1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-14 05:25:06 -05:00
Commit Graph

1634 Commits

Author SHA1 Message Date
Steve Holme
e3558a551b tests: Grouped IMAP SASL EXTERNAL tests with other IMAP tests 2015-01-28 19:50:34 +00:00
Patrick Monnerat
ed9a4b9fc4 test: add test cases for sasl external authentication (imap/pop3/smtp). 2015-01-27 18:03:56 +01:00
Daniel Stenberg
3df8e78860 tests: make sure CRLFs can't be used in URLs passed to proxy
Bug: http://curl.haxx.se/docs/adv_20150108B.html
2015-01-07 22:55:56 +01:00
Steve Holme
0d037cfdce test1520: Fixed initial teething problems
* Missing initialisation of upload status caused a seg fault
* Missing data termination caused corrupt data to be uploaded
* Data verification should be performed in <upload> element
* Added missing recipient list cleanup
2014-12-28 13:04:15 +00:00
Steve Holme
29726951b0 tests: Added test for bug #1456 2014-12-28 12:17:32 +00:00
Steve Holme
1abe65d928 code/docs: Use Unix rather than UNIX to avoid use of the trademark
Use Unix when generically writing about Unix based systems as UNIX is
the trademark and should only be used in a particular product's name.
2014-12-26 21:42:44 +00:00
Peter Wu
479abdd32e tests: add two HTTP over UNIX socket tests
test1435: a simple test that checks whether a HTTP request can be
performed over the UNIX socket. The hostname/port are interpreted
by sws and should be ignored by cURL.

test1436: test for the ability to do two requests to the same host,
interleaved with one to a different hostname.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-12-04 02:52:19 +01:00
Bill Nagel
b359badd49 curl tool: Enable support for the SMB protocol
This patch enables SMB/CIFS support in the curl command-line tool.
2014-11-30 21:32:44 +00:00
Steve Holme
733686e430 tests: Disable test 1013 until SMB is fully added 2014-11-29 21:36:20 +00:00
Steve Holme
c5399c827d tests: Added SMTP with --crlf test case 2014-11-26 23:58:42 +00:00
be1a505189 SSL: Add PEM format support for public key pinning 2014-11-24 19:30:09 +01:00
Daniel Stenberg
4c3cfc7558 test1801: first real http2 test case 2014-11-20 23:33:34 +01:00
Daniel Stenberg
07e0957e1f test1800: first plain-text http2 test case
Verifies the upgrade request, but gets a plain 1.1 response
2014-11-20 23:33:34 +01:00
Peter Wu
8bdecd3617 test22: expand a backtick command
This is the only user of the backtick operator in the command. As the
commands will soon not be executed by a shell anymore (but by perl),
replace the command with its output.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-11-13 23:06:44 +01:00
Dan Fandrich
e2828af607 test552: Don't run HTTP digest tests for SSPI based builds
Technical difficulties prevented this from going into the
previous commit.
2014-11-06 22:31:07 +01:00
Steve Holme
b5c496f109 tests: Don't run HTTP digest tests for SSPI based builds
Added !SSPI to the features list of the HTTP digest tests, as SSPI
based builds now use the Windows SSPI messaging API rather than the
internal functions, and we can't control the random numbers that get
used as part of the digest.
2014-11-06 20:36:08 +00:00
Daniel Stenberg
445aab4b73 tests: add new feature 'SSLpinning'
... and make test 2034 and 2035 require it, and have it set when built
with OpenSSL or GnuTLS.
2014-11-04 23:02:09 +01:00
Daniel Stenberg
9bc2582c31 resume: consider a resume from [content-length] to be OK
Basically since servers often then don't respond well to this and
instead send the full contents and then libcurl would instead error out
with the assumption that the server doesn't support resume. As the data
is then already transfered, this is now considered fine.

Test case 1434 added to verify this. Test case 1042 slightly modified.

Reported-by: hugo
Bug: http://curl.haxx.se/bug/view.cgi?id=1443
2014-11-01 23:09:24 +01:00
Daniel Stenberg
95765567d0 HTTP: return larger than 3 digit response codes too
HTTP 1.1 is clearly specified to only allow three digit response codes,
and libcurl used sscanf("%3d") for that purpose. This made libcurl
support smaller numbers but not larger. It does now, but we will not
make any specific promises nor document this further since it is going
outside of what HTTP is.

Bug: http://curl.haxx.se/bug/view.cgi?id=1441
Reported-by: Balaji
2014-10-27 16:28:10 +01:00
Dan Fandrich
382cee0a77 Added the "flaky" keyword to a number of tests
Each shows evidence of flakiness on at least one platform on
the autobuilds. Users can use this keyword to skip these tests
if desired.
2014-10-26 13:50:38 +01:00
Daniel Stenberg
d938d5e6f8 test545: make it not use a trailing zero
CURLOPT_COPYPOSTFIELDS with a given CURLOPT_POSTFIELDSIZE does not
require a trailing zero of the data and by making sure this test doesn't
use one we know it works (combined with valgrind).
2014-10-16 23:40:49 +02:00
Peter Wu
476499c75c tests: move TESTCASES to Makefile.inc, add show for cmake
This change allows runtests.pl to be run from the CMake builddir:

    export srcdir=/tmp/curl/tests;
    perl -I$srcdir $srcdir/runtests.pl -l

In order to make this possible, all test cases have been moved from
Makefile.am to Makefile.inc.

Signed-off-by: Peter Wu <peter@lekensteyn.nl>
2014-10-13 11:50:21 +02:00
Daniel Stenberg
bf7023d165 test2036: verify -O with no slash at all in the URL
Similar to test 76 but that test's URL has a slash just no file name
part.
2014-10-09 16:50:26 +02:00
93e450793c SSL: implement public key pinning
Option --pinnedpubkey takes a path to a public key in DER format and
only connect if it matches (currently only implemented with OpenSSL).

Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt().

Extract a public RSA key from a website like so:
openssl s_client -connect google.com:443 2>&1 < /dev/null | \
sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \
| openssl rsa -pubin -outform DER > google.com.der
2014-10-07 14:44:19 +02:00
Yousuke Kimoto
b10a838a7a CURLOPT_COOKIELIST: Added "RELOAD" command 2014-09-25 16:28:17 +02:00
Daniel Stenberg
a76825a5ef cookies: reject incoming cookies set for TLDs
Test 61 was modified to verify this.

CVE-2014-3620

Reported-by: Tim Ruehsen
URL: http://curl.haxx.se/docs/adv_20140910B.html
2014-09-10 07:32:36 +02:00
Tim Ruehsen
8a75dbeb23 cookies: only use full host matches for hosts used as IP address
By not detecting and rejecting domain names for partial literal IP
addresses properly when parsing received HTTP cookies, libcurl can be
fooled to both send cookies to wrong sites and to allow arbitrary sites
to set cookies for others.

CVE-2014-3613

Bug: http://curl.haxx.se/docs/adv_20140910A.html
2014-09-10 07:32:36 +02:00
Brandon Casey
6beb0eeea1 Ensure progress.size_dl/progress.size_ul are always >= 0
Historically the default "unknown" value for progress.size_dl and
progress.size_ul has been zero, since these values are initialized
implicitly by the calloc that allocates the curl handle that these
variables are a part of.  Users of curl that install progress
callbacks may expect these values to always be >= 0.

Currently it is possible for progress.size_dl and progress.size_ul
to by set to a value of -1, if Curl_pgrsSetDownloadSize() or
Curl_pgrsSetUploadSize() are passed a "size" of -1 (which a few
places currently do, and a following patch will add more).  So
lets update Curl_pgrsSetDownloadSize() and Curl_pgrsSetUploadSize()
so they make sure that these variables always contain a value that
is >= 0.

