1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 16:18:48 -05:00
Commit Graph

3672 Commits

Author SHA1 Message Date
Daniel Stenberg
96a80b5a26 parsedate: handle cut off numbers better
... and don't read outside of the given buffer!

CVE-2016-8621

bug: https://curl.haxx.se/docs/adv_20161102G.html
Reported-by: Luật Nguyễn
2016-10-31 08:46:35 +01:00
Daniel Stenberg
42b650b9ea test1246: verify URL parsing with host name ending with '#' 2016-10-31 08:46:35 +01:00
Daniel Stenberg
fc458679ca testcurl.1: fix the URL to the autobuild summary 2016-10-22 15:15:34 +02:00
Daniel Stenberg
a84e0713e8 testcurl.1: update URLs 2016-10-22 14:57:20 +02:00
Daniel Stenberg
f36f8c1455 test14xx: fixed --libcurl output tests again after 8e8afa82cb 2016-10-18 14:15:03 +02:00
Daniel Stenberg
ac8a314913 test557: verify printf() with 128 and 129 arguments 2016-10-08 20:47:44 +02:00
Daniel Gustafsson
4f43236a40 tests: Fix a small typo in the tests README (#1060)
The subdirectory for logs in tests/ is named log/ without an 's'
at the end.
2016-10-08 11:39:12 +02:00
Sergei Kuzmin
54e48b14e1 cookies: same domain handling changed to match browser behavior
Cokie with the same domain but different tailmatching property are now
considered different and do not replace each other.  If header contains
following lines then two cookies will be set: Set-Cookie: foo=bar;
domain=.foo.com; expires=Thu Mar 3 GMT 8:56:27 2033 Set-Cookie: foo=baz;
domain=foo.com; expires=Thu Mar 3 GMT 8:56:27 2033

This matches Chrome, Opera, Safari, and Firefox behavior. When sending
stored tokens to foo.com Chrome, Opera, Firefox store send them in the
stored order, while Safari pre-sort the cookies.

Closes #1050
2016-10-03 16:49:35 +02:00
Michael Kaufmann
e9e5366193 New libcurl option to keep sending on error
Add the new option CURLOPT_KEEP_SENDING_ON_ERROR to control whether
sending the request body shall be completed when the server responds
early with an error status code.

This is suitable for manual NTLM authentication.

Reviewed-by: Jay Satiro

Closes https://github.com/curl/curl/pull/904
2016-09-22 22:22:31 +02:00
Jay Satiro
36e53ec6ff docs: Remove that --proto is just used for initial retrieval
.. and add that --proto-redir and CURLOPT_REDIR_PROTOCOLS do not
override protocols denied by --proto and CURLOPT_PROTOCOLS.

- Add a test to enforce: --proto deny must override --proto-redir allow

Closes https://github.com/curl/curl/pull/1031
2016-09-21 17:23:24 -04:00
Jay Satiro
22cfeac730 easy: Reset all statistical session info in curl_easy_reset
Bug: https://github.com/curl/curl/issues/1017
Reported-by: Jeroen Ooms
2016-09-20 01:14:01 -04:00
Jay Satiro
19445f35ba test2048: fix url 2016-09-18 15:33:15 -04:00
Daniel Stenberg
8dcc074f36 test1605: verify negative input lengths to (un)escape functions 2016-09-14 07:49:43 +02:00
Daniel Stenberg
a8e751a51a http: refuse to pass on response body with NO_NODY was set
... like when a HTTP/0.9 response comes back without any headers at all
and just a body this now prevents that body from being sent to the
callback etc.

Adapted test 1144 to verify.

Fixes #973

Assisted-by: Ray Satiro
2016-09-11 12:02:07 +02:00
Jakub Zakrzewski
257bf3ac67 CMake: Don't build unit tests if private symbols are hidden
This only excludes building unit tests from default build ( 'all' Make
target or "Build Solution" in VisualStudio). The projects and Make
targets will still be generated and shown in supporting IDEs.

Fixes https://github.com/curl/curl/issues/981
Reported-by: Randy Armstrong

Closes https://github.com/curl/curl/pull/990
2016-09-10 00:35:38 +02:00
Jakub Zakrzewski
6140dfcf3e CMake: Try to (un-)hide private library symbols
Detect support for compiler symbol visibility flags and apply those
according to CURL_HIDDEN_SYMBOLS option.
It should work true to the autotools build except it tries to unhide
symbols on Windows when requested and prints warning if it fails.

Ref: https://github.com/curl/curl/issues/981#issuecomment-242665951
Reported-by: Daniel Stenberg
2016-09-10 00:35:38 +02:00
Jay Satiro
af2d679e14 errors: new alias CURLE_WEIRD_SERVER_REPLY (8)
Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as
more of a generic "failed to parse" introduce an alias without FTP in
the name.

Closes https://github.com/curl/curl/pull/975
2016-09-07 21:24:27 -04:00
Mark Hamilton
5d563a10b3 libtest/test.h: fix typo (#988) 2016-09-03 23:12:22 +02:00
Daniel Stenberg
3533def3d5 http2: make sure stream errors don't needlessly close the connection
With HTTP/2 each transfer is made in an indivial logical stream over the
connection, making most previous errors that caused the connection to get
forced-closed now instead just kill the stream and not the connection.

Fixes #941
2016-08-28 16:44:49 +02:00
Daniel Stenberg
152e5c2105 test161: add comment for the exit code 2016-08-26 09:12:01 +02:00
Dan Fandrich
b5286189b5 test219: Add http as a required feature 2016-08-26 08:32:01 +02:00
Daniel Stenberg
cdd61dc35f test1144: verify HEAD with body-only response 2016-08-18 11:45:15 +02:00
Daniel Stenberg
fa6b6f1a46 proxy: fix tests as follow-up to 93b0d907d5
This fixes tests that were added after 113f04e664 as the tests would
fail otherwise.

