1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00
Commit Graph

3780 Commits

Author SHA1 Message Date
Daniel Stenberg
3130414ce7
http-proxy: treat all 2xx as CONNECT success
Added test 1904 to verify.

Reported-by: Lawrence Wagerfield
Fixes #1859
Closes #1860
2017-09-05 09:47:46 +02:00
Daniel Stenberg
4ed618c023
test1135: fixed after bd8070085f 2017-09-04 11:44:42 +02:00
Patrick Monnerat
1ab9e9b50a lib: bump version info (soname). Adapt and reenable test 1135. 2017-09-04 00:35:53 +01:00
Patrick Monnerat
7e36b30da8 mime: fix signed/unsigned conversions.
Use and generate CURL_ZERO_TERMINATED in curl tool and tests.
2017-09-03 17:51:18 +01:00
Patrick Monnerat
1a3f4c1991 mime: remove support "-" stdin pseudo-file name in curl_mime_filedata().
This feature is badly supported in Windows: as a replacement, a caller has
to use curl_mime_data_cb() with fread, fseek and possibly fclose
callbacks to process opened files.

The cli tool and documentation are updated accordingly.

The feature is however kept internally for form API compatibility, with
the known caveats it always had.

As a side effect, stdin size is not determined by the cli tool even if
possible and this results in a chunked transfer encoding. Test 173 is
updated accordingly.
2017-09-03 14:45:43 +01:00
Patrick Monnerat
3baf36edf6 mime: tests and examples.
Additional mime-specific tests.
Existing tests updated to reflect small differences (Expect: 100-continue,
data size change due to empty lines, etc).
Option -F headers= keyword added to tests.
test1135 disabled until the entry point order change is resolved.
New example smtp-mime.
Examples postit2 and multi-post converted from form API to mime API.
2017-09-02 19:08:45 +01:00
Patrick Monnerat
ce0881edee mime: new MIME API.
Available in HTTP, SMTP and IMAP.
Deprecates the FORM API.
See CURLOPT_MIMEPOST.
Lib code and associated documentation.
2017-09-02 17:47:10 +01:00
Patrick Monnerat
5bae72734b test564: Add a warning comment about shell profile output.
Shell profile output makes the SSH server failing and this problem reason
is not easy to find when no hint is given.
2017-09-02 13:01:15 +01:00
Patrick Monnerat
989e4d4a31 runtests.pl: allow <file[1-4]> tags in client section.
This enables tests to create more than one file on the client side.
2017-09-02 12:57:13 +01:00
Patrick Monnerat
f0cda34145 runtests.pl: Apply strippart to upload too.
This will allow substitution of boundaries in mail messages.
2017-09-02 12:55:28 +01:00
Max Dymond
57001ce3bb ossfuzz: Move to C++ for curl_fuzzer.
Automake gets confused if you want to use C++ static libraries with C
code - basically we need to involve the clang++ linker. The easiest way
of achieving this is to rename the C code as C++ code. This gets us a
bit further along the path and ought to be compatible with Google's
version of clang.
2017-09-02 11:07:55 +02:00
Max Dymond
1cf323ec4e
ossfuzz: additional seed corpora
Create simple seed corpora for:
- FTP
- telnet
- dict
- tftp
- imap
- pop3

based off the tests of the same number.

Closes #1842
2017-09-01 11:23:07 +02:00
Max Dymond
efeb4a3176
ossfuzz: moving towards the ideal integration
- Start with the basic code from the ossfuzz project.
- Rewrite fuzz corpora to be binary files full of Type-Length-Value
  data, and write a glue layer in the fuzzing function to convert
  corpora into CURL options.
- Have supporting functions to generate corpora from existing tests
- Integrate with Makefile.am
2017-09-01 11:22:51 +02:00
Daniel Stenberg
529f056809
unit1301: fix error message on first test 2017-08-31 11:37:13 +02:00
Dan Fandrich
82604c5007 unit1606: Fixed shadowed variable warning 2017-08-28 23:55:55 +02:00
Johannes Schindelin
1328f69d53
vtls: introduce curl_global_sslset()
Let's add a compile time safe API to select an SSL backend. This
function needs to be called *before* curl_global_init(), and can be
called only once.

Side note: we do not explicitly test that it is called before
curl_global_init(), but we do verify that it is not called multiple times
(even implicitly).

If SSL is used before the function was called, it will use whatever the
CURL_SSL_BACKEND environment variable says (or default to the first
available SSL backend), and if a subsequent call to
curl_global_sslset() disagrees with the previous choice, it will fail
with CURLSSLSET_TOO_LATE.

The function also accepts an "avail" parameter to point to a (read-only)
NULL-terminated list of available backends. This comes in real handy if
an application wants to let the user choose between whatever SSL backends
the currently available libcurl has to offer: simply call

	curl_global_sslset(-1, NULL, &avail);

which will return CURLSSLSET_UNKNOWN_BACKEND and populate the avail
variable to point to the relevant information to present to the user.

