aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2019-10-03urlapi: fix use-after-free bugDaniel Stenberg
Follow-up from 2c20109a9b5d04 Added test 663 to verify. Reported by OSS-Fuzz Bug: https://crbug.com/oss-fuzz/17954 Closes #4453
2019-10-02redirect: when following redirects to an absolute URL, URL encode itDaniel Stenberg
... to make it handle for example (RFC violating) embeded spaces. Reported-by: momala454 on github Fixes #4445 Closes #4447
2019-10-02curl: create easy handles on-demand and not ahead of timeDaniel Stenberg
This should again enable crazy-large download ranges of the style [1-10000000] that otherwise easily ran out of memory starting in 7.66.0 when this new handle allocating scheme was introduced. Reported-by: Peter Sumatra Fixes #4393 Closes #4438
2019-09-30git: add tests/server/disabled to .gitignoreEmil Engler
Closes #4441
2019-09-30altsvc: accept quoted ma and persist valuesDaniel Stenberg
As mandated by the spec. Test 1654 is extended to verify. Closes #4443
2019-09-28cookies: using a share with cookies shouldn't enable the cookie engineDaniel Stenberg
The 'share object' only sets the storage area for cookies. The "cookie engine" still needs to be enabled or activated using the normal cookie options. This caused the curl command line tool to accidentally use cookies without having been told to, since curl switched to using shared cookies in 7.66.0. Test 1166 verifies Updated test 506 Fixes #4429 Closes #4434
2019-09-27FTP: add test for FTPFILE_NOCWD: Avoid redundant CWDsZenju
Add libtest 661 Closes #4417
2019-09-27FTP: url-decode path before evaluationZenju
Closes #4428
2019-09-27tests: fix narrowing conversion warningsMarcel Raad
`timediff_t` is 64 bits wide also on 32-bit systems since commit b1616dad8f0. Closes https://github.com/curl/curl/pull/4415
2019-09-26Revert "FTP: url-decode path before evaluation"Daniel Stenberg
This reverts commit 2f036a72d543e96128bd75cb0fedd88815fd42e2.
2019-09-26FTP: url-decode path before evaluationZenju
Closes #4423
2019-09-24urlapi: question mark within fragment is still fragmentDaniel Stenberg
The parser would check for a query part before fragment, which caused it to do wrong when the fragment contains a question mark. Extended test 1560 to verify. Reported-by: Alex Konev Fixes #4412 Closes #4413
2019-09-19urlapi: CURLU_NO_AUTHORITY allows empty authority/host partJens Finkhaeuser
CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not "file:///") to override cURL's default demand that an authority exists. Closes #4349
2019-09-18FTP: remove trailing slash from path for LIST/MLSDZenju
Closes #4348
2019-09-16unit1655: make it C90 compliantDaniel Stenberg
Unclear why this was not detected in the CI. Follow-up to b7666027296a
2019-09-15doh: fix (harmless) buffer overrunPaul Dreik
Added unit test case 1655 to verify. Close #4352 the code correctly finds the flaws in the old code, if one temporarily restores doh.c to the old version.
