1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-10 11:35:07 -05:00
Commit Graph

3240 Commits

Author SHA1 Message Date
Daniel Stenberg
404794e97a test1513: fix spelling 2014-01-03 21:01:55 +01:00
Daniel Stenberg
62da1e7458 test1513: added - verify early progress callback return fail
Verify the change brought in commit 8e11731653061. It makes sure that
returning a failure from the progress callback even very early results
in the correct return code.
2014-01-03 14:09:59 +01:00
Marc Hoersken
d28b70d152 unittests: do not include curl_memory.h
memdebug.h already contains all required definitions and including
curl_memory.h causes errors like the following:

tests/unit/unit1394.c:119: undefined reference to `Curl_cfree'
tests/unit/unit1394.c:120: undefined reference to `Curl_cfree'
2014-01-03 12:30:23 +01:00
Steve Holme
60bd22620a mprintf: Replaced internal usage of FORMAT_OFF_T and FORMAT_OFF_TU
Following commit 0aafd77fa4, replaced the internal usage of
FORMAT_OFF_T and FORMAT_OFF_TU with the external versions that we
expect API programmers to use.

This negates the need for separate definitions which were subtly
different under different platforms/compilers.
2013-12-31 11:10:42 +00:00
Steve Holme
01aaad7442 tests: Disabled NTLM tests when running with SSPI enabled 2013-12-28 20:37:00 +00:00
Steve Holme
5107d66b2e runtests.pl: Fixed slightly incorrect regex in commit 28dd47d4d4 2013-12-28 16:32:07 +00:00
Steve Holme
28dd47d4d4 runtests.pl: Optimised feature present checking code
...to exclude not present features.
2013-12-28 12:35:51 +00:00
Steve Holme
147b2a546e runtests.pl: Added the ability to run tests when a feature is not present 2013-12-28 11:18:54 +00:00
Steve Holme
95b5036a59 ftpserver.pl: Fixed compilation error
Unmatched right curly bracket at line 758, at end of line
2013-12-27 20:14:06 +00:00
Steve Holme
263616202b ftpserver.pl: Reworked SMTP verified server detection
Following the addition of informational commands to the SMTP protocol,
the test server is no longer required to return the verified server
information in responses that curl only outputs in verbose mode.

Instead, a similar detection mechanism to that used by FTP, IMAP and
POP3 can now be used.
2013-12-27 18:15:04 +00:00
Steve Holme
6f2d5f0562 pop3: Fixed APOP being determined by CAPA response rather than by timestamp
This commit replaces that of 9f260b5d66 because according to RFC-2449,
section 6, there is no APOP capability "...even though APOP is an
optional command in [POP3].  Clients discover server support of APOP by
the presence in the greeting banner of an initial challenge enclosed in
angle brackets."
2013-12-24 16:34:55 +00:00
Steve Holme
82bf8edff3 tests: Removed APOP timestamp from default server greeting 2013-12-24 15:07:32 +00:00
Steve Holme
cd492a3ba8 test936: Corrected login details from commit 7246255416 2013-12-23 12:25:42 +00:00
Steve Holme
50aac1a37d ftpserver.pl: Updated custom full text REPLY regex
SASL downgrade tests: 833, 835, 879, 881, 935 and 937 would fail as
they contained a minus sign in their authentication mechanism and this
would be missed by the custom reply parser.
2013-12-23 12:24:06 +00:00
Steve Holme
574db1a6fd tests: Corrected syntax error from commit 7246255416 2013-12-23 09:25:50 +00:00
Steve Holme
7246255416 tests: Added SMTP SASL downgrade tests 2013-12-23 07:17:53 +00:00
Steve Holme
f763d1b1bb tests: Added POP3 SASL downgrade tests 2013-12-23 07:17:41 +00:00
Steve Holme
48cd1292e2 tests: Added IMAP SASL downgrade tests 2013-12-23 07:17:31 +00:00
Steve Holme
3db1f3dd81 ftpserver.pl: Fixed runtime warning from commit 7da9c95bcf
Use of uninitialized value $FTPARG in concatenation (.) or string at
line 3255.
2013-12-22 21:59:13 +00:00
Steve Holme
7da9c95bcf ftpserver.pl: Added the ability to send custom full text replies 2013-12-22 19:36:07 +00:00
Steve Holme
95ae389e17 ftpserver.pl: Added the ability to specify custom full text replies 2013-12-22 17:16:46 +00:00
Steve Holme
91735102ac ftpserver.pl: Renamed commandreply variable from customreply 2013-12-22 16:09:33 +00:00
Steve Holme
248967e300 tests: Added SASL cancellation keywords
Added SASL CANCELLATION keywords to differentiate these tests from the
upcoming SASL downgrade tests.
2013-12-22 13:06:59 +00:00
Steve Holme
48043f87b6 imap/pop3/smtp: Added support for SASL authentication downgrades
Added support for downgrading the SASL authentication mechanism when the
decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances
the previously added support for graceful cancellation by allowing the
client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even
APOP / clear text (in the case of POP3 and IMAP) when supported by the
server.
2013-12-18 20:45:17 +00:00
Daniel Stenberg
169fedbdce login options: remove the ;[options] support from CURLOPT_USERPWD
To avoid the regression when users pass in passwords containing semi-
colons, we now drop the ability to set the login options with the same
options. Support for login options in CURLOPT_USERPWD was added in
7.31.0.

Test case 83 was modified to verify that colons and semi-colons can be
used as part of the password when using -u (CURLOPT_USERPWD).

Bug: http://curl.haxx.se/bug/view.cgi?id=1311
Reported-by: Petr Bahula
Assisted-by: Steve Holme
Signed-off-by: Daniel Stenberg <daniel@haxx.se>
2013-12-14 22:40:37 +01:00
Steve Holme
c92c30edbd base64: Extended validation to look for invalid characters
Extended the basic validation in commit e17c1b25bc to return a
failure when invalid base64 characters are included.
2013-12-01 11:12:23 +00:00
Steve Holme
35e476a3f6 tests: Re-ordered test arguments to match other IMAP tests 2013-11-24 17:59:17 +00:00
Steve Holme
0434a19431 tests: Corrected login "username" authentication responses 2013-11-24 16:25:44 +00:00
Steve Holme
2ff0c6f5f3 tests: Added error code explanation comments 2013-11-24 12:35:45 +00:00
Steve Holme
8a94aedbd6 tests: Removed expected QUIT response from graceful cancellation tests
A failure during authentication, which is performed as part of the
CONNECT phrase (for IMAP, POP3 and SMTP) is considered by the multi-
interface as being closed prematurely (aka a dead connection). As such
these protocols cannot issue the relevant QUIT or LOGOUT command.

