aboutsummaryrefslogtreecommitdiff
path: root/tests/data
AgeCommit message (Collapse)Author
2017-10-28auth: Added test cases for RFC7616Florin
Updated docs to include support for RFC7616 Signed-off-by: Florin <petriuc.florin@gmail.com> Closes #1934
2017-10-26curl_fnmatch: return error on illegal wildcard patternDaniel Stenberg
... instead of doing an infinite loop! Added test 1162 to verify. Reported-by: Max Dymond Fixes #2015 Closes #2017
2017-10-20ftp: reject illegal IP/port in PASV 227 responseDaniel Stenberg
... by using range checks. Among other things, this avoids an undefined behavior for a left shift that could happen on negative or very large values. Closes #1997 Detected by OSS-fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3694
2017-10-20test653: check reuse of easy handle after mime data changePatrick Monnerat
See issue #1999
2017-10-19test308: disable if MultiSSL feature enabledPatrick Monnerat
Even if OpenSSL is enabled, it might not be the default backend when multi-ssl is enabled, causing the test to fail.
2017-10-19test652: curl_mime_data + base64 encoder with large contentsPatrick Monnerat
2017-10-19mime: limit bas64-encoded lines length to 76 charactersPatrick Monnerat
2017-10-13test651: curl_formadd with huge COPYCONTENTSDaniel Stenberg
2017-10-12mime: keep "text/plain" content type if user-specified.Patrick Monnerat
Include test cases in 554, 587, 650. Fixes https://github.com/curl/curl/issues/1986
2017-10-12cli tool: reimplement stdin buffering in -F option.Patrick Monnerat
If stdin is not a regular file, its content is memory-buffered to enable a possible data "rewind". In all cases, stdin data size is determined before real use to avoid having an unknown part's size. --libcurl generated code is left as an unbuffered stdin fread/fseek callback part with unknown data size. Buffering is not supported in deprecated curl_formadd() API.
2017-10-10test950; verify SMTP with custom requestDaniel Stenberg
2017-10-10FTP: URL decode path for dir listing in nocwd modeDaniel Stenberg
Reported-by: Zenju on github Test 244 added to verify Fixes #1974 Closes #1976
2017-10-09test298: verify --ftp-method nowcwd with URL encoded pathDaniel Stenberg
Ref: #1974
2017-10-09curl: don't pass semicolons when parsing Content-DispositionKristiyan Tsaklev
Test 1422 updated to verify. Closes #1964
2017-10-09RTSP: avoid integer overflow on funny RTSP responseDaniel Stenberg
... like a very large non-existing RTSP version number. Added test 577 to verify. Detected by OSS-fuzz. Closes #1969
2017-10-08Revert "multi_done: wait for name resolve to finish if still ongoing"Daniel Stenberg
This reverts commit f3e03f6c0ac52a1bf396e03f7d7e9b5b3b7165fe. Caused memory leaks in the fuzzer, needs to be done differently. Disable test 1553 for now too, as it causes memory leaks without this commit!
2017-10-07pingpong: return error when trying to send without connectionDaniel Stenberg
When imap_done() got called before a connection is setup, it would try to "finish up" and dereffed a NULL pointer. Test case 1553 managed to reproduce. I had to actually use a host name to try to resolve to slow it down, as using the normal local server IP will make libcurl get a connection in the first curl_multi_perform() loop and then the bug doesn't trigger. Fixes #1953 Assisted-by: Max Dymond
2017-10-06tests: added flaky keyword to tests 587 and 644Dan Fandrich
These are around 5% flaky in my Linux x86 autobuilds.
2017-10-06multi_cleanup: call DONE on handles that never got thatDaniel Stenberg
... fixes a memory leak with at least IMAP when remove_handle is never called and the transfer is abruptly just abandoned early. Test 1552 added to verify Detected by OSS-fuzz Assisted-by: Max Dymond Closes #1954
2017-10-02test1153: verify quoted double-qoutes in PWD responseDaniel Stenberg
2017-10-02FTP: zero terminate the entry path even on bad inputDaniel Stenberg
... a single double quote could leave the entry path buffer without a zero terminating byte. CVE-2017-1000254 Test 1152 added to verify. Reported-by: Max Dymond Bug: https://curl.haxx.se/docs/adv_20171004.html
2017-09-30cookie: fix memory leak if path was set twice in headerDaniel Stenberg
... this will let the second occurance override the first. Added test 1161 to verify. Reported-by: Max Dymond Fixes #1932 Closes #1933
2017-09-30test650: Use variable replacement to set the host address and portDan Fandrich
Otherwise, the test fails when the -b test option is used to set a different test port range.