2019-09-13FTP: allow "rubbish" prepended to the SIZE responseDaniel Stenberg
This is a protocol violation but apparently there are legacy proprietary servers doing this. Added test 336 and 337 to verify. Reported-by: Philippe Marguinaud Closes #4339
2019-09-13FTP: skip CWD to entry dir when target is absoluteZenju
Closes #4332
2019-09-10urlapi: verify the IPv6 numerical addressDaniel Stenberg
It needs to parse correctly. Otherwise it could be tricked into letting through a-f using host names that libcurl would then resolve. Like '[ab.be]'. Reported-by: Thomas Vegas Closes #4315
2019-08-31Curl_addr2string: take an addrlen argument tooDaniel Stenberg
This allows the function to figure out if a unix domain socket has a file name or not associated with it! When a socket is created with socketpair(), as done in the fuzzer testing, the path struct member is uninitialized and must not be accessed. Bug: https://crbug.com/oss-fuzz/16699 Closes #4283
2019-08-23defines: avoid underscore-prefixed definesDaniel Stenberg
Double-underscored or underscore plus uppercase letter at least. ... as they're claimed to be reserved. Reported-by: patnyb on github Fixes #4254 Closes #4255
2019-08-16http: fix use of credentials from URL when using HTTP proxyDaniel Stenberg
When a username and password are provided in the URL, they were wrongly removed from the stored URL so that subsequent uses of the same URL wouldn't find the crendentials. This made doing HTTP auth with multiple connections (like Digest) mishave. Regression from 46e164069d1a5230 (7.62.0) Test case 335 added to verify. Reported-by: Mike Crowe Fixes #4228 Closes #4229
2019-08-15tests: Replace outdated test case numbering documentationMike Crowe
Tests are no longer grouped by numeric range[1]. Let's stop saying that and provide some alternative advice for numbering tests. [1] https://curl.haxx.se/mail/lib-2019-08/0043.html Closes #4227
2019-08-14vauth: Use CURLE_AUTH_ERROR for auth function errorsJay Satiro
- Add new error code CURLE_AUTH_ERROR. Prior to this change auth function errors were signaled by CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was technically correct. Ref: https://github.com/curl/curl/pull/3848 Co-authored-by: Dominik Hölzl Closes https://github.com/curl/curl/pull/3864
2019-08-09http3: make connection reuse workDaniel Stenberg
Closes #4204
2019-08-08cleanup: s/curl_debug/curl_dbg_debug in comments and docsDaniel Stenberg
Leftovers from the function rename back in 76b63489495 Reported-by: Gisle Vanem Bug: https://github.com/curl/curl/commit/f3e0f071b14fcb46a453f69bdf4e062bcaacf362#com mitcomment-34601751 Closes #4203
2019-08-08alt-svc: add protocol version selection maskingDaniel Stenberg
So that users can mask in/out specific HTTP versions when Alt-Svc is used. - Removed "h2c" and updated test case accordingly - Changed how the altsvc struct is laid out - Added ifdefs to make the unittest run even in a quiche-tree Closes #4201
2019-08-07CURLINFO_RETRY_AFTER: parse the Retry-After header valueDaniel Stenberg
This is only the libcurl part that provides the information. There's no user of the parsed value. This change includes three new tests for the parser. Ref: #3794
2019-08-06tests: Fix the line endings for the SASL alt-auth testsJay Satiro
- Change data and protocol sections to CRLF line endings. Prior to this change the tests would fail or hang, which is because certain sections such as protocol require CRLF line endings. Follow-up to grandparent commit which added the tests. Ref: https://github.com/curl/curl/issues/3653 Ref: https://github.com/curl/curl/pull/3790 NOTE: This commit was cherry-picked and is part of a series of commits that added the authzid feature for upcoming 7.66.0. The series was temporarily reverted in db8ec1f so that it would not ship in a 7.65.x patch release. Closes https://github.com/curl/curl/pull/4186
2019-08-06curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the toolSteve Holme
Ref: https://github.com/curl/curl/issues/3653 Ref: https://github.com/curl/curl/pull/3790 NOTE: This commit was cherry-picked and is part of a series of commits that added the authzid feature for upcoming 7.66.0. The series was temporarily reverted in db8ec1f so that it would not ship in a 7.65.x patch release. Closes https://github.com/curl/curl/pull/4186
2019-08-06curl_multi_poll: a sister to curl_multi_wait() that waits moreDaniel Stenberg
Repeatedly we see problems where using curl_multi_wait() is difficult or just awkward because if it has no file descriptor to wait for internally, it returns immediately and leaves it to the caller to wait for a small amount of time in order to avoid occasional busy-looping. This is often missed or misunderstood, leading to underperforming applications. This change introduces curl_multi_poll() as a replacement drop-in function that accepts the exact same set of arguments. This function works identically to curl_multi_wait() - EXCEPT - for the case when there's nothing to wait for internally, as then this function will by itself wait for a "suitable" short time before it returns. This effectiely avoids all risks of busy-looping and should also make it less likely that apps "over-wait". This also changes the curl tool to use this funtion internally when doing parallel transfers and changes curl_easy_perform() to use it internally. Closes #4163