Temporarily fixed the test cases until we can fix this properly.
2013-11-24 11:03:40 +00:00
Steve Holme
95877cf8ae tests: Added SMTP graceful authentication cancellation tests 2013-11-24 10:37:41 +00:00
Steve Holme
d3325ae40a tests: Added POP3 graceful authentication cancellation tests 2013-11-24 10:37:30 +00:00
Steve Holme
23fabf8dea ftpserver.pl: Reworked fix from commit 7a36b2abc0 2013-11-23 22:14:34 +00:00
Steve Holme
7a36b2abc0 ftpserver.pl: Fixed unknown IMAP command "*" 2013-11-23 19:19:12 +00:00
Steve Holme
e1c255f388 ftpserver.pl: Fixed servercmd REPLY with * detection 2013-11-23 16:28:28 +00:00
Steve Holme
6d3c832a30 tests: Added IMAP graceful authentication cancellation tests 2013-11-23 15:03:18 +00:00
Steve Holme
7935478397 tests: Moved CR LF in URL tests to their respective protocol groups 2013-11-23 14:49:50 +00:00
Steve Holme
2165298fe6 tests: Added SMTP NOOP and RSET tests 2013-11-17 12:52:42 +00:00
Steve Holme
e885dc85a1 test928: Corrected typo in expected data from commit df58084695 2013-11-17 12:49:10 +00:00
Steve Holme
df58084695 tests: Added SMTP HELP test 2013-11-17 10:11:27 +00:00
Steve Holme
b56d7cda74 tests: Added SMTP EXPN command test 2013-11-17 00:20:58 +00:00
Steve Holme
8896b56488 test926: Corrected unknown user reply from commit 0d735c29f9
The error code should not be sent as data as it isn't passed onto the
client as body data, so cannot be compared in the test suite against
expected data.
2013-11-16 20:33:08 +00:00
Steve Holme
0d735c29f9 tests: Corrected missing data reply sections from 3d50e91aee 2013-11-16 17:19:26 +00:00
Steve Holme
3d50e91aee tests: Added SMTP VRFY command tests 2013-11-16 12:20:22 +00:00
Steve Holme
0cbfe5a7d5 ftpserver.pl: Added support for new SMTP commands 2013-11-16 11:17:23 +00:00
Steve Holme
ed4ce23c23 lib1507.c: Added missing set of CURLOPT_UPLOAD option
Although this option should have already been set, the SMTP module can
now download information from and send instructional commands to, an
SMTP server, requiring the option to be set in order to perform a mail
transfer.
2013-11-15 21:01:10 +00:00
Steve Holme
55250d2d02 test825: Corrected typo from commit b29217d0d6 2013-11-13 17:31:42 +00:00
Steve Holme
bde901ad89 test922: Corrected title to match other OAuth 2.0 tests 2013-11-13 09:17:50 +00:00
Steve Holme
79c77f7c31 tests: Added IMAP OAuth 2.0 authentication with initial response test 2013-11-13 09:14:30 +00:00
Steve Holme
986c249f2f tests: Added IMAP NTLM authentication with initial response test 2013-11-13 09:14:10 +00:00
Steve Holme
3b8c3eb911 tests: Added IMAP login authentication with initial response test 2013-11-13 09:12:59 +00:00
Steve Holme
b29217d0d6 tests: Added IMAP plain authentication with initial response test 2013-11-13 09:12:32 +00:00
Steve Holme
534f90f9bf test873: Use proper padding in NTLM responses 2013-11-13 09:12:11 +00:00
Steve Holme
2ea9a125a6 tests: Added POP3 OAuth 2.0 authentication with initial response test 2013-11-13 00:29:05 +00:00
Steve Holme
58a00d6d9f tests: Added POP3 NTLM authentication with initial response test 2013-11-13 00:24:06 +00:00
Steve Holme
57a27528e6 tests: Added POP3 login authentication with initial response test 2013-11-13 00:11:19 +00:00
Steve Holme
632c1edd06 tests: Added POP3 plain authentication with initial response test 2013-11-13 00:07:02 +00:00
Steve Holme
c19cfb79db runtests.pl: Added SSPI detection 2013-11-12 12:48:28 +00:00
Steve Holme
5f34a10445 tests: Updated CRAM-MD5 tests to use test user details 2013-11-12 09:46:30 +00:00
Steve Holme
c8e63f247a tests: Corrected titles of POP3 and SMTP OAuth 2.0 tests 2013-11-10 20:26:57 +00:00
Steve Holme
7396ad6e09 test823: Fixed expected authentication text from commit e10a26a9d6
Fixed authentication text due to incorrect digest-uri property.
2013-11-10 20:21:18 +00:00
Steve Holme
6d295f8d7d test821: Fixed expected authentication text from commit 2d5455feac 2013-11-10 20:17:30 +00:00
Steve Holme
9b67960421 tests: Added IMAP OAuth 2.0 authentication test 2013-11-10 17:04:32 +00:00
Steve Holme
e10a26a9d6 tests: Added IMAP DIGEST-MD5 authentication test 2013-11-10 16:53:58 +00:00
Steve Holme
7b68b58bc0 tests: Added IMAP NTLM authentication test 2013-11-10 16:44:19 +00:00
Steve Holme
2d5455feac tests: Added IMAP CRAM-MD5 authentication test 2013-11-10 16:42:21 +00:00
Steve Holme
ac05c80f19 test819: Fixed expected authentication text from commit 76f924131c 2013-11-10 16:24:38 +00:00
Steve Holme
460adfef93 ftpserver.pl: Reworked custom reply handling code
1) To fix issues with IMAP custom replies
2) So initial space is not required in IMAP display text
3) To be more readable and understandable
2013-11-10 15:18:04 +00:00
Steve Holme
c876f6ae6d ftpserver.pl: Reworked unrecognised command responses
As the IMAP regex could fail and $1 would not contain the command id
updated the unrecognised command response to be more generic and
realistic (like those used in the command handlers).