We bring back "Proxy-Connection: Keep-Alive" now unconditionally to fix
regressions with old and stupid proxies, but we could possibly switch to
using it only for CONNECT or only for NTLM in a future if we want to
gradually reduce it.

Fixes #954

Reported-by: János Fekete
2016-08-16 10:15:26 +02:00
Daniel Stenberg
93b0d907d5 Revert "Proxy-Connection: stop sending this header by default"
This reverts commit 113f04e664.
2016-08-16 08:36:04 +02:00
Daniel Stenberg
d5fa91b323 tests/README: mention nghttpx for HTTP/2 tests 2016-08-15 11:36:17 +02:00
Daniel Stenberg
f1cdcc4c3e test219: verify unsupported scheme for proxies get rejected 2016-08-15 11:11:04 +02:00
Jay Satiro
6b130d6be6 tests: Fix for http/2 feature
Bug: https://curl.haxx.se/mail/lib-2016-07/0070.html
Reported-by: Paul Howarth
2016-07-24 02:49:47 -04:00
Dan Fandrich
47fa8f0dae test558: fix test by stripping file paths from FD lines 2016-07-21 17:06:04 +02:00
Kamil Dudka
5e26d9ceea tests: distribute the http2-server.pl script, too 2016-07-21 13:07:27 +02:00
Daniel Stenberg
c6d3fa11e6 test558: updated after ipv6-check move
Follow-up commit to c50980807c to make this test pass.
2016-07-20 23:06:03 +02:00
Daniel Stenberg
e89489d8f4 test1244: test different proxy ports same URL 2016-06-29 23:06:32 +02:00
Daniel Stenberg
434f8d0389 internals: rename the SessionHandle struct to Curl_easy 2016-06-22 10:28:41 +02:00
Sergei Nikulov
12e21fab26 cmake: now using BUILD_TESTING=ON/OFF
CMake build now using BUILD_TESTING=ON/OFF (default is OFF) to build
tests and enabling CTest integration. Options BUILD_CURL_TESTS and
BUILD_DASHBOARD_REPORTS was removed.

Closes #882

Reviewed-by: Brad King
2016-06-21 23:04:04 +02:00
Daniel Stenberg
5f2e3b8867 tests: fix the HTTP/2 tests
The HTTP/2 tests brought with commit bf05606ef1 were using the internal
name 'http2' for the HTTP/2 server, while in fact that name was already
used for the second instance of the HTTP server. This made tests using
the second instance (like test 2050) fail after a HTTP/2 test had run.

The server is now known as HTTP/2 internally and within the <server>
section in test cases. 1700, 1701 and 1702 were updated accordingly.
2016-06-19 23:59:52 +02:00
Dan Fandrich
67176e2b84 tests: Added HTTP proxy keywords to tests 1141 & 1142 2016-06-15 23:04:48 +02:00
Daniel Stenberg
9b6d3a662e tests: two more HTTP/2 tests
1701 and 1702
2016-06-06 23:51:49 +02:00
Daniel Stenberg
320905a345 runtests: don't display logs when http2 server fails to start 2016-06-06 23:51:49 +02:00
Daniel Stenberg
d3b5c153af runtests: make stripfile work on stdout as well
... and have test 1700 use that to strip out the nghttpx server: headers
2016-06-06 23:51:49 +02:00
Daniel Stenberg
bf05606ef1 http2-tests: test1700 is the first real HTTP/2 test
It requires that 'nghttpx' is in the PATH, and it will run the tests
using nghttpx as a front-end proxy in front of the standard HTTP/1 test
server. This uses HTTP/2 over plain TCP.

If you like me have nghttpx installed in a custom path, you can run test 1700
like this:

$ PATH=$PATH:$HOME/build-nghttp2/bin/ ./runtests.pl 1700
2016-06-06 23:51:49 +02:00
Daniel Stenberg
5409e1d793 URL parser: allow URLs to use one, two or three slashes
Mostly in order to support broken web sites that redirect to broken URLs
that are accepted by browsers.

Browsers are typically even more leniant than this as the WHATWG URL
spec they should allow an _infinite_ amount. I tested 8000 slashes with
Firefox and it just worked.

Added test case 1141, 1142 and 1143 to verify the new parser.

Closes #791
2016-05-30 23:13:55 +02:00
Daniel Stenberg
54e4c6c396 test/Makefile.am: include manpage-scan.pl and nroff-scan.pl in dist
Reported-by: Ray Satiro
Bug: https://curl.haxx.se/mail/lib-2016-05/0113.html
2016-05-18 09:17:53 +02:00
Jay Satiro
68701e51c1 mprintf: Fix processing of width and prec args
Prior to this change a width arg could be erroneously output, and also
width and precision args could not be used together without crashing.

"%0*d%s", 2, 9, "foo"

Before: "092"
After: "09foo"

"%*.*s", 5, 2, "foo"

Before: crash
After: "   fo"

Test 557 is updated to verify this and more
2016-05-13 00:06:50 +02:00
Daniel Stenberg
1135340214 nroff-scan.pl: verify that references are made with \fI 2016-05-02 09:09:59 +02:00
Daniel Stenberg
9291e2b9d0 test1140: run nroff-scan to verify man pages 2016-05-01 23:24:09 +02:00
Daniel Stenberg
2a6c34c8ad nroff-scan.pl: verify the .BR references as well 2016-05-01 23:24:09 +02:00
Daniel Stenberg
100c7b478f nroff-scan.pl: verifies nroff pages
... not used by any test yet but can be used stand-alone.
2016-05-01 16:41:35 +02:00
Karlson2k
50129e6a96 tests: Use 'pathhelp' for paths conversions in secureserver.pl
Closes #675
2016-04-29 23:43:18 +02:00
Karlson2k
4c5d5e5e55 tests: Use 'pathhelp' for paths conversions in sshserver.pl 2016-04-29 23:42:55 +02:00
Karlson2k
221deef580 tests: Use 'pathhelp' for current path in runtests.pl 2016-04-29 23:42:44 +02:00
Karlson2k
315f06f569 tests: pathhelp.pm to process paths on Msys/Cygwin 2016-04-29 23:42:28 +02:00
Daniel Stenberg
4f45240bc8 lib: include curl_printf.h as one of the last headers
curl_printf.h defines printf to curl_mprintf, etc. This can cause
problems with external headers which may use
__attribute__((format(printf, ...))) markers etc.

