What's Changed
Bug fixes
- Fix iOS build break caused by
TARGET_OS_MACbeing true on all Apple platforms (iOS, tvOS, watchOS). The Keychain enumeration path andSecurity.hinclude guards are now narrowed toTARGET_OS_OSX, and definingCPPHTTPLIB_USE_CERTS_FROM_MACOSX_KEYCHAINon a non-macOS Apple platform now emits an explicit#errordirecting users toset_ca_cert_path()with a bundled CA file. Addresses #2454 (#2455) - Fix zstd detection in the installed
httplibConfig.cmakeso downstream projects that depend on the installed package correctly pick up zstd (#2453)
Improvements
- Replace the deprecated
SecTrustCopyAnchorCertificates(deprecated in macOS 13) withSecTrustSettingsCopyCertificates, iterating over the System, Admin, and User trust domains to retain equivalent anchor-certificate coverage (#2455) - Declare
Server::stop()asnoexcept, reflecting that the implementation does not throw (#2451)
CI / Internal
- Add a best-effort BoringSSL CI job (Ubuntu and macOS) that builds BoringSSL from source and exercises cpp-httplib's existing OpenSSL backend path.
SSLClientServerTest.TlsVerifyHostnameis now backend-aware (BoringSSL is SAN-only per RFC 6125 §6.4.4), and the README notes BoringSSL as a best-effort variant with the C++14 and SAN-only caveats (#2456) - Add an iOS header parse check to CI to catch accidental use of macOS-only APIs or guards (e.g.
TARGET_OS_MACvsTARGET_OS_OSX) that would silently break iOS builds (#2455)