Additionally updated the POP3, SMTP and FTP responses.
2013-11-10 10:20:50 +00:00
Steve Holme
f49276bfcb ftpserver.pl: Fixed processing of IMAP authentication strings 2013-11-10 10:08:32 +00:00
Steve Holme
cf7008670b Revert "ftpserver.pl: Corrected logic from commit 27b7b1062f9d97"
This reverts commit 558034ab70 as it appears to break the auto
builds. More thought is required for this!
2013-11-06 12:31:46 +00:00
Steve Holme
558034ab70 ftpserver.pl: Corrected logic from commit 27b7b1062f 2013-11-06 09:52:24 +00:00
Steve Holme
27b7b1062f ftpserver.pl: Fixed IMAP cmdid being sent on custom responses 2013-11-06 07:19:01 +00:00
Steve Holme
af82661dbd tests: Added IMAP login authentication test 2013-11-05 23:48:16 +00:00
Steve Holme
76f924131c tests: Added IMAP plain authentication test 2013-11-05 23:48:01 +00:00
Steve Holme
aa61e14dc1 tests: Added test for IMAP NOOP command 2013-11-03 21:36:46 +00:00
Steve Holme
a84a09ad0b tests: Added test for IMAP COPY command 2013-11-03 21:36:11 +00:00
Steve Holme
66b8557aff tests: Disable IMAP CLOSE and EXPUNGE command tests
This is temporary until curl supports either multiple custom commands
or post-quote commands in IMAP.
2013-11-03 20:39:21 +00:00
Steve Holme
63cac69c2a tests: Added tests for IMAP CLOSE and EXPUNGE commands 2013-11-03 20:37:34 +00:00
Steve Holme
5b315a273e base64: Fixed compilation warnings when using Curl_base64_decode()
curl_sasl.c:294: warning: dereferencing type-punned pointer will break
strict-aliasing rules

getpart.c:201: warning: dereferencing type-punned pointer will break
strict-aliasing rules
2013-11-03 12:25:07 +00:00
Steve Holme
9a1755264f getpart: Fixed base64 encoded parts following commit e17c1b25bc 2013-11-02 17:00:00 +00:00
Kamil Dudka
8179354c2f tests: use proper padding in NTLM responses 2013-10-30 20:38:01 +00:00
Steve Holme
e17c1b25bc base64: Added basic validation to base64 input string when decoding
A base64 string should be a multiple of 4 characters in length, not
contain any more than 2 padding characters and only contain padding
characters at the end of string. For example: Y3VybA==

Strings such as the following are considered invalid:

Y=   - Invalid length
Y==  - Invalid length
Y=== - More than two padding characters
Y=x= - Padding character contained within string
2013-10-30 07:31:22 +00:00
Daniel Stenberg
d44b014271 FTP: make the data connection work when going through proxy
This is a regression since the switch to always-multi internally
c43127414d.

Test 1316 was modified since we now clearly call the Curl_client_write()
function when doing the LIST transfer part and then the
handler->protocol says FTP and ftpc.transfertype is 'A' which implies
text converting even though that the response is initially a HTTP
CONNECT response in this case.
2013-10-26 23:33:06 +02:00
Steve Holme
e4670a1029 tests: Tidy up of SMTP and POP3 tests
Corrected line endings, RFC references and standardised on user names
and passwords used in the tests.
2013-10-26 13:50:08 +01:00
Steve Holme
6e3613e6e6 test907: Corrected DIGEST-MD5 response given in commit 820ed48a00
As the URI, which is contained within the DIGEST-MD5 response, is
constructed from the service and realm, the encoded message differs
from that generated under POP3.
2013-10-26 00:24:45 +01:00
Steve Holme
d24b7953c2 tests: Added SMTP OAUTH2 authentication with initial response test 2013-10-25 19:44:03 +01:00
Steve Holme
13db74ffc3 tests: Added SMTP NTLM authentication with initial response test 2013-10-25 19:40:23 +01:00
Steve Holme
98905aa2c5 tests: Added SMTP OAUTH2 authentication test 2013-10-25 19:34:05 +01:00
Steve Holme
820ed48a00 tests: Added SMTP DIGEST-MD5 authentication test 2013-10-25 19:31:51 +01:00
Steve Holme
973cc22529 tests: Regrouped SMTP authentication tests 2013-10-25 19:30:52 +01:00
Steve Holme
78aee26be6 ftpserver.pl: Added support for empty pop3 authentication data 2013-10-23 22:19:42 +01:00
Steve Holme
58bd0148fb tests: Added POP3 OAUTH2 authentication test 2013-10-23 22:12:04 +01:00
Steve Holme
ca5c5be3e4 tests: Added empty response support to custom replies
...and fixed up test869 as DIGEST-MD transcript is as follows:

S: Challenge
C: Authentication String
S: Continue Response
C: Empty String
2013-10-23 22:05:22 +01:00
Steve Holme
1be69159f3 tests: Added POP3 DIGEST-MD5 authentication test 2013-10-23 18:30:00 +01:00
Daniel Stenberg
626f8a85f0 test1240: verify 867b52a7ac (glob ranges with text to the right) 2013-10-22 00:10:16 +02:00
Steve Holme
dead10b1b8 ftpserver.pl: Fixed syntax error from commit 5b31b38c27 2013-10-20 00:30:03 +01:00
Steve Holme
41d820d2c3 test866: Fixed user response from commit 7f7fbe7fbd 2013-10-19 21:43:20 +01:00
Steve Holme
5b31b38c27 ftpserver.pl: Fixed processing of POP3 authentication strings
...and corrected response when check fails from 500 to -ERR.
2013-10-19 20:39:18 +01:00
Steve Holme
39f4e4fafa tests: Added POP3 NTLM authentication test 2013-10-19 13:17:25 +01:00
Steve Holme
587811c0a6 tests: Added POP3 CRAM-MD5 authentication test 2013-10-19 12:57:25 +01:00
Steve Holme
7f7fbe7fbd tests: Added POP3 login authentication test 2013-10-19 12:42:25 +01:00
Steve Holme
9b1eb2b421 tests: Added POP3 plain authentication test 2013-10-19 12:31:55 +01:00
Steve Holme
1034aa6680 tests: Added POP3 APOP authentication test 2013-10-19 12:20:00 +01:00
Steve Holme
4be0af7f74 ftpserver.pl: Added support for APOP POP3 authentication 2013-10-19 10:38:19 +01:00
Steve Holme
72f850571d tests: Added POP3 RSET test 2013-10-19 00:10:29 +01:00
Steve Holme
4d49ffe165 test906: Fixed failing test on some platforms
Bug: http://sourceforge.net/p/curl/bugs/1291
Reported-by: David Walser
2013-10-15 21:31:14 +01:00
Daniel Stenberg
f0f95c97f7 test1239: verify 4cd444e01a and the simulated 304 response 2013-10-07 14:42:21 +02:00
Steve Holme
ca995010d0 tests: Fixed typos from commit 25a0c96a49 2013-09-29 20:32:23 +01:00
Steve Holme
25a0c96a49 tests: Updated email addresses in SMTP tests following recent changes 2013-09-29 16:48:02 +01:00
Steve Holme
a8b606b1a6 test909: Removed custom EHLO response after recent changes
...as it is no longer required following capability and authentication
changes and is now causing problems following commit 49341628b5 as
the test number is obtained from the client address in the EHLO.
2013-09-29 16:25:11 +01:00
Steve Holme
20a99a45c0 ftpserver.pl: Fixed compilation error from commit 49341628b5 2013-09-29 13:13:13 +01:00
Steve Holme
49341628b5 ftpserver.pl: Moved specifying the test number from the RCPT address
...to the client address as this frees the RCPT strings to contain
just an email address and by passing the test number into curl as the
client address remains consistent with POP3 and IMAP tests as they are
specified in the URL.
2013-09-29 10:02:00 +01:00
Steve Holme
ab7e6afd44 ftpserver.pl: Added unwanted argument check to SMTP DATA command handler 2013-09-29 09:25:23 +01:00
Steve Holme
14d8209adc test906: Fixed type-2 response 2013-09-23 07:10:25 +01:00
Steve Holme
a942d8ff5b test915: Corrected test number from commit 22bccb0eda 2013-09-23 00:19:56 +01:00
Steve Holme
1695c67818 test906: Fixed type-1 message not handled error
...from commit f81d1e1666 due to copy paste error.
2013-09-23 00:15:37 +01:00
Steve Holme
f81d1e1666 tests: Added SMTP AUTH NTLM test 2013-09-22 20:53:29 +01:00
Steve Holme
b71ed1fb3d tests: Added SMTP multiple and invalid --mail-rcpt test 2013-09-22 20:25:32 +01:00
Steve Holme
86ccfaa3fd tests: Added SMTP multiple --mail-rcpt test 2013-09-22 20:23:27 +01:00
Steve Holme
3b69462fc0 tests: Added SMTP invalid --mail-rcpt test 2013-09-22 20:12:20 +01:00
Steve Holme
22bccb0eda tests: Regrouping of SMTP tests 2013-09-22 20:09:57 +01:00
Benoit Sigoure
4f591b9148 test1112: Increase the timeout from 7s to 16s
As someone reported on the mailing list a while back, the hard-coded
arbitrary timeout of 7s in test 1112 is not sufficient in some build
environments. At Arista Networks we build and test curl as part of our
automated build system, and we've run into this timeout 170 times so
far. Our build servers are typically quite busy building and testing a
lot of code in parallel, so despite being beefy machines with 32 cores
and 128GB of RAM we still hit this 7s timeout regularly.

URL: http://curl.haxx.se/mail/lib-2010-02/0200.html
2013-09-22 18:23:09 +02:00
Steve Holme
52cefc8cd7 tests: Fixed smtp rcpt to addresses 2013-09-22 15:14:26 +01:00
Steve Holme
8880f84e1a ftpserver.pl: Expanded the SMTP RCPT handler to validate TO addresses
RCPT_smtp() will now check for a correctly formatted TO address which
allows for invalid recipient addresses to be added.
2013-09-22 15:05:43 +01:00
Steve Holme
9d4a8c7936 ftpserver.pl: Added cURL SMTP server detection to HELO command handler
As curl will send a HELO command after an negative EHLO response, added
the same detection from commit b07709f741 to the HELO handler to
ensure the test server is identified correctly and an upload isn't
performed.
2013-09-22 13:21:15 +01:00
Steve Holme
fd8dc21fd0 ftpserver.pl: Corrected response code for successful RCPT command 2013-09-22 12:59:28 +01:00
Steve Holme
8ec6486d05 ftpserver.pl: Moved invalid RCPT TO: address detection to RCPT handler
Rather than detecting the TO address as missing in the DATA handler,
moved the detection to the RCPT command handler where an error response
can be generated.
2013-09-22 11:03:18 +01:00
Steve Holme
b07709f741 ftpserver.pl: Moved cURL SMTP server detection into EHLO command handler
Moved the special SMTP server detection code from the DATA command
handler, which happens further down the operation chain after EHLO,
MAIL and RCPT commands, to the EHLO command as it is the first command
to be generated by a SMTP operation as well as containing the special
"verifiedserver" string from the URL.

This not only makes it easier and quicker to detect but also means that
cURL doesn't need to specify "verifiedserver" as --mail-from and
--mail-rcpt arguments.

More importantly, this also makes the upcoming verification changes to
the RCPT handler easier to implement.
2013-09-21 20:49:23 +01:00
Daniel Stenberg
34df869f99 test1415: adjusted to work for 32bit time_t
The libcurl date parser returns INT_MAX for all dates > 2037 so this
test is now made to use 2037 instead of 2038 to work the same for both
32bit and 64bit time_t systems.
2013-09-21 13:46:42 -05:00
Steve Holme
3f04d48495 tests: Reworked existing SMTP tests to be single recipient based
...in preparation of upcoming multiple recipient tests.
2013-09-21 19:44:09 +01:00
Steve Holme
517b8e2290 ftpserver.pl: Corrected SMTP QUIT response to be more realistic 2013-09-20 23:08:28 +01:00
Steve Holme
eecb0e969f ftpserver.pl: Moved SMTP RCPT response text into command handler 2013-09-20 21:25:48 +01:00
Steve Holme
bd7d56ec71 tests: Added SMTP invalid --mail-from test 2013-09-20 07:09:39 +01:00
Steve Holme
89d320c2fd tests: Updated SMTP AUTH tests to use the new AUTH directive
...rather than specify a customised EHLO response.
2013-09-19 20:29:59 +01:00
Steve Holme
b809bafb0c tests: Corrected test913 as the QUIT response is received 2013-09-19 20:13:08 +01:00
Steve Holme
3b6a1681dc tests: Added SMTP large message SIZE test 2013-09-19 18:17:11 +01:00
Steve Holme
9300bb826d ftpserver.pl: Updated email regex from commit 98f7ca7e97
...to not be as strict as it was rejecting valid numeric email
addresses.
2013-09-19 12:44:27 +01:00
Steve Holme
dfe7ee1429 tests: Fixed smtp mail from addresses 2013-09-19 07:19:25 +01:00
Steve Holme
841103c776 ftpserver.pl: Standardised CAPA and AUTH responses 2013-09-18 19:38:26 +01:00
Steve Holme
8d2335ca23 ftpserver.pl: Corrected POP3 QUIT reply to be more realistic 2013-09-18 19:37:03 +01:00
Steve Holme
04064e89c1 runtests.pl: Fixed syntax error in commit c873375123
Possible unintended interpolation in string at line 796
2013-09-18 19:32:20 +01:00
Steve Holme
c873375123 runtests.pl: Fixed smtp mail from address
Following changes to ftpserver.pl fixed the mail from address to be a
correctly formatted address otherwise the server response will be 501
Invalid address.
2013-09-18 18:04:26 +01:00
Steve Holme
62d232c131 ftpserver.pl: Fixed syntax error in commit 98f7ca7e97
Can't modify constant item in scalar assignment line 779, near "0;"
2013-09-18 12:58:34 +01:00
Steve Holme
98f7ca7e97 ftpserver.pl: Expanded the SMTP MAIL handler to validate messages
MAIl_smtp() will now check for a correctly formatted FROM address as
well as the optional SIZE parameter comparing it against the server
capability when specified.
2013-09-18 07:23:32 +01:00
YAMADA Yasuharu
4cfbb201c4 cookies: add expiration
Implement: Expired Cookies These following situation, curl removes
cookie(s) from struct CookieInfo if the cookie expired.
 - Curl_cookie_add()
 - Curl_cookie_getlist()
 - cookie_output()
2013-09-17 23:25:56 +02:00
Steve Holme
dc016567ce ftpserver.pl: Corrected response code for successful MAIL command 2013-09-17 22:10:17 +01:00
Steve Holme
96b68c57ce ftpserver.pl: Moved SMTP MAIL handler into own function 2013-09-17 22:09:30 +01:00
Steve Holme
8f5336a2fa tests: Fixed test 1406 following recent changes in ftpserver.pl
By default the mail server doesn't send the SIZE capability but instead
it has to be specified as a supported capability.
2013-09-16 00:24:46 +01:00
Steve Holme
f8a9dbd391 tests: Added test for SMTP SIZE capability 2013-09-16 00:24:30 +01:00
Steve Holme
016879d477 ftpserver.pl: Added the ability to include spaces in capabilities
For example:

CAPA "SIZE 1048576" 8BITMIME BINARYMIME

will populate the capabilities list with the following in:

SIZE 1048576
8BITMIME
BINARYMIME
2013-09-15 20:56:16 +01:00
Steve Holme
c03335ec68 ftpserver.pl: Corrected response code for successful SMTP QUIT command 2013-09-15 20:09:49 +01:00
Steve Holme
894585784c ftpserver.pl: Fixed syntax error in commit 33c1f2876b
Can't modify constant item in postincrement line 727, near "i++"
2013-09-15 20:07:43 +01:00
Steve Holme
33c1f2876b ftpserver.pl: Added CAPA & AUTH directive support to the SMTP EHLO handler 2013-09-15 16:53:20 +01:00
Steve Holme
00ee5c5cf1 ftpserver.pl: Fixed SMTP QUIT handler from dadc495540 2013-09-15 12:47:36 +01:00
Steve Holme
dadc495540 ftpserver.pl: Moved SMTP EHLO and QUIT handlers in own functions 2013-09-15 09:20:53 +01:00
Steve Holme
eae86ba62d ftpserver.pl: Added support for SMTP HELO command
...and updated test902 as explicit HELO response is no longer required.
2013-09-15 09:10:11 +01:00
Steve Holme
e9cca79dd1 ftpserver.pl: Added mailbox check to IMAP SELECT handler 2013-09-15 09:00:13 +01:00
Steve Holme
4ba3b6c05a ftpserver.pl: Corrected invalid user details check
...in both the IMAP LOGIN and POP3 PASS handlers introduced in commit
187ac69374 and 84ad1569e5 respectively.
2013-09-15 00:31:55 +01:00
Steve Holme
187ac69374 ftpserver.pl: Moved IMAP LOGIN handler into own function 2013-09-14 20:52:29 +01:00
Steve Holme
84ad1569e5 ftpserver.pl: Moved POP3 USER and PASS handlers into own functions 2013-09-14 20:46:45 +01:00
Steve Holme
45e0a661ce ftpserver.pl: Corrected invalid argument check in POP3 TOP handler
...which was accidentally introduced in commit 4d6ef6297a.
2013-09-14 16:18:47 +01:00
Steve Holme
4d6ef6297a ftpserver.pl: Added capability prerequisite for extended POP3 commands 2013-09-14 15:04:26 +01:00
Steve Holme
b68c52704b tests: Updated descriptions to be more meaningful 2013-09-14 15:04:25 +01:00
Steve Holme
4f4dc5832d ftpserver.pl: Added support for IMAP NOOP command 2013-09-14 10:44:54 +01:00
Steve Holme
83f6f58834 tests: Updated descriptions to be more meaningful 2013-09-14 10:41:17 +01:00
Steve Holme
6f5b46855c ftpserver.pl: Fixed missing comma from 7fd84b14d2 2013-09-12 11:52:19 +01:00
Steve Holme
5f93c5d658 ftpserver.pl: Fixed variable error introduced in 7fd84b14d2
Global symbol "$mailbox" requires explicit package name
2013-09-12 07:10:41 +01:00
Steve Holme
7fd84b14d2 ftpserver.pl: Added support for UID command 2013-09-11 20:27:13 +01:00
Steve Holme
f2403140f9 ftpserver.pl: Added support for LSUB command 2013-09-11 20:25:48 +01:00
Steve Holme
3f6991766f ftpserver.pl: Added support for IMAP COPY command 2013-09-11 19:57:29 +01:00
Steve Holme
cfe5f7dbf4 ftpserver.pl: Added support for IMAP CLOSE and EXPUNGE commands 2013-09-11 18:19:38 +01:00
Steve Holme
5840c918d5 ftpserver.pl: Added support for POP3 RSET command 2013-09-11 18:11:33 +01:00
Steve Holme
b0afb00000 ftpserver.pl: Added the ability to remember what messages are deleted
...as this will be required for IMAP CLOSE and EXPUNGE commands as well
as the POP3 RSET command.
2013-09-11 18:10:28 +01:00
Steve Holme
eb6314260d tests: Added test for POP3 TOP command 2013-09-09 17:13:28 +01:00
Steve Holme
313c38c9de ftpserver.pl: Added support for POP3 TOP command 2013-09-09 17:13:25 +01:00
Steve Holme
ae6096471a tests: Added test for POP3 UIDL command 2013-09-09 17:10:40 +01:00
Steve Holme
66ea5c415b ftpserver.pl: Added support for POP3 UIDL command 2013-09-09 17:10:38 +01:00
Steve Holme
ee5e2cf6cb ftpserver.pl: Fixed empty array checks
...from commits 28427b4083 and e8313697b6.
2013-09-08 23:59:49 +01:00
Steve Holme
e8313697b6 ftpserver: Reworked AUTH support to allow for specifying the mechanisms
Renamed SUPPORTAUTH to AUTH and added support for specifying a list of
supported SASL mechanisms to return to the client.

