Граф коммитов

4605 Коммитов

Автор SHA1 Сообщение Дата
Daniel Stenberg fe8ba51209
server/getpart: make the "XML-parser" stricter
When extracting a <section> <part> and there's no </part> before
</section>, this now outputs an error and returns a wrong string to
make users spot the mistake.

Ref: #5070
Closes #5071
2020-03-13 11:03:42 +01:00
Marc Hoersken a7e24c7362
impacket: some more Python 3 code compatibility updates
This makes smbserver load on Python 3, but still not work completely.
2020-03-13 02:49:07 +01:00
Marc Hoersken ba0e6fbd30
smbserver: pin Python version to 2 since we are not yet 3 compatible
Even though the existing code can be fixed to run on Python 3, the
tests will fail due to the Unicode transition the protocol is invalid.

Follow up to ee63837
Closes #5085
2020-03-13 02:48:48 +01:00
Viktor Szakats af07875c0d
cleanup: fix some text/comment typos
Closes #5087
2020-03-12 14:28:17 +01:00
Marc Hoersken d5c01d779f
smbserver: fix Python version specific ConfigParser import
Follow up to ee63837 and 8c7c4a6
Fixes #5077
2020-03-12 09:15:36 +01:00
Dan Fandrich c0fe3b3260 tests/data: Fix some XML formatting issues in test cases
This allows these test files to pass xmllint.
2020-03-11 10:33:03 +01:00
Marc Hoersken fb6134427a
test1129: fix invalid case of closing XML-tag and Content-Length
Fixes #5070
Closes #5072
2020-03-10 22:38:56 +01:00
Marc Hoersken f11b2cb62b
tests/data: fix static ip instead of dynamic value being used
Follow up to 94ced8e
2020-03-10 13:31:19 +01:00
Marc Hoersken 94ced8e368
tests/data: fix static ip:port instead of dynamic values being used
Closes #5065
2020-03-10 03:56:50 +01:00
Marc Hoersken 26c5ba0e65
tests/server: fix missing use of exe_ext helper function
Follow up to 9819984 and 3dce984
Reviewed-By: Daniel Stenberg
Closes #5064
2020-03-10 03:56:17 +01:00
Marc Hoersken 4d43d06143
runtests: log minimal and maximal used port numbers 2020-03-10 03:55:37 +01:00
Jim Fuller e96fe70cab
sftp: fix segfault regression introduced by #4747
This fix adds a defensive check for the case where the char *name in
struct libssh2_knownhost is NULL

Fixes #5041
Closes #5062
2020-03-09 15:01:40 +01:00
Patrick Monnerat 77336671dc
silly web server: silent a compilation warning
Recent gcc warns when byte count of strncpy() equals the destination
buffer size. Since the destination buffer is previously cleared and
the source string is always shorter, reducing the byte count by one
silents the warning without affecting the result.

Closes #5059
2020-03-08 17:30:55 +01:00
Patrick Monnerat a75f12768d
test 1560: avoid valgrind false positives
When using maximum code optimization level (-O3), valgrind wrongly
detects uses of uninitialized values in strcmp().

Preset buffers with all zeroes to avoid that.
2020-03-08 17:30:55 +01:00
Daniel Stenberg 0a04dc4d5d
lib1564: reduce number of mid-wait wakeup calls
This test does A LOT of *wakeup() calls and then calls curl_multi_poll()
twice. The first *poll() is then expected to return early and the second
not - as the first is supposed to drain the socketpair pipe.

It turns out however that when given "excessive" amounts of writes to
the pipe, some operating systems (the Solaris based are known) will
return EAGAIN before the pipe is drained, which in our test case causes
the second *poll() call to also abort early.

This change attempts to avoid the OS-specific behaviors in the test by
reducing the amount of wakeup calls from 1234567 to 10.

Reported-by: Andy Fiddaman
Fixes #5037
Closes #5058
2020-03-07 23:27:58 +01:00
Patrick Monnerat e5b366c0b5
mime: fix the binary encoder to handle large data properly
New test 666 checks this is effective.
As upload buffer size is significant in this kind of tests, shorten it
in similar test 652.

Fixes #4860
Closes #4833
Reported-by: RuurdBeerstra on github
2020-03-07 23:26:15 +01:00
Patrick Monnerat 1e4cb333ef
mime: do not perform more than one read in a row
Input buffer filling may delay the data sending if data reads are slow.
To overcome this problem, file and callback data reads do not accumulate
in buffer anymore. All other data (memory data and mime framing) are
considered as fast and still concatenated in buffer.
As this may highly impact performance in terms of data overhead, an early
end of part data check is added to spare a read call.
When encoding a part's data, an encoder may require more bytes than made
available by a single read. In this case, the above rule does not apply
and reads are performed until the encoder is able to deliver some data.

Tests 643, 644, 645, 650 and 654 have been adapted to the output data
changes, with test data size reduced to avoid the boredom of long lists of
1-byte chunks in verification data.
New test 667 checks mimepost using single-byte read callback with encoder.
New test 668 checks the end of part data early detection.

Fixes #4826
Reported-by: MrdUkk on github
2020-03-07 23:26:00 +01:00
Patrick Monnerat 96972ec1c0
mime: latch last read callback status.
In case a read callback returns a status (pause, abort, eof,
error) instead of a byte count, drain the bytes read so far but
remember this status for further processing.
Takes care of not losing data when pausing, and properly resume a
paused mime structure when requested.
New tests 670-673 check unpausing cases, with easy or multi
interface and mime or form api.

Fixes #4813
Reported-by: MrdUkk on github
2020-03-07 23:26:00 +01:00
Marc Hoersken 3dce9849be
runtests: fix missing use of exe_ext helper function 2020-03-07 20:16:10 +01:00
Marc Hoersken a6fed41f6f
tests: use native Sleep function as fallback on Windows
Reviewed-By: Daniel Stenberg
Closes #5054
2020-03-07 11:02:43 +01:00
Marc Hoersken 99c688ba21
perl: align order and completeness of Windows OS checks 2020-03-07 11:02:43 +01:00
Jay Satiro 09aa807240 libssh: Fix matching user-specified MD5 hex key
Prior to this change a match would never be successful because it
was mistakenly coded to compare binary data from libssh to a
user-specified hex string (ie CURLOPT_SSH_HOST_PUBLIC_KEY_MD5).

Reported-by: fds242@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4971
Closes https://github.com/curl/curl/pull/4974
2020-03-07 03:06:11 -05:00
Steve Holme 3c3db98b6f
unit1612: fixed the inclusion and compilation of the HMAC unit test
Follow up to 3f74e5e6 to fix:

- A typo in Makefile.inc where unit1611 was used instead
- Some compilation issues in unit1612.c

Closes #5024
2020-03-06 13:08:03 +00:00
Daniel Stenberg 52d302ed64
polarssl: remove more references and mentions
Assisted-by: Jay Satiro
Follow-up to 6357a19ff2
Closes #5036
2020-03-05 07:57:45 +01:00
Marc Hoersken 30f7360025 tests: wrap ignored test failures in braces 2020-03-04 22:36:47 +01:00
Marc Hoersken 3c1b9145c7
tests: align some Windows sleep defines with each other 2020-03-04 16:11:03 +01:00
Marc Hoersken 9aaca09044
tests: try to make sleeping portable by avoiding select
select does not support just waiting on Windows:
https://perldoc.perl.org/perlport.html#select

Reviewed-By: Daniel Stenberg
Closes #5035
2020-03-04 15:31:42 +01:00
Daniel Stenberg 1eecb0e022
runtests.1: rephrase how to specify what tests to run
Also mention the new tilde-prefixed way to ignore test results.

Reviewed-By: Marc Hoersken
Closes #5033
2020-03-04 15:08:08 +01:00
Marc Hoersken e7c144f1d1
ci/tests: fix escaping of testnames and disable proxy for CI APIs
Follow up to ada581f and c0d8b96
Closes #5031
2020-03-03 22:13:57 +01:00
Marc Hoersken 119ea453f9
ci/tests: Make it possible to still run but ignore failing tests
This enables the development of a solution for the failing tests by
running them on CI while ignoring their result for the overall status.

Closes #4994
2020-03-03 17:32:38 +01:00
Marc Hoersken 3feb60d289
ci/tests: Move CI test result creation above environment setup
This avoids using our test servers as proxy to the AppVeyor API.

Closes #5022
2020-03-03 16:00:04 +01:00
Marc Hoersken c0d8b96f24
ci/tests: Send test results to AppVeyor for status overview
Closes #5021
2020-03-03 15:59:59 +01:00
Daniel Stenberg c537b00577
dist: include tests/azure.pm in the tarball
Bug: ada581f2cc (commitcomment-37601589)
Reported-by: Marcel Raad
2020-03-03 08:42:38 +01:00
Daniel Stenberg 5494afac8f
tests: disable 962, 963 and 964 on Windows
These tests are also doing UTF-8 SMTP.

Follow-up to df207d2dd9
2020-03-02 14:44:46 +01:00
Steve Holme df207d2dd9
tests: disable SMTP UTF-8 tests on Windows
Fixes #4988
Closes #4992
2020-03-02 08:29:11 +01:00
Daniel Stenberg 8cd4e6d81f
Revert "mime: latch last read callback status."
This reverts commit 87869e38d7.

Fixes #5014
Closes #5015
Reopens #4833
2020-03-02 08:07:49 +01:00
Daniel Stenberg d7242f4757
Revert "mime: do not perform more than one read in a row"
This reverts commit ed0f357f7d.
2020-03-02 07:42:54 +01:00
Daniel Stenberg e002f6c0cb
Revert "mime: fix the binary encoder to handle large data properly"
This reverts commit b2caaa0681.
2020-03-02 07:42:48 +01:00
Patrick Monnerat b2caaa0681
mime: fix the binary encoder to handle large data properly
New test 666 checks this is effective.
As upload buffer size is significant in this kind of tests, shorten it
in similar test 652.

Fixes #4860
Reported-by: RuurdBeerstra on github
2020-03-02 00:00:59 +01:00
Patrick Monnerat ed0f357f7d
mime: do not perform more than one read in a row
Input buffer filling may delay the data sending if data reads are slow.
To overcome this problem, file and callback data reads do not accumulate
in buffer anymore. All other data (memory data and mime framing) are
considered as fast and still concatenated in buffer.
As this may highly impact performance in terms of data overhead, an early
end of part data check is added to spare a read call.
When encoding a part's data, an encoder may require more bytes than made
available by a single read. In this case, the above rule does not apply
and reads are performed until the encoder is able to deliver some data.

Tests 643, 644, 645, 650 and 654 have been adapted to the output data
changes, with test data size reduced to avoid the boredom of long lists of
1-byte chunks in verification data.
New test 664 checks mimepost using single-byte read callback with encoder.
New test 665 checks the end of part data early detection.

Fixes #4826
Reported-by: MrdUkk on github
2020-03-02 00:00:58 +01:00
Patrick Monnerat 87869e38d7
mime: latch last read callback status.
In case a read callback returns a status (pause, abort, eof,
error) instead of a byte count, drain the bytes read so far but
remember this status for further processing.
Takes care of not losing data when pausing, and properly resume a
paused mime structure when requested.
New tests 670-673 check unpausing cases, with easy or multi
interface and mime or form api.