Updates test579 and test599.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
2014-09-07 23:23:12 +02:00
Steve Holme
8acbb074f8 tests: Added test1420 to the makefile 2014-09-07 12:13:34 +01:00
Steve Holme
be83356e5e test1420: Removed unnecessary CURLOPT setting 2014-09-07 12:09:29 +01:00
Steve Holme
797d56cbd8 tests: Added more "Clear Text" authentication keywords 2014-09-07 11:37:10 +01:00
Steve Holme
9ee502ac6b tests: Updated "based on" text due to email test renumbering 2014-09-07 11:19:10 +01:00
Steve Holme
ed285ae5c9 tests: For consistency added --libcurl to test name 2014-09-07 11:19:08 +01:00
Steve Holme
436a841354 tests: Added --libcurl for IMAP test case 2014-09-07 11:19:05 +01:00
Daniel Stenberg
0187c9e11d http: fix the Content-Range: parser
... to handle "*/[total]". Also, removed the strange hack that made
CURLOPT_FAILONERROR on a 416 response after a *RESUME_FROM return
CURLE_OK.

Reported-by: Dimitrios Siganos
Bug: http://curl.haxx.se/mail/lib-2014-06/0221.html
2014-08-15 10:02:47 +02:00
Fabian Keil
6543f6e36c tests: Fix a couple of incomplete response lines 2014-07-26 23:12:53 +02:00
Daniel Stenberg
4cb2521595 test506: verify aa68848451
After the fixed cookie lock deadlock, this test now passes and it
detects double-locking and double-unlocking of mutexes.
2014-07-16 00:09:58 +02:00
Dan Fandrich
4da6e0c966 test320: strip off the actual negotiated cipher width
It's irrelevant to the test, and will change depending on which SSL
library is being used by libcurl.
2014-07-15 01:01:39 +02:00
Dan Fandrich
816979e3b8 tests: added globbing keyword to URL globbing tests 2014-07-12 01:52:07 +02:00
Dan Fandrich
d582c272a6 tests: adjust for capitalization differences in newer gnutls-serv 2014-07-11 23:47:48 +02:00
Dan Fandrich
4dc3a57718 test320/1/2/4: fix the port number substitution variables
These tests have been broken since commit 1958fe57 in Oct. 2011
2014-07-11 23:47:33 +02:00
Dan Fandrich
34d02aff71 sasl: Added back qop argument mistakenly removed in e95ca7ce
This caused segfaults on tests 823 869 907.
2014-06-15 14:11:35 +02:00
Dan Fandrich
ce6c691da1 test1398: Added test to Makefile.am 2014-06-15 12:28:43 +02:00
Daniel Stenberg
e95ca7cec9 NTLM: set a fake entropy for debug builds with CURL_ENTROPY set
Curl_rand() will return a dummy and repatable random value for this
case. Makes it possible to write test cases that verify output.

Also, fake timestamp with CURL_FORCETIME set.

Only when built debug enabled of course.

Curl_ssl_random() was not used anymore so it has been
removed. Curl_rand() is enough.

create_digest_md5_message: generate base64 instead of hex string

curl_sasl: also fix memory leaks in some OOM situations
2014-06-11 23:15:48 +02:00
Steve Holme
ceacbacd14 tests: Disabled NTLM tests for non-debug builds
Added required "debug" feature, missed in commit 1c9aaa0bac, as NTLMv2
calls Curl_rand() which can only be fixed to a specific entropy in
debug builds.
2014-06-11 21:24:59 +01:00
Steve Holme
e8c1bf8840 tests: Fixed up DIGEST-MD5 tests following commit eefeb73af4 2014-06-01 12:18:05 +01:00
Daniel Stenberg
313b274b9d test1134: verify CREDSPERREQUEST for HTTP
Verifies that the change in 68f0166a92 works as intended and that
different HTTP auth credentials to the same host still re-uses the
connection properly.
2014-05-18 16:55:03 +02:00
Steve Holme
18e4cd1e20 tests: Fixed up DIGEST-MD5 tests following commit 8342b6e1dc 2014-05-11 16:20:52 +01:00
Dan Fandrich
f0b2d27f7d test87: Get rid of extraneous square brackets in tag 2014-05-09 11:04:30 +02:00
Daniel Stenberg
812da4190f mprintf: allow %.s with data not being zero terminated
If the precision is indeed shorter than the string, don't strlen() to
find the end because that's not how the precision operator works.

I also added a unit test for curl_msnprintf to make sure this works and
that the fix doesn't a few other basic use cases. I found a POSIX
compliance problem that I marked TODO in the unit test, and I figure we
need to add more tests in the future.

Reported-by: Török Edwin
2014-05-04 23:39:52 +02:00
Daniel Stenberg
2e57c7e0fc test325: verify --proto-redir https=>http 2014-04-23 22:36:01 +02:00
Steve Holme
4c8c3da6e2 test810: Updated to use new IMAP URL query string functionality 2014-04-18 16:51:50 +01:00
Steve Holme
5cdb61abb2 tests: Disabled DIGEST-MD5 tests when running with SSPI enabled 2014-04-06 16:32:59 +01:00
Daniel Stenberg
74851340bd PROXYHEADER: send these headers in "normal" proxy requests too
Updated the docs to clarify and the code accordingly, with test 1528 to
verify:

When CURLHEADER_SEPARATE is set and libcurl is asked to send a request
to a proxy but it isn't CONNECT, then _both_ header lists
(CURLOPT_HTTPHEADER and CURLOPT_PROXYHEADER) will be used since the
single request is then made for both the proxy and the server.
2014-04-04 17:03:43 +02:00
Daniel Stenberg
d3d27551e7 test1428: verify --proxy-header 2014-04-04 17:03:43 +02:00
Daniel Stenberg
ef6be35bae CURLOPT_HEADEROPT: added
Modified the logic so that CURLOPT_HEADEROPT now controls if PROXYHEADER
is actually used or not.
2014-04-04 17:03:43 +02:00
Daniel Stenberg
ac887eedbc CURLOPT_PROXYHEADER: set headers for proxy-only
Includes docs and new test cases: 1525, 1526 and 1527

Co-written-by: Vijay Panghal
2014-04-04 17:03:43 +02:00
Daniel Stenberg
42937f87e6 HTTP: don't send Content-Length: 0 _and_ Expect: 100-continue
Without request body there's no point in asking for 100-continue.

Bug: http://curl.haxx.se/bug/view.cgi?id=1349
Reported-by: JimS
2014-04-04 15:46:35 +02:00
Dan Fandrich
c57166b575 tests: unified use of some keywords 2014-04-03 11:49:49 +02:00
Dan Fandrich
ff35e74bcd tests: added some missing closing tags 2014-04-03 11:49:48 +02:00
Daniel Stenberg
1432b22e62 tests: add keywords to the last 7 tests lacking them 2014-04-03 11:06:24 +02:00
Steve Holme
b201d9adb8 tests: Added SMTP with credientials test when not supported by server 2014-04-01 07:19:29 +01:00
Steve Holme
dd07e79023 tests: Added SMTP with credentials test for RFC-821 based server
Added SMTP (RFC-821 only) based test case as a reference for the fix
provided by commit fe260b75e7.
2014-03-31 20:55:58 +01:00
Paul Marks
0bc4938eec curl: stop interpreting IPv6 literals as glob patterns.
This makes it possible to fetch from an IPv6 literal without specifying
the -g option.  Globbing remains available elsehwere in the URL.

For example:
  curl http://[::1]/file[1-3].txt

This creates no ambiguity, because there is no overlap between the
syntax of valid globs and valid IPv6 literals.  Globs contain hyphens
and at most 1 colon, while IPv6 literals have no hyphens, and at least 2
colons.

The peek_ipv6() parser simply whitelists a set of characters and counts
colons, because the real validation happens later on.  The character set
includes A-Z, in case someone decides to implement support for scopes
like [fe80::1%25eth0] in the future.