Additionally added the directive to the FILEFORMAT document.
2013-09-08 21:47:56 +01:00
Steve Holme
28427b4083 ftpserver: Reworked CAPA support to allow for specifying the capabilities
Renamed SUPPORTCAPA to CAPA and added support for specifying a list of
supported capabilities to return to the client.

Additionally added the directive to the FILEFORMAT document.
2013-09-08 21:45:36 +01:00
Steve Holme
131649a121 ftpserver.pl: Corrected POP3 LIST as message numbers should be contiguous
The message numbers given in the LIST response are an index into the
list, which are only valid for the current session, rather than being a
unique message identifier. An index would only be missing from the LIST
response if a DELE command had been issued within the same session and
had not been committed by the end of session QUIT command. Once
committed the POP3 server will regenerate the message numbers in the
next session to be contiguous again. As such our LIST response should
list message numbers contiguously until we support a DELE command in the
same session.

Should a POP3 user require the unique message ID for any or all
messages then they should use the extended UIDL command. This command
will be supported by the test ftpserver in an upcoming commit.
2013-09-08 20:19:20 +01:00
Steve Holme
241aeadc50 tests: Updated descriptions to be more meaningful 2013-09-08 16:59:57 +01:00
Steve Holme
669e4ca366 tests: Added test for POP3 NOOP command 2013-09-08 16:59:55 +01:00
Steve Holme
c9617d9f93 ftpserver.pl: Added support for POP3 NOOP command 2013-09-08 16:45:52 +01:00
Steve Holme
f8986a2b34 ftpserver.pl: Fixed 'Use of uninitialized value $args in string ne' 2013-09-08 16:39:41 +01:00
Steve Holme
1b96ce04b2 tests: Added test for POP3 STAT command 2013-09-08 08:52:53 +01:00
Steve Holme
f851df88fb ftpserver.pl: Added support for POP STAT command 2013-09-08 08:49:40 +01:00
Steve Holme
18c595fde2 ftpserver.pl: Moved POP3 QUIT handler into own function 2013-09-08 08:44:49 +01:00
Steve Holme
56abdd07e7 ftpserver.pl: Reordered the POP3 handlers to be alphabetical
In preparation for additional POP3 tests, re-ordered the command
function defintions to be sorted alphabetically.
2013-09-08 02:48:34 +01:00
Steve Holme
7e06c336d6 ftpserver.pl: Corrected misaligned indentation in POP3 handlers
Fixed incorrect indentation used in both the RETR_pop3 and LIST_pop3
functions which was 5 and 9 characters rather than 4 and 8.
2013-09-08 02:48:33 +01:00
Steve Holme
8a4069fb17 tests: Added test for POP3 DELE command 2013-09-07 19:49:12 +01:00
Steve Holme
243ad539fe ftpserver.pl: Added support for POP3 DELE command 2013-09-07 19:31:46 +01:00
Daniel Stenberg
9fa42beddc urlglob: improved error messages and column number on bad use
Introduce a convenience macro and keep of the column better so that it
can point out the offending column better.

Updated test 75 accordingly.
2013-09-06 23:27:47 +02:00
Steve Holme
f73f052010 lib1512.c: Fixed compilation warning
An enumerated type is mixed with another type.

...as well as a small coding style error.
2013-09-02 20:39:53 +01:00
Guenter Knauf
97ed1ac905 Killed warning 'res' might be used uninitialized. 2013-09-01 23:08:29 +02:00
Steve Holme
83f5332536 tests: Added test for IMAP CHECK command 2013-08-31 18:40:48 +01:00
Steve Holme
497775024c ftpserver.pl: Added support for the IMAP CHECK command 2013-08-31 18:40:46 +01:00
Steve Holme
5eea336d01 ftpserver.pl: Corrected flawed logic in commit 1ca6ed7b75 2013-08-31 11:10:20 +01:00
Steve Holme
1ca6ed7b75 ftpserver.pl: Added argument check to IMAP command handlers
Added BAD argument check to the following IMAP command handlers:

APPEND, STORE, LIST, EXAMINE, STATUS and SEARCH
2013-08-31 10:41:25 +01:00
Steve Holme
aa51d3a139 ftpserver.pl: More whitespace corrections
LIST_imap() had a second level of indentation at 9 characters and not 8.
2013-08-31 10:35:05 +01:00
Steve Holme
64c8909071 ftpserver.pl: Small correction tidy up
Corrected some IMAP variable names and whitespace issues.
2013-08-30 22:11:17 +01:00
Steve Holme
75b52f9dcc tests: Added tests for IMAP CREATE, DELETE and RENAME commands 2013-08-30 18:56:56 +01:00
Daniel Stenberg
221825aebf ftpserver: Bareword "to_mailbox" not allowed
Added missing $
2013-08-30 15:21:39 +02:00
Steve Holme
9d35ad9552 ftpserver.pl: Added support for IMAP CREATE, DELETE and RENAME commands 2013-08-30 07:35:00 +01:00
Steve Holme
2ef83136d4 ftpserver.pl: Updated IMAP EXAMINE handler to use dynamic test data 2013-08-29 20:08:27 +01:00
Daniel Stenberg
d737aa19c8 unit1304: include memdebug and free everything correctly 2013-08-29 12:50:15 +02:00
Steve Holme
6a353049ac ftpserver.pl: Added SELECT check to IMAP FETCH and STORE handlers 2013-08-29 07:20:03 +01:00
Steve Holme
49e3d803ab ftpserver.pl: Corrected accidental move of logmsg() call
Corrected the call to logmsg() in the IMAP SEARCH handler from commit
4ae7b7ea69 as it should have been outputting the what argument and
not the test number.
2013-08-28 22:58:33 +01:00
Daniel Stenberg
b644ae68c8 ftpserver: add missing '}' from 4ae7b7ea69 2013-08-28 22:59:19 +02:00
Steve Holme
4ae7b7ea69 ftpserver.pl: Added SELECT check to IMAP SEARCH command 2013-08-28 18:56:19 +01:00
Steve Holme
13a2e32548 ftpserver.pl: Fixed IMAP SEARCH command 2013-08-28 18:51:59 +01:00
Steve Holme
1b4dc10393 tests: Added test for IMAP SEARCH command 2013-08-28 07:27:10 +01:00
Daniel Stenberg
45b6e2dd89 valgrind.supp: fix for regular curl_easy_perform too
When we introduced curl_easy_perform_ev, this got a slightly modified
call trace. Without this, test 165 causes a false positive valgrind
error.
2013-08-28 00:09:27 +02:00
Daniel Stenberg
6dca35c0e5 valgrind.supp: add the event-based call stack-trace too
Without this, test 165 triggers a valgrind error when ran with
curl_easy_perform_ev
2013-08-28 00:07:12 +02:00
Steve Holme
3d1a453d88 ftpserver.pl: Added support for IMAP SEARCH command 2013-08-27 20:47:31 +01:00
Daniel Stenberg
63d8b3a507 runtests.pl: allow -vc point to a separate curl binary to verify with
The specified curl binary will then be used to verify the running
server(s) instead of the development version. This is very useful in
some cases when the development version fails to verify correctly as
then the test case may not run at all.