Fixes #4813
Reported-by: MrdUkk on github
Closes #4833
2020-03-02 00:00:50 +01:00
Steve Holme cf1466bd47
unit1651: Fixed conversion compilation warning
371:17: warning: conversion to 'unsigned char' from 'int' may alter its
        value [-Wconversion]

Closes #5008
2020-03-01 15:10:28 +00:00
Marc Hoersken d753cfc16c ci/tests: Fix typo in previous commit 597cf2 2020-03-01 14:49:35 +01:00
Marc Hoersken 597cf2f1f3 ci/tests: Make sure that the AZURE_ACCESS_TOKEN is available
For security reasons the access token is not available to PR builds.
Therefore we should not try to use the DevOps API with an empty token.
2020-03-01 14:43:58 +01:00
Jay Satiro 711f022c05 runtests: fix output to command log
- Record only the command of the most recently ran test in the command
  log.

This is a follow-up to 02988b7 from several weeks ago which fixed
writing to the command log, however it saved all commands for all tests
instead of just the most recently ran test as we would now expect.

Fixes https://github.com/curl/curl/commit/02988b7#commitcomment-37546876
Closes https://github.com/curl/curl/pull/5001
2020-02-29 22:34:05 -05:00
Marc Hoersken ada581f2cc
ci/tests: Send test results to Azure DevOps for reporting 2020-02-29 21:01:28 +01:00
Marc Hoersken 8c7c4a6276 tests: fix Python 3 compatibility of smbserver.py 2020-02-27 18:05:43 +01:00
Daniel Stenberg 02988b70cd
runtests: restore the command log
The log file with all command lines for the invoked command lines is now
called logs/commands.log

Fixes #4911
Closes #4989
2020-02-27 17:09:49 +01:00
Daniel Stenberg 15f51474c8
http2: make pausing/unpausing set/clear local stream window
This reduces the HTTP/2 window size to 32 MB since libcurl might have to
buffer up to this amount of data in memory and yet we don't want it set
lower to potentially impact tranfer performance on high speed networks.

Requires nghttp2 commit b3f85e2daa629
(https://github.com/nghttp2/nghttp2/pull/1444) to work properly, to end
up in the next release after 1.40.0.

Fixes #4939
Closes #4940
2020-02-27 10:35:51 +01:00
Steve Holme 0922f76240
tests: Automatically deduce the tool name from the test case for unit tests
It is still possible to override the executable to run during the test,
using the <tool> tag, but this patch removes the requirement that the
tag must be present for unit tests.

It also removes the possibility of human error when existing test cases
are used as the basis for new tests, as recently witnessed in 81c37124.

Reviewed-by: Daniel Stenberg
Closes #4976
2020-02-27 00:51:49 +00:00
Steve Holme d9e40f57de
test1323: Added the missing 'unit test' feature requirement in the test case 2020-02-27 00:51:49 +00:00
Daniel Stenberg 6375b205a9
http: added 417 response treatment
When doing a request with a body + Expect: 100-continue and the server
responds with a 417, the same request will be retried immediately
without the Expect: header.

Added test 357 to verify.

Also added a control instruction to tell the sws test server to not read
the request body if Expect: is present, which the new test 357 uses.

Reported-by: bramus on github
Fixes #4949
Closes #4964
2020-02-26 22:48:14 +01:00
Steve Holme 34a1ffb05f
smtp: Support the SMTPUTF8 extension for the EXPN command
Simply notify the server we support the SMTPUTF8 extension if it does.
2020-02-26 14:54:51 +00:00
Steve Holme efce3ea5a8
smtp: Support the SMTPUTF8 extension in the VRFY command 2020-02-26 14:54:51 +00:00
Steve Holme 483edeb8dd
smtp: Support the SMTPUTF8 extension in the RCPT TO command
Note: The RCPT TO command isn't required to advertise to the server that
it contains UTF-8 characters, instead the server is told that a mail may
contain UTF-8 in any envelope command via the MAIL command.
2020-02-26 14:54:51 +00:00
Steve Holme aba1bf630f
smtp: Support the SMTPUTF8 extension in the MAIL command
Support the SMTPUTF8 extension when sending mailbox information in the
MAIL command (FROM and AUTH parameters). Non-ASCII domain names will
be ACE encoded, if IDN is supported, whilst non-ASCII characters in
the local address part are passed to the server.

Reported-by: ygthien on github
Fixes #4828
2020-02-26 14:49:40 +00:00
Steve Holme 2aa6c1735a
smtp: Support UTF-8 based host names in the VRFY command 2020-02-26 11:02:38 +00:00
Steve Holme e7959c280c
smtp: Support UTF-8 based host names in the RCPT TO command 2020-02-26 11:02:38 +00:00
Steve Holme 68fb25fa3f
smtp: Support UTF-8 based host names in the MAIL command
Non-ASCII host names will be ACE encoded if IDN is supported.
2020-02-26 11:02:38 +00:00
Steve Holme 4c140a5628
smtp: Added UTF-8 mailbox tests to verify existing behaviour 2020-02-25 04:15:26 +00:00
Steve Holme 6995b77a52
ftpserver: Updated VRFY_smtp() so the response isn't necessary in the test case 2020-02-24 23:01:05 +00:00
Steve Holme 80ccc26415
ftpserver: Corrected the e-mail address regex in MAIL_smtp() and RCTP_smtp()
The dot character between the host and the tld was not being escaped,
which meant it specified a match of 'any' character rather than an
explicit dot separator.

Additionally removed the dot character from the host name as it allowed
the following to be specified as a valid address in our test cases:

<bad@example......com>

Both are typos from 98f7ca7 and 8880f84 :(

I can't remember whether my intention was to allow sub-domains to be
specified in the host or not with these additional dots, but by placing
it outside of the host means it can only be specified once per domain
and by placing a + after the new grouping support for sub-domains is
kept.

Closes #4912
2020-02-24 22:59:08 +00:00
Steve Holme 3f74e5e604
hmac: Added a unit test for the HMAC hash generation
Closes #4973
2020-02-24 06:57:03 +00:00
Steve Holme fa009cc798
tests: Added a unit test for MD4 digest generation
Closes #4970
2020-02-23 18:47:32 +00:00
Steve Holme 1f4911bc26
test1610: Fixed the link to the unit test
Typo from 81c37124.
2020-02-23 08:13:09 +00:00
Steve Holme 37dc4df270
md5/sha256: Updated the functions to allow non-string data to be hashed 2020-02-23 07:50:33 +00:00
Steve Holme 81c3712434 tests: Added a unit test for SHA256 digest generation
Follow up to 2b5b37c.

Closes #4968
2020-02-22 22:12:27 +00:00
Daniel Stenberg 14916a82e2
altsvc: make saving the cache an atomic operation
... by writing the file to temp name then rename to the final when done.

Assisted-by: Jay Satiro
Fixes #4936
Closes #4942
2020-02-18 07:49:21 +01:00
Daniel Stenberg 02f8de6516
altsvc: keep a copy of the file name to survive handle reset
The alt-svc cache survives a call to curl_easy_reset fine, but the file
name to use for saving the cache was cleared. Now the alt-svc cache has
a copy of the file name to survive handle resets.

Added test 1908 to verify.

Reported-by: Craig Andrews
Fixes #4898
Closes #4902
2020-02-09 22:41:49 +01:00
Pierre-Yves Bigourdan feba3f0549
digest: Do not quote algorithm in HTTP authorisation
RFC 7616 section 3.4 (The Authorization Header Field) states that "For
historical reasons, a sender MUST NOT generate the quoted string syntax
for the following parameters: algorithm, qop, and nc". This removes the
quoting for the algorithm parameter.

Reviewed-by: Steve Holme
Closes #4890
2020-02-07 22:46:21 +01:00
Daniel Stenberg 950b53da0d
ftp: remove superfluous checking for crlf in user or pwd
... as this is already done much earlier in the URL parser.

Also add test case 894 that verifies that pop3 with an encodedd CR in
the user name is rejected.

Closes #4887
2020-02-07 08:18:23 +01:00
Pedro Monreal 4b6fd29f1a cleanup: fix typos and wording in docs and comments
Closes #4869
Reviewed-by: Emil Engler and Daniel Gustafsson
2020-02-02 18:43:01 +01:00
Daniel Stenberg d3dc0a07e9
urlapi: guess scheme correct even with credentials given
In the "scheme-less" parsing case, we need to strip off credentials
first before we guess scheme based on the host name!

Assisted-by: Jay Satiro
Fixes #4856
Closes #4857
2020-01-28 08:40:16 +01:00
Daniel Stenberg 0b030a5b23
global_init: move the IPv6 works status bool to multi handle
Previously it was stored in a global state which contributed to
curl_global_init's thread unsafety. This boolean is now instead figured
out in curl_multi_init() and stored in the multi handle. Less effective,
but thread safe.

Closes #4851
2020-01-28 08:03:22 +01:00
Daniel Stenberg c0d7b05c41
llist: removed unused Curl_llist_move()
(and the corresponding unit test)

Closes #4842
2020-01-24 10:29:18 +01:00
Pavel Volgarev 4a4609bf3c
smtp: Allow RCPT TO command to fail for some recipients
Introduces CURLOPT_MAIL_RCPT_ALLLOWFAILS.

Verified with the new tests 3002-3007

Closes #4816
2020-01-21 10:40:19 +01:00
Emil Engler 1774dbd74c
curl: Let -D merge headers in one file again
Closes #4762
Fixes #4753
2020-01-21 09:23:30 +01:00
加藤郁之 7ff9222ced
HTTP: increase EXPECT_100_THRESHOLD to 1Mb
Mentioned: https://curl.haxx.se/mail/lib-2020-01/0050.html

Closes #4814
2020-01-20 08:33:44 +01:00
Daniel Stenberg 4431ed2484
curl: make #0 not output the full URL
It was not intended nor documented!

Added test 1176 to verify.

Reported-by: vshmuk on hackerone

Closes #4812
2020-01-13 15:37:46 +01:00
Emil Engler cbb5429001 ngtcp2: Add an error code for QUIC connection errors
- Add new error code CURLE_QUIC_CONNECT_ERROR for QUIC connection
  errors.

Prior to this change CURLE_FAILED_INIT was used, but that was not
correct.

Closes https://github.com/curl/curl/pull/4754
2020-01-11 18:19:32 -05:00
Jay Satiro b700662b1c multi: Change curl_multi_wait/poll to error on negative timeout
- Add new error CURLM_BAD_FUNCTION_ARGUMENT and return that error when
  curl_multi_wait/poll is passed timeout param < 0.

Prior to this change passing a negative value to curl_multi_wait/poll
such as -1 could cause the function to wait forever.