Signed-off-by: Paul Marks <pmarks@google.com>
2014-03-30 23:45:29 +02:00
Steve Holme
4043d7b67b test938: Updated to use file input for upload
As the second URL won't be passed input from stdin.
2014-03-30 22:40:34 +01:00
Steve Holme
7dd494c6e7 test836: Fixed incorrect username in expected output 2014-03-30 22:40:21 +01:00
Daniel Stenberg
fbb6e0478b DISABLED: 836, 882 and 938 hang 2014-03-30 23:36:57 +02:00
Daniel Stenberg
c38b573ff5 tests: remove trailing CRs from keywords 2014-03-30 17:05:22 +02:00
Steve Holme
afbcfc4f46 tests: Added email unit tests to verify login credential connection re-use 2014-03-30 15:13:31 +01:00
Steve Holme
b3e55bf989 tests: Corrected "APOP" authentication keyword 2014-03-30 12:00:33 +01:00
Steve Holme
6876b35ad6 tests: Replaced email authentication keywords with SASL based keywords
As the email protocols implement SASL authentication rather than IMAP,
POP3 and SMTP specific authentication, updated the authentication
keywords to reflect this.
2014-03-30 11:56:42 +01:00
Steve Holme
82bcc7c615 tests: Added "Clear Text" authentication keyword 2014-03-30 11:34:23 +01:00
Steve Holme
dfa481a7c5 tests: Added "SASL" authentication keyword 2014-03-30 11:31:38 +01:00
Dan Fandrich
f82e0edc17 test815/816: Use authentication for both URLs
The improved connection reuse logic would otherwise create a new
connection for each one, which isn't supported by the test
server, nor expected by the test.
2014-03-26 22:06:26 +01:00
Richard J. Moore
4d06b27921 test1397: unit test for certificate name wildcard handling 2014-03-25 23:01:37 +01:00
Dan Fandrich
4c599b9d2d tests: made the SASL modes separate keywords 2014-03-15 11:13:13 +01:00
Dan Fandrich
c03243576a tests: added missing HTTP NTLM auth keywords
Also, removed an unneeded strippart
2014-03-15 10:54:49 +01:00
Dan Fandrich
02bba0ce7d tests: disable valgrind on the remaining scp/sftp tests 2014-03-15 10:41:40 +01:00
Dan Fandrich
61591eee68 test640/1: add tests for --head with sftp and scp
This option is currently rather useless with these protocols
when no quote command is given, but it is valid.
2014-03-14 23:38:00 +01:00
Steve Holme
219d19a401 test96: Updated accordly for recent changes 2014-02-28 09:45:38 +00:00
Steve Holme
07d7603b45 tool: Reworked argument parsing to use --next/-:
Follow up to commit 1a9b58fcb2 to replace the : command line option
with --next and -:.
2014-02-26 20:53:23 +00:00
Dan Fandrich
4b4e8a5853 tests: Made the crypto test feature usable
This feature specifies the availability of cryptographic
authentication, which can be disabled at compile-time
2014-02-17 09:50:46 +01:00
Daniel Stenberg
d765099813 ConnectionExists: re-use connections better
When allowing NTLM, the re-use connection logic was too focused on
finding an existing NTLM connection to use and didn't properly allow
re-use of other ones. This made the logic not re-use perfectly re-usable
connections.

Added test case 1418 and 1419 to verify.

Regression brought in 8ae35102c (curl 7.35.0)

Reported-by: Jeff King
Bug: http://thread.gmane.org/gmane.comp.version-control.git/242213
2014-02-16 14:30:02 +01:00
Marc Hoersken
779afe3bbf testsuite: more Windows line-endings fixes 2014-02-15 09:19:27 +01:00
Marc Hoersken
f3ce1af9fc test1114: fix line-endings checks on Windows after 75f00de 2014-02-15 09:14:36 +01:00
Marc Hoersken
3c2c1f9876 test1113: fix line-endings checks on Windows after 75f00de5 2014-02-15 09:12:59 +01:00
Marc Hoersken
0a568867c0 HTTP tests: use CRLF as header seperator according to RFC 2616
Updates the test suite to handle binary-mode header output.
2014-02-14 20:12:28 +01:00
Marc Hoersken
89c29aa70f HTTP tests: use CRLF as header seperator according to RFC 2616
Changes LF to CRLF and disables automatic output conversion.
2014-02-14 20:12:27 +01:00
Marc Hoersken
75f00de55c testsuite: use binary output mode for custom curl test tools
Do not try to convert line-endings to CRLF on Windows by setting stdout
to binary mode, just like the curl tool does if --ascii is not specified.

This should prevent corrupted stdout line-ending output like CRCRLF.

In order to make the previously naive text-aware tests work with
binary mode on Windows, text-mode is disabled for them if it is not
actually part of the test case and line-endings are corrected.
2014-02-14 20:12:27 +01:00
Marc Hoersken
69745aaa45 testsuite: changed HTTP and RTSP header line-endings to CRLF
According to RFC 2616 and RFC 2326 individual protocol elements, like
headers and except the actual content, are terminated by using CRLF.

Therefore the test data files for these protocols need to contain
mixed line-endings if the actual protocol elements use CRLF while
the file uses LF.
2014-02-14 20:12:26 +01:00
Dan Fandrich
82a4d537c3 tests: Disabled broken test 1316
See http://curl.haxx.se/mail/lib-2014-02/0004.html for a
discussion on the problem.
2014-02-11 21:31:46 +01:00
Steve Holme
daa182afa6 tests: Added test for IMAP LSUB command 2014-02-09 21:21:10 +00:00
Steve Holme
230e872dbd tests: Removed test 807 as it has been superseded by tests 815 and 816 2014-02-09 21:07:02 +00:00
Steve Holme
5a997d97fd tests: Updated the titles of tests 815 and 816 2014-02-09 21:00:17 +00:00
Steve Holme
ea3828e0c7 tests: Re-enabled IMAP tests that require URL specific option support 2014-02-09 14:49:38 +00:00
Daniel Stenberg
6b9a3c1865 test96: updated according to recent changes 2014-02-08 23:20:10 +01:00
Steve Holme
132f5edfbd tool_getparam: Added support for parsing of specific URL options 2014-02-08 11:18:25 +00:00
Daniel Stenberg
9597f7dfbc formpost: use semicolon in multipart/mixed
Not comma, which is an inconsistency and a mistake probably inherited
from the examples section of RFC1867.

This bug has been present since the day curl started to support
multipart formposts, back in the 90s.

Reported-by: Rob Davies
Bug: http://curl.haxx.se/bug/view.cgi?id=1333
2014-02-07 09:43:36 +01:00
Romulo A. Ceccon
8d1377282e tests: add test for bug #1327 (dns cache timeout)
Fix for bug #1303 (030a2b8cb) was not complete.
libcurl still pruned DNS entries added manually
after detecting a dead connection. This test
checks such behavior.
2014-02-06 23:03:34 +01:00
Romulo A. Ceccon
1505e4612b tests: add test for bug #1303 (dns cache timeout)
Test-case 1515 reproduces bug #1303, where libcurl
would incorrectly prune DNS entries added via
CURLOPT_RESOLVE after the DNS_CACHE_TIMEOUT had
expired.
2014-02-06 23:03:34 +01:00
Dan Fandrich
2f89a61cc0 tests: Moved some comments so the test data files parse as XML 2014-02-03 00:23:34 +01:00
Steve Holme
ffb8a21d85 tests: Fixed test172 cookie expiry
The test contains a cookie jar file where one of the cookies has an
expiry date of 1391252187 -- Sat, 1 Feb 2014 10:56:27 GMT which has
now expired. Updated to Wed, 14 Oct 2037 16:36:33 GMT as per test
179.

