CI:
- GHA/windows: enable OpenSSH server, SysInternals `handle`, `impacket`.
Skip `impacket` on MSYS2 due to install failure.
Skip OpenSSH server for old/standalone mingw-w64 (building curl
without SSH there.)
- GHA/windows: make test tool installs a separate step.
- GHA/cygwin: enable OpenSSH server.
Skip `impacket`: it's compiling for 7 minutes then breaks.
Skip `stunnel` due to sluggish test run performance.
(This update is unrelated to Azure jobs.)
- GHA/linux: migrate Linux jobs from Azure CI.
- GHA/linux: migrate scanbuild job from Azure CI.
- GHA/linux: enable libssh2 in a job. Also enable valgrind.
- CI/windows: enable SSPI in two jobs.
- CI/windows: disable zlib in one more job.
- CI/windows: improve `if` condition checking GnuTLS.
- CI/windows: ignore SFTP/SCP tests as necessary.
- universally ignore SCP tests, they fail everywhere.
- ignore test 612.
- ignore test 613 616 618 with MSYS2 mingw-w64.
- ignore test 614 with libssh.
- ignore all SFTP with MSYS2 native.
- ignore all SFTP with vcpkg with `libssh2[core,zlib]`.
- ignore a couple of SFTP tests with MSYS2 mingw-w64.
(This matches settings on Azure CI.)
- GHA/windows: ignore failing 1451 'Basic SMB request' test for
old mingw-w64 7.3.0 (but not for 9.5.0!):
```
2024-09-11 21:45:59,738 ERROR smbComNegotiate: b'NT LM 0.12\x00' is not in list
[...]
curl: (7) Could not connect to server
[...]
FAIL 1451: 'Basic SMB request' SMB
```
Ref: https://github.com/curl/curl/actions/runs/10816280746/job/30007130770#step:13:3546
- CI/Azure: delete, now moved to GHA.
sshserver:
- sshserver: fix permissions for SSH host key on Windows, allowing sshd
to launch.
- sshserver: fix initializing config paths with Cygwin/MSYS2 sshd.
- sshserver: fix initializing config paths in parallel builds.
- sshserver: delete redundant `DenyUsers`. This also opens the way
to allow multiple usernames.
- sshserver: fix `AllowUsers` for GHA/windows, by allowing the
domainless username again.
Follow-up to 3ee7c676ec#5721
- sshserver: fix `Deprecated option` warnings in `sshd_config`:
```
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 7: Deprecated option AuthorizedKeysFile2
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 25: Deprecated option KeyRegenerationInterval
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 35: Deprecated option RhostsRSAAuthentication
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 36: Deprecated option RSAAuthentication
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 37: Deprecated option ServerKeyBits
D:/a/curl/curl/bld/tests/log/2/server/curl_sshd_config line 41: Deprecated option UseLogin
```
- sshserver: fix `Deprecated option` warnings in `ssh_config` with
Cygwin/MSYS2.
- sshserver: fix dumping config files due to the filenames missing their
full paths.
- sshserver: add workaround to make `logmsg` messages visible.
Before this patch they only went to a file and never shown.
runtests:
- runtests: log details when these Windows commands are called:
`handle`, `taskkill`, `tasklist`.
- runtests: add documentation links to Windows tools:
`handle`, `taskkill`, `tasklist`, `icacls`.
- runtests: add `-t` (kill whole tree) option to `taskkill` in
`servers.pm`, syncing it with the other `taskkill` call.
Follow-up to bc72a78a11#14488
- runtests: show warning if Sysinternals `handle` tool is missing.
- runtests: drop Windows XP Home compatibility `tskill` call.
The call was made on all Windows versions. It's possibly overkill to
do this, because XP Home is probably rarely used for running curl
tests these days. In case it's needed, it'd be better to put it under
an explicit option.
- runtests: show Perl version and path.
Fix/silence fallouts:
- unit2603: fix building with disabled HTTP support.
- unit2604: silence `-Woverlength-strings` warnings in C89 mode.
- test437, test1614: fix to pass with no-IPv6 builds.
Closes#14859
- when server are killed by a test case, do not wait for the server lock
file to go away. These tests are mostly about client timeouts and the
server will hang until killed.
- when killing a server successfully, check for a remaining lock file,
log its existence and remove it.
- lower the delay timings on SLOWDOWN by half
- add SLOWDOWNDATA server command to only slow down the FTP data bytes,
not the control ones.