Reported-by: hamstergene@users.noreply.github.com

Fixes https://github.com/curl/curl/issues/4763

Closes https://github.com/curl/curl/pull/4765
2020-01-11 18:16:28 -05:00
Daniel Stenberg fb723fd9d1
test1167: verify global symbols in public headers are curl prefixed
... using the new badsymbols.pl perl script

Fixes #4793
Closes #4794
2020-01-09 22:57:33 +01:00
Daniel Stenberg 5ebe5044ab
libtest/mk-lib1521: adapt to new public header layout 2020-01-09 22:57:33 +01:00
Daniel Stenberg a7d4693a48
runtests: make random seed fixed for a month
When using randomized features of runtests (-R and --shallow) it is
useful to have a fixed random seed to make sure for example extra
commits in a branch or a rebase won't change the seed that would make
repeated runs work differently.

As it is also useful to change seed sometimes, the default seed is now
determined based on the current month (and first line curl -V
output). When the month changes, so will the random seed.

The specific seed is also shown in the standard test suite top header
and it can be set explictly with the new --seed=[num] option so that the
exact order of a previous run can be achieved.

Closes #4734
2020-01-09 09:12:05 +01:00
Marcel Raad 8cf875ed3b
TrackMemory tests: always remove CR before LF
It was removed for output containing ' =' via `s/ =.*//`. With classic
MinGW, this made lines with `free()` end with CRLF, but lines with e.g.
`malloc()` end with only LF. The tests expect LF only.

Closes https://github.com/curl/curl/pull/4788
2020-01-06 20:56:27 +01:00
Daniel Stenberg 4c34af4c99
curl -w: handle a blank input file correctly
Previously it would end up with an uninitialized memory buffer that
would lead to a crash or junk getting output.

Added test 1271 to verify.

Reported-by: Brian Carpenter
Closes #4786
2020-01-06 10:10:48 +01:00
Daniel Stenberg 392bff4abf
curl: properly free mimepost data
... as it could otherwise leak memory when a transfer failed.

Added test 1293 to verify.

Reported-by: Brian Carpenter
Fixes #4781
Closes #4782
2020-01-04 23:06:44 +01:00
Marc Aldorasi be83fe11bf tests: Fix bounce requests with truncated writes
Prior to this change the swsbounce check in service_connection could
fail because prevtestno and prevpartno were not set, which would cause
the wrong response data to be sent to some tests and cause them to fail.

Ref: https://github.com/curl/curl/pull/4717#issuecomment-570240785
2020-01-03 01:45:04 -05:00
Jay Satiro 9603c8299f tests: Change NTLM tests to require SSL
Prior to this change tests that required NTLM feature did not require
SSL feature.

There are pending changes to cmake builds that will allow enabling NTLM
in non-SSL builds in Windows. In that case the NTLM auth strings created
are different from what is expected by the NTLM tests and they fail:

"The issue with NTLM is that previous non-SSL builds would not enable
NTLM and so the NTLM tests would be skipped."

Assisted-by: marc-groundctl@users.noreply.github.com

Ref: https://github.com/curl/curl/pull/4717#issuecomment-566218729

Closes https://github.com/curl/curl/pull/4768
2019-12-31 02:47:53 -05:00
Daniel Stenberg 25b69c482f
sws: search for "Testno:" header uncondtionally if no testno
Even if the initial request line wasn't found. With the fix to 1455, the
test number is now detected correctly.

(Problem found when running tests in random order.)

Closes #4744
2019-12-19 23:03:33 +01:00
Daniel Stenberg b4c9982382
tests: set LC_ALL in more tests
Follow-up to 23208e330a

Closes #4743
2019-12-19 23:01:14 +01:00
Daniel Stenberg 23208e330a
test165: set LC_ALL=en_US.UTF-8 too
On my current Debian Unstable with libidn2 2.2.0, I get an error if
LC_ALL is set to blank. Then curl errors out with:

curl: (3) Failed to convert www.åäö.se to ACE; could not convert string to UTF-8

Closes #4738
2019-12-19 14:26:26 +01:00
Daniel Stenberg fba8301338
test1456: remove the use of a fixed local port
Fixup the test to instead not compare the port number. It sometimes
caused problems like this:

"curl: (45) bind failed with errno 98: Address already in use"

Closes #4733
2019-12-19 08:59:10 +01:00
Daniel Stenberg 9973dabeb6
test1270: a basic -w redirect_url test
Closes #4728
2019-12-18 08:26:03 +01:00
Daniel Stenberg 7282093458
tests: make sure checksrc runs on header files too 2019-12-16 22:46:48 +01:00
Daniel Stenberg 38797e8811
lib1591: free memory properly on OOM, in the trailers callback
Detected by torture tests.

Closes #4720
2019-12-15 18:19:01 +01:00
Daniel Stenberg 571f2c81d1
runtests: --repeat=[num] to repeat tests
Closes #4715
2019-12-15 11:54:45 +01:00
Marcel Raad 38ad9ea1b8
tests: use DoH feature for DoH tests
Previously, http/2 was used instead.

Assisted-by: Jay Satiro
Closes https://github.com/curl/curl/pull/4692
2019-12-13 20:55:52 +01:00
Marcel Raad 9f239811fd
tests: fix build with `CURL_DISABLE_DOH`
Closes https://github.com/curl/curl/pull/4692
2019-12-13 20:55:50 +01:00
Daniel Stenberg d00aa703f4
unit1620: fix bad free in OOM
Closes #4709
2019-12-13 08:16:35 +01:00
Daniel Stenberg 5ada900458
unit1609: fix mem-leak in OOM
Closes #4709
2019-12-13 08:16:32 +01:00
Daniel Stenberg f389953da0
unit1607: fix mem-leak in OOM
Closes #4709
2019-12-13 08:16:29 +01:00
Daniel Stenberg 197d8aaf6d
lib1559: fix mem-leak in OOM
Closes #4709
2019-12-13 08:16:24 +01:00
Daniel Stenberg 6a15d1d4e5
lib1557: fix mem-leak in OOM
Closes #4709
2019-12-13 08:16:06 +01:00
Daniel Stenberg 7c1bd03576
runtests: introduce --shallow to reduce huge torture tests
When set, shallow mode limits runtests -t to make no more than NUM fails
per test case. If more are found, it will randomly discard entries until
the number is right. The random seed can also be set.

This is particularly useful when running MANY tests as then most torture
failures will already fail the same functions over and over and make the
total operation painfully tedious.

Closes #4699
2019-12-11 09:55:15 +01:00
Marc Hoersken 9819984fbb tests: make it possible to set executable extensions
This enables the use of Windows Subsystem for Linux (WSL) to run the
testsuite against Windows binaries while using Linux servers.

This commit introduces the following environment variables:
- CURL_TEST_EXE_EXT: set the executable extension for all components
- CURL_TEST_EXE_EXT_TOOL: set it for the curl tool only
- CURL_TEST_EXE_EXT_SSH: set it for the SSH tools only

Later testcurl.pl could be adjusted to make use of those variables.
- CURL_TEST_EXE_EXT_SRV: set it for the test servers only

(This is one of several commits to support use of WSL for the tests.)

Closes https://github.com/curl/curl/pull/3899
2019-12-09 19:32:41 -05:00
Marc Hoersken 213c5aca7b tests: fix permissions of ssh keys in WSL
Keys created on Windows Subsystem for Linux (WSL) require it for some
reason.

(This is one of several commits to support use of WSL for the tests.)

Ref: https://github.com/curl/curl/pull/3899
2019-12-09 19:32:35 -05:00
Marc Hoersken 0783f2e585 tests: use \r\n for log messages in WSL
Bash in Windows Subsystem for Linux (WSL) requires it for some reason.

(This is one of several commits to support use of WSL for the tests.)

Ref: https://github.com/curl/curl/pull/3899
2019-12-09 19:32:28 -05:00
Daniel Stenberg ee263de7a3
conncache: fix multi-thread use of shared connection cache
It could accidentally let the connection get used by more than one
thread, leading to double-free and more.

Reported-by: Christopher Reid
Fixes #4544
Closes #4557
2019-12-09 15:30:09 +01:00
Daniel Stenberg 9ea769e15f
etag: allow both --etag-compare and --etag-save in same cmdline
Fixes #4669
Closes #4678
2019-12-05 22:57:24 +01:00
Daniel Stenberg 914975fe6e
test342: make it return a 304 as the tag matches 2019-12-05 16:58:50 +01:00
Marcel Raad 67a08dca27
curl_setup: disable IPv6 resolver without `getaddrinfo`
Also, use `CURLRES_IPV6` only for actual DNS resolution, not for IPv6
address support. This makes it possible to connect to IPv6 literals by
setting `ENABLE_IPV6` even without `getaddrinfo` support. It also fixes
the CMake build when using the synchronous resolver without
`getaddrinfo` support.

Closes https://github.com/curl/curl/pull/4662
2019-12-03 21:37:33 +01:00
Jay Satiro 9c1806ae46 build: Disable Visual Studio warning "conditional expression is constant"
- Disable warning C4127 "conditional expression is constant" globally
  in curl_setup.h for when building with Microsoft's compiler.

This mainly affects building with the Visual Studio project files found
in the projects dir.

Prior to this change the cmake and winbuild build systems already
disabled 4127 globally for when building with Microsoft's compiler.
Also, 4127 was already disabled for all build systems in the limited
circumstance of the WHILE_FALSE macro which disabled the warning
specifically for while(0). This commit removes the WHILE_FALSE macro and
all other cruft in favor of disabling globally in curl_setup.

Background:

We have various macros that cause 0 or 1 to be evaluated, which would
cause warning C4127 in Visual Studio. For example this causes it:

    #define Curl_resolver_asynch() 1

Full behavior is not clearly defined and inconsistent across versions.
However it is documented that since VS 2015 Update 3 Microsoft has
addressed this somewhat but not entirely, not warning on while(true) for
example.

Prior to this change some C4127 warnings occurred when I built with
Visual Studio using the generated projects in the projects dir.

Closes https://github.com/curl/curl/pull/4658
2019-12-01 19:01:02 -05:00
Maros Priputen 18e5cb77e9
curl: two new command line options for etags
--etag-compare and --etag-save

Suggested-by: Paul Hoffman
Fixes #4277
Closes #4543
2019-11-28 13:05:20 +01:00
Marcel Raad 793e377675
dist: add error-codes.pl
Follow-up to commit 74f441c6d3.
This should fix test 1175 when run via the daily source tarballs.

Closes https://github.com/curl/curl/pull/4638
2019-11-26 14:22:35 +01:00
Gergely Nagy f3c35e371c
multi: add curl_multi_wakeup()
This commit adds curl_multi_wakeup() which was previously in the TODO
list under the curl_multi_unblock name.

On some platforms and with some configurations this feature might not be
available or can fail, in these cases a new error code
(CURLM_WAKEUP_FAILURE) is returned from curl_multi_wakeup().

Fixes #4418
Closes #4608
2019-11-25 15:45:56 +01:00
Daniel Stenberg 74f441c6d3
test1175: verify symbols-in-versions and libcurl-errors.3 in sync
Closes #4628
2019-11-22 09:11:53 +01:00
Daniel Stenberg f70da9c17e
include: make CURLE_HTTP3 use a new error code
To avoid potential issues with error code reuse.

