Age | Commit message (Collapse) | Author |
|
|
|
Update smbserver.py and negtelnetserver.py to be compatible with
Python 3 while staying backwards-compatible to support Python 2.
Fix string encoding and handling of echoed and transferred data.
Tested with both Python 2.7.17 and Python 3.7.7
Reported-by: Daniel Stenberg
Assisted-by: Kamil Dudka
Reviewed-by: Marcel Raad
Fixes #5104
Closes #5110
|
|
- Implement new option CURLSSLOPT_REVOKE_BEST_EFFORT and
--ssl-revoke-best-effort to allow a "best effort" revocation check.
A best effort revocation check ignores errors that the revocation check
was unable to take place. The reasoning is described in detail below and
discussed further in the PR.
---
When running e.g. with Fiddler, the schannel backend fails with an
unhelpful error message:
Unknown error (0x80092012) - The revocation function was unable
to check revocation for the certificate.
Sadly, many enterprise users who are stuck behind MITM proxies suffer
the very same problem.
This has been discussed in plenty of issues:
https://github.com/curl/curl/issues/3727,
https://github.com/curl/curl/issues/264, for example.
In the latter, a Microsoft Edge developer even made the case that the
common behavior is to ignore issues when a certificate has no recorded
distribution point for revocation lists, or when the server is offline.
This is also known as "best effort" strategy and addresses the Fiddler
issue.
Unfortunately, this strategy was not chosen as the default for schannel
(and is therefore a backend-specific behavior: OpenSSL seems to happily
ignore the offline servers and missing distribution points).
To maintain backward-compatibility, we therefore add a new flag
(`CURLSSLOPT_REVOKE_BEST_EFFORT`) and a new option
(`--ssl-revoke-best-effort`) to select the new behavior.
Due to the many related issues Git for Windows and GitHub Desktop, the
plan is to make this behavior the default in these software packages.
The test 2070 was added to verify this behavior, adapted from 310.
Based-on-work-by: georgeok <giorgos.n.oikonomou@gmail.com>
Co-authored-by: Markus Olsson <j.markus.olsson@gmail.com>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
Closes https://github.com/curl/curl/pull/4981
|
|
Makes curl_easy_getinfo() of "variable" numerical content instead return
the number set in the env variable `CURL_TIME`.
Makes curl_version() of "variable" textual content. This guarantees a
stable version string which can be tested against. Environment variable
`CURL_VERSION` defines the content.
Assisted-by: Mathias Gumz
|
|
The test uses SRP to "a server not supporting it" but modern stunnel
versions will silently accept it and remain happy. The test is therefore
faulty.
I haven't figured out how to make stunnel explicitly reject SRP-using
connects.
Reported-by: Marc Hörsken
Fixes #5105
Closes #5113
|
|
Fixes test1452:41:1: error: missing </stdout> tag before </verify>
|
|
Follow up to 4be2560
|
|
Users of the SMB tests will have to install impacket manually.
Reasoning: our in-tree version of impacket was quite outdated
and only compatible with Python 2 which is already end-of-life.
Upgrading to Python 3 and a compatible impacket version would
require to import additional Python-only and CPython-extension
dependencies. This would have hindered portability enormously.
Closes #5094
|
|
When extracting a <section> <part> and there's no </part> before
</section>, this now outputs an error and returns a wrong string to
make users spot the mistake.
Ref: #5070
Closes #5071
|
|
This makes smbserver load on Python 3, but still not work completely.
|
|
Even though the existing code can be fixed to run on Python 3, the
tests will fail due to the Unicode transition the protocol is invalid.
Follow up to ee63837
Closes #5085
|
|
Closes #5087
|
|
Follow up to ee63837 and 8c7c4a6
Fixes #5077
|
|
This allows these test files to pass xmllint.
|
|
Fixes #5070
Closes #5072
|
|
Follow up to 94ced8e
|
|
Closes #5065
|
|
Follow up to 9819984 and 3dce984
Reviewed-By: Daniel Stenberg
Closes #5064
|
|
|
|
This fix adds a defensive check for the case where the char *name in
struct libssh2_knownhost is NULL
Fixes #5041
Closes #5062
|
|
Recent gcc warns when byte count of strncpy() equals the destination
buffer size. Since the destination buffer is previously cleared and
the source string is always shorter, reducing the byte count by one
silents the warning without affecting the result.
Closes #5059
|
|
When using maximum code optimization level (-O3), valgrind wrongly
detects uses of uninitialized values in strcmp().
Preset buffers with all zeroes to avoid that.
|
|
This test does A LOT of *wakeup() calls and then calls curl_multi_poll()
twice. The first *poll() is then expected to return early and the second
not - as the first is supposed to drain the socketpair pipe.
It turns out however that when given "excessive" amounts of writes to
the pipe, some operating systems (the Solaris based are known) will
return EAGAIN before the pipe is drained, which in our test case causes
the second *poll() call to also abort early.
This change attempts to avoid the OS-specific behaviors in the test by
reducing the amount of wakeup calls from 1234567 to 10.
