ checks could be performed to get even stricter verification of the llhttp.
6161
## Usage
6262

6363
```C
64+
#include "stdio.h"
6465
#include "llhttp.h"
66+
#include "string.h"
6567

66-
llhttp_t parser;
67-
llhttp_settings_t settings;
68+
int handle_on_message_complete(llhttp_t* parser) {
69+
fprintf(stdout, "Message completed!\n");
70+
return 0;
71+
}
72+
73+
int main() {
74+
llhttp_t parser;
75+
llhttp_settings_t settings;
6876

69-
/* Initialize user callbacks and settings */
70-
llhttp_settings_init(&settings);
77+
/*Initialize user callbacks and settings */
78+
llhttp_settings_init(&settings);
7179

72-
/* Set user callback */
73-
settings.on_message_complete = handle_on_message_complete;
80+
/*Set user callback */
81+
settings.on_message_complete = handle_on_message_complete;
7482

75-
/* Initialize the parser in HTTP_BOTH mode, meaning that it will select between
76-
* HTTP_REQUEST and HTTP_RESPONSE parsing automatically while reading the first
77-
* input.
78-
*/
79-
llhttp_init(&parser, HTTP_BOTH, &settings);
83+
/*Initialize the parser in HTTP_BOTH mode, meaning that it will select between
84+
*HTTP_REQUEST and HTTP_RESPONSE parsing automatically while reading the first
85+
*input.
86+
*/
87+
llhttp_init(&parser, HTTP_BOTH, &settings);
8088

81-
/* Parse request! */
82-
const char* request = "GET / HTTP/1.1\r\n\r\n";
83-
int request_len = strlen(request);
89+
/*Parse request! */
90+
const char* request = "GET / HTTP/1.1\r\n\r\n";
91+
int request_len = strlen(request);
8492

85-
enum llhttp_errno err = llhttp_execute(&parser, request, request_len);
86-
if (err == HPE_OK) {
87-
/* Successfully parsed! */
88-
} else {
89-
fprintf(stderr, "Parse error: %s %s\n", llhttp_errno_name(err),
90-
parser.reason);
93+
enum llhttp_errno err = llhttp_execute(&parser, request, request_len);
94+
if (err == HPE_OK) {
95+
fprintf(stdout, "Successfully parsed!\n");
96+
} else {
97+
fprintf(stderr, "Parse error: %s %s\n", llhttp_errno_name(err), parser.reason);
98+
}
9199
}
92100
```
93101
For more information on API usage, please refer to [src/native/api.h](https://github.com/nodejs/llhttp/blob/main/src/native/api.h).
@@ -279,7 +287,7 @@ protocol support to highly non-compliant clients/server.
279287
No `HPE_INVALID_HEADER_TOKEN` will be raised for incorrect header values when
280288
lenient parsing is "on".
281289
282-
**USE AT YOUR OWN RISK!**
290+
**Enabling this flag can pose a security issue since you will be exposed to request smuggling attacks. USE WITH CAUTION!**
283291
284292
### `void llhttp_set_lenient_chunked_length(llhttp_t* parser, int enabled)`
285293
@@ -292,23 +300,22 @@ conjunction with `Content-Length`.
292300
This error is important to prevent HTTP request smuggling, but may be less desirable
293301
for small number of cases involving legacy servers.
294302
295-
**USE AT YOUR OWN RISK!**
303+
**Enabling this flag can pose a security issue since you will be exposed to request smuggling attacks. USE WITH CAUTION!**
296304
297305
### `void llhttp_set_lenient_keep_alive(llhttp_t* parser, int enabled)`
298306
299307
Enables/disables lenient handling of `Connection: close` and HTTP/1.0
300308
requests responses.
301309
302-
Normally `llhttp` would error on (in strict mode) or discard (in loose mode)
303-
the HTTP request/response after the request/response with `Connection: close`
304-
and `Content-Length`.
310+
Normally `llhttp` would error the HTTP request/response
311+
after the request/response with `Connection: close` and `Content-Length`.
305312
306313
This is important to prevent cache poisoning attacks,
307314
but might interact badly with outdated and insecure clients.
308315
309316
With this flag the extra request/response will be parsed normally.
310317
311-
**USE AT YOUR OWN RISK!**
318+
**Enabling this flag can pose a security issue since you will be exposed to poisoning attacks. USE WITH CAUTION!**
312319
313320
### `void llhttp_set_lenient_transfer_encoding(llhttp_t* parser, int enabled)`
314321
@@ -323,7 +330,67 @@ avoid request smuggling.
323330
324331
With this flag the extra value will be parsed normally.
325332
326-
**USE AT YOUR OWN RISK!**
333+
**Enabling this flag can pose a security issue since you will be exposed to request smuggling attacks. USE WITH CAUTION!**
334+
335+
### `void llhttp_set_lenient_version(llhttp_t* parser, int enabled)`
336+
337+
Enables/disables lenient handling of HTTP version.
338+
339+
Normally `llhttp` would error when the HTTP version in the request or status line
340+
is not `0.9`, `1.0`, `1.1` or `2.0`.
341+
With this flag the extra value will be parsed normally.
342+
343+
**Enabling this flag can pose a security issue since you will allow unsupported HTTP versions. USE WITH CAUTION!**
344+
345+
### `void llhttp_set_lenient_data_after_close(llhttp_t* parser, int enabled)`
346+
347+
Enables/disables lenient handling of additional data received after a message ends
348+
and keep-alive is disabled.
349+
350+
Normally `llhttp` would error when additional unexpected data is received if the message
351+
contains the `Connection` header with `close` value.
352+
With this flag the extra data will discarded without throwing an error.
353+
354+
**Enabling this flag can pose a security issue since you will be exposed to poisoning attacks. USE WITH CAUTION!**
355+
356+
### `void llhttp_set_lenient_optional_lf_after_cr(llhttp_t* parser, int enabled)`
357+
358+
Enables/disables lenient handling of incomplete CRLF sequences.
359+
360+
Normally `llhttp` would error when a CR is not followed by LF when terminating the
361+
request line, the status line, the headers or a chunk header.
362+
With this flag only a CR is required to terminate such sections.
363+
364+
**Enabling this flag can pose a security issue since you will be exposed to request smuggling attacks. USE WITH CAUTION!**
365+
366+
### `void llhttp_set_lenient_optional_cr_before_lf(llhttp_t* parser, int enabled)`
367+
368+
Enables/disables lenient handling of line separators.
369+
370+
Normally `llhttp` would error when a LF is not preceded by CR when terminating the
371+
request line, the status line, the headers, a chunk header or a chunk data.
372+
With this flag only a LF is required to terminate such sections.
373+
374+
**Enabling this flag can pose a security issue since you will be exposed to request smuggling attacks. USE WITH CAUTION!**
375+
376+
### `void llhttp_set_lenient_optional_crlf_after_chunk(llhttp_t* parser, int enabled)`
377+
378+
Enables/disables lenient handling of chunks not separated via CRLF.
379+
380+
Normally `llhttp` would error when after a chunk data a CRLF is missing before
381+
starting a new chunk.
382+
With this flag the new chunk can start immediately after the previous one.
383+
384+
**Enabling this flag can pose a security issue since you will be exposed to request smuggling attacks. USE WITH CAUTION!**
385+
386+
### `void llhttp_set_lenient_spaces_after_chunk_size(llhttp_t* parser, int enabled)`
387+
388+
Enables/disables lenient handling of spaces after chunk size.
389+
390+
Normally `llhttp` would error when after a chunk size is followed by one or more spaces are present instead of a CRLF or `;`.
391+
With this flag this check is disabled.
392+
393+
**Enabling this flag can pose a security issue since you will be exposed to request smuggling attacks. USE WITH CAUTION!**
327394
328395
## Build Instructions
329396
@@ -345,17 +412,34 @@ make
345412

