aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2014-09-10cookies: reject incoming cookies set for TLDsDaniel Stenberg
Test 61 was modified to verify this. CVE-2014-3620 Reported-by: Tim Ruehsen URL: http://curl.haxx.se/docs/adv_20140910B.html
2014-09-10cookies: only use full host matches for hosts used as IP addressTim Ruehsen
By not detecting and rejecting domain names for partial literal IP addresses properly when parsing received HTTP cookies, libcurl can be fooled to both send cookies to wrong sites and to allow arbitrary sites to set cookies for others. CVE-2014-3613 Bug: http://curl.haxx.se/docs/adv_20140910A.html
2014-09-07Ensure progress.size_dl/progress.size_ul are always >= 0Brandon Casey
Historically the default "unknown" value for progress.size_dl and progress.size_ul has been zero, since these values are initialized implicitly by the calloc that allocates the curl handle that these variables are a part of. Users of curl that install progress callbacks may expect these values to always be >= 0. Currently it is possible for progress.size_dl and progress.size_ul to by set to a value of -1, if Curl_pgrsSetDownloadSize() or Curl_pgrsSetUploadSize() are passed a "size" of -1 (which a few places currently do, and a following patch will add more). So lets update Curl_pgrsSetDownloadSize() and Curl_pgrsSetUploadSize() so they make sure that these variables always contain a value that is >= 0. Updates test579 and test599. Signed-off-by: Brandon Casey <drafnel@gmail.com>
2014-09-07tests: Added test1420 to the makefileSteve Holme
2014-09-07test1420: Removed unnecessary CURLOPT settingSteve Holme
2014-09-07tests: Added more "Clear Text" authentication keywordsSteve Holme
2014-09-07tests: Updated "based on" text due to email test renumberingSteve Holme
2014-09-07tests: For consistency added --libcurl to test nameSteve Holme
2014-09-07tests: Added --libcurl for IMAP test caseSteve Holme
2014-08-15http: fix the Content-Range: parserDaniel Stenberg
... to handle "*/[total]". Also, removed the strange hack that made CURLOPT_FAILONERROR on a 416 response after a *RESUME_FROM return CURLE_OK. Reported-by: Dimitrios Siganos Bug: http://curl.haxx.se/mail/lib-2014-06/0221.html
2014-08-07runtests.pl: Pad test case numbers with up to three zeroesFabian Keil
Test case numbers with four digits have been available for a while now.
2014-07-26tests: Fix a couple of incomplete response linesFabian Keil
2014-07-26runtests.pl: Remove filteroff() which hasn't been used since 2001Fabian Keil
2014-07-26runtests.pl: Don't expect $TESTDIR/DISABLED to existFabian Keil
If a non-standard $TESTDIR is used the file may not be necessary. Previously a "missing" file resulted in the warning: readline() on closed filehandle D at ./runtests.pl line 4940.
2014-07-26getpart.pm: Fix a comment typoFabian Keil
2014-07-25Curl_base64url_encode: unit-tested in 1302Daniel Stenberg
2014-07-24test1013.pl: GSS-Negotiate doesn't exist as a feature anymoreDaniel Stenberg
2014-07-24libtest: fixed duplicated line in MakefileSergey Nikulov
Bug: https://github.com/bagder/curl/pull/105
2014-07-23test1013.pl: remove SPNEGO/GSS-API tweaksDaniel Stenberg
No longer necessary after Michael Osipov's rework
2014-07-17testcurl.pl: log the value of --runtestopts in the test headerDan Fandrich
2014-07-16test506: verify aa6884845168Daniel Stenberg
After the fixed cookie lock deadlock, this test now passes and it detects double-locking and double-unlocking of mutexes.
2014-07-15test320: strip off the actual negotiated cipher widthDan Fandrich
It's irrelevant to the test, and will change depending on which SSL library is being used by libcurl.
2014-07-12tests: added globbing keyword to URL globbing testsDan Fandrich
2014-07-12Fixed some "statement not reached" warningsDan Fandrich
2014-07-12gnutls: explicitly added SRP to the priority stringDan Fandrich
This seems to have become necessary for SRP support to work starting with GnuTLS ver. 2.99.0. Since support for SRP was added to GnuTLS before the function that takes this priority string, there should be no issue with backward compatibility.