Reported-by: Adam Sampson
Bug: http://curl.haxx.se/bug/view.cgi?id=1330
2014-02-02 11:01:10 +00:00
Marc Hoersken
efc112079c test suite: stop conversion of valid output to CRLF on Windows
Since the output isn't actually being written in text-mode and it
was rather used as a workaround, disable text-mode for these tests.
2014-02-01 13:49:58 +01:00
Marc Hoersken
2c49f2e3db HTTP tests: use CRLF as header seperator according to RFC 2616 2014-02-01 13:47:00 +01:00
Marc Hoersken
9f42205dcc FTP tests: enable text-mode for more datacheck sections 2014-02-01 13:43:19 +01:00
Marc Hoersken
4ea2d5579b FTP tests: enable text-mode for data and datacheck sections 2014-01-31 20:05:21 +01:00
Steve Holme
784f225266 tests: Missed updating a type-3 message in commit 1c9aaa0bac 2014-01-30 20:51:34 +00:00
Steve Holme
1c9aaa0bac tests: Updated NTLM tests for NTLMv2 type-3 message 2014-01-30 19:14:04 +00:00
Marc Hoersken
00787f94b2 http-pipe tests: use text as output data mode to support Windows 2014-01-26 09:19:32 +01:00
Dan Fandrich
88b074df3f tests: Added missing HTTP proxy keywords 2014-01-25 16:55:05 +01:00
Dan Fandrich
f5860fd5fc tests: added missing <features> http to a number of tests 2014-01-25 12:47:04 +01:00
Dan Fandrich
e17446b097 tests: Added a keyword for tests depending on internal info logs 2014-01-24 23:39:05 +01:00
Dan Fandrich
606e67c812 tests: Added missing http feature to tests 509 & 1513 2014-01-24 23:14:00 +01:00
Dan Fandrich
e6130c0310 test1514: Used the macros for host and port number 2014-01-24 08:16:17 +01:00
Cédric Deltheil
6217cf6ba3 test1514: added - no more negative Content-Length (HTTP POST)
This covers changes from commit afd288b2.
2014-01-20 12:52:07 +01:00
Daniel Stenberg
d4296f6f06 test1417: verify chunked-encoding transfer without CR
As was introduced in 8f6b4be8af04
2014-01-17 08:37:44 +01:00
Daniel Stenberg
3f5546b2be test1416: verify the chunked size overflow detection 2014-01-17 08:37:44 +01:00
Dan Fandrich
821094ba72 Fixed some XML syntax issues in the test data
Also, make the ftp server return a canned response that doesn't
cause XML verification problems.  Although the test file format
isn't technically XML, it's still handy to be able to use XML
tools to verify and manipulate them.
2014-01-17 00:32:02 +01:00
Daniel Stenberg
5c0eae136b ftp tests: provide LIST responses in the test file itself
Previously LIST always returned a fixed hardcoded list that the ftp
server code knew about, mostly since the server didn't get any test case
number in the LIST scenario. Starting now, doing a CWD to a directory
named test-[number] will make the test server remember that number and
consider it a test case so that a subsequent LIST command will send the
<data> section of that test case back.

It allows LIST tests to be made more similar to how all other tests
work.

Test 100 was updated to provide its own directory listing.
2014-01-04 23:39:30 +01:00
Daniel Stenberg
404794e97a test1513: fix spelling 2014-01-03 21:01:55 +01:00
Daniel Stenberg
62da1e7458 test1513: added - verify early progress callback return fail
Verify the change brought in commit 8e11731653061. It makes sure that
returning a failure from the progress callback even very early results
in the correct return code.
2014-01-03 14:09:59 +01:00
Steve Holme
01aaad7442 tests: Disabled NTLM tests when running with SSPI enabled 2013-12-28 20:37:00 +00:00
Steve Holme
82bf8edff3 tests: Removed APOP timestamp from default server greeting 2013-12-24 15:07:32 +00:00
Steve Holme
cd492a3ba8 test936: Corrected login details from commit 7246255416 2013-12-23 12:25:42 +00:00
Steve Holme
574db1a6fd tests: Corrected syntax error from commit 7246255416 2013-12-23 09:25:50 +00:00
Steve Holme
7246255416 tests: Added SMTP SASL downgrade tests 2013-12-23 07:17:53 +00:00
Steve Holme
f763d1b1bb tests: Added POP3 SASL downgrade tests 2013-12-23 07:17:41 +00:00
Steve Holme
48cd1292e2 tests: Added IMAP SASL downgrade tests 2013-12-23 07:17:31 +00:00
Steve Holme
248967e300 tests: Added SASL cancellation keywords
Added SASL CANCELLATION keywords to differentiate these tests from the
upcoming SASL downgrade tests.
2013-12-22 13:06:59 +00:00
Steve Holme
48043f87b6 imap/pop3/smtp: Added support for SASL authentication downgrades
Added support for downgrading the SASL authentication mechanism when the
decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances
the previously added support for graceful cancellation by allowing the
client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even
APOP / clear text (in the case of POP3 and IMAP) when supported by the
server.
2013-12-18 20:45:17 +00:00
Daniel Stenberg
169fedbdce login options: remove the ;[options] support from CURLOPT_USERPWD
To avoid the regression when users pass in passwords containing semi-
colons, we now drop the ability to set the login options with the same
options. Support for login options in CURLOPT_USERPWD was added in
7.31.0.

Test case 83 was modified to verify that colons and semi-colons can be
used as part of the password when using -u (CURLOPT_USERPWD).

Bug: http://curl.haxx.se/bug/view.cgi?id=1311
Reported-by: Petr Bahula
Assisted-by: Steve Holme
Signed-off-by: Daniel Stenberg <daniel@haxx.se>
2013-12-14 22:40:37 +01:00
Steve Holme
35e476a3f6 tests: Re-ordered test arguments to match other IMAP tests 2013-11-24 17:59:17 +00:00
Steve Holme
0434a19431 tests: Corrected login "username" authentication responses 2013-11-24 16:25:44 +00:00
Steve Holme
2ff0c6f5f3 tests: Added error code explanation comments 2013-11-24 12:35:45 +00:00
Steve Holme
8a94aedbd6 tests: Removed expected QUIT response from graceful cancellation tests
A failure during authentication, which is performed as part of the
CONNECT phrase (for IMAP, POP3 and SMTP) is considered by the multi-
interface as being closed prematurely (aka a dead connection). As such
these protocols cannot issue the relevant QUIT or LOGOUT command.