Reported-by: Christoph M. Becker
Assisted-by: Dan Fandrich
Fixes #4601
Closes #4627
2019-11-21 23:16:29 +01:00
Niall b6a53fff6c
doh: improced both encoding and decoding
Improved estimation of expected_len and updated related comments;
increased strictness of QNAME-encoding, adding error detection for empty
labels and names longer than the overall limit; avoided treating DNAME
as unexpected;

updated unit test 1655 with more thorough set of proofs and tests

Closes #4598
2019-11-16 16:15:03 +01:00
Daniel Stenberg 7a46aeb0be
curl: fix -T globbing
Regression from e59371a493 (7.67.0)

Added test 490, 491 and 492 to verify the functionality.

Reported-by: Kamil Dudka
Reported-by: Anderson Sasaki

Fixes #4588
Closes #4591
2019-11-14 13:44:50 +01:00
Daniel Stenberg b3eb7d172a
quiche: reject headers in the wrong order
Pseudo header MUST come before regular headers or cause an error.

Reported-by: Cynthia Coan
Fixes #4571
Closes #4584
2019-11-12 09:44:24 +01:00
Daniel Stenberg cbaaae44fe
CURL-DISABLE: initial docs for the CURL_DISABLE_* defines
The disable-scan script used in test 1165 is extended to also verify
that the docs cover all used defines and all defines offered by
configure.

Reported-by: SLDiggie on github
Fixes #4545
Closes #4587
2019-11-12 09:35:39 +01:00
Marcel Raad 86e26996c7
test1558: use double slash after file:
Classic MinGW / MSYS 1 doesn't support `MSYS2_ARG_CONV_EXCL`, so this
test unnecessarily failed when using `file:/` instead of `file:///`.

Closes https://github.com/curl/curl/pull/4554
2019-11-10 20:34:40 +01:00
Jay Satiro 07cf042ece strerror: Fix an error looking up some Windows error strings
- Use FORMAT_MESSAGE_IGNORE_INSERTS to ignore format specifiers in
  Windows error strings.

Since we are not in control of the error code we don't know what
information may be needed by the error string's format specifiers.

Prior to this change Windows API error strings which contain specifiers
(think specifiers like similar to printf specifiers) would not be shown.
The FormatMessage Windows API call which turns a Windows error code into
a string could fail and set error ERROR_INVALID_PARAMETER if that error
string contained a format specifier. FormatMessage expects a va_list for
the specifiers, unless inserts are ignored in which case no substitution
is attempted.

Ref: https://devblogs.microsoft.com/oldnewthing/20071128-00/?p=24353
2019-11-09 18:07:59 -05:00
Daniel Stenberg 5d5bd4460e
test1560: require IPv6 for IPv6 aware URL parsing
The URL parser function can't reject a bad IPv6 address properly when
curl was built without IPv6 support.

Reported-by: Marcel Raad
Fixes #4556
Closes #4572
2019-11-08 23:09:53 +01:00
Marcel Raad 2839cfdc53
certs/Server-localhost-lastSAN-sv: regenerate with sha256
All other certificates were regenerated in commit ba782baac3, but
this one was missed.
Fixes test3001 on modern systems.

Closes https://github.com/curl/curl/pull/4551
2019-11-02 23:53:38 +01:00
Vilhelm Prytz d0319adb0c
copyrights: update all copyright notices to 2019 on files changed this year
Closes #4547
2019-11-02 23:15:56 +01:00
Daniel Stenberg dcd7e37c3a
url: make Curl_close() NULLify the pointer too
This is the common pattern used in the code and by a unified approach we
avoid mistakes.

Closes #4534
2019-10-30 09:36:21 +01:00
Marcel Raad b3378a793c
test1591: fix spelling of http feature
The test never got run because the feature name is `http` in lowercase.

Closes https://github.com/curl/curl/pull/4520
2019-10-24 14:59:26 +02:00
Daniel Stenberg 807c056c08
conn-reuse: requests wanting NTLM can reuse non-NTLM connections
Added test case 338 to verify.

Reported-by: Daniel Silverstone
Fixes #4499
Closes #4514
2019-10-23 10:15:39 +02:00
Marcel Raad 2838fd91be
tests: add missing proxy features 2019-10-23 08:28:03 +02:00
Marcel Raad d81dbae19f
tests: use %FILE_PWD for file:// URLs
This way, we always have exactly one slash after the host name, making
the tests pass when curl is compiled with the MSYS GCC.

Closes https://github.com/curl/curl/pull/4512
2019-10-21 17:28:48 +02:00
Marcel Raad 2e4405d29c
tests: add `connect to non-listen` keywords
These tests try to connect to ports nothing is listening on.

Closes https://github.com/curl/curl/pull/4511
2019-10-21 10:19:22 +02:00
Marcel Raad cebbba9f9d
runtests: get textaware info from curl instead of perl
The MSYS system on Windows can run the test suite for curl built with
any toolset. When built with the MSYS GCC, curl uses Unix line endings,
while it uses Windows line endings when built with the MinGW GCC, and
`^O` reports 'msys' in both cases. Use the curl executable itself to
determine the line endings instead, which reports 'x86_64-pc-msys' when
built with the MSYS GCC.

Closes https://github.com/curl/curl/pull/4506
2019-10-20 13:06:57 +02:00
Marcel Raad fff1ba7a6b
test1162: disable MSYS2's POSIX path conversion
This avoids MSYS2 converting the backslasb in the URL to a slash,
causing the test to fail.
2019-10-17 20:42:07 +02:00
Daniel Stenberg e062043433
url: normalize CURLINFO_EFFECTIVE_URL
The URL extracted with CURLINFO_EFFECTIVE_URL was returned as given as
input in most cases, which made it not get a scheme prefixed like before
if the URL was given without one, and it didn't remove dotdot sequences
etc.

Added test case 1907 to verify that this now works as intended and as
before 7.62.0.

Regression introduced in 7.62.0

Reported-by: Christophe Dervieux
Fixes #4491
Closes #4493
2019-10-16 14:10:55 +02:00
Marcel Raad 347075bc17
tests: line ending fixes for Windows
Mark some files as text.

Closes https://github.com/curl/curl/pull/4490
2019-10-16 10:14:07 +02:00
Marcel Raad 476eb88171
tests: use proxy feature
This makes the tests succeed when using --disable-proxy.

Closes https://github.com/curl/curl/pull/4488
2019-10-15 07:56:55 +02:00
Marcel Raad ee63837732
smbserver: fix Python 3 compatibility
Python 2's `ConfigParser` module is spelled `configparser` in Python 3.

Closes https://github.com/curl/curl/pull/4484
2019-10-13 22:14:04 +02:00
Daniel Stenberg b59f0626b5
tests: use port 2 instead of 60000 for a safer non-listening port
... when the tests want "connection refused".
2019-10-09 14:16:28 +02:00
Daniel Stenberg 9e03faccc3
docs: document it as --no-progress-meter instead of the reverse
Follow-up to 93373a960c

Reported-by: infinnovation-dev on github
Fixes #4474
Closes #4475
2019-10-09 10:07:02 +02:00
Stian Soiland-Reyes f7f0b0012d
curl: ensure HTTP 429 triggers --retry
This completes #3794.

Also make sure the new tests from #4195 are enabled

Closes #4465
2019-10-05 11:41:06 +02:00
Daniel Stenberg 02c6b984cb
urlapi: fix use-after-free bug
Follow-up from 2c20109a9b

Added test 663 to verify.

Reported by OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/17954

Closes #4453
2019-10-03 22:54:26 +02:00
Daniel Stenberg c6f250c4d6
redirect: when following redirects to an absolute URL, URL encode it
... to make it handle for example (RFC violating) embeded spaces.

Reported-by: momala454 on github
Fixes #4445
Closes #4447
2019-10-02 07:53:32 +02:00
Daniel Stenberg e59371a493
curl: create easy handles on-demand and not ahead of time
This should again enable crazy-large download ranges of the style
[1-10000000] that otherwise easily ran out of memory starting in 7.66.0
when this new handle allocating scheme was introduced.

Reported-by: Peter Sumatra
Fixes #4393
Closes #4438
2019-10-02 07:50:32 +02:00
Emil Engler b59c1e6550
git: add tests/server/disabled to .gitignore
Closes #4441
2019-09-30 18:01:05 +02:00
Daniel Stenberg c24cf6c64c
altsvc: accept quoted ma and persist values
As mandated by the spec. Test 1654 is extended to verify.

Closes #4443
2019-09-30 16:35:12 +02:00
Daniel Stenberg d0a7ee3f61
cookies: using a share with cookies shouldn't enable the cookie engine
The 'share object' only sets the storage area for cookies. The "cookie
engine" still needs to be enabled or activated using the normal cookie
options.

This caused the curl command line tool to accidentally use cookies
without having been told to, since curl switched to using shared cookies
in 7.66.0.

Test 1166 verifies

Updated test 506

Fixes #4429
Closes #4434
2019-09-28 18:10:43 +02:00
Zenju a167ab6a1e
FTP: add test for FTPFILE_NOCWD: Avoid redundant CWDs
Add libtest 661

Closes #4417
2019-09-27 08:32:32 +02:00
Zenju 500fb0e4cb
FTP: url-decode path before evaluation
Closes #4428
2019-09-27 08:29:54 +02:00
Marcel Raad 73089bf7f3
tests: fix narrowing conversion warnings
`timediff_t` is 64 bits wide also on 32-bit systems since
commit b1616dad8f.

Closes https://github.com/curl/curl/pull/4415
2019-09-27 08:28:10 +02:00
Daniel Stenberg ea7744a07e
Revert "FTP: url-decode path before evaluation"
This reverts commit 2f036a72d5.
2019-09-26 14:53:19 +02:00
Zenju 2f036a72d5
FTP: url-decode path before evaluation
Closes #4423
2019-09-26 13:57:44 +02:00
Daniel Stenberg 6e7733f788
urlapi: question mark within fragment is still fragment
The parser would check for a query part before fragment, which caused it
to do wrong when the fragment contains a question mark.

Extended test 1560 to verify.

Reported-by: Alex Konev
Fixes #4412
Closes #4413
2019-09-24 23:30:43 +02:00
Jens Finkhaeuser 0a4ecbdf1c
urlapi: CURLU_NO_AUTHORITY allows empty authority/host part
CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not
"file:///") to override cURL's default demand that an authority exists.

Closes #4349
2019-09-19 15:57:28 +02:00
Zenju 1c02a4e874
FTP: remove trailing slash from path for LIST/MLSD
Closes #4348
2019-09-18 09:27:21 +02:00
Daniel Stenberg 3ad883aeda
unit1655: make it C90 compliant
Unclear why this was not detected in the CI.

Follow-up to b766602729
2019-09-16 14:30:44 +02:00
Paul Dreik b766602729
doh: fix (harmless) buffer overrun
Added unit test case 1655 to verify.
Close #4352

the code correctly finds the flaws in the old code,
if one temporarily restores doh.c to the old version.
2019-09-15 23:25:24 +02:00
Daniel Stenberg 65f5b958c9
FTP: allow "rubbish" prepended to the SIZE response
This is a protocol violation but apparently there are legacy proprietary
servers doing this.