To avoid that they cause problems with system includes, we include
curl_printf.h after any system headers. That makes the three last
headers to always be, and we keep them in this order:

 curl_printf.h
 curl_memory.h
 memdebug.h

None of them include system headers, they all do funny #defines.

Reported-by: David Benjamin

Fixes #743
2016-04-29 22:32:49 +02:00
Jay Satiro
0dc4d8e42e curl -J: make it work even without http:// scheme on URL
It does open up a miniscule risk that one of the other protocols that
libcurl could use would send back a Content-Disposition header and then
curl would act on it even if not HTTP.

A future mitigation for this risk would be to allow the callback to ask
libcurl which protocol is being used.

Verified with test 1312

Closes #760
2016-04-29 15:24:10 +02:00
Daniel Stenberg
9dbcab3a0c manpage-scan.pl: also verify the command line option docs
This script now also scans src/tool_getparam.c, docs/curl.1 and
src/tool_help.c and will warn if any of them lists a command line option
not mentioned in one of the other places.
2016-04-29 00:31:37 +02:00
Daniel Stenberg
6a9abbd4d4 test1139: verifies libcurl option man page presence
- checks that each option has its own man page present

- checks that each option is mentioned in its corresponding index man
  page
2016-04-28 16:30:22 +02:00
Daniel Stenberg
e504f03f8c test1322: verify stripping of trailing dot from host name
While being debated (in #716) and a violation of RFC 7230 section 5.4,
this test verifies that the existing functionality works as intended. It
strips the dot from the host name and uses the host without dot
throughout the internals.
2016-04-25 23:51:33 +02:00
Daniel Stenberg
62e3e75b80 test148: fixed after the --ftp-create-dirs retry change
follow-up commit to 3c1e84f569 as it made curl try a little harder
2016-04-25 23:10:13 +02:00
Daniel Stenberg
6de32d916f lib1517: checksrc compliance 2016-04-24 12:27:39 +02:00
33623d7196 PolarSSL: Implement public key pinning 2016-04-24 12:27:39 +02:00
Karlson2k
4fbd576930 tests: added test1517
... for checking ability to receive full HTTP response when POST request
is used with slow read callback function.

This test checks for bug #657 and verifies the work-around from
72d5e144fb.

Closes #720
2016-04-20 10:02:22 +02:00
Daniel Stenberg
a07727005a make/checksrc: use $srcdir, not $top_srcdir 2016-04-19 08:56:06 +02:00
Daniel Stenberg
ab493af731 checksrc/makefile.am: use $top_srcdir to find source files
... to properly support out of source tree builds.
2016-04-18 14:58:11 +02:00
Michael Kaufmann
cd8d236245 news: CURLOPT_CONNECT_TO and --connect-to
Makes curl connect to the given host+port instead of the host+port found
in the URL.
2016-04-17 23:50:59 +02:00
Steve Holme
066b224672 tests: Fixed header files to comply with our code style 2016-04-03 21:57:38 +01:00
Daniel Stenberg
3d94a113e9 tests: fix make checksrc in servers/ 2016-04-03 22:42:49 +02:00
Daniel Stenberg
a1a2470dbd tests: 'make checksrc' now checks server/ too 2016-04-03 22:38:36 +02:00
Daniel Stenberg
a332c4f769 tests/server: comply with our code style 2016-04-03 22:38:36 +02:00
Daniel Stenberg
a71012c03e code: style updates 2016-04-03 22:38:36 +02:00
Daniel Stenberg
a981141b19 unit: make unit test source code checksrc compliant 2016-04-03 22:38:36 +02:00
Daniel Stenberg
d3252e000c checksrc: run checksrc in tests when 'make checksrc' in root 2016-04-03 22:38:36 +02:00
Daniel Stenberg
adeaf95e20 lib557: allow too long lines 2016-04-03 22:38:36 +02:00
Daniel Stenberg
365322b8bc tests/libtest: follow our code style guidelines better
... checksrc of all test code is pending.
2016-04-03 11:57:34 +02:00
Daniel Stenberg
d4d87d7ead unit1604: fix snprintf
follow-up to 0326b06

sizeof(pointer) is no good for the buffer size!

Reported-by: Viktor Szakats
2016-04-03 10:47:13 +02:00
Steve Holme
0326b06770 unittests: Fixed compilation warnings
warning: implicit declaration of function 'sprintf_was_used'
         [-Wimplicit-function-declaration]

Follow up to the modications made to tests/libtest in commit 55452ebdff
as we prefer not to use sprintf() now.
2016-04-03 00:02:19 +01:00
Daniel Stenberg
55452ebdff curl/mprintf.h: remove support for _MPRINTF_REPLACE
The define is not in our name space and is therefore not protected by
our API promises.

It was only really used by libcurl internals but was mostly erased from
there already in 8aabbf5 (March 2015). This is supposedly the final
death blow to that define from everywhere.

As a side-effect, making sure _MPRINTF_REPLACE is gone and not used, I
made the lib tests in tests/libtest/ use curl_printf.h for its redefine
magic and then subsequently the use of sprintf() got banned in the tests
as well (as it is in libcurl internals) and I then replaced them all
with snprintf().