The actual test will still be run with the "normal" curl executable
(unless the test case specifies something differently).
2013-08-26 11:38:38 +02:00
Daniel Stenberg
4bea91fc67 TFTP: make the CURLOPT_LOW_SPEED* options work
... this also makes sure that the progess callback gets called more
often during TFTP transfers.

Added test 1238 to verify.

Bug: http://curl.haxx.se/bug/view.cgi?id=1269
Reported-by: Jo3
2013-08-22 22:42:27 +02:00
Daniel Stenberg
06d1b10cbe tftpd: support "writedelay" within <servercmd> 2013-08-22 19:23:08 +02:00
Daniel Stenberg
816b639035 tftpd: convert 6 global variables into local ones 2013-08-22 13:44:37 +02:00
Daniel Stenberg
6cf8413e31 curl_easy_perform_ev: debug/test function
This function is meant to work *exactly* as curl_easy_perform() but will
use the event-based libcurl API internally instead of
curl_multi_perform(). To avoid relying on an actual event-based library
and to not use non-portable functions (like epoll or similar), there's a
rather inefficient emulation layer implemented on top of Curl_poll()
instead.

There's currently some convenience logging done in curl_easy_perform_ev
which helps when tracking down problems. They may be suitable to remove
or change once things seem to be fine enough.

curl has a new --test-event option when built with debug enabled that
then uses curl_easy_perform_ev() instead of curl_easy_perform(). If
built without debug, using --test-event will only output a warning
message.

NOTE: curl_easy_perform_ev() is not part if the public API on purpose.
It is only present in debug builds of libcurl and MUST NOT be considered
stable even then. Use it for libcurl-testing purposes only.

runtests.pl now features an -e command line option that makes it use
--test-event for all curl command line tests. The man page is updated.
2013-08-20 11:56:06 +02:00
Daniel Stenberg
e4a1888bd0 test1237: verify 1000+ letter user name + passwords 2013-08-20 11:23:31 +02:00
Jonathan Nieder
36585b5395 netrc: handle longer username and password
libcurl truncates usernames and passwords it reads from .netrc to
LOGINSIZE and PASSWORDSIZE (64) characters without any indication to
the user, to ensure the values returned from Curl_parsenetrc fit in a
caller-provided buffer.

Fix the interface by passing back dynamically allocated buffers
allocated to fit the user's input.  The parser still relies on a
256-character buffer to read each line, though.

So now you can include an ~246-character password in your .netrc,
instead of the previous limit of 63 characters.

Reported-by: Colby Ranger
2013-08-20 11:16:38 +02:00
Daniel Stenberg
f15a88f2b2 glob: error out on range overflow
The new multiply() function detects range value overflows. 32bit
machines will overflow on a 32bit boundary while 64bit hosts support
ranges up to the full 64 bit range.

Added test 1236 to verify.

Bug: http://curl.haxx.se/bug/view.cgi?id=1267
Reported-by: Will Dietz
2013-08-16 11:55:04 +02:00
Daniel Stenberg
5ca96cb844 urlglob: better detect unclosed braces, empty lists and overflows
A rather big overhaul and cleanup.

1 - curl wouldn't properly detect and reject globbing that ended with an
open brace if there were brackets or braces before it. Like "{}{" or
"[0-1]{"

2 - curl wouldn't properly reject empty lists so that "{}{}" would
result in curl getting (nil) strings in the output.

3 - By using strtoul() instead of sscanf() the code will now detected
over and underflows. It now also better parses the step argument to only
accept positive numbers and only step counters that is smaller than the
delta between the maximum and minimum numbers.

4 - By switching to unsigned longs instead of signed ints for the
counters, the max values for []-ranges are now very large (on 64bit
machines).

5 - Bumped the maximum number of globs in a single URL to 100 (from 10)

6 - Simplified the code somewhat and now it stores fixed strings as
single- entry lists. That's also one of the reasons why I did (5) as now
all strings between "globs" will take a slot in the array.

Added test 1234 and 1235 to verify. Updated test 87.

This commit fixes three separate bug reports.

Bug: http://curl.haxx.se/bug/view.cgi?id=1264
Bug: http://curl.haxx.se/bug/view.cgi?id=1265
Bug: http://curl.haxx.se/bug/view.cgi?id=1266
Reported-by: Will Dietz
2013-08-16 11:52:08 +02:00
Tor Arntsen
6972335f50 tests 2032, 2033: Don't hardcode port in expected output 2013-08-15 10:55:44 +02:00
Fabian Keil
a64bca68c7 test1228: add 'HTTP proxy' to the keywords 2013-08-11 19:56:23 +02:00
Fabian Keil
67633e1308 tests: add keywords for a couple of FILE tests 2013-08-11 19:56:14 +02:00
Fabian Keil
715ca7c5fe tests: add 'FAILURE' keywords to tests 1409 and 1410 2013-08-11 19:56:11 +02:00
Fabian Keil
001758760b tests: add keywords for a couple of HTTP tests 2013-08-11 19:56:05 +02:00
Fabian Keil
2f06265e39 tests: add keywords for a couple of FTP tests 2013-08-11 19:56:01 +02:00
Fabian Keil
432431368f test1511: consistently terminate headers with CRLF 2013-08-11 19:55:44 +02:00
Daniel Stenberg
4b0028f82d DISABLED: shut of test 1512 for now
It shows intermittent failures and I haven't been able to track them
down yet. Disable this test for now.
2013-08-10 23:55:10 +02:00
Daniel Stenberg
d2b36e466a global dns cache: didn't work [regression]
CURLOPT_DNS_USE_GLOBAL_CACHE broke in commit c43127414d (been
broken since the libcurl 7.29.0 release). While this option has been
documented as deprecated for almost a decade and nobody even reported
this bug, it should remain functional.