Added test 336 and 337 to verify.

Reported-by: Philippe Marguinaud
Closes #4339
2019-09-13 14:21:00 +02:00
Zenju acf1d2acd1
FTP: skip CWD to entry dir when target is absolute
Closes #4332
2019-09-13 14:05:34 +02:00
Daniel Stenberg eab3c580f9
urlapi: verify the IPv6 numerical address
It needs to parse correctly. Otherwise it could be tricked into letting
through a-f using host names that libcurl would then resolve. Like
'[ab.be]'.

Reported-by: Thomas Vegas
Closes #4315
2019-09-10 11:32:12 +02:00
Daniel Stenberg 84ced9389e
Curl_addr2string: take an addrlen argument too
This allows the function to figure out if a unix domain socket has a
file name or not associated with it! When a socket is created with
socketpair(), as done in the fuzzer testing, the path struct member is
uninitialized and must not be accessed.

Bug: https://crbug.com/oss-fuzz/16699

Closes #4283
2019-08-31 11:41:56 +02:00
Daniel Stenberg 32d64b2e87
defines: avoid underscore-prefixed defines
Double-underscored or underscore plus uppercase letter at least.

... as they're claimed to be reserved.

Reported-by: patnyb on github

Fixes #4254
Closes #4255
2019-08-23 11:47:57 +02:00
Daniel Stenberg 68fab35c73
http: fix use of credentials from URL when using HTTP proxy
When a username and password are provided in the URL, they were wrongly
removed from the stored URL so that subsequent uses of the same URL
wouldn't find the crendentials. This made doing HTTP auth with multiple
connections (like Digest) mishave.

Regression from 46e164069d (7.62.0)

Test case 335 added to verify.

Reported-by: Mike Crowe

Fixes #4228
Closes #4229
2019-08-16 10:11:22 +02:00
Mike Crowe a8ac1be705
tests: Replace outdated test case numbering documentation
Tests are no longer grouped by numeric range[1]. Let's stop saying that
and provide some alternative advice for numbering tests.

[1] https://curl.haxx.se/mail/lib-2019-08/0043.html

Closes #4227
2019-08-15 17:20:46 +02:00
Jay Satiro dca6f73613 vauth: Use CURLE_AUTH_ERROR for auth function errors
- Add new error code CURLE_AUTH_ERROR.

Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.

Ref: https://github.com/curl/curl/pull/3848

Co-authored-by: Dominik Hölzl

Closes https://github.com/curl/curl/pull/3864
2019-08-14 03:14:01 -04:00
Daniel Stenberg db061571ef
http3: make connection reuse work
Closes #4204
2019-08-09 12:26:02 +02:00
Daniel Stenberg 6ee9e4bd47
cleanup: s/curl_debug/curl_dbg_debug in comments and docs
Leftovers from the function rename back in 76b6348949

Reported-by: Gisle Vanem
Bug: f3e0f071b1 (com)
mitcomment-34601751

Closes #4203
2019-08-08 16:01:00 +02:00
Daniel Stenberg 69b3ff5118
alt-svc: add protocol version selection masking
So that users can mask in/out specific HTTP versions when Alt-Svc is
used.

 - Removed "h2c" and updated test case accordingly
 - Changed how the altsvc struct is laid out
 - Added ifdefs to make the unittest run even in a quiche-tree

Closes #4201
2019-08-08 09:10:29 +02:00
Daniel Stenberg f933449d3b
CURLINFO_RETRY_AFTER: parse the Retry-After header value
This is only the libcurl part that provides the information. There's no
user of the parsed value. This change includes three new tests for the
parser.

Ref: #3794
2019-08-07 14:45:39 +02:00
Jay Satiro a44394eac5 tests: Fix the line endings for the SASL alt-auth tests
- Change data and protocol sections to CRLF line endings.

Prior to this change the tests would fail or hang, which is because
certain sections such as protocol require CRLF line endings.

Follow-up to grandparent commit which added the tests.

Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186
2019-08-06 11:38:58 -04:00
Steve Holme 1e08a79258 curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool
Ref: https://github.com/curl/curl/issues/3653
Ref: https://github.com/curl/curl/pull/3790

NOTE: This commit was cherry-picked and is part of a series of commits
that added the authzid feature for upcoming 7.66.0. The series was
temporarily reverted in db8ec1f so that it would not ship in a 7.65.x
patch release.

Closes https://github.com/curl/curl/pull/4186
2019-08-06 11:38:41 -04:00
Daniel Stenberg 02346abc32
curl_multi_poll: a sister to curl_multi_wait() that waits more
Repeatedly we see problems where using curl_multi_wait() is difficult or
just awkward because if it has no file descriptor to wait for
internally, it returns immediately and leaves it to the caller to wait
for a small amount of time in order to avoid occasional busy-looping.

This is often missed or misunderstood, leading to underperforming
applications.

This change introduces curl_multi_poll() as a replacement drop-in
function that accepts the exact same set of arguments. This function
works identically to curl_multi_wait() - EXCEPT - for the case when
there's nothing to wait for internally, as then this function will by
itself wait for a "suitable" short time before it returns. This
effectiely avoids all risks of busy-looping and should also make it less
likely that apps "over-wait".

This also changes the curl tool to use this funtion internally when
doing parallel transfers and changes curl_easy_perform() to use it
internally.

Closes #4163
2019-08-06 09:33:29 +02:00
Daniel Stenberg a42b0957ab
http09: disable HTTP/0.9 by default in both tool and library
As the plan has been laid out in DEPRECATED. Update docs accordingly and
verify in test 1174. Now requires the option to be set to allow HTTP/0.9
responses.

Closes #4191
2019-08-06 00:08:14 +02:00
Daniel Stenberg 1132f43012
alt-svc: more liberal ALPN name parsing
Allow pretty much anything to be part of the ALPN identifier. In
particular minus, which is used for "h3-20" (in-progress HTTP/3
versions) etc.

Updated test 356.
Closes #4182
2019-08-03 21:54:00 +02:00
Kamil Dudka 4c187043c5 http_negotiate: improve handling of gss_init_sec_context() failures
If HTTPAUTH_GSSNEGOTIATE was used for a POST request and
gss_init_sec_context() failed, the POST request was sent
with empty body.  This commit also restores the original
behavior of `curl --fail --negotiate`, which was changed
by commit 6c60355323.

Add regression tests 2077 and 2078 to cover this.

Fixes #3992
Closes #4171
2019-08-01 16:21:41 +02:00
Daniel Stenberg db0a0dfb0e
curl: cap the maximum allowed values for retry time arguments
... to avoid integer overflows later when multiplying with 1000 to
convert seconds to milliseconds.

Added test 1269 to verify.

Reported-by: Jason Lee
Closes #4166
2019-07-30 08:17:01 +02:00
Balazs Kovacsics 802aa5ae27
HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknown
If using the read callback for HTTP_POST, and POSTFIELDSIZE is not set,
automatically add a Transfer-Encoding: chunked header, same as it is
already done for HTTP_PUT, HTTP_POST_FORM and HTTP_POST_MIME.  Update
test 1514 according to the new behaviour.

Closes #4138
2019-07-29 13:18:53 +02:00
Daniel Stenberg b889408500
curl: support parallel transfers
This is done by making sure each individual transfer is first added to a
linked list as then they can be performed serially, or at will, in
parallel.

Closes #3804
2019-07-20 19:14:16 +02:00
Daniel Stenberg 647e726d78
test1173: make it also check all libcurl option man pages
... and adjust those that cause errors

Closes #4116
2019-07-16 12:38:42 +02:00
Daniel Stenberg 275b74a53d
dist: add manpage-syntax.pl
follow-up to 7fb66c403
2019-07-15 15:24:41 +02:00
Daniel Stenberg 7fb66c4034
test1173: detect some basic man page format mistakes
Triggered by PR #4111

Closes #4113
2019-07-15 15:23:24 +02:00
Linos Giannopoulos 797e549d0d
libcurl: Add testcase for gopher redirects
The testcase ensures that redirects to CURLPROTO_GOPHER won't be
allowed, by default, in the future. Also, curl is being used
for convenience while keeping the testcases DRY.

The expected error code is CURLE_UNSUPPORTED_PROTOCOL when the client is
redirected to CURLPROTO_GOPHER

Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr>
2019-07-14 16:30:28 +02:00
Peter Simonyi 855887af79
http: allow overriding timecond with custom header
With CURLOPT_TIMECONDITION set, a header is automatically added (e.g.
If-Modified-Since).  Allow this to be replaced or suppressed with
CURLOPT_HTTPHEADER.

Fixes #4103
Closes #4109
2019-07-14 16:17:15 +02:00
Daniel Stenberg 8b159d1fe9
test1521: adapt to SLISTPOINT
The header now has the slist-using options marked as SLISTPOINT so this
makes sure test 1521 understands that.

Follow-up to ae99b4de1c

Closes #4074
2019-06-25 21:51:44 +02:00
Stephan Szabo 35b8bea20f
tests: update fixed IP for hostip/clientip split
These tests give differences for me on linux when using a hostip
pointing to the external ip address for the local machine.

Closes #4070
2019-06-25 08:04:48 +02:00
Daniel Stenberg 1e9769639b
test153: fix content-length to avoid occasional hang
Closes #4065
2019-06-24 08:33:32 +02:00
Daniel Stenberg 8927d1c2b0
tests: add disable-scan.pl to dist
follow-up from 29177f422a

Closes #4059
2019-06-21 16:25:50 +02:00
Stephan Szabo 2aff76c571
tests: support non-localhost HOSTIP for dict/smb servers
smbserver.py/dictserver.py were explicitly using localhost/127.0.0.1 for
binding the server which when we were running the tests with a separate
HOSTIP and CLIENTIP had failures verifying the server from the device we
were testing.

This changes them to take the address from runtests.py and default to
localhost/127.0.0.1 if none is given.

Closes #4048
2019-06-20 08:33:13 +02:00
Daniel Stenberg cf35bd79bd
test1523: basic test of CURLOPT_LOW_SPEED_LIMIT 2019-06-18 22:34:05 +02:00
Daniel Stenberg 6617db6a7e
runtests: keep logfiles around by default
Make '-k' a no-op. The singletest function now clears the log directory
BEFORE each individual test and not after, which makes it possible to
always keep the logfiles around after a test has been run. No need to
specify -k anymore. Keeping the option parsing around to work with users
of old habits.

Some tests also didn't work properly when -k was used (since the old
logs would be kep when a new test starts) which this change also fixes.

Closes #4035
2019-06-18 07:59:45 +02:00
Daniel Stenberg 40259ca655
tests: have runtests figure out disabled features
... so that runtests can skip individual test cases that test features
that are explicitly disabled in this build. This new logic is intended
for disabled features that aren't otherwise easily visible through the
curl_version_info() or other API calls.

tests/server/disabled is a newly built executable that will output a
list of disabled features. Outputs nothing for a default build.