In the unlikely event that any users is actually using this define and
gets sad by this change, it is very easily copied to the user's own
code.
2016-04-01 10:46:36 +02:00
Daniel Stenberg
d532645afd build: use roffit 0.11 feature
... load file specified as argument.
2016-03-29 16:45:17 +02:00
Karlson2k
e32644851a sshserver.pl: use quotes for given options
Fixed failed redirection of stderr with some options. At least on Msys2,
perl fails to redirect stderr if $value contains newline or other weird
characters.
2016-03-26 23:34:55 +01:00
Daniel Stenberg
d5e7f50e63 Revert "sshserver: remove use of AuthorizedKeysFile2"
It seems we may have some autobuild problems after this commit went
in. Trying to see if a revert helps to get them back.

This reverts commit 2716350d1f.
2016-03-22 10:43:55 +01:00
Daniel Stenberg
2716350d1f sshserver: remove use of AuthorizedKeysFile2
Support for the (undocumented) AuthorizedKeysFile2 was removed in
OpenSSH 5.9, released in September 2011

Closes #715
2016-03-21 00:53:02 +01:00
Daniel Stenberg
42a93d4364 runtests: mention when run event-based 2016-03-14 15:39:16 +01:00
Daniel Stenberg
7f7fcd0d75 cookies: first n/v pair in Set-Cookie: is the cookie, then parameters
RFC 6265 section 4.1.1 spells out that the first name/value pair in the
header is the actual cookie name and content, while the following are
the parameters.

libcurl previously had a more liberal approach which causes significant
problems when introducing new cookie parameters, like the suggested new
cookie priority draft.

The previous logic read all n/v pairs from left-to-right and the first
name used that wassn't a known parameter name would be used as the
cookie name, thus accepting "Set-Cookie: Max-Age=2; person=daniel" to be
a cookie named 'person' while an RFC 6265 compliant parser should
consider that to be a cookie named 'Max-Age' with an (unknown) parameter
'person'.

Fixes #709
2016-03-10 11:26:12 +01:00
Tim Rühsen
c140bd7891 cookie: do not refuse cookies for localhost
Closes #658
2016-03-08 15:27:43 +01:00
Daniel Stenberg
e6293cf876 test46: change cookie expiry date
Since two of the cookies would now otherwise expire and cause the test
to fail after commit 20de9b4f09

Discussed in #697
2016-03-06 16:22:49 +01:00
Kamil Dudka
effa575fc7 tests/sshserver.pl: use RSA instead of DSA for host auth
DSA is no longer supported by OpenSSH 7.0, which causes all SCP/SFTP
test cases to be skipped.  Using RSA for host authentication works with
both old and new versions of OpenSSH.

Reported-by: Karlson2k

Closes #676
2016-02-23 11:55:18 +01:00
Jay Satiro
186546f1c5 TFTP: add option to suppress TFTP option requests (Part 2)
- Add tests.

- Add an example to CURLOPT_TFTP_NO_OPTIONS.3.

- Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS.

Bug: https://github.com/curl/curl/issues/481
2016-02-23 03:01:07 -05:00
Karlson2k
527e86b054 runtests: Fixed usage of %PWD on MinGW64
Closes #672
2016-02-22 00:07:32 +01:00
Dan Fandrich
e50674ad28 Enabled test 1437 after the bug fix in commit 3fa220a6 2016-02-20 11:34:15 +01:00
Dan Fandrich
fe37695aa9 Added test 1437 to verify a memory leak
Reported-by: neex@users.noreply.github.com
2016-02-19 10:45:09 +01:00
Dan Fandrich
0443187611 test1604: Add to Makefile.inc so it gets run 2016-02-13 22:49:45 +01:00
Jay Satiro
4fc80f3e75 tool_doswin: Support for literal path prefix \\?\
For example something like --output \\?\C:\foo
2016-02-09 03:28:58 -05:00
Daniel Stenberg
18c735e790 cookies: allow spaces in cookie names, cut of trailing spaces
It turns out Firefox and Chrome both allow spaces in cookie names and
there are sites out there using that.

Turned out the code meant to strip off trailing space from cookie names
didn't work. Fixed now.

Test case 8 modified to verify both these changes.

Closes #639
2016-02-08 15:49:54 +01:00
Daniel Stenberg
113f04e664 Proxy-Connection: stop sending this header by default
RFC 7230 says we should stop. Firefox already stopped.

Bug: https://github.com/curl/curl/issues/633
Reported-By: Brad Fitzpatrick

Closes #633
2016-02-08 11:09:40 +01:00
Jay Satiro
a6208704e7 unit1604: Fix unit setup return code 2016-02-05 13:37:39 -05:00
Jay Satiro
4520534e6d tool_doswin: Improve sanitization processing
- Add unit test 1604 to test the sanitize_file_name function.

- Use -DCURL_STATICLIB when building libcurltool for unit testing.

- Better detection of reserved DOS device names.

- New flags to modify sanitize behavior:

SANITIZE_ALLOW_COLONS: Allow colons
SANITIZE_ALLOW_PATH: Allow path separators and colons
SANITIZE_ALLOW_RESERVED: Allow reserved device names
SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename

- Restore sanitization of banned characters from user-specified outfile.

Prior to this commit sanitization of a user-specified outfile was
temporarily disabled in 2b6dadc because there was no way to allow path
separators and colons through while replacing other banned characters.
Now in such a case we call the sanitize function with
SANITIZE_ALLOW_PATH which allows path separators and colons to pass
through.


Closes https://github.com/curl/curl/issues/624
Reported-by: Octavio Schroeder
2016-02-05 01:44:27 -05:00
Viktor Szakats
d49881cb19 URLs: change more http to https 2016-02-04 18:46:54 -05:00
Viktor Szakats
20dcd19501 URLs: follow GitHub project rename (also Travis CI)
Closes #632
2016-02-04 23:01:38 +01:00
Viktor Szakats
b4f595bde4 URLs: change more http to https 2016-02-02 22:29:47 -05:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Daniel Stenberg
41ae9f717a dotdot: allow an empty input string too
It isn't used by the code in current conditions but for safety it seems
sensible to at least not crash on such input.

