aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2018-12-13test1201: Add a trailing `?' to the selectorLeonardo Taccari
This verify that the `?' in the selector is kept as is. Verifies the fix in #3370
2018-12-13cookies: leave secure cookies aloneDaniel Gustafsson
Only allow secure origins to be able to write cookies with the 'secure' flag set. This reduces the risk of non-secure origins to influence the state of secure origins. This implements IETF Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates RFC6265. Closes #2956 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-12urlapi: Fix port parsing of eol colonDaniel Gustafsson
A URL with a single colon without a portnumber should use the default port, discarding the colon. Fix, add a testcase and also do little bit of comment wordsmithing. Closes #3365 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-12test1519: use lib1518 and test CURLINFO_REDIRECT_URL moreDaniel Stenberg
2018-12-12Curl_follow: extract the Location: header field unvalidatedDaniel Stenberg
... when not actually following the redirect. Otherwise we return error for this and an application can't extract the value. Test 1518 added to verify. Reported-by: Pavel Pavlov Fixes #3340 Closes #3364
2018-12-11tests: add urlapi unittestDaniel Gustafsson
This adds a new unittest intended to cover the internal functions in the urlapi code, starting with parse_port(). In order to avoid name collisions in debug builds, parse_port() is renamed Curl_parse_port() since it will be exported. Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-12-11http: fix HTTP auth to include query in URIJay Satiro
- Include query in the path passed to generate HTTP auth. Recent changes to use the URL API internally (46e1640, 7.62.0) inadvertently broke authentication URIs by omitting the query. Fixes https://github.com/curl/curl/issues/3353 Closes #3356
2018-12-09test329: verify cookie max-age=0 immediate expiryDaniel Stenberg
2018-11-28test328: verify Content-Encoding: noneDaniel Stenberg
Because of issue #3315 Closes #3317
2018-11-23cookies: create the cookiejar even if no cookies to saveDaniel Stenberg
Important for when the file is going to be read again and thus must not contain old contents! Adds test 327 to verify. Reported-by: daboul on github Fixes #3299 Closes #3300
2018-11-23snprintf: renamed and we now only use msnprintf()Daniel Stenberg
The function does not return the same value as snprintf() normally does, so readers may be mislead into thinking the code works differently than it actually does. A different function name makes this easier to detect. Reported-by: Tomas Hoger Assisted-by: Daniel Gustafsson Fixes #3296 Closes #3297
2018-11-22test: update test20/1322 for eglibc bug workaroundTobias Hintze
The tests 20 and 1322 are using getaddrinfo of libc for resolving. In eglibc-2.19 there is a memory leakage and invalid free bug which surfaces in some special circumstances (PF_UNSPEC hint with invalid or non-existent names). The valgrind runs in testing fail in these situations. As the tests 20/1322 are not specific on either protocol (IPv4/IPv6) this commit changes the hints to IPv4 protocol by passing `--ipv4` flag on the tests' command line. This prevents the valgrind failures.
2018-11-19impacket: add LICENSEDaniel Stenberg
The license for the impacket package was not in our tree. Imported now from upstream's https://github.com/SecureAuthCorp/impacket/blob/master/LICENSE Reported-by: infinnovation-dev on github Fixes #3276 Closes #3277
2018-11-15tests: disable SO_EXCLUSIVEADDRUSE for stunnel on WindowsMarc Hoersken
SO_EXCLUSIVEADDRUSE is on by default on Vista or newer, but does not work together with SO_REUSEADDR being on. The default changes were made with stunnel 5.34 and 5.35.