Added test case 1512 to verify
2013-08-08 16:28:46 +02:00
Daniel Stenberg
7cc00d9a83 FTP: when EPSV gets a 229 but fails to connect, retry with PASV
This is a regression as this logic used to work. It isn't clear when it
broke, but I'm assuming in 7.28.0 when we went all-multi internally.

This likely never worked with the multi interface. As the failed
connection is detected once the multi state has reached DO_MORE, the
Curl_do_more() function was now expanded somewhat so that the
ftp_do_more() function can request to go "back" to the previous state
when it makes another attempt - using PASV.

Added test case 1233 to verify this fix. It has the little issue that it
assumes no service is listening/accepting connections on port 1...

Reported-by: byte_bucket in the #curl IRC channel
2013-08-06 09:57:59 +02:00
Daniel Stenberg
0ddc678927 formadd: wrong pointer for file name when CURLFORM_BUFFERPTR used
The internal function that's used to detect known file extensions for
the default Content-Type got the the wrong pointer passed in when
CURLFORM_BUFFER + CURLFORM_BUFFERPTR were used. This had the effect that
strlen() would be used which could lead to an out-of-bounds read (and
thus segfault). In most cases it would only lead to it not finding or
using the correct default content-type.

It also showed that test 554 and test 587 were testing for the
previous/wrong behavior and now they're updated as well.

Bug: http://curl.haxx.se/bug/view.cgi?id=1262
Reported-by: Konstantin Isakov
2013-08-04 23:32:36 +02:00
Fabian Keil
d020e2c381 tests: test1232 verifies dotdot removal from path with proxy 2013-07-23 20:51:15 +02:00
Yang Tse
0f4ba89ffd libtest: fix data type of some *_setopt() 'long' arguments 2013-07-22 21:40:45 +02:00
Yang Tse
6bcacff1a5 WIN32 MemoryTracking: require UNICODE for wide strdup code support 2013-07-19 12:33:10 +02:00
Yang Tse
90695fb2c5 Reinstate "WIN32 MemoryTracking: track wcsdup() _wcsdup() and _tcsdup() usage".
This reverts commit 7ed25cc, reinstating commit 8ec2cb5.

As of 18-jul-2013 we still do have code in libcurl that makes use of these
memory functions. Commit 8ec2cb5 comment still applies and is yet valid.

These memory functions are solely used in Windows builds, so all related
code is protected with '#ifdef WIN32' preprocessor conditional compilation
directives.

Specifically, wcsdup() _wcsdup() are used when building a Windows target with
UNICODE and USE_WINDOWS_SSPI preprocessor symbols defined. This is the case
when building a Windows UNICODE target with Windows native SSL/TLS support
enabled.

Realizing that wcsdup() _wcsdup() are used is a bit tricky given that usage
of these is hidden behind _tcsdup() which is MS way of dealing with code
that must tolerate UNICODE and non-UNICODE compilation. Additionally, MS
header files and those compatible from other compilers use this preprocessor
conditional compilation directive in order to select at compilation time
whether 'wide' or 'ansi' MS API functions are used.

Without this code, Windows build targets with Windows native SSL/TLS support
enabled and MemoryTracking support enabled misbehave in tracking memory usage,
regardless of being a UNICODE enabled build or not.
2013-07-18 23:37:33 +02:00
Sergei Nikulov
448d55ef0a cmake: Fix for MSVC2010 project generation
Fixed issue with static build for MSVC2010.

After some investigation I've discovered known issue
http://public.kitware.com/Bug/view.php?id=11240 When .rc file is linked
to static lib it fails with following linker error

LINK : warning LNK4068: /MACHINE not specified; defaulting to X86
file.obj : fatal error LNK1112: module machine type 'x64' conflicts with
target machine type 'X86'

Fix add target property /MACHINE: for MSVC generation.

Also removed old workarounds - it caused errors during msvc build.

Bug: http://curl.haxx.se/mail/lib-2013-07/0046.html
2013-07-17 00:26:58 +02:00
Daniel Stenberg
1016637f5a test1414: FTP PORT download without SIZE support 2013-07-16 22:54:31 +02:00
Yang Tse
2e00872c04 tests/Makefile.am: add configurehelp.pm to DISTCLEANFILES 2013-07-16 22:51:35 +02:00
Yang Tse
c983aa9efc test 1511: fix enumerated type mixed with another type 2013-07-11 17:01:02 +02:00
Marc Hoersken
009d2336fe lib506.c: Fixed possible use of uninitialized variables 2013-07-01 21:42:15 +02:00
Daniel Stenberg
365c5ba395 formpost: better random boundaries
When doing multi-part formposts, libcurl used a pseudo-random value that
was seeded with time(). This turns out to be bad for users who formpost
data that is provided with users who then can guess how the boundary
string will look like and then they can forge a different formpost part
and trick the receiver.

My advice to such implementors is (still even after this change) to not
rely on the boundary strings being cryptographically strong. Fix your
code and logic to not depend on them that much!

I moved the Curl_rand() function into the sslgen.c source file now to be
able to take advantage of the SSL library's random function if it
provides one. If not, try to use the RANDOM_FILE for seeding and as a
last resort keep the old logic, just modified to also add microseconds
which makes it harder to properly guess the exact seed.

The formboundary() function in formdata.c is now using 64 bit entropy
for the boundary and therefore the string of dashes was reduced by 4
letters and there are 16 hex digits following it. The total length is
thus still the same.

Bug: http://curl.haxx.se/bug/view.cgi?id=1251
Reported-by: "Floris"
2013-06-25 09:55:49 +02:00
Daniel Stenberg
d3d5c4a40e tests: add test1395 to the tarball 2013-06-24 09:25:58 +02:00
Daniel Stenberg
6fab0bd9f1 test1396: invoke the correct test tool!
This erroneously run unit test 1310 instead of 1396!
2013-06-22 22:20:31 +02:00
Kamil Dudka
02964ed630 test1230: avoid using hard-wired port number
... to prevent failure when a non-default -b option is given
2013-06-22 22:12:49 +02:00
Daniel Stenberg
7877619f85 dotdot: introducing dot file path cleanup
RFC3986 details how a path part passed in as part of a URI should be
"cleaned" from dot sequences before getting used. The described
algorithm is now implemented in lib/dotdot.c with the accompanied test
case in test 1395.

Bug: http://curl.haxx.se/bug/view.cgi?id=1200
Reported-by: Alex Vinnik
2013-06-22 14:15:07 +02:00