Extended unit test 1395 to verify this too as well as a plain "/" input.
2016-02-02 22:43:54 +01:00
Jay Satiro
d566371130 tests: Add a test for pinnedpubkey fail even when insecure
Because disabling the peer verification (--insecure) must not disable
the public key pinning check (--pinnedpubkey).
2016-01-18 03:10:10 -05:00
Mohammad AlSaleh
3d209b5fb0 lib: Prefix URLs with lower-case protocol names/schemes
Before this patch, if a URL does not start with the protocol
name/scheme, effective URLs would be prefixed with upper-case protocol
names/schemes. This behavior might not be expected by library users or
end users.

For example, if `CURLOPT_DEFAULT_PROTOCOL` is set to "https". And the
URL is "hostname/path". The effective URL would be
"HTTPS://hostname/path" instead of "https://hostname/path".

After this patch, effective URLs would be prefixed with a lower-case
protocol name/scheme.

Closes #597

Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com>
2016-01-11 23:38:42 +01:00
Jay Satiro
036c465e88 runtests: Add mbedTLS to the SSL backends
.. and enable SSLpinning tests for mbedTLS, BoringSSL and LibreSSL.
2016-01-10 02:56:26 -05:00
Michael Kaufmann
d9b4d1ce20 connection reuse: IDN host names fixed
Use the ACE form of IDN hostnames as key in the connection cache.  Add
new tests.

Closes #592
2016-01-08 00:19:46 +01:00
Daniel Stenberg
336e8feec4 tests: mark IPv6 FTP and FTPS tests with the FTP keyword 2016-01-07 14:30:55 +01:00
Marc Hoersken
2aec4359db test 1515: add data check 2015-12-26 17:25:59 +01:00
Marc Hoersken
38b055446a test 1515: add MSYS support by passing a relative path
MSYS would otherwise turn a /-style path into a C:\-style path.
2015-12-26 17:25:42 +01:00
Marc Hoersken
4ca246c3a8 test 539: use datacheck mode text for ASCII-mode LISTings
While still using datacheck mode binary for the inline reply data.
2015-12-26 11:01:47 +01:00
Marc Hoersken
a9ebd1bddc runtests.pl: check up to 5 data parts with different text modes
Move the text-mode conversion for reply/replycheck from the verify
section into the load section and add support for 4 more check parts.
2015-12-26 11:01:47 +01:00
Marc Hoersken
8fb8e16ea4 tests 1048 and 1050: use datacheck mode text for ASCII-mode LISTings 2015-12-24 14:56:47 +01:00
Marc Hoersken
2eb933e8aa tests 706 and 707: use datacheck mode text for ASCII-mode LISTings 2015-12-24 14:48:36 +01:00
Marc Hoersken
08554dff65 tests 400,403,406: use datacheck mode text for ASCII-mode LISTings 2015-12-24 14:22:26 +01:00
Marc Hoersken
7bf5f6e054 sockfilt.c: fix calculation of sleep timeout on Windows
Not converting to double caused small timeouts to be skipped.
2015-12-23 15:04:02 +01:00
Marc Hoersken
520bd9e49f tests first.c: fix calculation of sleep timeout on Windows
Not converting to double caused small timeouts to be skipped.
2015-12-23 15:03:40 +01:00
Marc Hoersken
24cf20ec68 test 573: add more debug output 2015-12-23 15:02:43 +01:00
Marc Hoersken
fcabed6cd8 test 16: fix on Linux (and Windows) by using plain ASCII characters
Follow up on b064ff0c35, thanks Daniel.
2015-12-23 13:35:36 +01:00
Marc Hoersken
18c95d4bc0 tftpd server: add Windows support by writing files in binary mode 2015-12-23 13:04:00 +01:00
Marc Hoersken
328771981a tests 252-255: use datacheck mode text for ASCII-mode LISTings 2015-12-23 12:49:40 +01:00
Marc Hoersken
b064ff0c35 test 16: fix on Windows by converting data file from ANSI to UTF-8 2015-12-23 12:41:52 +01:00
Marc Hoersken
5e0e81a9c4 test 1326: fix file check since curl is outputting binary data 2015-12-17 16:04:33 +01:00
Marc Hoersken
9e093f0e74 test 1326: fix getting stuck on Windows due to incomplete request
The request needs to be read and send in binary mode in order to use
CRLF instead of LF. Adding --upload-file - causes curl to read stdin
in binary mode.
2015-12-17 15:14:36 +01:00
Marc Hoersken
c3eeb526ae sockfilt.c: added some debug output to select_ws 2015-12-16 15:33:36 +01:00
Marc Hoersken
234abd9013 sockfilt.c: keep lines shorter than 80 chars 2015-12-16 15:33:13 +01:00
Marc Hoersken
f4646b9069 sockfilt.c: do not wait on unreliable file or pipe handle
The previous implementation caused issues on modern MSYS2 runtimes.
2015-12-16 15:32:31 +01:00
Daniel Stenberg
536f5f442e curl: use 2TLS by default
Make this the default for the curl tool (if built with HTTP/2 powers
enabled) unless a specific HTTP version is requested on the command
line.

This should allow more users to get HTTP/2 powers without having to
change anything.
2015-12-13 09:26:43 +01:00
Steve Holme
a62000ecc9 tests: Corrected copy and pasted comments from commit e643c5c908 2015-12-03 23:31:24 +00:00
Steve Holme
5eba895b4c test947: Corrected typo in test name 2015-12-02 23:45:29 +00:00
Steve Holme
e643c5c908 tests: Disable the OAUTHBEARER tests when using a non-default port number
Tests 842, 843, 844, 845, 887, 888, 889, 890, 946, 947, 948 and 949 fail
if a custom port number is specified via the -b option of runtests.pl.