Closes #3950
2019-06-17 16:08:00 +02:00
Daniel Stenberg 13d9bb8bad
test188/189: fix Content-Length
This cures the flaky test results

Closes #4034
2019-06-17 16:01:55 +02:00
Daniel Stenberg c97e8493a6
runtests: report single test time + total duration
... after each successful test.

Closes #4027
2019-06-15 23:31:41 +02:00
Daniel Stenberg ff3876046e
unit1654: cleanup on memory failure
... to make it handle torture tests properly.

Reported-by: Marcel Raad
Fixes #4021
Closes #4022
2019-06-13 17:22:51 +02:00
Daniel Stenberg 29177f422a
test1165: verify that CURL_DISABLE_ symbols are in sync
between configure.ac and source code. They should be possible to switch
on/off in configure AND be used in source code.
2019-06-11 15:33:58 +02:00
Daniel Stenberg deb9462ff2
wolfssl: refer to it as wolfSSL only
Remove support for, references to and use of "cyaSSL" from the source
and docs. wolfSSL is the current name and there's no point in keeping
references to ancient history.

Assisted-by: Daniel Gustafsson

Closes #3903
2019-06-10 09:18:16 +02:00
Marcel Raad e23c52b329
build: fix Codacy warnings
Reduce variable scopes and remove redundant variable stores.

Closes https://github.com/curl/curl/pull/3975
2019-06-05 20:38:06 +02:00
Marcel Raad 04ac54e196
sws: remove unused variables
Unused since commit 2f44e94.

Closes https://github.com/curl/curl/pull/3975
2019-06-05 20:37:56 +02:00
Steve Holme 5f2a103f09
tests/server/.gitignore: Add socksd to the ignore list
Missed in 04fd6755.

Closes #3978
2019-06-02 22:37:06 +01:00
Daniel Stenberg b6b8f3a384
test334: verify HTTP 204 response with chunked coding header
Verifies that a bodyless response don't parse this content-related
header.
2019-06-02 22:58:11 +02:00
Michael Kaufmann 2e5ceb3934
http: don't parse body-related headers bodyless responses
Responses with status codes 1xx, 204 or 304 don't have a response body. For
these, don't parse these headers:

- Content-Encoding
- Content-Length
- Content-Range
- Last-Modified
- Transfer-Encoding

This change ensures that HTTP/2 upgrades work even if a
"Content-Length: 0" or a "Transfer-Encoding: chunked" header is present.

Co-authored-by: Daniel Stenberg
Closes #3702
Fixes #3968
Closes #3977
2019-06-02 22:58:04 +02:00
Marcel Raad 13df26192e
HAProxy tests: add keywords
Add the proxy and haproxy keywords in order to be able to exclude or
run these specific tests.

Closes https://github.com/curl/curl/pull/3949
2019-05-27 14:48:37 +02:00
Maksim Stsepanenka 1b260757b8
tests: make test 1420 and 1406 work with rtsp-disabled libcurl
Closes #3948
2019-05-27 11:34:06 +02:00
Jay Satiro db8ec1fa38
Revert all SASL authzid (new feature) commits
- Revert all commits related to the SASL authzid feature since the next
  release will be a patch release, 7.65.1.

Prior to this change CURLOPT_SASL_AUTHZID  / --sasl-authzid was destined
for the next release, assuming it would be a feature release 7.66.0.
However instead the next release will be a patch release, 7.65.1 and
will not contain any new features.

After the patch release after the reverted commits can be restored by
using cherry-pick:

git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690

Details for all reverted commits:

Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()."

This reverts commit 0edf6907ae.

Revert "tests: Fix the line endings for the SASL alt-auth tests"

This reverts commit c2a8d52a13.

Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples"

This reverts commit 8c1cc369d0.

Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool"

This reverts commit a9499ff136.

Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID"

This reverts commit a14d72ca2f.
2019-05-25 23:36:11 +02:00
Jay Satiro c2a8d52a13 tests: Fix the line endings for the SASL alt-auth tests
- Change data and protocol sections to CRLF line endings.

Prior to this change the tests would fail or hang, which is because
certain sections such as protocol require CRLF line endings.

Follow-up to a9499ff from today which added the tests.

Ref: https://github.com/curl/curl/pull/3790
2019-05-23 04:01:09 -04:00
Steve Holme a9499ff136
curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool 2019-05-22 22:55:11 +01:00
Marc Hoersken 081d374f49 tests: add support to test against OpenSSH for Windows
Testing against OpenSSH for Windows requires v7.7.0.0 or newer
due to the use of AllowUsers and DenyUsers. For more info see:
https://github.com/PowerShell/Win32-OpenSSH/wiki/sshd_config
2019-05-22 19:54:05 +02:00
Daniel Stenberg 31b77c1877
curl: report error for "--no-" on non-boolean options
Reported-by: Olen Andoni
Fixes #3906
Closes #3907
2019-05-20 19:04:54 +02:00
Daniel Stenberg 8b038bcc95
lib1560: add tests for parsing URL with too long scheme
Ref: #3905
2019-05-20 15:27:07 +02:00
Daniel Stenberg f943347496
test332: verify the blksize fix 2019-05-20 07:59:11 +02:00
Daniel Stenberg 697b1f911b
curl: make code work with protocol-disabled libcurl
Closes #3844
2019-05-18 16:14:10 +02:00
Daniel Stenberg 8ece8177f1
cleanup: remove FIXME and TODO comments
They serve very little purpose and mostly just add noise. Most of them
have been around for a very long time. I read them all before removing
or rephrasing them.

Ref: #3876
Closes #3883
2019-05-16 09:16:56 +02:00
Daniel Stenberg ee68bbe29c
parse_proxy: use the URL parser API
As we treat a given proxy as a URL we should use the unified URL parser
to extract the parts out of it.

Closes #3878
2019-05-15 12:02:05 +02:00
Daniel Stenberg 9f9ec7da57
urlapi: require a non-zero host name length when parsing URL
Updated test 1560 to verify.

Closes #3880
2019-05-14 13:39:10 +02:00
Marcel Raad 6b3dde7fe6
build: fix "clarify calculation precedence" warnings
Codacy/CppCheck warns about this. Consistently use parentheses as we
already do in some places to silence the warning.

Closes https://github.com/curl/curl/pull/3866
2019-05-12 09:31:09 +02:00
Jay Satiro d934059afd Revert "multi: support verbose conncache closure handle"
This reverts commit b0972bc.

- No longer show verbose output for the conncache closure handle.

The offending commit was added so that the conncache closure handle
would inherit verbose mode from the user's easy handle. (Note there is
no way for the user to set options for the closure handle which is why
that was necessary.) Other debug settings such as the debug function
were not also inherited since we determined that could lead to crashes
if the user's per-handle private data was used on an unexpected handle.

The reporter here says he has a debug function to capture the verbose
output, and does not expect or want any output to stderr; however
because the conncache closure handle does not inherit the debug function
the verbose output for that handle does go to stderr.

There are other plausible scenarios as well such as the user redirects
stderr on their handle, which is also not inherited since it could lead
to crashes when used on an unexpected handle.

Short of allowing the user to set options for the conncache closure
handle I don't think there's much we can safely do except no longer
inherit the verbose setting.

Bug: https://curl.haxx.se/mail/lib-2019-05/0021.html
Reported-by: Kristoffer Gleditsch

Ref: https://github.com/curl/curl/pull/3598
Ref: https://github.com/curl/curl/pull/3618

Closes https://github.com/curl/curl/pull/3856
2019-05-10 15:01:57 -04:00
Daniel Gustafsson d490d207c7 test2100: Fix typos in test description 2019-05-06 20:12:39 +03:00
Daniel Stenberg 2d0e9b40d3
urlapi: add CURLUPART_ZONEID to set and get
The zoneid can be used with IPv6 numerical addresses.

Updated test 1560 to verify.

Closes #3834
2019-05-05 15:52:46 +02:00
Daniel Stenberg bdb2dbc103
urlapi: strip off scope id from numerical IPv6 addresses
... to make the host name "usable". Store the scope id and put it back
when extracting a URL out of it.

Also makes curl_url_set() syntax check CURLUPART_HOST.

Fixes #3817
Closes #3822
2019-05-03 12:17:22 +02:00
Daniel Stenberg 5fc28510a4
CURL_MAX_INPUT_LENGTH: largest acceptable string input size
This limits all accepted input strings passed to libcurl to be less than
CURL_MAX_INPUT_LENGTH (8000000) bytes, for these API calls:
curl_easy_setopt() and curl_url_set().

The 8000000 number is arbitrary picked and is meant to detect mistakes
or abuse, not to limit actual practical use cases. By limiting the
acceptable string lengths we also reduce the risk of integer overflows
all over.

NOTE: This does not apply to `CURLOPT_POSTFIELDS`.

Test 1559 verifies.

Closes #3805
2019-04-29 08:02:44 +02:00
Steve Holme eb84ca3ea8 sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616
RFC 4616 specifies the authzid is optional in the client authentication
message and that the server will derive the authorisation identity
(authzid) from the authentication identity (authcid) when not specified
by the client.
2019-04-22 12:29:49 +01:00
Daniel Stenberg c8bbfb90ea
test 196,197,198: add 'retry' keyword [skip ci] 2019-04-21 23:28:47 +02:00
Daniel Stenberg e04e974aed
test1002: correct the name [skip ci] 2019-04-20 12:44:31 +02:00
Daniel Stenberg 4225e5db1b
test660: verify CONNECT_ONLY with IMAP
which basically just makes sure LOGOUT is *not* issued on disconnect
2019-04-20 12:40:53 +02:00
Daniel Gustafsson 90d9e9460e tests: Run global cleanup at end of tests
Make sure to run curl_global_cleanup() when shutting down the test
suite to release any resources allocated in the SSL setup. This is
clearly visible when running tests with PolarSSL where the thread
lock calloc() memory which isn't released when not running cleanup.
Below is an excerpt from the autobuild logs:

  ==12368== 96 bytes in 1 blocks are possibly lost in loss record 1 of 2
  ==12368== at 0x4837B65: calloc (vg_replace_malloc.c:752)
  ==12368== by 0x11A76E: curl_dbg_calloc (memdebug.c:205)
  ==12368== by 0x145CDF: Curl_polarsslthreadlock_thread_setup
                         (polarssl_threadlock.c:54)
  ==12368== by 0x145B37: Curl_polarssl_init (polarssl.c:865)
  ==12368== by 0x14129D: Curl_ssl_init (vtls.c:171)
  ==12368== by 0x118B4C: global_init (easy.c:158)
  ==12368== by 0x118BF5: curl_global_init (easy.c:221)
  ==12368== by 0x118D0B: curl_easy_init (easy.c:299)
  ==12368== by 0x114E96: test (lib1906.c:32)
  ==12368== by 0x115495: main (first.c:174)

Closes #3783
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-04-15 15:23:58 +02:00
Daniel Stenberg a7ae01cb75
runtests: start socksd like other servers
... without a $srcdir prefix. Triggered by the failures in several
autobuilds.