Temporarily fixed the test cases until we can fix this properly.
2013-11-24 11:03:40 +00:00
Steve Holme
95877cf8ae tests: Added SMTP graceful authentication cancellation tests 2013-11-24 10:37:41 +00:00
Steve Holme
d3325ae40a tests: Added POP3 graceful authentication cancellation tests 2013-11-24 10:37:30 +00:00
Steve Holme
6d3c832a30 tests: Added IMAP graceful authentication cancellation tests 2013-11-23 15:03:18 +00:00
Steve Holme
7935478397 tests: Moved CR LF in URL tests to their respective protocol groups 2013-11-23 14:49:50 +00:00
Steve Holme
2165298fe6 tests: Added SMTP NOOP and RSET tests 2013-11-17 12:52:42 +00:00
Steve Holme
e885dc85a1 test928: Corrected typo in expected data from commit df58084695 2013-11-17 12:49:10 +00:00
Steve Holme
df58084695 tests: Added SMTP HELP test 2013-11-17 10:11:27 +00:00
Steve Holme
b56d7cda74 tests: Added SMTP EXPN command test 2013-11-17 00:20:58 +00:00
Steve Holme
8896b56488 test926: Corrected unknown user reply from commit 0d735c29f9
The error code should not be sent as data as it isn't passed onto the
client as body data, so cannot be compared in the test suite against
expected data.
2013-11-16 20:33:08 +00:00
Steve Holme
0d735c29f9 tests: Corrected missing data reply sections from 3d50e91aee 2013-11-16 17:19:26 +00:00
Steve Holme
3d50e91aee tests: Added SMTP VRFY command tests 2013-11-16 12:20:22 +00:00
Steve Holme
55250d2d02 test825: Corrected typo from commit b29217d0d6 2013-11-13 17:31:42 +00:00
Steve Holme
bde901ad89 test922: Corrected title to match other OAuth 2.0 tests 2013-11-13 09:17:50 +00:00
Steve Holme
79c77f7c31 tests: Added IMAP OAuth 2.0 authentication with initial response test 2013-11-13 09:14:30 +00:00
Steve Holme
986c249f2f tests: Added IMAP NTLM authentication with initial response test 2013-11-13 09:14:10 +00:00
Steve Holme
3b8c3eb911 tests: Added IMAP login authentication with initial response test 2013-11-13 09:12:59 +00:00
Steve Holme
b29217d0d6 tests: Added IMAP plain authentication with initial response test 2013-11-13 09:12:32 +00:00
Steve Holme
534f90f9bf test873: Use proper padding in NTLM responses 2013-11-13 09:12:11 +00:00
Steve Holme
2ea9a125a6 tests: Added POP3 OAuth 2.0 authentication with initial response test 2013-11-13 00:29:05 +00:00
Steve Holme
58a00d6d9f tests: Added POP3 NTLM authentication with initial response test 2013-11-13 00:24:06 +00:00
Steve Holme
57a27528e6 tests: Added POP3 login authentication with initial response test 2013-11-13 00:11:19 +00:00
Steve Holme
632c1edd06 tests: Added POP3 plain authentication with initial response test 2013-11-13 00:07:02 +00:00
Steve Holme
5f34a10445 tests: Updated CRAM-MD5 tests to use test user details 2013-11-12 09:46:30 +00:00
Steve Holme
c8e63f247a tests: Corrected titles of POP3 and SMTP OAuth 2.0 tests 2013-11-10 20:26:57 +00:00
Steve Holme
7396ad6e09 test823: Fixed expected authentication text from commit e10a26a9d6
Fixed authentication text due to incorrect digest-uri property.
2013-11-10 20:21:18 +00:00
Steve Holme
6d295f8d7d test821: Fixed expected authentication text from commit 2d5455feac 2013-11-10 20:17:30 +00:00
Steve Holme
9b67960421 tests: Added IMAP OAuth 2.0 authentication test 2013-11-10 17:04:32 +00:00
Steve Holme
e10a26a9d6 tests: Added IMAP DIGEST-MD5 authentication test 2013-11-10 16:53:58 +00:00
Steve Holme
7b68b58bc0 tests: Added IMAP NTLM authentication test 2013-11-10 16:44:19 +00:00
Steve Holme
2d5455feac tests: Added IMAP CRAM-MD5 authentication test 2013-11-10 16:42:21 +00:00
Steve Holme
ac05c80f19 test819: Fixed expected authentication text from commit 76f924131c 2013-11-10 16:24:38 +00:00
Steve Holme
af82661dbd tests: Added IMAP login authentication test 2013-11-05 23:48:16 +00:00
Steve Holme
76f924131c tests: Added IMAP plain authentication test 2013-11-05 23:48:01 +00:00
Steve Holme
aa61e14dc1 tests: Added test for IMAP NOOP command 2013-11-03 21:36:46 +00:00
Steve Holme
a84a09ad0b tests: Added test for IMAP COPY command 2013-11-03 21:36:11 +00:00
Steve Holme
66b8557aff tests: Disable IMAP CLOSE and EXPUNGE command tests
This is temporary until curl supports either multiple custom commands
or post-quote commands in IMAP.
2013-11-03 20:39:21 +00:00
Steve Holme
63cac69c2a tests: Added tests for IMAP CLOSE and EXPUNGE commands 2013-11-03 20:37:34 +00:00
Kamil Dudka
8179354c2f tests: use proper padding in NTLM responses 2013-10-30 20:38:01 +00:00
Daniel Stenberg
d44b014271 FTP: make the data connection work when going through proxy
This is a regression since the switch to always-multi internally
c43127414d.

Test 1316 was modified since we now clearly call the Curl_client_write()
function when doing the LIST transfer part and then the
handler->protocol says FTP and ftpc.transfertype is 'A' which implies
text converting even though that the response is initially a HTTP
CONNECT response in this case.
2013-10-26 23:33:06 +02:00
Steve Holme
e4670a1029 tests: Tidy up of SMTP and POP3 tests
Corrected line endings, RFC references and standardised on user names
and passwords used in the tests.
2013-10-26 13:50:08 +01:00
Steve Holme
6e3613e6e6 test907: Corrected DIGEST-MD5 response given in commit 820ed48a00
As the URI, which is contained within the DIGEST-MD5 response, is
constructed from the service and realm, the encoded message differs
from that generated under POP3.
2013-10-26 00:24:45 +01:00
Steve Holme
d24b7953c2 tests: Added SMTP OAUTH2 authentication with initial response test 2013-10-25 19:44:03 +01:00
Steve Holme
13db74ffc3 tests: Added SMTP NTLM authentication with initial response test 2013-10-25 19:40:23 +01:00
Steve Holme
98905aa2c5 tests: Added SMTP OAUTH2 authentication test 2013-10-25 19:34:05 +01:00
Steve Holme
820ed48a00 tests: Added SMTP DIGEST-MD5 authentication test 2013-10-25 19:31:51 +01:00
Steve Holme
973cc22529 tests: Regrouped SMTP authentication tests 2013-10-25 19:30:52 +01:00
Steve Holme
58bd0148fb tests: Added POP3 OAUTH2 authentication test 2013-10-23 22:12:04 +01:00
Steve Holme
ca5c5be3e4 tests: Added empty response support to custom replies
...and fixed up test869 as DIGEST-MD transcript is as follows:

S: Challenge
C: Authentication String
S: Continue Response
C: Empty String
2013-10-23 22:05:22 +01:00
Steve Holme
1be69159f3 tests: Added POP3 DIGEST-MD5 authentication test 2013-10-23 18:30:00 +01:00
Daniel Stenberg
626f8a85f0 test1240: verify 867b52a7ac (glob ranges with text to the right) 2013-10-22 00:10:16 +02:00
Steve Holme
41d820d2c3 test866: Fixed user response from commit 7f7fbe7fbd 2013-10-19 21:43:20 +01:00
Steve Holme
39f4e4fafa tests: Added POP3 NTLM authentication test 2013-10-19 13:17:25 +01:00
Steve Holme
587811c0a6 tests: Added POP3 CRAM-MD5 authentication test 2013-10-19 12:57:25 +01:00
Steve Holme
7f7fbe7fbd tests: Added POP3 login authentication test 2013-10-19 12:42:25 +01:00
Steve Holme
9b1eb2b421 tests: Added POP3 plain authentication test 2013-10-19 12:31:55 +01:00
Steve Holme
1034aa6680 tests: Added POP3 APOP authentication test 2013-10-19 12:20:00 +01:00
Steve Holme
72f850571d tests: Added POP3 RSET test 2013-10-19 00:10:29 +01:00
Steve Holme
4d49ffe165 test906: Fixed failing test on some platforms
Bug: http://sourceforge.net/p/curl/bugs/1291
Reported-by: David Walser
2013-10-15 21:31:14 +01:00
Daniel Stenberg
f0f95c97f7 test1239: verify 4cd444e01a and the simulated 304 response 2013-10-07 14:42:21 +02:00
Steve Holme
ca995010d0 tests: Fixed typos from commit 25a0c96a49 2013-09-29 20:32:23 +01:00
Steve Holme
25a0c96a49 tests: Updated email addresses in SMTP tests following recent changes 2013-09-29 16:48:02 +01:00
Steve Holme
a8b606b1a6 test909: Removed custom EHLO response after recent changes
...as it is no longer required following capability and authentication
changes and is now causing problems following commit 49341628b5 as
the test number is obtained from the client address in the EHLO.
2013-09-29 16:25:11 +01:00
Steve Holme
49341628b5 ftpserver.pl: Moved specifying the test number from the RCPT address
...to the client address as this frees the RCPT strings to contain
just an email address and by passing the test number into curl as the
client address remains consistent with POP3 and IMAP tests as they are
specified in the URL.
2013-09-29 10:02:00 +01:00
Steve Holme
14d8209adc test906: Fixed type-2 response 2013-09-23 07:10:25 +01:00
Steve Holme
a942d8ff5b test915: Corrected test number from commit 22bccb0eda 2013-09-23 00:19:56 +01:00
Steve Holme
1695c67818 test906: Fixed type-1 message not handled error
...from commit f81d1e1666 due to copy paste error.
2013-09-23 00:15:37 +01:00
Steve Holme
f81d1e1666 tests: Added SMTP AUTH NTLM test 2013-09-22 20:53:29 +01:00
Steve Holme
b71ed1fb3d tests: Added SMTP multiple and invalid --mail-rcpt test 2013-09-22 20:25:32 +01:00
Steve Holme
86ccfaa3fd tests: Added SMTP multiple --mail-rcpt test 2013-09-22 20:23:27 +01:00
Steve Holme
3b69462fc0 tests: Added SMTP invalid --mail-rcpt test 2013-09-22 20:12:20 +01:00
Steve Holme
22bccb0eda tests: Regrouping of SMTP tests 2013-09-22 20:09:57 +01:00
Benoit Sigoure
4f591b9148 test1112: Increase the timeout from 7s to 16s
As someone reported on the mailing list a while back, the hard-coded
arbitrary timeout of 7s in test 1112 is not sufficient in some build
environments. At Arista Networks we build and test curl as part of our
automated build system, and we've run into this timeout 170 times so
far. Our build servers are typically quite busy building and testing a
lot of code in parallel, so despite being beefy machines with 32 cores
and 128GB of RAM we still hit this 7s timeout regularly.

