aboutsummaryrefslogtreecommitdiff
path: root/tests
AgeCommit message (Collapse)Author
2018-05-24httpauth: add support for Bearer tokensLinus Lewandowski
Closes #2102
2018-05-24cmake: set -d postfix for debug builds if not specifiedSergei Nikulov
using -DCMAKE_DEBUG_POSTFIX explicitly fixes #2121, obsoletes #2384
2018-05-22http resume: skip body if http code 416 (range error) is ignored.Patrick Monnerat
This avoids appending error data to already existing good data. Test 92 is updated to match this change. New test 1156 checks all combinations of --range/--resume, --fail, Content-Range header and http status code 200/416. Fixes #1163 Reported-By: Ithubg on github Closes #2578
2018-05-21checksrc: make sure sizeof() is used *with* parenthesesDaniel Stenberg
... and unify the source code to adhere. Closes #2563
2018-05-21curl: show headers in boldDaniel Stenberg
The feature is only enabled if the output is believed to be a tty. -J: There's some minor differences and improvements in -J handling, as now J should work with -i and it actually creates a file first using the initial name and then *renames* that to the one found in Content-Disposition (if any). -i: only shows headers for HTTP transfers now (as documented). Previously it would also show for pieces of the transfer that were HTTP (for example when doing FTP over a HTTP proxy). -i: now shows trailers as well. Previously they were not shown at all. --libcurl: the CURLOPT_HEADER is no longer set, as the header output is now done in the header callback.
2018-05-18curl_fnmatch: only allow two asterisks for matchingDaniel Stenberg
The previous limit of 5 can still end up in situation that takes a very long time and consumes a lot of CPU. If there is still a rare use case for this, a user can provide their own fnmatch callback for a version that allows a larger set of wildcards. This commit was triggered by yet another OSS-Fuzz timeout due to this. Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8369 Closes #2587
2018-05-18stub_gssapi: fix numerous 'unused parameter' warningsDaniel Stenberg
follow-up to d9e92fd9fd1d
2018-05-17getinfo: add microsecond precise timers for various intervalsPhilip Prindeville
Provide a set of new timers that return the time intervals using integer number of microseconds instead of floats. The new info names are as following: CURLINFO_APPCONNECT_TIME_T CURLINFO_CONNECT_TIME_T CURLINFO_NAMELOOKUP_TIME_T CURLINFO_PRETRANSFER_TIME_T CURLINFO_REDIRECT_TIME_T CURLINFO_STARTTRANSFER_TIME_T CURLINFO_TOTAL_TIME_T Closes #2495
2018-05-16tests/libtest/Makefile: Do not unconditionally add gcc-specific flagsDagobert Michelsen
The warning flag leads e.g. Sun Studio compiler to bail out. Closes #2576
2018-05-14tests: Fix format specifiersRikard Falkeborn
2018-05-13cookies: do not take cookie name as a parameterPatrick Monnerat
RFC 6265 section 4.2.1 does not set restrictions on cookie names. This is a follow-up to commit 7f7fcd0. Also explicitly check proper syntax of cookie name/value pair. New test 1155 checks that cookie names are not reserved words. Reported-By: anshnd at github Fixes #2564 Closes #2566
2018-04-29tests: provide 'manual' as a feature to optionally requireDaniel Stenberg
... and make test 1026 rely on that feature so that --disable-manual builds don't cause test failures. Reported-by: Max Dymond and Anders Roxell Fixes #2533 Closes #2540
2018-04-27checksrc: force indentation of lines after an elseDaniel Gustafsson
This extends the INDENTATION case to also handle 'else' statements and require proper indentation on the following line. Also fixes the offending cases found in the codebase. Closes #2532
2018-04-18schannel: add support for CURLOPT_CAINFODan McNulty
- Move verify_certificate functionality in schannel.c into a new file called schannel_verify.c. Additionally, some structure defintions from schannel.c have been moved to schannel.h to allow them to be used in schannel_verify.c. - Make verify_certificate functionality for Schannel available on all versions of Windows instead of just Windows CE. verify_certificate will be invoked on Windows CE or when the user specifies CURLOPT_CAINFO and CURLOPT_SSL_VERIFYPEER. - In verify_certificate, create a custom certificate chain engine that exclusively trusts the certificate store backed by the CURLOPT_CAINFO file. - doc updates of --cacert/CAINFO support for schannel - Use CERT_NAME_SEARCH_ALL_NAMES_FLAG when invoking CertGetNameString when available. This implements a TODO in schannel.c to improve handling of multiple SANs in a certificate. In particular, all SANs will now be searched instead of just the first name. - Update tool_operate.c to not search for the curl-ca-bundle.crt file when using Schannel to maintain backward compatibility. Previously, any curl-ca-bundle.crt file