Closes #3781
2019-04-15 11:05:20 +02:00
Daniel Gustafsson 0641086c2f socksd: Fix typos
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-04-14 22:06:40 +02:00
Daniel Gustafsson 31238d5fb7 socksd: Properly decorate static variables
Mark global variables static to avoid compiler warning in Clang when
using -Wmissing-variable-declarations.

Closes #3778
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-04-14 22:06:09 +02:00
Daniel Stenberg 54c784556e
test: make tests and test scripts use socksd for SOCKS
Make all SOCKS tests use socksd instead of ssh.
2019-04-13 11:21:53 +02:00
Daniel Stenberg 04fd67555c
socksd: new SOCKS 4+5 server for tests
Closes #3752
2019-04-13 11:21:35 +02:00
Daniel Stenberg d715d2ac89
urlapi: stricter CURLUPART_PORT parsing
Only allow well formed decimal numbers in the input.

Document that the number MUST be between 1 and 65535.

Add tests to test 1560 to verify the above.

Ref: https://github.com/curl/curl/issues/3753
Closes #3762
2019-04-13 11:17:30 +02:00
Daniel Stenberg 1489d1db85
test1906: verify CURLOPT_CURLU + CURLOPT_PORT usage
Based-on-code-by: Poul T Lomholt
2019-04-11 22:45:13 +02:00
Daniel Stenberg f73de32d46
CURLOPT_DNS_USE_GLOBAL_CACHE: remove
Remove the code too. The functionality has been disabled in code since
7.62.0. Setting this option will from now on simply be ignored and have
no function.

Closes #3654
2019-04-11 22:22:39 +02:00
Marcel Raad d1b5cf830b
build: fix Codacy/CppCheck warnings
- remove unused variables
- declare conditionally used variables conditionally
- suppress unused variable warnings in the CMake tests
- remove dead variable stores
- consistently use WIN32 macro to detect Windows

Closes https://github.com/curl/curl/pull/3739
2019-04-11 21:08:44 +02:00
Marcel Raad d250ed4753
lib557: initialize variables
These variables are only conditionally initialized.

Closes https://github.com/curl/curl/pull/3739
2019-04-11 21:08:41 +02:00
Marcel Raad 9eac2d92cf
lib509: add missing include for strdup
Closes https://github.com/curl/curl/pull/3739
2019-04-11 21:08:39 +02:00
Marcel Raad dc0712eea3
tests/server/util: fix Windows Unicode build
Always use the ANSI version of FormatMessage as we don't have the
curl_multibyte gear available here.

Closes https://github.com/curl/curl/pull/3758
2019-04-11 21:03:20 +02:00
Daniel Gustafsson 06ace0ba98 xattr: skip unittest on unsupported platforms
The stripcredentials unittest fails to compile on platforms without
xattr support, for example the Solaris member in the buildfarm which
fails with the following:

  CC unit1621-unit1621.o
  CC ../libtest/unit1621-first.o
  CCLD unit1621
  Undefined first referenced
  symbol in file
  stripcredentials unit1621-unit1621.o
  goto problem 2
  ld: fatal: symbol referencing errors. No output written to .libs/unit1621
  collect2: error: ld returned 1 exit status
  gmake[2]: *** [Makefile:996: unit1621] Error 1

Fix by excluding the test on such platforms by using the reverse
logic from where stripcredentials() is defined.

Closes #3759
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-04-11 09:22:22 +02:00
Jakub Zakrzewski 89bb5a836c
test: urlapi: urlencode characters above 0x7f correctly 2019-04-07 22:57:42 +02:00
Daniel Stenberg 2f44e94efb
pipelining: removed
As previously planned and documented in DEPRECATE.md, all pipelining
code is removed.

Closes #3651
2019-04-06 22:49:50 +02:00
cclauss aba1c51553
tests: make Impacket (SMB server) Python 3 compatible
Closes #3731
Fixes #3289
2019-04-06 22:29:57 +02:00
Mert Yazıcıoğlu 6227e2bd07 vauth/oauth2: Fix OAUTHBEARER token generation
OAUTHBEARER tokens were incorrectly generated in a format similar to
XOAUTH2 tokens. These changes make OAUTHBEARER tokens conform to the
RFC7628.

Fixes: #2487
Reported-by: Paolo Mossino

Closes https://github.com/curl/curl/pull/3377
2019-04-02 15:52:12 -04:00
Dan Fandrich 27fb521df5 tests: Fixed XML validation errors in some test files. 2019-03-24 18:35:02 +01:00
Dan Fandrich 48287c9c96 tests: Fix some incorrect precheck error messages.
[ci skip]
2019-03-24 13:02:05 +01:00
Daniel Stenberg dc5edf9124
test1541: threaded connection sharing
The threaded-shared-conn.c example turned into test case. Only works if
pthread was detected.

An attempt to detect future regressions such as e3a53e3efb

Closes #3687
2019-03-18 13:58:46 +01:00
Daniel Stenberg 5cf5d57ab9
makefile: make checksrc and hugefile commands "silent"
... to match the style already used for compiling, linking
etc. Acknowledges 'make V=1' to enable verbose.

Closes #3681
2019-03-14 20:11:24 +01:00
Dan Fandrich 6971478963 fuzzer: Only clone the latest fuzzer code, for speed. 2019-03-14 14:03:16 +01:00
Dominik Hölzl 6c60355323
Negotiate: fix for HTTP POST with Negotiate
* Adjusted unit tests 2056, 2057
* do not generally close connections with CURLAUTH_NEGOTIATE after every request
* moved negotiatedata from UrlState to connectdata
* Added stream rewind logic for CURLAUTH_NEGOTIATE
* introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC
* Consider authproblem state for CURLAUTH_NEGOTIATE
* Consider reuse_forbid for CURLAUTH_NEGOTIATE
* moved and adjusted negotiate authentication state handling from
  output_auth_headers into Curl_output_negotiate
* Curl_output_negotiate: ensure auth done is always set
* Curl_output_negotiate: Set auth done also if result code is
  GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may
  also indicate the last challenge request (only works with disabled
  Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1)
* Consider "Persistent-Auth" header, detect if not present;
  Reset/Cleanup negotiate after authentication if no persistent
  authentication
* apply changes introduced with #2546 for negotiate rewind logic

Fixes #1261
Closes #1975
2019-03-14 09:26:03 +01:00
Marc Schlatter dd8a19f8a0
http: send payload when (proxy) authentication is done
The check that prevents payload from sending in case of authentication
doesn't check properly if the authentication is done or not.

They're cases where the proxy respond "200 OK" before sending
authentication challenge. This change takes care of that.

Fixes #2431
Closes #3669
2019-03-13 10:58:52 +01:00
Daniel Stenberg ff7e5a29c7
test331: verify set-cookie for dotless host name
Reproduced bug #3649
Closes #3659
2019-03-09 12:59:20 +01:00
Daniel Stenberg 299d9660f8
Revert "cookies: extend domain checks to non psl builds"
This reverts commit 3773de378d.

Regression shipped in 7.64.0
Fixes #3649
2019-03-09 12:59:20 +01:00
Daniel Stenberg 76b6348949
memdebug: make debug-specific functions use curl_dbg_ prefix
To not "collide" or use up the regular curl_ name space. Also makes them
easier to detect in helper scripts.

Closes #3656
2019-03-08 23:21:21 +01:00
Daniel Stenberg a4cc978906
tests: fix multiple may be used uninitialized warnings 2019-03-05 14:38:25 +01:00
Jay Satiro b0972bc8e1 multi: support verbose conncache closure handle
- Change closure handle to receive verbose setting from the easy handle
  most recently added via curl_multi_add_handle.

The closure handle is a special easy handle used for closing cached
connections. It receives limited settings from the easy handle most
recently added to the multi handle. Prior to this change that did not
include verbose which was a problem because on connection shutdown
verbose mode was not acknowledged.

Ref: https://github.com/curl/curl/pull/3598

Co-authored-by: Daniel Stenberg

Closes https://github.com/curl/curl/pull/3618
2019-03-05 00:00:01 -05:00
Daniel Stenberg 15401fa886
CURLU: fix NULL dereference when used over proxy
Test 659 verifies

Also fixed the test 658 name

Closes #3641
2019-03-04 16:24:08 +01:00
Daniel Stenberg 5345b04a43
alt-svc: add test 355 and 356 to verify with command line curl 2019-03-03 11:17:52 +01:00
Daniel Stenberg e1be825453
alt-svc: the libcurl bits 2019-03-03 11:17:52 +01:00
Daniel Stenberg 64d598d91d
test578: make it read data from the correct test 2019-02-28 20:46:45 +01:00
Daniel Stenberg eb43338941
cookies: only save the cookie file if the engine is enabled
Follow-up to 8eddb8f425.

If the cookieinfo pointer is NULL there really is nothing to save.

Without this fix, we got a problem when a handle was using shared object
with cookies and is told to "FLUSH" it to file (which worked) and then
the share object was removed and when the easy handle was closed just
afterwards it has no cookieinfo and no cookies so it decided to save an
empty jar (overwriting the file just flushed).

Test 1905 now verifies that this works.

Assisted-by: Michael Wallner
Assisted-by: Marcel Raad

Closes #3621
2019-02-27 21:59:40 +01:00
Daniel Stenberg 15ef24985c
runtests: detect "schannel" as an alias for "winssl"
Follow-up to 180501cb02

Reported-by: Marcel Raad
Fixes #3609
Closes #3620
2019-02-26 22:18:35 +01:00
Dan Fandrich 87ba80a6df tests: Fixed XML validation errors in some test files. 2019-02-21 22:10:48 +01:00
Daniel Stenberg c543da9a50
curl: remove MANUAL from -M output
... and remove it from the dist tarball. It has served its time, it
barely gets updated anymore and "everything curl" is now convering all
this document once tried to include, and does it more and better.

In the compressed scenario, this removes ~15K data from the binary,
which is 25% of the -M output.

It remains in the git repo for now for as long as the web site builds a
page using that as source. It renders poorly on the site (especially for
mobile users) so its not even good there.

Closes #3587
2019-02-20 08:20:27 +01:00
Daniel Stenberg b08898fb29
connection: never reuse CONNECT_ONLY conections
and make CONNECT_ONLY conections never reuse any existing ones either.

Reported-by: Pavel Löbl
Bug: https://curl.haxx.se/mail/lib-2019-02/0064.html
Closes #3586
2019-02-19 22:50:02 +01:00
Daniel Stenberg 5908e900be
unit1651: survive curl_easy_init() fails 2019-02-19 09:08:28 +01:00
Daniel Gustafsson e6522522f9 cookie: Add support for cookie prefixes
The draft-ietf-httpbis-rfc6265bis-02 draft, specify a set of prefixes
and how they should affect cookie initialization, which has been
adopted by the major browsers. This adds support for the two prefixes
defined, __Host- and __Secure, and updates the testcase with the
supplied examples from the draft.