Suggested by: Kamil Dudka
Bug: http://curl.haxx.se/mail/lib-2015-12/0003.html
2015-12-02 23:10:02 +00:00
Daniel Stenberg
facf2925c7 test1513: make sure the callback is only called once 2015-11-24 23:33:37 +01:00
Steve Holme
f024ece8c7 Makefile.inc: Fixed test run error
test845 not present in tests/data/Makefile.inc
2015-11-21 00:04:57 +00:00
Steve Holme
bbb34b6f15 tests: Re-enabled tests 889 and 890 following POP3 fix 2015-11-20 07:04:19 +00:00
Steve Holme
3c4065f402 tests: Disabled 889 and 890 until we support POP3 continuation responses
As POP3 final and continuation responses both begin with a + character,
and both the finalcode and contcode variables in SASLprotoc are set as
such, we cannot tell the difference between them when we are expecting
an optional continuation from the server such as the following:

+ something else from the server
+OK final response

Disabled these tests until such a time we can tell the responses apart.
2015-11-15 20:14:46 +00:00
Steve Holme
d0ddfe2216 tests: Corrected typos from commit ba4d8f7eba 2015-11-15 20:11:55 +00:00
Steve Holme
ca770d87e2 tests: Added OAUTHBEARER failure response tests 2015-11-15 20:11:54 +00:00
Steve Holme
808a17ee67 tests: Renamed existing OAuth 2.0 (XOAUTH) tests 2015-11-14 11:19:57 +00:00
Steve Holme
ba4d8f7eba tests: Added OAuth 2.0 (OAUTHBEARER) tests 2015-11-14 11:16:04 +00:00
dfandrich
eb3703f052 unit1603: Demote hash mismatch failure to a warning
The hashes can vary between architectures (e.g. Sparc differs from x86_64).
This is not a fatal problem but just reduces the coverage of these white-box
tests, as the assumptions about into which hash bucket each key falls are no
longer valid.
2015-11-12 23:50:18 +01:00
dfandrich
d7e352402c unit1603: Added unit tests for hash functions 2015-11-12 22:49:32 +01:00
dfandrich
278ea24a7a unit1602: Fixed failure in torture test 2015-11-12 22:47:37 +01:00
Daniel Stenberg
a7c4bcd971 runtests: more compact "System characteristics" output
- no point in repeating curl features that is already listed as features
  from the curl -V output

- remove the port numbers/unix domain path from the output unless
  verbose is used, as that is rarely interesting to users.
2015-11-12 15:32:48 +01:00
Daniel Stenberg
3c24400636 runtests: rename conditional curl-features to $has_[name] 2015-11-12 14:50:13 +01:00
Justin Ehlert
23b8fc15c8 imap: Don't check for continuation when executing a CUSTOMREQUEST
Bug: https://github.com/bagder/curl/issues/486
Closes https://github.com/bagder/curl/pull/487
2015-11-08 12:12:33 +00:00
Daniel Stenberg
60c86297bf tftp tests: verify sent options too
The tftpd test server now logs all received options and thus all TFTP
test cases need to match them exactly.

Extended test 283 to use and verify --tftp-blksize.
2015-11-06 10:55:30 +01:00
Daniel Stenberg
3f7b1bb89f http redirects: %-encode bytes outside of ascii range
Apparently there are sites out there that do redirects to URLs they
provide in plain UTF-8 or similar. Browsers and wget %-encode such
headers when doing a subsequent request. Now libcurl does too.

Added test 1138 to verify.

Closes #473
2015-11-02 12:48:03 +01:00
Daniel Stenberg
ca5f9341ef formadd: support >2GB files on windows
Closes #425
2015-11-02 08:41:46 +01:00
Daniel Stenberg
eefd5a95af test1137: verify --ignore-content-length for FTP 2015-10-23 15:24:56 +02:00
Daniel Stenberg
4c773bcb47 tests/FILEFORMAT: mention PSL as a valid feture to check for
For example in test 1136
2015-10-18 23:25:26 +02:00
Daniel Stenberg
cb922d47d6 teste1136: only run when PSL is enabled 2015-10-18 23:20:08 +02:00
Tim Rühsen
e77b5b7453 cookies: Add support for Mozilla's Publix Suffix List
Use libpsl to check the domain value of Set-Cookie headers (and cookie
jar entries) for not being a Publix Suffix.

The configure script checks for "libpsl" by default. Disable the check
with --without-libpsl.

Ref: https://publicsuffix.org/
Ref: https://github.com/publicsuffix/list
Ref: https://github.com/rockdaboot/libpsl
2015-10-17 16:37:49 +02:00
Dan Fandrich
3fde8a4971 test1601: fix compilation with --enable-debug and --disable-crypto-auth 2015-10-16 23:04:54 +02:00
Dan Fandrich
854976ad7b test1531: case the size to fix the test on non-largefile builds 2015-10-14 22:00:09 +02:00
Jay Satiro
c6ff538ebd runtests: Fix pid check in checkdied
Because the 'not' operator has a very low precedence and as a result the
entire statement was erroneously negated and could never be true.
2015-09-29 22:08:57 -04:00
Daniel Stenberg
0110cced2a tests: disable 1510 due to CI-problems on github 2015-09-23 13:53:38 +02:00
Daniel Stenberg
37af1766e9 tests: disable 1801 until fixed
It is unreliable and causes CI problems on github

Closes #380
2015-09-20 13:12:44 +02:00
Nathaniel Waisbrot
9756d1da76 CURLOPT_DEFAULT_PROTOCOL: added
- Add new option CURLOPT_DEFAULT_PROTOCOL to allow specifying a default
protocol for schemeless URLs.

- Add new tool option --proto-default to expose
CURLOPT_DEFAULT_PROTOCOL.