2017-09-30Set and use more necessary options when some protocols are disabledDan Fandrich
When curl and libcurl are built with some protocols disabled, they stop setting and receiving some options that don't make sense with those protocols. In particular, when HTTP is disabled many options aren't set that are used only by HTTP. However, some options that appear to be HTTP-only are actually used by other protocols as well (some despite having HTTP in the name) and should be set, but weren't. This change now causes some of these options to be set and used for more (or for all) protocols. In particular, this fixes tests 646 through 649 in an HTTP-disabled build, which use the MIME API in the mail protocols.
2017-09-29test1160: verifies cookie leak for large cookiesDaniel Stenberg
The fix done in 20ea22ff735
2017-09-28http: add custom empty headers to repeated requestsMichael Kaufmann
Closes #1920
2017-09-22imap: quote atoms properly when escaping charactersDaniel Stenberg
Updates test 800 to verify Fixes #1902 Closes #1903
2017-09-22tests: make the imap server not verify user+passwordDaniel Stenberg
... as the test cases themselves do that and it makes it easier to add crazy test cases. Test 800 updated to use user name + password that need quoting. Test 856 updated to trigger an auth fail differently. Ref: #1902
2017-09-22form/mime: field names are not allowed to contain zero-valued bytes.Patrick Monnerat
Also suppress length argument of curl_mime_name() (names are always zero-terminated).
2017-09-19cookies: use lock when using CURLINFO_COOKIELISTPavel P
Closes #1896
2017-09-18cookies: reject oversized cookiesDaniel Stenberg
... instead of truncating them. There's no fixed limit for acceptable cookie names in RFC 6265, but the entire cookie is said to be less than 4096 bytes (section 6.1). This is also what browsers seem to implement. We now allow max 5000 bytes cookie header. Max 4095 bytes length per cookie name and value. Name + value together may not exceed 4096 bytes. Added test 1151 to verify Bug: https://curl.haxx.se/mail/lib-2017-09/0062.html Reported-by: Kevin Smith Closes #1894
2017-09-15tests: add initial gssapi test using stub implementationIsaac Boukris
The stub implementation is pre-loaded using LD_PRELOAD and emulates common gssapi uses (only builds if curl is initially built with gssapi support). The initial tests are currently disabled for debug builds as LD_PRELOAD is not used then. Ref: https://github.com/curl/curl/pull/1687
2017-09-15test1150: verify same host fetch using different ports over proxyDaniel Stenberg
Closes #1889
2017-09-07form API: add new test 650.Patrick Monnerat
Now that the form API is deprecated and not used anymore in curl tool, a lot of its features left untested. Test 650 attempts to check all these features not tested elsewhere.
2017-09-05mime: implement encoders.Patrick Monnerat
curl_mime_encoder() is operational and documented. curl tool -F option is extended with ";encoder=". curl tool --libcurl option generates calls to curl_mime_encoder(). New encoder tests 648 & 649. Test 1404 extended with an encoder specification.
2017-09-05fixup data/test1135Daniel Stenberg
2017-09-05http-proxy: treat all 2xx as CONNECT successDaniel Stenberg
Added test 1904 to verify. Reported-by: Lawrence Wagerfield Fixes #1859 Closes #1860
2017-09-04test1135: fixed after bd8070085f9Daniel Stenberg
2017-09-04lib: bump version info (soname). Adapt and reenable test 1135.Patrick Monnerat
2017-09-03mime: fix signed/unsigned conversions.Patrick Monnerat
Use and generate CURL_ZERO_TERMINATED in curl tool and tests.
2017-09-03mime: remove support "-" stdin pseudo-file name in curl_mime_filedata().Patrick Monnerat
This feature is badly supported in Windows: as a replacement, a caller has to use curl_mime_data_cb() with fread, fseek and possibly fclose callbacks to process opened files. The cli tool and documentation are updated accordingly. The feature is however kept internally for form API compatibility, with the known caveats it always had. As a side effect, stdin size is not determined by the cli tool even if possible and this results in a chunked transfer encoding. Test 173 is updated accordingly.
