aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2017-09-18cookies: reject oversized cookiesDaniel Stenberg
... instead of truncating them. There's no fixed limit for acceptable cookie names in RFC 6265, but the entire cookie is said to be less than 4096 bytes (section 6.1). This is also what browsers seem to implement. We now allow max 5000 bytes cookie header. Max 4095 bytes length per cookie name and value. Name + value together may not exceed 4096 bytes. Added test 1151 to verify Bug: https://curl.haxx.se/mail/lib-2017-09/0062.html Reported-by: Kevin Smith Closes #1894
2017-09-15server/getpart: provide dummy function to build conversion enabledDaniel Stenberg
2017-09-15tests: add initial gssapi test using stub implementationIsaac Boukris
The stub implementation is pre-loaded using LD_PRELOAD and emulates common gssapi uses (only builds if curl is initially built with gssapi support). The initial tests are currently disabled for debug builds as LD_PRELOAD is not used then. Ref: https://github.com/curl/curl/pull/1687
2017-09-15test1150: verify same host fetch using different ports over proxyDaniel Stenberg
Closes #1889
2017-09-12code style: use space after semicolonDaniel Stenberg
2017-09-11code style: use spaces around plusesDaniel Stenberg
2017-09-11code style: use spaces around equals signsDaniel Stenberg
2017-09-08rtsp: do not call fwrite() with NULL pointer FILE *Daniel Stenberg
If the default write callback is used and no destination has been set, a NULL pointer would be passed to fwrite()'s 4th argument. OSS-fuzz bug https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3327 (not publicly open yet) Detected by OSS-fuzz Closes #1874
2017-09-08ossfuzz: add some more handled CURL optionsMax Dymond
Add support for HEADER, COOKIE, RANGE, CUSTOMREQUEST, MAIL_RECIPIENT, MAIL_FROM and uploading data.
2017-09-07form API: add new test 650.Patrick Monnerat
Now that the form API is deprecated and not used anymore in curl tool, a lot of its features left untested. Test 650 attempts to check all these features not tested elsewhere.
2017-09-05mime: implement encoders.Patrick Monnerat
curl_mime_encoder() is operational and documented. curl tool -F option is extended with ";encoder=". curl tool --libcurl option generates calls to curl_mime_encoder(). New encoder tests 648 & 649. Test 1404 extended with an encoder specification.
2017-09-05runtests.pl: support attribute "nonewline" in part verify/upload.Patrick Monnerat
2017-09-05fixup data/test1135Daniel Stenberg
2017-09-05http-proxy: treat all 2xx as CONNECT successDaniel Stenberg
Added test 1904 to verify. Reported-by: Lawrence Wagerfield Fixes #1859 Closes #1860
2017-09-04test1135: fixed after bd8070085f9Daniel Stenberg
2017-09-04lib: bump version info (soname). Adapt and reenable test 1135.Patrick Monnerat
2017-09-03mime: fix signed/unsigned conversions.Patrick Monnerat
Use and generate CURL_ZERO_TERMINATED in curl tool and tests.
2017-09-03mime: remove support "-" stdin pseudo-file name in curl_mime_filedata().Patrick Monnerat
This feature is badly supported in Windows: as a replacement, a caller has to use curl_mime_data_cb() with fread, fseek and possibly fclose callbacks to process opened files. The cli tool and documentation are updated accordingly. The feature is however kept internally for form API compatibility, with the known caveats it always had. As a side effect, stdin size is not determined by the cli tool even if possible and this results in a chunked transfer encoding. Test 173 is updated accordingly.
2017-09-02mime: tests and examples.Patrick Monnerat
Additional mime-specific tests. Existing tests updated to reflect small differences (Expect: 100-continue, data size change due to empty lines, etc). Option -F headers= keyword added to tests. test1135 disabled until the entry point order change is resolved. New example smtp-mime. Examples postit2 and multi-post converted from form API to mime API.