2018-11-09setopt: add CURLOPT_CURLUJim Fuller
Allows an application to pass in a pre-parsed URL via a URL handle. Closes #3227
2018-11-07curl: add %{stderr} and %{stdout} for --write-outFrank Gevaerts
Closes #3115
2018-11-07urlapi: only skip encoding the first '=' with APPENDQUERY setDaniel Stenberg
APPENDQUERY + URLENCODE would skip all equals signs but now it only skip encoding the first to better allow "name=content" for any content. Reported-by: Alexey Melnichuk Fixes #3231 Closes #3231
2018-11-06url: a short host name + port is not a schemeDaniel Stenberg
The function identifying a leading "scheme" part of the URL considered a few letters ending with a colon to be a scheme, making something like "short:80" to become an unknown scheme instead of a short host name and a port number. Extended test 1560 to verify. Also fixed test203 to use file_pwd to make it get the correct path on windows. Removed test 2070 since it was a duplicate of 203. Assisted-by: Marcel Raad Reported-by: Hagai Auro Fixes #3220 Fixes #3233 Closes #3223 Closes #3235
2018-11-05netrc: don't ignore the login name specified with "--user"Michael Kaufmann
- for "--netrc", don't ignore the login/password specified with "--user", only ignore the login/password in the URL. This restores the netrc behaviour of curl 7.61.1 and earlier. - fix the documentation of CURL_NETRC_REQUIRED - improve the detection of login/password changes when reading .netrc - don't read .netrc if both login and password are already set Fixes #3213 Closes #3224
2018-11-05unittest: make 1652 stable across collationsDaniel Gustafsson
The previous coding used a format string whose output depended on the current locale of the environment running the test. Since the gist of the test is to have a format string, with the actual formatting being less important, switch to a more stable formatstring with decimals. Reported-by: Marcel Raad Closes #3234 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-11-05Revert "url: a short host name + port is not a scheme"Daniel Stenberg
This reverts commit 226cfa8264cd979eff3fd52c0f3585ef095e7cf2. This commit caused test failures on appveyor/windows. Work on fixing them is in #3235.
2018-11-04symbols-in-versions: add missing CURLU_ symbolsDaniel Stenberg
...and fix symbol-scan.pl to also scan urlapi.h Reported-by: Alexey Melnichuk Fixes #3226 Closes #3230
2018-11-03infof: clearly indicate truncationDaniel Gustafsson
The internal buffer in infof() is limited to 2048 bytes of payload plus an additional byte for NULL termination. Servers with very long error messages can however cause truncation of the string, which currently isn't very clear, and leads to badly formatted output. This appends a "...\n" (or just "..." in case the format didn't with a newline char) marker to the end of the string to clearly show that it has been truncated. Also include a unittest covering infof() to try and catch any bugs introduced in this quite important function. Closes #3216 Reviewed-by: Daniel Stenberg <daniel@haxx.se> Reviewed-by: Marcel Raad <Marcel.Raad@teamviewer.com>
2018-11-03url: a short host name + port is not a schemeDaniel Stenberg
The function identifying a leading "scheme" part of the URL considered a few letters ending with a colon to be a scheme, making something like "short:80" to become an unknown scheme instead of a short host name and a port number. Extended test 1560 to verify. Reported-by: Hagai Auro Fixes #3220 Closes #3223
2018-11-03URL: fix IPv6 numeral address parserDaniel Stenberg
Regression from 46e164069d1a52. Extended test 1560 to verify. Reported-by: tpaukrt on github Fixes #3218 Closes #3219
2018-11-02Curl_follow: accept non-supported schemes for "fake" redirectsDaniel Stenberg
When not actually following the redirect and the target URL is only stored for later retrieval, curl always accepted "non-supported" schemes. This was a regression from 46e164069d1a5230. Reported-by: Brad King Fixes #3210 Closes #3215
2018-11-01axtls: removedDaniel Stenberg
As has been outlined in the DEPRECATE.md document, the axTLS code has been disabled for 6 months and is hereby removed. Use a better supported TLS library! Assisted-by: Daniel Gustafsson Closes #3194
2018-11-01tests: drop http_pipe.py script no longer usedKamil Dudka
It is unused since commit f7208df7d9d5cd5e15e2d89237e828f32b63f135. Closes #3204
2018-10-31runtests: use the local curl for verifyingDaniel Stenberg
... revert the mistaken change brought in commit 8440616f53. Reported-by: Alessandro Ghedini Bug: https://curl.haxx.se/mail/lib-2018-10/0118.html Closes #3198
2018-10-30test2080: verify the fix for CVE-2018-16842Daniel Stenberg
2018-10-29unit1650: fix "null pointer passed as argument 1 to memcmp"Daniel Stenberg
Detected by UndefinedBehaviorSanitizer Closes #3187
2018-10-29unit1300: fix stack-use-after-scope AddressSanitizer warningDaniel Stenberg
Closes #3186
2018-10-27test1651: unit test Curl_extract_certinfo()Daniel Stenberg
The version used for Gskit, NSS, GnuTLS, WolfSSL and schannel.