URL: http://curl.haxx.se/mail/lib-2010-02/0200.html
2013-09-22 18:23:09 +02:00
Steve Holme
52cefc8cd7 tests: Fixed smtp rcpt to addresses 2013-09-22 15:14:26 +01:00
Daniel Stenberg
34df869f99 test1415: adjusted to work for 32bit time_t
The libcurl date parser returns INT_MAX for all dates > 2037 so this
test is now made to use 2037 instead of 2038 to work the same for both
32bit and 64bit time_t systems.
2013-09-21 13:46:42 -05:00
Steve Holme
3f04d48495 tests: Reworked existing SMTP tests to be single recipient based
...in preparation of upcoming multiple recipient tests.
2013-09-21 19:44:09 +01:00
Steve Holme
bd7d56ec71 tests: Added SMTP invalid --mail-from test 2013-09-20 07:09:39 +01:00
Steve Holme
89d320c2fd tests: Updated SMTP AUTH tests to use the new AUTH directive
...rather than specify a customised EHLO response.
2013-09-19 20:29:59 +01:00
Steve Holme
b809bafb0c tests: Corrected test913 as the QUIT response is received 2013-09-19 20:13:08 +01:00
Steve Holme
3b6a1681dc tests: Added SMTP large message SIZE test 2013-09-19 18:17:11 +01:00
Steve Holme
dfe7ee1429 tests: Fixed smtp mail from addresses 2013-09-19 07:19:25 +01:00
YAMADA Yasuharu
4cfbb201c4 cookies: add expiration
Implement: Expired Cookies These following situation, curl removes
cookie(s) from struct CookieInfo if the cookie expired.
 - Curl_cookie_add()
 - Curl_cookie_getlist()
 - cookie_output()
2013-09-17 23:25:56 +02:00
Steve Holme
8f5336a2fa tests: Fixed test 1406 following recent changes in ftpserver.pl
By default the mail server doesn't send the SIZE capability but instead
it has to be specified as a supported capability.
2013-09-16 00:24:46 +01:00
Steve Holme
f8a9dbd391 tests: Added test for SMTP SIZE capability 2013-09-16 00:24:30 +01:00
Steve Holme
eae86ba62d ftpserver.pl: Added support for SMTP HELO command
...and updated test902 as explicit HELO response is no longer required.
2013-09-15 09:10:11 +01:00
Steve Holme
84ad1569e5 ftpserver.pl: Moved POP3 USER and PASS handlers into own functions 2013-09-14 20:46:45 +01:00
Steve Holme
b68c52704b tests: Updated descriptions to be more meaningful 2013-09-14 15:04:25 +01:00
Steve Holme
83f6f58834 tests: Updated descriptions to be more meaningful 2013-09-14 10:41:17 +01:00
Steve Holme
eb6314260d tests: Added test for POP3 TOP command 2013-09-09 17:13:28 +01:00
Steve Holme
ae6096471a tests: Added test for POP3 UIDL command 2013-09-09 17:10:40 +01:00
Steve Holme
131649a121 ftpserver.pl: Corrected POP3 LIST as message numbers should be contiguous
The message numbers given in the LIST response are an index into the
list, which are only valid for the current session, rather than being a
unique message identifier. An index would only be missing from the LIST
response if a DELE command had been issued within the same session and
had not been committed by the end of session QUIT command. Once
committed the POP3 server will regenerate the message numbers in the
next session to be contiguous again. As such our LIST response should
list message numbers contiguously until we support a DELE command in the
same session.

Should a POP3 user require the unique message ID for any or all
messages then they should use the extended UIDL command. This command
will be supported by the test ftpserver in an upcoming commit.
2013-09-08 20:19:20 +01:00
Steve Holme
241aeadc50 tests: Updated descriptions to be more meaningful 2013-09-08 16:59:57 +01:00
Steve Holme
669e4ca366 tests: Added test for POP3 NOOP command 2013-09-08 16:59:55 +01:00
Steve Holme
1b96ce04b2 tests: Added test for POP3 STAT command 2013-09-08 08:52:53 +01:00
Steve Holme
8a4069fb17 tests: Added test for POP3 DELE command 2013-09-07 19:49:12 +01:00
Daniel Stenberg
9fa42beddc urlglob: improved error messages and column number on bad use
Introduce a convenience macro and keep of the column better so that it
can point out the offending column better.

Updated test 75 accordingly.
2013-09-06 23:27:47 +02:00
Steve Holme
83f5332536 tests: Added test for IMAP CHECK command 2013-08-31 18:40:48 +01:00
Steve Holme
75b52f9dcc tests: Added tests for IMAP CREATE, DELETE and RENAME commands 2013-08-30 18:56:56 +01:00
Steve Holme
1b4dc10393 tests: Added test for IMAP SEARCH command 2013-08-28 07:27:10 +01:00
Daniel Stenberg
4bea91fc67 TFTP: make the CURLOPT_LOW_SPEED* options work
... this also makes sure that the progess callback gets called more
often during TFTP transfers.

Added test 1238 to verify.

Bug: http://curl.haxx.se/bug/view.cgi?id=1269
Reported-by: Jo3
2013-08-22 22:42:27 +02:00
Daniel Stenberg
e4a1888bd0 test1237: verify 1000+ letter user name + passwords 2013-08-20 11:23:31 +02:00
Daniel Stenberg
f15a88f2b2 glob: error out on range overflow
The new multiply() function detects range value overflows. 32bit
machines will overflow on a 32bit boundary while 64bit hosts support
ranges up to the full 64 bit range.

Added test 1236 to verify.

Bug: http://curl.haxx.se/bug/view.cgi?id=1267
Reported-by: Will Dietz
2013-08-16 11:55:04 +02:00
Daniel Stenberg
5ca96cb844 urlglob: better detect unclosed braces, empty lists and overflows
A rather big overhaul and cleanup.

1 - curl wouldn't properly detect and reject globbing that ended with an
open brace if there were brackets or braces before it. Like "{}{" or
"[0-1]{"

2 - curl wouldn't properly reject empty lists so that "{}{}" would
result in curl getting (nil) strings in the output.

3 - By using strtoul() instead of sscanf() the code will now detected
over and underflows. It now also better parses the step argument to only
accept positive numbers and only step counters that is smaller than the
delta between the maximum and minimum numbers.

4 - By switching to unsigned longs instead of signed ints for the
counters, the max values for []-ranges are now very large (on 64bit
machines).

5 - Bumped the maximum number of globs in a single URL to 100 (from 10)

6 - Simplified the code somewhat and now it stores fixed strings as
single- entry lists. That's also one of the reasons why I did (5) as now
all strings between "globs" will take a slot in the array.

Added test 1234 and 1235 to verify. Updated test 87.

This commit fixes three separate bug reports.