found in that search would have been ignored by Schannel. But, with CAINFO support, the file found by that search would have been used as the certificate store and could cause issues for any users that have curl-ca-bundle.crt in the search path. - Update url.c to not set the build time CURL_CA_BUNDLE if the selected SSL backend is Schannel. We allow setting CA location for schannel only when explicitly specified by the user via CURLOPT_CAINFO / --cacert. - Add new test cases 3000 and 3001. These test cases check that the first and last SAN, respectively, matches the connection hostname. New test certificates have been added for these cases. For 3000, the certificate prefix is Server-localhost-firstSAN and for 3001, the certificate prefix is Server-localhost-secondSAN. - Remove TODO 15.2 (Add support for custom server certificate validation), this commit addresses it. Closes https://github.com/curl/curl/pull/1325
2018-04-16test1148: tolerate progress updates betterDaniel Stenberg
Fixes #2446 Closes #2488
2018-04-15all: Refactor malloc+memset to use callocDaniel Gustafsson
When a zeroed out allocation is required, use calloc() rather than malloc() followed by an explicit memset(). The result will be the same, but using calloc() everywhere increases consistency in the codebase and avoids the risk of subtle bugs when code is injected between malloc and memset by accident. Closes https://github.com/curl/curl/pull/2497
2018-04-12duphandle: make sure CURLOPT_RESOLVE is duplicated fine tooDaniel Stenberg
Verified in test 1502 now Fixes #2485 Closes #2486 Reported-by: Ernst Sjöstrand
2018-04-09test1136: fix cookie order after commit c990eadd1277Daniel Stenberg
2018-04-08build: cleanup to fix clang warnings/errorsDaniel Stenberg
unit1309 and vtls/gtls: error: arithmetic on a null pointer treated as a cast from integer to pointer is a GNU extension Reported-by: Rikard Falkeborn Fixes #2466 Closes #2468
2018-04-06file: restore old behavior for file:////foo/bar URLsJon DeVree
curl 7.57.0 and up interpret this according to Appendix E.3.2 of RFC 8089 but then returns an error saying this is unimplemented. This is actually a regression in behavior on both Windows and Unix. Before curl 7.57.0 this URL was treated as a path of "//foo/bar" and then passed to the relevant OS API. This means that the behavior of this case is actually OS dependent. The Unix path resolution rules say that the OS must handle swallowing the extra "/" and so this path is the same as "/foo/bar" The Windows path resolution rules say that this is a UNC path and automatically handles the SMB access for the program. So curl on Windows was already doing Appendix E.3.2 without any special code in curl. Regression Closes #2438
2018-04-06cookie: case-insensitive hashing for the domainsLauri Kasanen
closes #2458
2018-04-04cookie: fix and optimize 2nd top level domain name extractionPatrick Monnerat
This fixes a segfault occurring when a name of the (invalid) form "domain..tld" is processed. test46 updated to cover this case. Follow-up to commit c990ead. Ref: https://github.com/curl/curl/pull/2440
2018-04-02cookie: store cookies per top-level-domain-specific hash tableLauri Kasanen
This makes libcurl handle thousands of cookies much better and speedier. Closes #2440
2018-04-02test1148: set a fixed locale for the testDaniel Stenberg
...as otherwise it might use a different decimal sign. Bug: #2436 Reported-by: Oumph on github
2018-03-26runtests.pl: fix warning 'use of uninitialized value'Michael Kaufmann
follow-up to a9a7b60 Closes #2428
2018-03-24gitignore: ignore more generated filesDaniel Stenberg
2018-03-19parsedate: support UT timezoneNikos Tsipinakis
RFC822 section 5.2 mentions Universal Time, 'UT', to be synonymous with GMT. Closes #2401
2018-03-17resolve: add CURLOPT_DNS_SHUFFLE_ADDRESSESRick Deist
This patch adds CURLOPT_DNS_SHUFFLE_ADDRESSES to explicitly request shuffling of IP addresses returned for a hostname when there is more than one. This is useful when the application knows that a round robin approach is appropriate and is willing to accept the consequences of potentially discarding some preference order returned by the system's implementation. Closes #1694
2018-03-17CURLOPT_HAPROXYPROTOCOL: support the HAProxy PROXY protocolLawrence Matthews
Add --haproxy-protocol for the command line tool Closes #2162
2018-03-16cleanup: misc typos in strings and commentsluz.paz
Found via `codespell` Closes #2389
2018-03-15transfer: make HTTP without headers count correct body sizeDaniel Stenberg
This is what "HTTP/0.9" basically looks like. Reported on IRC Closes #2382
2018-03-15test1208: marked flakyDaniel Stenberg
It fails somewhere between every 3rd to 10th travis-CI run
2018-03-13tests/.../spnego.py: fix identifier typoKamil Dudka