Closes #3554
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2019-02-17 00:09:30 +01:00
Marcel Raad 208c77713a
unit1307: just fail without FTP support
I missed to check this in with commit
71786c0505, which only disabled the test.
This fixes the actual linker error.

Closes https://github.com/curl/curl/pull/3568
2019-02-15 09:50:52 +01:00
Daniel Stenberg 28177def43
gssapi: fix deprecated header warnings
Heimdal includes on FreeBSD spewed out lots of them. Less so now.

Closes #3566
2019-02-14 08:38:43 +01:00
Marcel Raad 71786c0505
unit1307: require FTP support
This test doesn't link without FTP support after
fc7ab4835b, which made Curl_fnmatch
unavailable without FTP support.

Closes https://github.com/curl/curl/pull/3565
2019-02-13 08:42:11 +01:00
Frank Gevaerts 35a8fd2886
tests: add stderr comparison to the test suite
The code is more or less copied from the stdout comparison code, maybe
some better reuse is possible.

test 1457 is adjusted to make the output actually match (by using --silent)
test 506 used <stderr> without actually needing it, so that <stderr> block is removed

Closes #3536
2019-02-11 23:00:50 +01:00
Patrick Monnerat cac0e4a6ad cli tool: do not use mime.h private structures.
Option -F generates an intermediate representation of the mime structure
that is used later to create the libcurl mime structure and generate
the --libcurl statements.

Reported-by: Daniel Stenberg
Fixes #3532
Closes #3546
2019-02-11 19:10:41 +01:00
Daniel Stenberg 05b100aee2
cleanup: make local functions static
urlapi: turn three local-only functions into statics

conncache: make conncache_find_first_connection static

multi: make detach_connnection static

connect: make getaddressinfo static

curl_ntlm_core: make hmac_md5 static

http2: make two functions static

http: make http_setup_conn static

connect: make tcpnodelay static

tests: make UNITTEST a thing to mark functions with, so they can be static for
normal builds and non-static for unit test builds

... and mark Curl_shuffle_addr accordingly.

url: make up_free static

setopt: make vsetopt static

curl_endian: make write32_le static

rtsp: make rtsp_connisdead static

warnless: remove unused functions

memdebug: remove one unused function, made another static
2019-02-10 18:38:57 +01:00
Ladar Levison 53400f5a41 runtests.pl: Fix perl call to include srcdir
- Use explicit include opt for perl calls.

Prior to this change some scripts couldn't find their dependencies.

At the top, perl is called using with the "-Isrcdir" option, and it
works:

https://github.com/curl/curl/blob/curl-7_63_0/tests/runtests.pl#L183

But on line 3868, that option is omitted. This caused problems for me,
as the symbol-scan.pl script in particular couldn't find its
dependencies properly:

https://github.com/curl/curl/blob/curl-7_63_0/tests/runtests.pl#L3868

This patch fixes that oversight by making calls to perl sub-shells
uniform.

Closes https://github.com/curl/curl/pull/3496
2019-02-04 13:02:29 -05:00
Daniel Stenberg 1b8fe0a8ae
unit1653: make it survive torture tests 2019-01-28 08:44:15 +01:00
Daniel Stenberg ea77fec16f
tests: move objnames-* from lib into tests
Since they're used purely for testing purposes, I think they should
rather be stored there.

Closes #3470
2019-01-15 08:09:34 +01:00
Daniel Stenberg ba243235ec
urldata: rename easy_conn to just conn
We use "conn" everywhere to be a pointer to the connection.

Introduces two functions that "attaches" and "detaches" the connection
to and from the transfer.

Going forward, we should favour using "data->conn" (since a transfer
always only has a single connection or none at all) to "conn->data"
(since a connection can have none, one or many transfers associated with
it and updating conn->data to be correct is error prone and a frequent
reason for internal issues).

Closes #3442
2019-01-11 15:35:13 +01:00
Daniel Stenberg f6bb05ccbd
test1558: verify CURLINFO_PROTOCOL on file:// transfer
Attempt to reproduce issue #3444.

Closes #3447
2019-01-10 11:22:48 +01:00
Daniel Stenberg 98e6629154
xattr: strip credentials from any URL that is stored
Both user and password are cleared uncondtitionally.

Added unit test 1621 to verify.

Fixes #3423
Closes #3433
2019-01-10 10:49:51 +01:00
Daniel Stenberg afeb8d9902
cookies: allow secure override when done over HTTPS
Added test 1562 to verify.

Reported-by: Jeroen Ooms
Fixes #3445
Closes #3450
2019-01-10 10:31:06 +01:00
Daniel Stenberg 5f5b5afcb7
test1561: improve test name
[skip ci]
2019-01-09 15:34:36 +01:00
Katsuhiko YOSHIDA 1f30dc886d
cookies: skip custom cookies when redirecting cross-site
Closes #3417
2019-01-09 15:18:08 +01:00
Bernhard M. Wiedemann 114a02c75b
tests: allow tests to pass by 2037-02-12
similar to commit f508d29f39

Closes #3443
2019-01-08 10:36:49 +01:00
Brad Spencer 84a30d0a41
curl_multi_remove_handle() don't block terminating c-ares requests
Added Curl_resolver_kill() for all three resolver modes, which only
blocks when necessary, along with test 1592 to confirm
curl_multi_remove_handle() doesn't block unless it must.

Closes #3428
Fixes #3371
2019-01-07 10:05:20 +01:00
Rikard Falkeborn fa2d6ba84d
printf: fix format specifiers
Closes #3426
2019-01-04 23:50:48 +01:00
Daniel Stenberg c7c362a24c
libtest/stub_gssapi: use "real" snprintf
... since it doesn't link with libcurl.

Reverts the commit dcd6f81025 changes from this file.

Bug: https://curl.haxx.se/mail/lib-2019-01/0000.html
Reported-by: Shlomi Fish
Reviewed-by: Daniel Gustafsson
Reviewed-by: Kamil Dudka

Closes #3434
2019-01-03 23:47:23 +01:00
Marcel Raad 46c89348b9 tvnow: silence conversion warnings
MinGW-w64 defaults to targeting Windows 7 now, so GetTickCount64 is
used and the milliseconds are represented as unsigned long long,
leading to a compiler warning when implicitly converting them to long.
2019-01-01 18:04:24 +01:00
Markus Moeller 7bcca93459 ntlm: update selection of type 3 response
NTLM2 did not work i.e. no NTLMv2 response was created. Changing the
check seems to work.

Ref: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-NLMP/[MS-NLMP].pdf

Fixes https://github.com/curl/curl/issues/3286
Closes https://github.com/curl/curl/pull/3287
Closes https://github.com/curl/curl/pull/3415
2019-01-01 11:47:17 +01:00
Daniel Gustafsson a4482b21bd urlapi: fix parsing ipv6 with zone index
The previous fix for parsing IPv6 URLs with a zone index was a paddle
short for URLs without an explicit port. This patch fixes that case
and adds a unit test case.

This bug was highlighted by issue #3408, and while it's not the full
fix for the problem there it is an isolated bug that should be fixed
regardless.

Closes #3411
Reported-by: GitYuanQu on github
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-30 20:11:57 +01:00
Claes Jakobsson d8cae791f4 hostip: support wildcard hosts
This adds support for wildcard hosts in CURLOPT_RESOLVE. These are
try-last so any non-wildcard entry is resolved first. If specified,
any host not matched by another CURLOPT_RESOLVE config will use this
as fallback.

Example send a.com to 10.0.0.1 and everything else to 10.0.0.2:
  curl --resolve *:443:10.0.0.2 --resolve a.com:443:10.0.0.1 \
       https://a.com https://b.com

This is probably quite similar to using:
  --connect-to a.com:443:10.0.0.1:443 --connect-to :443:10.0.0.2:443

Closes #3406
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-27 14:23:53 +01:00
Daniel Stenberg 006ff62d8c
http: added options for allowing HTTP/0.9 responses
Added CURLOPT_HTTP09_ALLOWED and --http0.9 for this purpose.

For now, both the tool and library allow HTTP/0.9 by default.
docs/DEPRECATE.md lays out the plan for when to reverse that default: 6
months after the 7.64.0 release. The options are added already now so
that applications/scripts can start using them already now.

Fixes #2873
Closes #3383
2018-12-21 10:49:30 +01:00
Daniel Gustafsson 3773de378d cookies: extend domain checks to non psl builds
Ensure to perform the checks we have to enforce a sane domain in
the cookie request. The check for non-PSL enabled builds is quite
basic but it's better than nothing.

Closes #2964
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-19 20:59:09 +01:00
Daniel Stenberg 04b69c744c
http: minor whitespace cleanup from f464535b 2018-12-14 10:20:06 +01:00
Ayoub Boudhar f464535bfd
http: Implement trailing headers for chunked transfers
This adds the CURLOPT_TRAILERDATA and CURLOPT_TRAILERFUNCTION
options that allow a callback based approach to sending trailing headers
with chunked transfers.

The test server (sws) was updated to take into account the detection of the
end of transfer in the case of trailing headers presence.

Test 1591 checks that trailing headers can be sent using libcurl.

Closes #3350
2018-12-14 10:10:48 +01:00
Leonardo Taccari 3997510eed
test1201: Add a trailing `?' to the selector
This verify that the `?' in the selector is kept as is.

Verifies the fix in #3370
2018-12-13 10:24:01 +01:00
Daniel Gustafsson 7a09b52c98 cookies: leave secure cookies alone
Only allow secure origins to be able to write cookies with the
'secure' flag set. This reduces the risk of non-secure origins
to influence the state of secure origins. This implements IETF
Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates
RFC6265.

Closes #2956
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-13 09:57:58 +01:00
Daniel Gustafsson d8607da1a6 urlapi: Fix port parsing of eol colon
A URL with a single colon without a portnumber should use the default
port, discarding the colon. Fix, add a testcase and also do little bit
of comment wordsmithing.

Closes #3365
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-12 11:48:04 +01:00
Daniel Stenberg 1945460d48
test1519: use lib1518 and test CURLINFO_REDIRECT_URL more 2018-12-12 07:58:54 +01:00
Daniel Stenberg 435402cfe3
Curl_follow: extract the Location: header field unvalidated
... when not actually following the redirect. Otherwise we return error
for this and an application can't extract the value.

Test 1518 added to verify.

Reported-by: Pavel Pavlov
Fixes #3340
Closes #3364
2018-12-12 07:58:47 +01:00
Daniel Gustafsson e1be2ecba4 tests: add urlapi unittest
This adds a new unittest intended to cover the internal functions in
the urlapi code, starting with parse_port(). In order to avoid name
collisions in debug builds, parse_port() is renamed Curl_parse_port()
since it will be exported.

Reviewed-by: Daniel Stenberg <daniel@haxx.se>
Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-12-11 15:02:24 +01:00
Jay Satiro 552f0205e6
http: fix HTTP auth to include query in URI
- Include query in the path passed to generate HTTP auth.

Recent changes to use the URL API internally (46e1640, 7.62.0)
inadvertently broke authentication URIs by omitting the query.

Fixes https://github.com/curl/curl/issues/3353
Closes #3356
2018-12-11 13:28:20 +01:00