2017-09-02mime: new MIME API.Patrick Monnerat
Available in HTTP, SMTP and IMAP. Deprecates the FORM API. See CURLOPT_MIMEPOST. Lib code and associated documentation.
2017-09-02test564: Add a warning comment about shell profile output.Patrick Monnerat
Shell profile output makes the SSH server failing and this problem reason is not easy to find when no hint is given.
2017-09-02runtests.pl: allow <file[1-4]> tags in client section.Patrick Monnerat
This enables tests to create more than one file on the client side.
2017-09-02runtests.pl: Apply strippart to upload too.Patrick Monnerat
This will allow substitution of boundaries in mail messages.
2017-09-02ossfuzz: Move to C++ for curl_fuzzer.Max Dymond
Automake gets confused if you want to use C++ static libraries with C code - basically we need to involve the clang++ linker. The easiest way of achieving this is to rename the C code as C++ code. This gets us a bit further along the path and ought to be compatible with Google's version of clang.
2017-09-01ossfuzz: additional seed corporaMax Dymond
Create simple seed corpora for: - FTP - telnet - dict - tftp - imap - pop3 based off the tests of the same number. Closes #1842
2017-09-01ossfuzz: moving towards the ideal integrationMax Dymond
- Start with the basic code from the ossfuzz project. - Rewrite fuzz corpora to be binary files full of Type-Length-Value data, and write a glue layer in the fuzzing function to convert corpora into CURL options. - Have supporting functions to generate corpora from existing tests - Integrate with Makefile.am
2017-08-31unit1301: fix error message on first testDaniel Stenberg
2017-08-28unit1606: Fixed shadowed variable warningDan Fandrich
2017-08-28vtls: introduce curl_global_sslset()Johannes Schindelin
Let's add a compile time safe API to select an SSL backend. This function needs to be called *before* curl_global_init(), and can be called only once. Side note: we do not explicitly test that it is called before curl_global_init(), but we do verify that it is not called multiple times (even implicitly). If SSL is used before the function was called, it will use whatever the CURL_SSL_BACKEND environment variable says (or default to the first available SSL backend), and if a subsequent call to curl_global_sslset() disagrees with the previous choice, it will fail with CURLSSLSET_TOO_LATE. The function also accepts an "avail" parameter to point to a (read-only) NULL-terminated list of available backends. This comes in real handy if an application wants to let the user choose between whatever SSL backends the currently available libcurl has to offer: simply call curl_global_sslset(-1, NULL, &avail); which will return CURLSSLSET_UNKNOWN_BACKEND and populate the avail variable to point to the relevant information to present to the user. Just like with the HTTP/2 push functions, we have to add the function declaration of curl_global_sslset() function to the header file *multi.h* because VMS and OS/400 require a stable order of functions declared in include/curl/*.h (where the header files are sorted alphabetically). This looks a bit funny, but it cannot be helped. Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
2017-08-26tests: Make sure libtests & unittests call curl_global_cleanup()Dan Fandrich
These were missed in commit c468c27b.