- lower some timeout values
Closes#14835
- Install stunnel.
- Regenerate certificates (as SecureTransport requires a validity period
less than 398 days).
- Restart server if it is unresponsive.
- Do not hardcode the SHA-256 base64 public pinned key.
- Ignore test 313 as SecureTransport does not support crl file.
- Ignore tests 1631 and 1632 as SecureTransport is not yet able to shut
down FTP over HTTPS gracefully.
- Add a CMake target for generating certificates.
Closes#14486
When running on termux, where $TMPDIR isn't /tmp, running the tests
failed, since the server config tried creating sockets in /tmp, without
checking the temp dir config. Use the TMPDIR variable that makes it find
the correct directory everywhere [0]
[0] https://perldoc.perl.org/File::Temp#tempfileCloses#12545
The checkcmd() and checktestcmd() functions would not have worked on
Windows due to hard-coding the UNIX PATH separator character and not
adding .exe file extension. This meant that tools like stunnel, valgrind
and nghttpx would not have been found and used on Windows, and
inspection of previous test runs show none of those being found in pure
Windows CI builds.
With this fixed, they can be used to detect the handle64.exe program
before attempting to use it. When handle64.exe was called
unconditionally without it existing, it caused perl to abort the test
run with the error
The running command stopped because the preference variable
"ErrorActionPreference" or common parameter is set to Stop:
sh: handle64.exe: command not found
Closes#12115
... instead of putting them in the regular pid directories because
systems generally have strict length requirements for the path name to
be shorter than 107 bytes and we easily hit that boundary otherwise.
The new concept generates two random names: one for the socks daemon and
one for http.
Reported-by: Andy Fiddaman
Fixes#11152Closes#11166
This change replaces the previous method of picking a port number at
random to try to start servers on, then retrying up to ten times with
new random numbers each time, with a function that creates a server
socket on port zero, thereby getting a suitable random port set by the
kernel. That server socket is then closed and that port number is used
to setup the actual test server on.
There is a risk that *another* server can be started on the machine in
the time gap, but the server verification feature will detect that.
Closes#11220
There will soon be multiple log directories so the paths will no longer
be static in runtests.pl. Also, get rid of $SERVER2IN which was not
used.
Ref: #10818
Some recent refactoring made these export no longer necessary. Also,
stop displaying the Unix socket paths at startup since there will soon
be many of them and they're not that interesting.
Ref: #10818
Log messages generated with logmsg can now be buffered and returned from
the runner as a return value. This will be needed with parallel testing
to allow all messages for one test to be displayed together instead of
interspersed with messages of multiple tests. Buffering can be disabled
by setting a logging callback function with setlogfunc, which is
currently being done to preserve existing logging behaviour for now.
Some additional output is generated in verbose and debugprotocol modes,
which don't always use logmsg. These modes also impact some servers
which generate extra messages. No attempt is made to buffer everything
if these modes are enabled.
Ref: #10818Closes#11016
The server ports are chosen randomly for each server, but the random
ranges chosen were inconsistently-sized and overlapping. Now, they are
spread out more so at least the first random port chosen for each server
is guaranteed to not also be chosen by another server. The starting port
numbers are also raised to put them in the Ephemeral Port range—not the
range defined by RFC 6335 but the one used by Linux, which starts lower
and gives us more room to work with.
Reported-by: Daniel Stenberg
Calling stopserver() before retrying stunnel due to an error would stop
the dependent server (such as HTTP) meaning stunnel would have nothing
to talk to when it came up. Don't try to force a stop when it didn't
actually start. Also, don't mark the server as bad for future use when
it starts up on a retry.
Reported-by: eaglegai at github
Tested-by: eaglegai at github
Fixes#10976
If a server couldn't be started on a port, a new one is randomly chosen
and the server is tried again. Avoid accidentally using a
randomly-chosen 0 port offset by adding 1 to the random number.
Found-by: Daniel Stenberg
This reduces the startup time when there is a known conflict on the
random port chosen for a server. This was already done for stunnel, but
now it's done for all servers.
testutil.pm now contains a few miscellaneous functions that are used in
several places but have no better place to live. subvariables moves to
servers.pm since most variables that it substitutes relate to servers,
so this is the most appropriate place. Rename a few functions for better
naming consistency.
Ref: #10818Closes#10995
Viktor Szakats
Stefan Eissing
Aki
Daniel Stenberg
Yedaya Katsman
Dan Fandrich
Alexander Jaeger