2014-07-11tests: adjust for capitalization differences in newer gnutls-servDan Fandrich
2014-07-11test320/1/2/4: fix the port number substitution variablesDan Fandrich
These tests have been broken since commit 1958fe57 in Oct. 2011
2014-07-11tests: document more test identifiers and variablesDan Fandrich
2014-06-18tests: Use CURLOPT_READDATA instead of the obsolete CURLOPT_INFILEDan Fandrich
2014-06-15sasl: Added back qop argument mistakenly removed in e95ca7ceDan Fandrich
This caused segfaults on tests 823 869 907.
2014-06-15test1398: Added test to Makefile.amDan Fandrich
2014-06-11NTLM: set a fake entropy for debug builds with CURL_ENTROPY setDaniel Stenberg
Curl_rand() will return a dummy and repatable random value for this case. Makes it possible to write test cases that verify output. Also, fake timestamp with CURL_FORCETIME set. Only when built debug enabled of course. Curl_ssl_random() was not used anymore so it has been removed. Curl_rand() is enough. create_digest_md5_message: generate base64 instead of hex string curl_sasl: also fix memory leaks in some OOM situations
2014-06-11tests: Disabled NTLM tests for non-debug buildsSteve Holme
Added required "debug" feature, missed in commit 1c9aaa0bac, as NTLMv2 calls Curl_rand() which can only be fixed to a specific entropy in debug builds.
2014-06-11Curl_rand: Use a fake entropy for debug builds when CURL_ENTROPY setSteve Holme
2014-06-01tests: Fixed up DIGEST-MD5 tests following commit eefeb73af4Steve Holme
2014-05-29tests: Fix portability issue with the tftpd server and timeoutsDan Fandrich
gcc spit out warning: variable 'x' might be clobbered by 'longjmp' or 'vfork' messages for a few variables. These automatic variables were expected to be changed between a setjmp/longjmp and hold their values, so are now marked volatile.
2014-05-18test1014: GSS-API is only in curl-config. not in curlDaniel Stenberg
Follow-up to commit 121bcfee5d1. curl-config --features now lists GSS-API but it is not a listed feature in curl -V. This should probably be synchronized.
2014-05-18test1134: verify CREDSPERREQUEST for HTTPDaniel Stenberg
Verifies that the change in 68f0166a92 works as intended and that different HTTP auth credentials to the same host still re-uses the connection properly.
2014-05-15timers: fix timer regression involving redirects / reconnectsDaniel Stenberg
In commit 0b3750b5c23c25f (released in 7.36.0) we fixed a timeout issue but instead broke the timings. To fix this, I introduce a new timestamp to use for the timeouts and restored the previous timestamp and timestamp position so that the old timer functionality is restored. In addition to that, that change also broke connection timeouts for when more than one connect was used (as it would then count the total time from the first connect and not for the most recent one). Now Curl_timeleft() has been modified so that it checks against different start times depending on which timeout it checks. Test 1303 is updated accordingly. Bug: http://curl.haxx.se/mail/lib-2014-05/0147.html Reported-by: Ryan Braud
2014-05-11tests: Fixed up DIGEST-MD5 tests following commit 8342b6e1dcSteve Holme
2014-05-09lib1506: make sure the transfers are not within the same msDaniel Stenberg
Just to make sure the test is properly repeatable. Bug: http://curl.haxx.se/mail/lib-2014-05/0081.html Reported-by: Henrik
2014-05-09libtests: add a wait_ms() functionDaniel Stenberg
This allows a libcurl test to portably sleep for a given number of milliseconds.
2014-05-09test87: Get rid of extraneous square brackets in tagDan Fandrich
2014-05-05tests: Use standard libtest return codes when relevantDan Fandrich
2014-05-05test1513: Don't return an uninitialized variable on init failureDan Fandrich
2014-05-04mprintf: allow %.s with data not being zero terminatedDaniel Stenberg
If the precision is indeed shorter than the string, don't strlen() to find the end because that's not how the precision operator works. I also added a unit test for curl_msnprintf to make sure this works and that the fix doesn't a few other basic use cases. I found a POSIX compliance problem that I marked TODO in the unit test, and I figure we need to add more tests in the future. Reported-by: Török Edwin
2014-05-01test585: Fixed NULL pointer dereference in fopenDan Fandrich
2014-04-28copyright: Updated following recent editsSteve Holme
2014-04-29runtests.pl: Improved the check for a crash during torture testsDan Fandrich
2014-04-29Added a few more const where possibleDan Fandrich