Detected by Coverity Analysis: Error: IDENTIFIER_TYPO: curl-7.58.0/tests/python_dependencies/impacket/spnego.py:229: identifier_typo: Using "SuportedMech" appears to be a typo: * Identifier "SuportedMech" is only known to be referenced here, or in copies of this code. * Identifier "SupportedMech" is referenced elsewhere at least 4 times. curl-7.58.0/tests/python_dependencies/impacket/smbserver.py:2651: identifier_use: Example 1: Using identifier "SupportedMech". curl-7.58.0/tests/python_dependencies/impacket/smbserver.py:2308: identifier_use: Example 2: Using identifier "SupportedMech". curl-7.58.0/tests/python_dependencies/impacket/spnego.py:252: identifier_use: Example 3: Using identifier "SupportedMech" (2 total uses in this function). curl-7.58.0/tests/python_dependencies/impacket/spnego.py:229: remediation: Should identifier "SuportedMech" be replaced by "SupportedMech"? Closes #2379
2018-03-12FTP: reject path components with control codesDaniel Stenberg
Refuse to operate when given path components featuring byte values lower than 32. Previously, inserting a %00 sequence early in the directory part when using the 'singlecwd' ftp method could make curl write a zero byte outside of the allocated buffer. Test case 340 verifies. CVE-2018-1000120 Reported-by: Duy Phan Thanh Bug: https://curl.haxx.se/docs/adv_2018-9cd6.html
2018-03-11HTTP: allow "header;" to replace an internal header with a blank oneDaniel Stenberg
Reported-by: Michael Kaufmann Fixes #2357 Closes #2362
2018-03-04NO_PROXY: fix for IPv6 numericals in the URLDaniel Stenberg
Added test 1265 that verifies. Reported-by: steelman on github Fixes #2353 Closes #2355
2018-03-04build: get CFLAGS (including -werror) used for examples and testsDaniel Stenberg
... so that the CI and more detects compiler warnings/errors properly! Closes #2337
2018-03-02unit1307: proper cleanup on OOM to fix torture testsDan Fandrich
2018-02-28unit1309: fix warning on Windows x64Marcel Raad
When targeting x64, MinGW-w64 complains about conversions between 32-bit long and 64-bit pointers. Fix this by reusing the GNUTLS_POINTER_TO_SOCKET_CAST / GNUTLS_SOCKET_TO_POINTER_CAST logic from gtls.c, moving it to warnless.h as CURLX_POINTER_TO_INTEGER_CAST / CURLX_INTEGER_TO_POINTER_CAST. Closes https://github.com/curl/curl/pull/2341
2018-02-23lib655: silence compiler warningViktor Szakats
Closes https://github.com/curl/curl/pull/2335
2018-02-23spelling fixesViktor Szakats
Detected using the `codespell` tool. Also contains one URL protocol upgrade. Closes https://github.com/curl/curl/pull/2334
2018-02-21url: Add option CURLOPT_RESOLVER_START_FUNCTIONFrancisco Sedano
- Add new option CURLOPT_RESOLVER_START_FUNCTION to set a callback that will be called every time before a new resolve request is started (ie before a host is resolved) with a pointer to backend-specific resolver data. Currently this is only useful for ares. - Add new option CURLOPT_RESOLVER_START_DATA to set a user pointer to pass to the resolver start callback. Closes https://github.com/curl/curl/pull/2311
2018-02-20CURLOPT_RESOLVE: Add support for multiple IP addresses per entryAnders Bakken
This enables users to preresolve but still take advantage of happy eyeballs and trying multiple addresses if some are not connecting. Ref: https://github.com/curl/curl/pull/2260
2018-02-16test1556: verify >16KB headers to the header callbackDaniel Stenberg
2018-02-16test1154: verify that long HTTP headers get rejectedDaniel Stenberg
2018-02-15TODO fixed: Detect when called from within callbacksBjörn Stenberg
Closes #2302
2018-02-13tests: new tests for http raw modePatrick Monnerat
Test 319 checks proper raw mode data with non-chunked gzip transfer-encoded server data. Test 326 checks raw mode with chunked server data. Bug: #2303 Closes #2308
2018-02-12smtp: fix processing of initial dot in dataPatrick Monnerat
RFC 5321 4.1.1.4 specifies the CRLF terminating the DATA command should be taken into account when chasing the <CRLF>.<CRLF> end marker. Thus a leading dot character in data is also subject to escaping. Tests 911 and test server are adapted to this situation. New tests 951 and 952 check proper handling of initial dot in data. Closes #2304
2018-01-31fnmatch: pattern syntax can no longer failPatrick Monnerat
Whenever an expected pattern syntax rule cannot be matched, the character starting the rule loses its special meaning and the parsing is resumed: - backslash at the end of pattern string matches itself. - Error in [:keyword:] results in set containing :\[dekorwy. Unit test 1307 updated for this new situation. Closes #2273
2018-01-31fnmatch: accept an alphanum to be followed by a non-alphanum in char setPatrick Monnerat
Also be more tolerant about set pattern syntax. Update unit test 1307 accordingly. Bug: https://curl.haxx.se/mail/lib-2018-01/0114.html