Bug: http://curl.haxx.se/bug/view.cgi?id=1264
Bug: http://curl.haxx.se/bug/view.cgi?id=1265
Bug: http://curl.haxx.se/bug/view.cgi?id=1266
Reported-by: Will Dietz
2013-08-16 11:52:08 +02:00
Tor Arntsen
6972335f50 tests 2032, 2033: Don't hardcode port in expected output 2013-08-15 10:55:44 +02:00
Fabian Keil
a64bca68c7 test1228: add 'HTTP proxy' to the keywords 2013-08-11 19:56:23 +02:00
Fabian Keil
67633e1308 tests: add keywords for a couple of FILE tests 2013-08-11 19:56:14 +02:00
Fabian Keil
715ca7c5fe tests: add 'FAILURE' keywords to tests 1409 and 1410 2013-08-11 19:56:11 +02:00
Fabian Keil
001758760b tests: add keywords for a couple of HTTP tests 2013-08-11 19:56:05 +02:00
Fabian Keil
2f06265e39 tests: add keywords for a couple of FTP tests 2013-08-11 19:56:01 +02:00
Fabian Keil
432431368f test1511: consistently terminate headers with CRLF 2013-08-11 19:55:44 +02:00
Daniel Stenberg
4b0028f82d DISABLED: shut of test 1512 for now
It shows intermittent failures and I haven't been able to track them
down yet. Disable this test for now.
2013-08-10 23:55:10 +02:00
Daniel Stenberg
d2b36e466a global dns cache: didn't work [regression]
CURLOPT_DNS_USE_GLOBAL_CACHE broke in commit c43127414d (been
broken since the libcurl 7.29.0 release). While this option has been
documented as deprecated for almost a decade and nobody even reported
this bug, it should remain functional.

Added test case 1512 to verify
2013-08-08 16:28:46 +02:00
Daniel Stenberg
7cc00d9a83 FTP: when EPSV gets a 229 but fails to connect, retry with PASV
This is a regression as this logic used to work. It isn't clear when it
broke, but I'm assuming in 7.28.0 when we went all-multi internally.

This likely never worked with the multi interface. As the failed
connection is detected once the multi state has reached DO_MORE, the
Curl_do_more() function was now expanded somewhat so that the
ftp_do_more() function can request to go "back" to the previous state
when it makes another attempt - using PASV.

Added test case 1233 to verify this fix. It has the little issue that it
assumes no service is listening/accepting connections on port 1...

Reported-by: byte_bucket in the #curl IRC channel
2013-08-06 09:57:59 +02:00
Daniel Stenberg
0ddc678927 formadd: wrong pointer for file name when CURLFORM_BUFFERPTR used
The internal function that's used to detect known file extensions for
the default Content-Type got the the wrong pointer passed in when
CURLFORM_BUFFER + CURLFORM_BUFFERPTR were used. This had the effect that
strlen() would be used which could lead to an out-of-bounds read (and
thus segfault). In most cases it would only lead to it not finding or
using the correct default content-type.

It also showed that test 554 and test 587 were testing for the
previous/wrong behavior and now they're updated as well.

Bug: http://curl.haxx.se/bug/view.cgi?id=1262
Reported-by: Konstantin Isakov
2013-08-04 23:32:36 +02:00
Fabian Keil
d020e2c381 tests: test1232 verifies dotdot removal from path with proxy 2013-07-23 20:51:15 +02:00
Daniel Stenberg
1016637f5a test1414: FTP PORT download without SIZE support 2013-07-16 22:54:31 +02:00
Yang Tse
c983aa9efc test 1511: fix enumerated type mixed with another type 2013-07-11 17:01:02 +02:00
Daniel Stenberg
365c5ba395 formpost: better random boundaries
When doing multi-part formposts, libcurl used a pseudo-random value that
was seeded with time(). This turns out to be bad for users who formpost
data that is provided with users who then can guess how the boundary
string will look like and then they can forge a different formpost part
and trick the receiver.

My advice to such implementors is (still even after this change) to not
rely on the boundary strings being cryptographically strong. Fix your
code and logic to not depend on them that much!

I moved the Curl_rand() function into the sslgen.c source file now to be
able to take advantage of the SSL library's random function if it
provides one. If not, try to use the RANDOM_FILE for seeding and as a
last resort keep the old logic, just modified to also add microseconds
which makes it harder to properly guess the exact seed.

The formboundary() function in formdata.c is now using 64 bit entropy
for the boundary and therefore the string of dashes was reduced by 4
letters and there are 16 hex digits following it. The total length is
thus still the same.

Bug: http://curl.haxx.se/bug/view.cgi?id=1251
Reported-by: "Floris"
2013-06-25 09:55:49 +02:00
Daniel Stenberg
d3d5c4a40e tests: add test1395 to the tarball 2013-06-24 09:25:58 +02:00
Daniel Stenberg
6fab0bd9f1 test1396: invoke the correct test tool!
This erroneously run unit test 1310 instead of 1396!
2013-06-22 22:20:31 +02:00
Kamil Dudka
02964ed630 test1230: avoid using hard-wired port number
... to prevent failure when a non-default -b option is given
2013-06-22 22:12:49 +02:00
Daniel Stenberg
7877619f85 dotdot: introducing dot file path cleanup
RFC3986 details how a path part passed in as part of a URI should be
"cleaned" from dot sequences before getting used. The described
algorithm is now implemented in lib/dotdot.c with the accompanied test
case in test 1395.

Bug: http://curl.haxx.se/bug/view.cgi?id=1200
Reported-by: Alex Vinnik
2013-06-22 14:15:07 +02:00
Daniel Stenberg
0de7249bb3 unit1396: unit tests to verify curl_easy_(un)escape 2013-06-22 11:21:35 +02:00
Benjamin Gilbert
03a3dd9ee3 test506: verify that CURLOPT_COOKIELIST takes share lock
It doesn't right now: http://curl.haxx.se/bug/view.cgi?id=1215
2013-06-17 23:28:35 +02:00
YAMADA Yasuharu
f24dc09d20 cookies: follow-up fix for path checking
The initial fix to only compare full path names were done in commit
04f52e9b4d but found out to be incomplete. This takes should make the
change more complete and there's now two additional tests to verify
(test 31 and 62).
2013-06-12 11:19:56 +02:00
Eric Hu
8026bd7abd test2033: requires NTLM support 2013-06-12 10:34:10 +02:00
Daniel Stenberg
51b3445e84 test1230: verify CONNECT to a numerical ipv6-address 2013-06-04 22:52:13 +02:00
Daniel Stenberg
ac419bf562 Digest auth: escape user names with \ or " in them
When sending the HTTP Authorization: header for digest, the user name
needs to be escaped if it contains a double-quote or backslash.

Test 1229 was added to verify

Reported and fixed by: Nach M. S
Bug: http://curl.haxx.se/bug/view.cgi?id=1230
2013-05-27 19:45:12 +02:00
Daniel Stenberg
fc4759af9d tests: add test1394 file to the tarball 2013-05-19 12:44:44 +02:00
YAMADA Yasuharu
04f52e9b4d cookies: only consider full path matches
I found a bug which cURL sends cookies to the path not to aim at.
For example:
- cURL sends a request to http://example.fake/hoge/
- server returns cookie which with path=/hoge;
  the point is there is NOT the '/' end of path string.
- cURL sends a request to http://example.fake/hogege/ with the cookie.

The reason for this old "feature" is because that behavior is what is
described in the original netscape cookie spec:
http://curl.haxx.se/rfc/cookie_spec.html

The current cookie spec (RFC6265) clarifies the situation:
http://tools.ietf.org/html/rfc6265#section-5.2.4
2013-05-18 22:54:48 +02:00
Steve Holme
6add1901a1 tests: Added new SMTP tests to verify commit 99b4045183 2013-05-07 22:52:43 +02:00
Kamil Dudka
bcf1b9dec1 unit1394.c: plug the curl tool unit test in 2013-05-06 15:03:13 +02:00
Steve Holme
99b4045183 smtp: Fixed sending of double CRLF caused by first in EOB
If the mail sent during the transfer contains a terminating <CRLF> then
we should not send the first <CRLF> of the EOB as specified in RFC-5321.