In the case of schemeless URLs libcurl will behave in this way:

When the option is used libcurl will use the supplied default.

When the option is not used, libcurl will follow its usual plan of
guessing from the hostname and falling back to 'http'.
2015-08-22 21:57:14 -04:00
Jay Satiro
22cb631198 runtests: Allow for spaces in server-verify curl custom path 2015-08-22 21:19:34 -04:00
Jay Satiro
9518139c73 gitignore: Sort for readability
find . -name .gitignore -print0 | xargs -i -0 sort -o '{}' '{}'
2015-08-18 01:03:05 -04:00
Daniel Stenberg
002d58f1e8 test46: update cookie expire time
... since it went old and thus was expired and caused the test to fail!
2015-08-10 00:12:12 +02:00
Daniel Stenberg
0f645adc95 test1902: attempt to make the test more reliable
Closes #355
2015-07-26 22:20:26 +02:00
Jay Satiro
172b2beba6 SSL: Add an option to disable certificate revocation checks
New tool option --ssl-no-revoke.
New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS.

Currently this option applies only to WinSSL where we have automatic
certificate revocation checking by default. According to the
ssl-compared chart there are other backends that have automatic checking
(NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at
some later point.

Bug: https://github.com/bagder/curl/issues/264
Reported-by: zenden2k <zenden2k@gmail.com>
2015-07-17 02:40:16 -04:00
Jay Satiro
606b29fe0d runtests: Allow for spaces in curl custom path
.. also fix some typos in test's FILEFORMAT spec.
2015-07-16 22:21:07 -04:00
Kamil Dudka
cd20e81e89 libtest: call PR_Cleanup() on exit if NSPR is used
This prevents valgrind from reporting possibly lost memory that NSPR
uses for file descriptor cache and other globally allocated internal
data structures.

Reported-by: Štefan Kremeň
2015-07-14 21:52:33 +02:00
Dan Fandrich
ce1bf87a04 test2041: fixed line endings in protocol part 2015-07-02 08:32:18 +02:00
55b78c5ae9 SSL: Pinned public key hash support 2015-07-01 19:43:47 +02:00
Jay Satiro
66a5f76583 multi: Move http2 push function declarations to header end
This change necessary for binary compatibility.

Prior to this change test 1135 failed due to the order of functions.
2015-06-30 17:19:21 -04:00
Roger Leigh
e3e06e1aee tests: Distribute CMakeLists.txt files in subdirectories 2015-06-25 07:48:50 -07:00
Daniel Stenberg
5156982377 test1531: verify POSTFIELDSIZE set after add_handle
Following the fix made in 903b6e0556.
2015-06-23 17:51:03 -07:00
Kamil Dudka
24f0b6ebf7 test2040: verify basic auth on re-used connections 2015-06-17 07:43:13 +02:00
Dan Fandrich
55fc47a401 test1530: added http to required features 2015-06-14 22:38:39 +02:00
Daniel Stenberg
20ac345806 CURLOPT_OPENSOCKETFUNCTION: return error at once
When CURL_SOCKET_BAD is returned in the callback, it should be treated
as an error (CURLE_COULDNT_CONNECT) if no other socket is subsequently
created when trying to connect to a server.

Bug: http://curl.haxx.se/mail/lib-2015-06/0047.html
2015-06-09 00:22:02 +02:00
Isaac Boukris
4bb815a32e HTTP-NTLM: fail auth on connection close instead of looping
Bug: https://github.com/bagder/curl/issues/256
2015-05-31 23:21:15 +02:00
Dan Fandrich
4a79475b13 testcurl.pl: use rel2abs to make the source directory absolute
This function makes a platform-specific absolute path which uses
backslashes on Windows. This form works when passing it on the
command-line, as well as if the source is on another drive.
2015-05-24 12:09:34 +02:00
Dan Fandrich
ef02da3156 test1510: another flaky test 2015-05-23 16:28:09 +02:00
Dan Fandrich
126e7f7253 testcurl.pl: allow source to be in an arbitrary directory
This way, the build directory can be located on an entirely different
filesystem from the source code (e.g. a tmpfs).
2015-05-21 09:14:40 +02:00
Anthony Avina
4883f7019d hostip: fix unintended destruction of hash table
.. and added unit1602 for hash.c
2015-05-18 11:15:43 +02:00
Daniel Stenberg
d69eee0964 runtests.pl: use 'h2c' now, no -14 anymore 2015-05-18 10:10:55 +02:00
Daniel Stenberg
b419e7ae0c hostcache: made all host caches use structs, not pointers
This avoids unnecessary dynamic allocs and as this also removed the last
users of *hash_alloc() and *hash_destroy(), those two functions are now
removed.
2015-05-12 09:46:53 +02:00
Daniel Stenberg
6ba2e88a64 CURLOPT_HEADEROPT: default to separate
Make the HTTP headers separated by default for improved security and
reduced risk for information leakage.

Bug: http://curl.haxx.se/docs/adv_20150429.html
Reported-by: Yehezkel Horowitz, Oren Souroujon
2015-04-28 21:02:37 +02:00
Daniel Stenberg
1945f99d59 sws: init http2 state properly
It would otherwise cause problems when running tests after 1801 etc.
2015-04-27 08:38:52 +02:00
Daniel Stenberg
c0700e3c7f runtests: use a DISABLED.local file too
... and have git ignore that. Allows for a dev to add tests to ignore in
local tests and yet don't obstruct a normal git work flow.
2015-04-26 19:59:13 +02:00
Dan Fandrich
f1e0a0aae7 test2039: fixed line endings that caused a test failure 2015-04-25 10:17:46 +02:00
Viktor Szakats
047e6aa05c netrc: add unit tests for 'default' support 2015-04-24 23:57:55 +02:00
Kamil Dudka
710a2e99b5 curl -z: do not write empty file on unmet condition
This commit fixes a regression introduced in curl-7_41_0-186-g261a0fe.
It also introduces a regression test 1424 based on tests 78 and 1423.