Just like with the HTTP/2 push functions, we have to add the function
declaration of curl_global_sslset() function to the header file
*multi.h* because VMS and OS/400 require a stable order of functions
declared in include/curl/*.h (where the header files are sorted
alphabetically). This looks a bit funny, but it cannot be helped.

Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-28 14:56:59 +02:00
Dan Fandrich
d7d0c9d953 tests: Make sure libtests & unittests call curl_global_cleanup()
These were missed in commit c468c27b.
2017-08-26 22:01:42 +02:00
Daniel Stenberg
3e1245504b
fuzz/Makefile.am: remove curlbuild.h leftovers 2017-08-25 11:01:07 +02:00
Daniel Stenberg
befaa7b14f
imap: support PREAUTH
It is a defined possible greeting at server startup that means the
connection is already authenticated. See
https://tools.ietf.org/html/rfc3501#section-7.1.4

Test 846 added to verify.

Fixes #1818
Closes #1820
2017-08-23 23:58:49 +02:00
Dan Fandrich
78a6d917c5 test1453: Fixed <features> 2017-08-23 09:03:13 +02:00
Even Rouault
16c71fafb9
tftp: fix memory leak on too long filename
Fixes

$ valgrind --leak-check=full ~/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz

==9752== Memcheck, a memory error detector
==9752== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==9752== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==9752== Command: /home/even/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz
==9752==
curl: (71) TFTP file name too long

==9752==
==9752== HEAP SUMMARY:
==9752== 505 bytes in 1 blocks are definitely lost in loss record 11 of 11
==9752==    at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9752==    by 0x4E61CED: Curl_urldecode (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
==9752==    by 0x4E75868: tftp_state_machine (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
==9752==    by 0x4E761B6: tftp_do (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
==9752==    by 0x4E711B6: multi_runsingle (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
==9752==    by 0x4E71D00: curl_multi_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
==9752==    by 0x4E6950D: curl_easy_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0)
==9752==    by 0x40E0B7: operate_do (in /home/even/install-curl-git/bin/curl)
==9752==    by 0x40E849: operate (in /home/even/install-curl-git/bin/curl)
==9752==    by 0x402693: main (in /home/even/install-curl-git/bin/curl)

Fixes https://oss-fuzz.com/v2/testcase-detail/5232311106797568
Credit to OSS Fuzz

Closes #1808
2017-08-19 23:26:30 +02:00
Dan Fandrich
b9e22e9575 runtests: fixed case insensitive matching of keywords
Commit 5c2aac71 didn't work in the case of mixed-case keywords given on
the command-line.
2017-08-19 22:07:15 +02:00
Dan Fandrich
c468c27b5a tests: Make sure libtests call curl_global_cleanup()
This ensures that global data allocations are freed so Valgrind stays
happy. This was a problem with at least PolarSSL and mbedTLS.
2017-08-19 21:42:47 +02:00
Daniel Stenberg
ab2ef24d5d
lib557: no longer use CURL_SIZEOF_* defines 2017-08-17 10:27:00 +02:00
Daniel Stenberg
c95eff4a11
ftp: fix CWD when doing multicwd then nocwd on same connection
Fixes #1782
Closes #1787
Reported-by: Peter Lamare
2017-08-17 10:08:11 +02:00
Viktor Szakats
b7b4dc0d49 ssh: add the ability to enable compression (for SCP/SFTP)
The required low-level logic was already available as part of
`libssh2` (via `LIBSSH2_FLAG_COMPRESS` `libssh2_session_flag()`[1]
option.)

This patch adds the new `libcurl` option `CURLOPT_SSH_COMPRESSION`
(boolean) and the new `curl` command-line option `--compressed-ssh`
to request this `libssh2` feature. To have compression enabled, it
is required that the SSH server supports a (zlib) compatible
compression method and that `libssh2` was built with `zlib` support
enabled.

[1] https://www.libssh2.org/libssh2_session_flag.html

Ref: https://github.com/curl/curl/issues/1732
Closes https://github.com/curl/curl/pull/1735
2017-08-17 03:32:00 -04:00
Ryan Winograd
43d036e724
progress: Track total times following redirects
Update the progress timers `t_nslookup`, `t_connect`, `t_appconnect`,
`t_pretransfer`, and `t_starttransfer` to track the total times for
these activities when a redirect is followed. Previously, only the times
for the most recent request would be tracked.

Related changes:

  - Rename `Curl_pgrsResetTimesSizes` to `Curl_pgrsResetTransferSizes`
    now that the function only resets transfer sizes and no longer
    modifies any of the progress timers.

  - Add a bool to the `Progress` struct that is used to prevent
    double-counting `t_starttransfer` times.

Added test case 1399.