2019-08-06http09: disable HTTP/0.9 by default in both tool and libraryDaniel Stenberg
As the plan has been laid out in DEPRECATED. Update docs accordingly and verify in test 1174. Now requires the option to be set to allow HTTP/0.9 responses. Closes #4191
2019-08-03alt-svc: more liberal ALPN name parsingDaniel Stenberg
Allow pretty much anything to be part of the ALPN identifier. In particular minus, which is used for "h3-20" (in-progress HTTP/3 versions) etc. Updated test 356. Closes #4182
2019-08-01http_negotiate: improve handling of gss_init_sec_context() failuresKamil Dudka
If HTTPAUTH_GSSNEGOTIATE was used for a POST request and gss_init_sec_context() failed, the POST request was sent with empty body. This commit also restores the original behavior of `curl --fail --negotiate`, which was changed by commit 6c6035532383e300c712e4c1cd9fdd749ed5cf59. Add regression tests 2077 and 2078 to cover this. Fixes #3992 Closes #4171
2019-07-30curl: cap the maximum allowed values for retry time argumentsDaniel Stenberg
... to avoid integer overflows later when multiplying with 1000 to convert seconds to milliseconds. Added test 1269 to verify. Reported-by: Jason Lee Closes #4166
2019-07-29HTTP: use chunked Transfer-Encoding for HTTP_POST if size unknownBalazs Kovacsics
If using the read callback for HTTP_POST, and POSTFIELDSIZE is not set, automatically add a Transfer-Encoding: chunked header, same as it is already done for HTTP_PUT, HTTP_POST_FORM and HTTP_POST_MIME. Update test 1514 according to the new behaviour. Closes #4138
2019-07-20curl: support parallel transfersDaniel Stenberg
This is done by making sure each individual transfer is first added to a linked list as then they can be performed serially, or at will, in parallel. Closes #3804
2019-07-16test1173: make it also check all libcurl option man pagesDaniel Stenberg
... and adjust those that cause errors Closes #4116
2019-07-15dist: add manpage-syntax.plDaniel Stenberg
follow-up to 7fb66c403
2019-07-15test1173: detect some basic man page format mistakesDaniel Stenberg
Triggered by PR #4111 Closes #4113
2019-07-14libcurl: Add testcase for gopher redirectsLinos Giannopoulos
The testcase ensures that redirects to CURLPROTO_GOPHER won't be allowed, by default, in the future. Also, curl is being used for convenience while keeping the testcases DRY. The expected error code is CURLE_UNSUPPORTED_PROTOCOL when the client is redirected to CURLPROTO_GOPHER Signed-off-by: Linos Giannopoulos <lgian@skroutz.gr>
2019-07-14http: allow overriding timecond with custom headerPeter Simonyi
With CURLOPT_TIMECONDITION set, a header is automatically added (e.g. If-Modified-Since). Allow this to be replaced or suppressed with CURLOPT_HTTPHEADER. Fixes #4103 Closes #4109
2019-06-25test1521: adapt to SLISTPOINTDaniel Stenberg
The header now has the slist-using options marked as SLISTPOINT so this makes sure test 1521 understands that. Follow-up to ae99b4de1c443ae989 Closes #4074
2019-06-25tests: update fixed IP for hostip/clientip splitStephan Szabo
These tests give differences for me on linux when using a hostip pointing to the external ip address for the local machine. Closes #4070
2019-06-24test153: fix content-length to avoid occasional hangDaniel Stenberg
Closes #4065
2019-06-21tests: add disable-scan.pl to distDaniel Stenberg
follow-up from 29177f422a5 Closes #4059
2019-06-20tests: support non-localhost HOSTIP for dict/smb serversStephan Szabo
smbserver.py/dictserver.py were explicitly using localhost/127.0.0.1 for binding the server which when we were running the tests with a separate HOSTIP and CLIENTIP had failures verifying the server from the device we were testing. This changes them to take the address from runtests.py and default to localhost/127.0.0.1 if none is given. Closes #4048
2019-06-18test1523: basic test of CURLOPT_LOW_SPEED_LIMITDaniel Stenberg
2019-06-18runtests: keep logfiles around by defaultDaniel Stenberg
Make '-k' a no-op. The singletest function now clears the log directory BEFORE each individual test and not after, which makes it possible to always keep the logfiles around after a test has been run. No need to specify -k anymore. Keeping the option parsing around to work with users of old habits. Some tests also didn't work properly when -k was used (since the old logs would be kep when a new test starts) which this change also fixes. Closes #4035
2019-06-17tests: have runtests figure out disabled featuresDaniel Stenberg
... so that runtests can skip individual test cases that test features that are explicitly disabled in this build. This new logic is intended for disabled features that aren't otherwise easily visible through the curl_version_info() or other API calls. tests/server/disabled is a newly built executable that will output a list of disabled features. Outputs nothing for a default build. Closes #3950