Reported-by: Andy Fiddaman
Fixes #5037
Closes #5058
|
|
New test 666 checks this is effective.
As upload buffer size is significant in this kind of tests, shorten it
in similar test 652.
Fixes #4860
Closes #4833
Reported-by: RuurdBeerstra on github
|
|
Input buffer filling may delay the data sending if data reads are slow.
To overcome this problem, file and callback data reads do not accumulate
in buffer anymore. All other data (memory data and mime framing) are
considered as fast and still concatenated in buffer.
As this may highly impact performance in terms of data overhead, an early
end of part data check is added to spare a read call.
When encoding a part's data, an encoder may require more bytes than made
available by a single read. In this case, the above rule does not apply
and reads are performed until the encoder is able to deliver some data.
Tests 643, 644, 645, 650 and 654 have been adapted to the output data
changes, with test data size reduced to avoid the boredom of long lists of
1-byte chunks in verification data.
New test 667 checks mimepost using single-byte read callback with encoder.
New test 668 checks the end of part data early detection.
Fixes #4826
Reported-by: MrdUkk on github
|
|
In case a read callback returns a status (pause, abort, eof,
error) instead of a byte count, drain the bytes read so far but
remember this status for further processing.
Takes care of not losing data when pausing, and properly resume a
paused mime structure when requested.
New tests 670-673 check unpausing cases, with easy or multi
interface and mime or form api.
Fixes #4813
Reported-by: MrdUkk on github
|
|
|
|
Reviewed-By: Daniel Stenberg
Closes #5054
|
|
|
|
Prior to this change a match would never be successful because it
was mistakenly coded to compare binary data from libssh to a
user-specified hex string (ie CURLOPT_SSH_HOST_PUBLIC_KEY_MD5).
Reported-by: fds242@users.noreply.github.com
Fixes https://github.com/curl/curl/issues/4971
Closes https://github.com/curl/curl/pull/4974
|
|
Follow up to 3f74e5e6 to fix:
- A typo in Makefile.inc where unit1611 was used instead
- Some compilation issues in unit1612.c
Closes #5024
|
|
Assisted-by: Jay Satiro
Follow-up to 6357a19ff29dac04
Closes #5036
|
|
|
|
|
|
select does not support just waiting on Windows:
https://perldoc.perl.org/perlport.html#select
Reviewed-By: Daniel Stenberg
Closes #5035
|
|
Also mention the new tilde-prefixed way to ignore test results.
Reviewed-By: Marc Hoersken
Closes #5033
|
|
Follow up to ada581f and c0d8b96
Closes #5031
|
|
This enables the development of a solution for the failing tests by
running them on CI while ignoring their result for the overall status.
Closes #4994
|
|
This avoids using our test servers as proxy to the AppVeyor API.
Closes #5022
|
|
Closes #5021
|
|
Bug: https://github.com/curl/curl/commit/ada581f2cc32f48c1629b729707ac19208435b27#commitcomment-37601589
Reported-by: Marcel Raad
|
|
These tests are also doing UTF-8 SMTP.
Follow-up to df207d2dd93b9e73
|
|
Fixes #4988
Closes #4992
|
|
This reverts commit 87869e38d7afdec3ef1bb4965711458b088e254f.
Fixes #5014
Closes #5015
Reopens #4833
|
|
This reverts commit ed0f357f7d25566110d4302f33759f4ffb5a6f83.
|
|
This reverts commit b2caaa0681f329eed317ffb6ae6927f4a539f0c1.
|
|
New test 666 checks this is effective.
As upload buffer size is significant in this kind of tests, shorten it
in similar test 652.
Fixes #4860
Reported-by: RuurdBeerstra on github
|
|
Input buffer filling may delay the data sending if data reads are slow.
To overcome this problem, file and callback data reads do not accumulate
in buffer anymore. All other data (memory data and mime framing) are
considered as fast and still concatenated in buffer.
As this may highly impact performance in terms of data overhead, an early
end of part data check is added to spare a read call.
When encoding a part's data, an encoder may require more bytes than made
available by a single read. In this case, the above rule does not apply
and reads are performed until the encoder is able to deliver some data.
Tests 643, 644, 645, 650 and 654 have been adapted to the output data
changes, with test data size reduced to avoid the boredom of long lists of
1-byte chunks in verification data.
New test 664 checks mimepost using single-byte read callback with encoder.
New test 665 checks the end of part data early detection.
Fixes #4826
Reported-by: MrdUkk on github
|
|
In case a read callback returns a status (pause, abort, eof,
error) instead of a byte count, drain the bytes read so far but
remember this status for further processing.
Takes care of not losing data when pausing, and properly resume a
paused mime structure when requested.
New tests 670-673 check unpausing cases, with easy or multi
interface and mime or form api.
Fixes #4813
Reported-by: MrdUkk on github
Closes #4833
|
|
371:17: warning: conversion to 'unsigned char' from 'int' may alter its
value [-Wconversion]
Closes #5008
|