Fixes #522 and Known Bug 1.8
Closes #1602
Reported-by: joshhe on github
2017-08-15 18:58:31 +02:00
Daniel Stenberg
91c46dc44e
test1449: FTP download range with an too large size 2017-08-14 23:33:53 +02:00
Daniel Stenberg
5c2aac7162
runtests: match keywords case insensitively 2017-08-14 23:05:11 +02:00
Daniel Stenberg
6bde13a531
test1448: verify redirect to IDN using URL
Closes #1772
2017-08-13 00:04:27 +02:00
Daniel Stenberg
47e4a6fa1c
test2032: mark as flaky (again) 2017-08-13 00:00:39 +02:00
Dan Fandrich
2747aec348 test1447: require a curl with http support 2017-08-12 12:53:14 +02:00
Daniel Stenberg
be2a4c1784
test2033: this went flaky again
Suspicion: when we enabled the threaded resolver by default.
2017-08-11 23:53:47 +02:00
Daniel Stenberg
77cd4e7693
test1447: verifies the parse proxy fix in 6e0e152ce5 2017-08-11 11:58:34 +02:00
Adam Sampson
7e949de1d2
dist: Add dictserver.py/negtelnetserver.py to EXTRA_DIST
These weren't included in the 7.55.0 release, but are required in order
to run the full test suite.

Closes #1744
2017-08-09 23:55:14 +02:00
Viktor Szakats
13ef623a81
docs/comments: Update to secure URL versions
Closes #1741
2017-08-08 21:41:07 +02:00
Daniel Stenberg
581011a3d2 test1427: verify command line parser integer overflow detection 2017-08-07 09:38:57 +02:00
Daniel Stenberg
453e7a7a03 glob: do not continue parsing after a strtoul() overflow range
Added test 1289 to verify.

CVE-2017-1000101

Bug: https://curl.haxx.se/docs/adv_20170809A.html
Reported-by: Brian Carpenter
2017-08-07 09:24:30 +02:00
Daniel Stenberg
561e9217c7 test1010: verify that #1718 is fixed
... by doing two transfers in nocwd mode and check that there's no
superfluous CWD command.
2017-08-04 10:01:23 +02:00
Daniel Stenberg
58752b78c7 test130: verify comments in .netrc 2017-08-03 10:04:16 +02:00
Marcel Raad
866e02935d
CMake: set MSVC warning level to 4
The MSVC warning level defaults to 3 in CMake. Change it to 4, which is
consistent with the Visual Studio and NMake builds. Disable level 4
warning C4127 for the library and additionally C4306 for the test
servers to get a clean CURL_WERROR build as that warning is raised in
some macros in older Visual Studio versions.

Ref: https://github.com/curl/curl/pull/1667#issuecomment-314082794
Closes https://github.com/curl/curl/pull/1711
2017-08-03 08:39:23 +02:00
Daniel Stenberg
920f777fc8 tests/server/util: fix curltime mistake from 4dee50b9c8 2017-08-02 11:53:27 +02:00
Daniel Stenberg
909283ae5a http: fix response code parser to avoid integer overflow
test 1429 and 1433 were updated to work with the stricter HTTP status line
parser.

Closes #1714
Reported-by: Brian Carpenter
2017-07-31 18:37:43 +02:00
Daniel Stenberg
0018221532 test1323: verify curlx_tvdiff 2017-07-28 15:51:36 +02:00
Daniel Stenberg
4dee50b9c8 timeval: struct curltime is a struct timeval replacement
... to make all libcurl internals able to use the same data types for
the struct members. The timeval struct differs subtly on several
platforms so it makes it cumbersome to use everywhere.

Ref: #1652
Closes #1693
2017-07-28 15:51:25 +02:00
Marcel Raad
da6aa3f763
tests/server/resolve.c: fix deprecation warning
MSVC warns that gethostbyname is deprecated. Always use getaddrinfo
instead to fix this when IPv6 is enabled, also for IPv4 resolves. This
is also consistent with what libcurl does.

Closes https://github.com/curl/curl/pull/1682
2017-07-18 10:23:47 +02:00
Marcel Raad
38faf041cf
rtspd: fix GCC warning after MSVC warning fix
Older GCC warns:
/tests/server/rtspd.c:1194:10: warning: missing braces around
initializer [-Wmissing-braces]

Fix this by using memset instead of an initializer.
2017-07-16 15:16:46 +02:00
Marcel Raad
fb3b0f25ef
libtest: fix MSVC warning C4706
With warning level 4, MSVC warns about assignments within conditional
expressions. Change the while loop to a do-while loop to fix this. This
change is also consistent with CODE_STYLE.md.
2017-07-16 14:02:59 +02:00
Marcel Raad
0bdb811250
sockfilt: suppress conversion warning with explicit cast
MSVC warns when implicitly casting -1 to unsigned long.
2017-07-16 13:28:45 +02:00
Marcel Raad
70cbefeb5f
rtspd: fix MSVC level 4 warning
warning C4701: potentially uninitialized local variable 'req' used
2017-07-16 13:26:21 +02:00