Additionally don't send the <CRLF> if there is "no mail data" as the
DATA command already includes it.
2013-05-04 10:00:33 +01:00
Steve Holme
087f9bb20a tests: Corrected MAIL SIZE for CRLF line endings
... which was missed in commit: f5c3d95384
2013-05-03 20:08:21 +01:00
Steve Holme
e2c7e19144 tests: Corrected infilesize for CRLF line endings
... which was missed in commit: f5c3d95384
2013-05-03 18:27:06 +01:00
Steve Holme
f5c3d95384 tests: Corrected test1406 to be RFC2821 compliant 2013-05-03 18:22:18 +01:00
Steve Holme
6b10f5b963 tests: Corrected test1320 to be RFC2821 compliant 2013-05-02 22:49:16 +01:00
Steve Holme
ee74b77d45 tests: Corrected typo in test909
Introduced in commit: 514817669e
2013-05-02 20:03:50 +01:00
Steve Holme
734bdb68c2 tests: Corrected test909 to be RFC2821 compliant 2013-05-02 18:52:52 +01:00
Steve Holme
514817669e tests: Updated test references to 909 from 1411
...and removed references to libcurl and test1406.
2013-05-02 18:50:00 +01:00
Steve Holme
cb9c0ac7d7 tests: Renamed test1411 to test909 as this is a main SMTP test 2013-05-02 18:46:11 +01:00
Steve Holme
b56e3d43e5 tests: Added imap STATUS command test 2013-04-29 12:53:09 +01:00
Steve Holme
f317ffb7bb tests: Corrected the SMTP tests to be RFC2821 compliant
The emails that are sent to the server during these tests were
incorrectly formatted as they contained one or more LF terminated lines
rather than being CRLF terminated as per Section 2.3.7 of RFC-2821.

This wasn't a problem for the test suite as the <stdin> data matched the
<upload> data but anyone using these tests as reference would be sending
incorrect data to a server.
2013-04-28 16:14:58 +01:00
Steve Holme
790b2086d7 tests: Corrected command line arguments in test907 and test908 2013-04-27 16:36:17 +01:00
Steve Holme
f9b691cdb0 tests: Added SMTP AUTH with initial response tests 2013-04-27 13:04:02 +01:00
Steve Holme
4118c30261 tests: Updated SMTP tests to decouple client initial response
Updated test903 and test904 following the addition of CURLOPT_SASL_IR
as the default behaviour of SMTP AUTH responses is now to not include
the initial response. New tests with --sasl-ir support to follow.
2013-04-27 12:32:27 +01:00
Daniel Stenberg
0523152ad6 ftp_state_pasv_resp: connect through proxy also when set by env
When connecting back to an FTP server after having sent PASV/EPSV,
libcurl sometimes didn't use the proxy properly even though the proxy
was used for the initial connect.

The function wrongly checked for the CURLOPT_PROXY variable to be set,
which made it act wrongly if the proxy information was set with an
environment variable.

Added test case 711 to verify (based on 707 which uses --socks5). Also
added test712 to verify another variation of setting the proxy: with
--proxy socks5://

Bug: http://curl.haxx.se/bug/view.cgi?id=1218
Reported-by: Zekun Ni
2013-04-26 16:49:25 +02:00
Daniel Stenberg
c68c7e588e test709: clarify the test in the name 2013-04-25 23:42:38 +02:00
Alessandro Ghedini
d791179d7f tests: add test1511 to check timecond clean-up
Verifies the timecond fix in commit c49ed0b6c0
2013-04-22 22:46:47 +02:00
Daniel Stenberg
c5ba0c2f54 FTP: handle a 230 welcome response
...instead of the 220 we otherwise expect.

Made the ftpserver.pl support sending a custom "welcome" and then
created test 1219 to verify this fix with such a 230 welcome.

Bug: http://curl.haxx.se/mail/lib-2013-02/0102.html
Reported by: Anders Havn
2013-04-12 23:59:37 +02:00
Daniel Stenberg
61d259f950 FTP: access files in root dir correctly
Accessing a file with an absolute path in the root dir but with no
directory specified was not handled correctly. This fix comes with four
new test cases that verify it.

Bug: http://curl.haxx.se/mail/lib-2013-04/0142.html
Reported by: Sam Deane
2013-04-12 22:43:13 +02:00
Kamil Dudka
ddbda328b3 tests: prevent test206, test1060, and test1061 from failing
... in case runtests.pl is invoked with non-default -b option

Fixes a regression caused by 1e29d275c6.
2013-04-12 14:25:58 +02:00
Daniel Stenberg
5c5e1a1cd2 test1218: another cookie tailmatch test
... and make 1216 also verify it with a file input

These tests verify commit 3604fde3d3c9b0d, the fix for the "cookie
domain tailmatch" vulnerability. See
http://curl.haxx.se/docs/adv_20130412.html
2013-04-11 23:52:12 +02:00
Daniel Stenberg
f8da49eec0 test1217: verify parsing 257 responses with "rubbish" before path
Test 1217 verifies commit e0fb2d86c9, and without that change this
test fails.
2013-04-09 22:21:49 +02:00
Daniel Stenberg
11dee0bfae test1216: test tailmatching cookie domains
This test is an attempt to repeat the problem YAMADA Yasuharu reported
at http://curl.haxx.se/mail/lib-2013-04/0108.html
2013-04-09 15:45:27 +02:00
Fabian Keil
638c6da9db proxy: make ConnectionExists() check credential of proxyconnections too
Previously it only compared credentials if the requested needle
connection wasn't using a proxy. This caused NTLM authentication
failures when using proxies as the authentication code wasn't send on
the connection where the challenge arrived.

Added test 1215 to verify: NTLM server authentication through a proxy
(This is a modified copy of test 67)
2013-04-08 16:13:27 +02:00
Daniel Stenberg
18f0ab7bd3 ftp tests: libcurl returns CURLE_FTP_ACCEPT_FAILED better now
Since commit 57aeabcc1a, it handles errors on the control connection
while waiting for the data connection better.

Test 591 and 592 are updated accordingly.
2013-04-06 17:51:03 +02:00
Linus Nielsen Feltzing
e87e76e2dc easy: Fix the broken CURLOPT_MAXCONNECTS option
Copy the CURLOPT_MAXCONNECTS option to CURLMOPT_MAXCONNECTS in
curl_easy_perform().

Bug: http://curl.haxx.se/bug/view.cgi?id=1212
Reported-by: Steven Gu
2013-04-04 10:33:39 +02:00
Daniel Stenberg
1e29d275c6 test1509: verify proxy header response headers count
Modified sws to support and use custom CONNECT responses instead of the
previously naive hard-coded version. Made the HTTP test server able to
extract test case number from the host name in a CONNECT request by
finding the number after the last dot. It makes 'machine.moo.123' use
test case 123.

Adapted a larger amount of tests to the new <connect> style.

Bug: http://curl.haxx.se/bug/view.cgi?id=1204
Reported by: Martin Jansen
2013-03-27 15:30:46 +01:00
Steve Holme
c0c46c3137 imap-tests: Added CRLF to reply data to be compliant with RFC-822
Updated the reply data in tests: 800, 801, 802, 804 and 1321 to possess
the CRLF as per RFC-822.
2013-03-21 12:42:32 +00:00
Yang Tse
b0dfbf305a tests: specify 'text' mode for some output files in verify section 2013-03-18 20:45:35 +01:00
Yang Tse
91e2ce6e76 tests: 96, 558, 1330: strip build subdirectory dependent leading path 2013-03-16 00:59:54 +01:00
Steve Holme
bf4cef1db1 imap-tests: Corrected copy/paste error in test808 reply data 2013-03-15 20:08:54 +00:00
Yang Tse
1700668d78 tests: add #96 #558 and #1330
These verfy that the 'memory tracking' subsystem is actually doing its
job when using curl tool (#96), a test in libtest (#558) and also a unit
test (#1330), in order to prevent regressions in this functionallity.
2013-03-15 19:59:51 +01:00
Steve Holme
a8f93d4efc imap-tests: Added test808 for custom EXAMINE command 2013-03-15 18:12:58 +00:00
Daniel Stenberg
e4b733e3f1 HTTP proxy: insert slash in URL if missing
curl has been accepting URLs using slightly wrong syntax for a long
time, such as when completely missing as slash "http://example.org" or
missing a slash when a query part is given
"http://example.org?q=foobar".

curl would translate these into a legitimate HTTP request to servers,
although as was shown in bug #1206 it was not adjusted properly in the
cases where a HTTP proxy was used.

Test 1213 and 1214 were added to the test suite to verify this fix.

The test HTTP server was adjusted to allow us to specify test number in
the host name only without using any slashes in a given URL.

Bug: http://curl.haxx.se/bug/view.cgi?id=1206
Reported by: ScottJi
2013-03-15 14:18:16 +01:00