2017-08-25fuzz/Makefile.am: remove curlbuild.h leftoversDaniel Stenberg
2017-08-23imap: support PREAUTHDaniel Stenberg
It is a defined possible greeting at server startup that means the connection is already authenticated. See https://tools.ietf.org/html/rfc3501#section-7.1.4 Test 846 added to verify. Fixes #1818 Closes #1820
2017-08-23test1453: Fixed <features>Dan Fandrich
2017-08-19tftp: fix memory leak on too long filenameEven Rouault
Fixes $ valgrind --leak-check=full ~/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz ==9752== Memcheck, a memory error detector ==9752== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==9752== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==9752== Command: /home/even/install-curl-git/bin/curl tftp://localhost/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaz ==9752== curl: (71) TFTP file name too long ==9752== ==9752== HEAP SUMMARY: ==9752== 505 bytes in 1 blocks are definitely lost in loss record 11 of 11 ==9752== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==9752== by 0x4E61CED: Curl_urldecode (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E75868: tftp_state_machine (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E761B6: tftp_do (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E711B6: multi_runsingle (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E71D00: curl_multi_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x4E6950D: curl_easy_perform (in /home/even/install-curl-git/lib/libcurl.so.4.4.0) ==9752== by 0x40E0B7: operate_do (in /home/even/install-curl-git/bin/curl) ==9752== by 0x40E849: operate (in /home/even/install-curl-git/bin/curl) ==9752== by 0x402693: main (in /home/even/install-curl-git/bin/curl) Fixes https://oss-fuzz.com/v2/testcase-detail/5232311106797568 Credit to OSS Fuzz Closes #1808
2017-08-19runtests: fixed case insensitive matching of keywordsDan Fandrich
Commit 5c2aac71 didn't work in the case of mixed-case keywords given on the command-line.
2017-08-19tests: Make sure libtests call curl_global_cleanup()Dan Fandrich
This ensures that global data allocations are freed so Valgrind stays happy. This was a problem with at least PolarSSL and mbedTLS.
2017-08-17lib557: no longer use CURL_SIZEOF_* definesDaniel Stenberg
2017-08-17ftp: fix CWD when doing multicwd then nocwd on same connectionDaniel Stenberg
Fixes #1782 Closes #1787 Reported-by: Peter Lamare
2017-08-17ssh: add the ability to enable compression (for SCP/SFTP)Viktor Szakats
The required low-level logic was already available as part of `libssh2` (via `LIBSSH2_FLAG_COMPRESS` `libssh2_session_flag()`[1] option.) This patch adds the new `libcurl` option `CURLOPT_SSH_COMPRESSION` (boolean) and the new `curl` command-line option `--compressed-ssh` to request this `libssh2` feature. To have compression enabled, it is required that the SSH server supports a (zlib) compatible compression method and that `libssh2` was built with `zlib` support enabled. [1] https://www.libssh2.org/libssh2_session_flag.html Ref: https://github.com/curl/curl/issues/1732 Closes https://github.com/curl/curl/pull/1735
2017-08-15progress: Track total times following redirectsRyan Winograd
Update the progress timers `t_nslookup`, `t_connect`, `t_appconnect`, `t_pretransfer`, and `t_starttransfer` to track the total times for these activities when a redirect is followed. Previously, only the times for the most recent request would be tracked. Related changes: - Rename `Curl_pgrsResetTimesSizes` to `Curl_pgrsResetTransferSizes` now that the function only resets transfer sizes and no longer modifies any of the progress timers. - Add a bool to the `Progress` struct that is used to prevent double-counting `t_starttransfer` times. Added test case 1399. Fixes #522 and Known Bug 1.8 Closes #1602 Reported-by: joshhe on github
2017-08-14test1449: FTP download range with an too large sizeDaniel Stenberg
2017-08-14runtests: match keywords case insensitivelyDaniel Stenberg
2017-08-13test1448: verify redirect to IDN using URLDaniel Stenberg
Closes #1772
2017-08-13test2032: mark as flaky (again)Daniel Stenberg
2017-08-12test1447: require a curl with http supportDan Fandrich
2017-08-11test2033: this went flaky againDaniel Stenberg
Suspicion: when we enabled the threaded resolver by default.
2017-08-11test1447: verifies the parse proxy fix in 6e0e152ce5cDaniel Stenberg
2017-08-09dist: Add dictserver.py/negtelnetserver.py to EXTRA_DISTAdam Sampson
These weren't included in the 7.55.0 release, but are required in order to run the full test suite. Closes #1744
2017-08-08docs/comments: Update to secure URL versionsViktor Szakats
Closes #1741
2017-08-07test1427: verify command line parser integer overflow detectionDaniel Stenberg