346413
### Using with CMake
347414

348-
If you want to use this library in a CMake project you can use the snippet below.
415+
If you want to use this library in a CMake project as a shared library, you can use the snippet below.
349416

350417
```
351418
FetchContent_Declare(llhttp
352-
URL "https://github.com/nodejs/llhttp/archive/refs/tags/v6.0.5.tar.gz") # Using version 6.0.5
419+
URL "https://github.com/nodejs/llhttp/archive/refs/tags/release/v8.1.0.tar.gz")
353420
354421
FetchContent_MakeAvailable(llhttp)
355422
356-
target_link_libraries(${EXAMPLE_PROJECT_NAME} ${PROJECT_LIBRARIES} llhttp ${PROJECT_NAME})
423+
# Link with the llhttp_shared target
424+
target_link_libraries(${EXAMPLE_PROJECT_NAME} ${PROJECT_LIBRARIES} llhttp_shared ${PROJECT_NAME})
357425
```
358426

427+
If you want to use this library in a CMake project as a static library, you can set some cache variables first.
428+
429+
```
430+
FetchContent_Declare(llhttp
431+
URL "https://github.com/nodejs/llhttp/archive/refs/tags/release/v8.1.0.tar.gz")
432+
433+
set(BUILD_SHARED_LIBS OFF CACHE INTERNAL "")
434+
set(BUILD_STATIC_LIBS ON CACHE INTERNAL "")
435+
FetchContent_MakeAvailable(llhttp)
436+
437+
# Link with the llhttp_static target
438+
target_link_libraries(${EXAMPLE_PROJECT_NAME} ${PROJECT_LIBRARIES} llhttp_static ${PROJECT_NAME})
439+
```
440+
441+
_Note that using the git repo directly (e.g., via a git repo url and tag) will not work with FetchContent_Declare because [CMakeLists.txt](./CMakeLists.txt) requires string replacements (e.g., `_RELEASE_`) before it will build._
442+
359443
## Building on Windows
360444

361445
### Installation

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.