Reported-by: Viktor Szakats
Bug: https://github.com/bagder/curl/issues/237
2015-04-23 14:42:07 +02:00
Jay Satiro
0675abbc75 cyassl: Implement public key pinning
Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
2015-04-22 17:07:19 -04:00
Kamil Dudka
27ace9893c tests/unit/.gitignore: hide unit1601 and above, too 2015-04-22 14:20:20 +02:00
Kamil Dudka
b47c17d67c nss: implement public key pinning for NSS backend
Bug: https://bugzilla.redhat.com/1195771
2015-04-22 13:21:31 +02:00
Dan Fandrich
1e6d0e06f7 test1423: added missing "file" to server section 2015-04-18 21:12:36 +02:00
Kamil Dudka
992a731116 test142[23]: verify that an empty file is stored on success 2015-04-08 09:43:13 +02:00
Stefan Bühler
0db831976e fix refreshing of obsolete dns cache entries
- cache entries must be also refreshed when they are in use
- have the cache count as inuse reference too, freeing timestamp == 0 special
  value
- use timestamp == 0 for CURLOPT_RESOLVE entries which don't get refreshed
- remove CURLOPT_RESOLVE special inuse reference (timestamp == 0 will prevent refresh)
- fix Curl_hostcache_clean - CURLOPT_RESOLVE entries don't have a special
  reference anymore, and it would also release non CURLOPT_RESOLVE references
- fix locking in Curl_hostcache_clean
- fix unit1305.c: hash now keeps a reference, need to set inuse = 1
2015-04-03 16:46:14 +02:00
Tatsuhiro Tsujikawa
21e82bd635 http2: Fix missing nghttp2_session_send call in Curl_http2_switched
Previously in Curl_http2_switched, we called nghttp2_session_mem_recv to
parse incoming data which were already received while curl was handling
upgrade.  But we didn't call nghttp2_session_send, and it led to make
curl not send any response to the received frames.  Most likely, we
received SETTINGS from server at this point, so we missed opportunity to
send SETTINGS + ACK.  This commit adds missing nghttp2_session_send call
in Curl_http2_switched to fix this issue.

Bug: https://github.com/bagder/curl/issues/192
Reported-by: Stefan Eissing
2015-04-02 15:19:29 +02:00
Daniel Stenberg
2685041a5c cookie: handle spaces after the name in Set-Cookie
"name =value" is fine and the space should just be skipped.

Updated test 31 to also test for this.

Bug: https://github.com/bagder/curl/issues/195
Reported-by: cromestant
Help-by: Frank Gevaerts
2015-04-01 23:25:29 +02:00
Dan Fandrich
9a743bc5fc runtests.pl: detect WolfSSL as yassl 2015-03-28 00:26:45 +01:00
Dan Fandrich
a45146868b testcurl.pl: add the --notes option to supply more info about a build
Support for notes has been in place for a while, but it required
being added to the setup file manually.
2015-03-24 23:47:01 +01:00
Daniel Stenberg
5d23279299 CURLOPT_PATH_AS_IS: added
--path-as-is is the command line option

Added docs in curl.1 and CURLOPT_PATH_AS_IS.3

Added test in test 1241
2015-03-24 10:31:58 +01:00
Dan Fandrich
148207e2d7 test1513: eliminated race condition in test run
It seems that some systems (e.g. fairly consistently in some recent
Solaris autobuilds) would manage to get to the connect phase before the
progress callback was called, resulting in a CURLE_COULDNT_CONNECT
error. Reworked the test to point at a test server that never returns a
full result so the progress callback always gets a chance to be called
before the transfer can complete in some other way.
2015-03-22 00:03:44 +01:00
Dan Fandrich
f9251a5c86 tests/certs: rebuild certificates with modified key usage bits
The certificates were missing the digitalSignature and keyAgreement
usage types, of which at least digitalSignature was checked by CyaSSL.
This caused the test server in test 310 (among others) to fail the
startup verification and therefore run (see
http://curl.haxx.se/mail/lib-2014-07/0303.html).
2015-03-21 16:33:58 +01:00
Dan Fandrich
38c304a58f tests/certs: added make target to rebuild certificates
The certificate generation scripts were also updated to better match the
format of the certificates currently checked in.
2015-03-21 16:33:58 +01:00
Dagobert Michelsen
57dc2f7e40 testcurl: Allow '=' in values given on command line 2015-03-21 15:57:08 +01:00
Dan Fandrich
61ff197a27 test938: added missing closing tags 2015-03-21 01:27:44 +01:00
Daniel Stenberg
0f4a03cbb6 free: instead of Curl_safefree()
Since we just started make use of free(NULL) in order to simplify code,
this change takes it a step further and:

- converts lots of Curl_safefree() calls to good old free()
- makes Curl_safefree() not check the pointer before free()

The (new) rule of thumb is: if you really want a function call that
frees a pointer and then assigns it to NULL, then use Curl_safefree().
But we will prefer just using free() from now on.
2015-03-16 15:01:15 +01:00
Markus Elfring
29c655c0a6 Bug #149: Deletion of unnecessary checks before calls of the function "free"
The function "free" is documented in the way that no action shall occur for
a passed null pointer. It is therefore not needed that a function caller
repeats a corresponding check.
http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first

This issue was fixed by using the software Coccinelle 1.0.0-rc24.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2015-03-16 12:13:56 +01:00
Daniel Stenberg
0cf649d9cc http2: detect prematures close without data transfered
... by using the regular Curl_http_done() method which checks for
that. This makes test 1801 fail consistently with error 56 (which seems
fine) to that test is also updated here.

Reported-by: Ben Darnell
Bug: https://github.com/bagder/curl/issues/166
2015-03-14 18:19:51 +01:00