2017-09-02mime: tests and examples.Patrick Monnerat
Additional mime-specific tests. Existing tests updated to reflect small differences (Expect: 100-continue, data size change due to empty lines, etc). Option -F headers= keyword added to tests. test1135 disabled until the entry point order change is resolved. New example smtp-mime. Examples postit2 and multi-post converted from form API to mime API.
2017-09-02test564: Add a warning comment about shell profile output.Patrick Monnerat
Shell profile output makes the SSH server failing and this problem reason is not easy to find when no hint is given.
2017-08-28vtls: introduce curl_global_sslset()Johannes Schindelin
Let's add a compile time safe API to select an SSL backend. This function needs to be called *before* curl_global_init(), and can be called only once. Side note: we do not explicitly test that it is called before curl_global_init(), but we do verify that it is not called multiple times (even implicitly). If SSL is used before the function was called, it will use whatever the CURL_SSL_BACKEND environment variable says (or default to the first available SSL backend), and if a subsequent call to curl_global_sslset() disagrees with the previous choice, it will fail with CURLSSLSET_TOO_LATE. The function also accepts an "avail" parameter to point to a (read-only) NULL-terminated list of available backends. This comes in real handy if an application wants to let the user choose between whatever SSL backends the currently available libcurl has to offer: simply call curl_global_sslset(-1, NULL, &avail); which will return CURLSSLSET_UNKNOWN_BACKEND and populate the avail variable to point to the relevant information to present to the user. Just like with the HTTP/2 push functions, we have to add the function declaration of curl_global_sslset() function to the header file *multi.h* because VMS and OS/400 require a stable order of functions declared in include/curl/*.h (where the header files are sorted alphabetically). This looks a bit funny, but it cannot be helped. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-23imap: support PREAUTHDaniel Stenberg
It is a defined possible greeting at server startup that means the connection is already authenticated. See https://tools.ietf.org/html/rfc3501#section-7.1.4 Test 846 added to verify. Fixes #1818 Closes #1820
2017-08-23test1453: Fixed <features>Dan Fandrich
2017-08-19tftp: fix memory leak on too long filenameEven Rouault
Fixes $ valgrind --leak-check=full ~/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz ==9752== Memcheck, a memory error detector ==9752== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==9752== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==9752== Command: /home/even/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz ==9752== curl: (71) TFTP file name too long ==9752== ==9752== HEAP SUMMARY: ==9752== 505 bytes in 1 blocks are definitely lost in loss record 11 of 11 ==9752== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==9752== by 0x4E61CED: Curl_urldecode (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E75868: tftp_state_machine (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E761B6: tftp_do (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E711B6: multi_runsingle (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E71D00: curl_multi_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E6950D: curl_easy_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x40E0B7: operate_do (in /home/even/install-curl-git/bin/curl) ==9752== by 0x40E849: operate (in /home/even/install-curl-git/bin/curl) ==9752== by 0x402693: main (in /home/even/install-curl-git/bin/curl) Fixes https://oss-fuzz.com/v2/testcase-detail/5232311106797568 Credit to OSS Fuzz Closes #1808
2017-08-17ftp: fix CWD when doing multicwd then nocwd on same connectionDaniel Stenberg
Fixes #1782 Closes #1787 Reported-by: Peter Lamare
2017-08-17ssh: add the ability to enable compression (for SCP/SFTP)Viktor Szakats
The required low-level logic was already available as part of `libssh2` (via `LIBSSH2_FLAG_COMPRESS` `libssh2_session_flag()`[1] option.) This patch adds the new `libcurl` option `CURLOPT_SSH_COMPRESSION` (boolean) and the new `curl` command-line option `--compressed-ssh` to request this `libssh2` feature. To have compression enabled, it is required that the SSH server supports a (zlib) compatible compression method and that `libssh2` was built with `zlib` support enabled. [1] https://www.libssh2.org/libssh2_session_flag.html Ref: https://github.com/curl/curl/issues/1732 Closes https://github.com/curl/curl/pull/1735
2017-08-14test1449: FTP download range with an too large sizeDaniel Stenberg