in secure mode, don't append the port to the Host header

because both calc_cn_host in cpprestsdk/Release/src/http/client/http_client_asio.cpp and winhttp_client::send_request in cpprestsdk/Release/src/http/client/http_client_winhttp.cpp compare the entire Host header value with the certificate Common Name which causes an SSL handshake error
sony · Feb 23, 2024 · b03157d · b03157d
1 parent 638d40a
commit b03157d
Showing 1 changed file with 12 additions and 2 deletions.
diff --git a/Development/nmos/client_utils.cpp b/Development/nmos/client_utils.cpp
@@ -263,14 +263,24 @@ namespace nmos
         {
             // unstash the host name for the Host header
             // cf. nmos::details::resolve_service
-            std::unique_ptr<web::http::client::http_client> client(new web::http::client::http_client(web::uri_builder(base_uri).set_user_info({}).to_uri(), client_config));
+            // don't bother clearing user_info since http_client makes no use of it
+            // see https://github.com/microsoft/cpprestsdk/issues/3
+            std::unique_ptr<web::http::client::http_client> client(new web::http::client::http_client(base_uri, client_config));
             if (!base_uri.user_info().empty())
             {
                 auto host = base_uri.user_info();
-                if (base_uri.port() > 0)
+
+                // hmm, in secure mode, don't append the port to the Host header
+                // because both calc_cn_host in cpprestsdk/Release/src/http/client/http_client_asio.cpp
+                // and winhttp_client::send_request in cpprestsdk/Release/src/http/client/http_client_winhttp.cpp
+                // compare the entire Host header value with the certificate Common Name
+                // which causes an SSL handshake error
+                // see https://github.com/microsoft/cpprestsdk/issues/1790
+                if (base_uri.port() > 0 && !web::is_secure_uri_scheme(base_uri.scheme()))
                 {
                     host.append(U(":")).append(utility::conversions::details::to_string_t(base_uri.port()));
                 }
+
                 client->add_handler([host](web::http::http_request request, std::shared_ptr<web::http::http_pipeline_stage> next_stage) -> pplx::task<web::http::http_response>
                 {
                     request.headers().add(web::http::header_names::host, host);