2018-10-09Windows: fixes for MinGW targeting Windows VistaMarcel Raad
Classic MinGW has neither InitializeCriticalSectionEx nor GetTickCount64, independent of the target Windows version. Closes https://github.com/curl/curl/pull/3113
2018-10-08FILE: fix CURLOPT_NOBODY and CURLOPT_HEADER outputDaniel Stenberg
Now FILE transfers send headers to the header callback like HTTP and other protocols. Also made curl_easy_getinfo(...CURLINFO_PROTOCOL...) work for FILE in the callbacks. Makes "curl -i file://.." and "curl -I file://.." work like before again. Applied the bold header logic to them too. Regression from c1c2762 (7.61.0) Reported-by: Shaun Jackman Fixes #3083 Closes #3101
2018-10-07runtests: skip ld_preload tests on macOSDaniel Gustafsson
The LD_PRELOAD functionality doesn't exist on macOS, so skip any tests requiring it. Fixes #2394 Closes #3106 Reported-by: Github user @jakirkham Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-06test2100: test DoH using IPv4-onlyDaniel Stenberg
To make it only send one DoH request and avoid the race condition that could lead to the requests getting sent in reversed order and thus making it hard to compare in the test case. Fixes #3107 Closes #3108
2018-10-06tests/FILEFORMAT: mention how to use <fileN> and <stripfileN> tooDaniel Stenberg
[ci skip]
2018-10-05doh: keep the IPv4 address in (original) network byte orderDaniel Stenberg
Ideally this will fix the reversed order shown in SPARC tests: resp 8: Expected 127.0.0.1 got 1.0.0.127 Closes #3091
2018-10-05CMake: suppress MSVC warning C4127 for libtestMarcel Raad
It's issued by older Windows SDKs (prior to version 8.0).
2018-10-04test320: strip out more HTML when comparingDaniel Stenberg
To make the test case work with different gnutls-serv versions better. Reported-by: Kamil Dudka Fixes #3093 Closes #3094
2018-10-04runtests: use Windows paths for Windows curlMarcel Raad
curl generated by CMake's Visual Studio generator has "Windows" in the version number.
2018-10-04tests/negtelnetserver.py: fix Python2-ism in neg TELNET serverColin Hogben
Fix problems caused by differences in treatment of bytes objects between python2 and python3. Fixes #2929 Closes #3080
2018-10-02test1299: use single quotes around asteriskMarcel Raad
Ref: https://github.com/curl/curl/issues/1751#issuecomment-321522580
2018-10-02runtests: ignore disabled even when ranges are givenDaniel Stenberg
runtests.pl support running a range of tests, like "44 to 127". Starting now, the code makes sure that even such given ranges will ignore tests that are marked as disabled. Disabled tests can still be run by explictly specifying that test number. Closes #3075
2018-10-01test1650: make it depend on http/2Daniel Stenberg
Follow-up to 570008c99da0ccbb as it gets link errors. Reported-by: Michael Kaufmann Closes #3068
2018-09-29test2100: require http2 to runDaniel Stenberg
Reported-by: Marcel Raad Fixes #3064 Closes #3065
2018-09-28cmake: fixed path used in generation of docs/tests during curl build through ↵Sergei Nikulov
add_subdicectory(...)
2018-09-24test320: fix regression in [ci skip]Viktor Szakats
The value in question is coming directly from `gnutls-serv`, so it cannot be modified freely. Reported-by: Marcel Raad Ref: https://github.com/curl/curl/commit/6ae6b2a533e8630afbb21f570305bd4ceece6348#commitcomment-30621004
2018-09-24Curl_dedotdotify(): always nul terminate returned string.Even Rouault
This fixes potential out-of-buffer access on "file:./" URL $ valgrind curl "file:./" ==24516== Memcheck, a memory error detector ==24516== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==24516== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==24516== Command: /home/even/install-curl-git/bin/curl file:./ ==24516== ==24516== Conditional jump or move depends on uninitialised value(s) ==24516== at 0x4C31F9C: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==24516== by 0x4EBB315: seturl (urlapi.c:801) ==24516== by 0x4EBB568: parseurl (urlapi.c:861) ==24516== by 0x4EBC509: curl_url_set (urlapi.c:1199) ==24516== by 0x4E644C6: parseurlandfillconn (url.c:2044) ==24516== by 0x4E67AEF: create_conn (url.c:3613) ==24516== by 0x4E68A4F: Curl_connect (url.c:4119) ==24516== by 0x4E7F0A4: multi_runsingle (multi.c:1440) ==24516== by 0x4E808E5: curl_multi_perform (multi.c:2173) ==24516== by 0x4E7558C: easy_transfer (easy.c:686) ==24516== by 0x4E75801: easy_perform (easy.c:779) ==24516== by 0x4E75868: curl_easy_perform (easy.c:798) Was originally spotted by https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10637 Credit to OSS-Fuzz Closes #3039