Age | Commit message (Collapse) | Author |
|
To avoid potential issues with error code reuse.
Reported-by: Christoph M. Becker
Assisted-by: Dan Fandrich
Fixes #4601
Closes #4627
|
|
Improved estimation of expected_len and updated related comments;
increased strictness of QNAME-encoding, adding error detection for empty
labels and names longer than the overall limit; avoided treating DNAME
as unexpected;
updated unit test 1655 with more thorough set of proofs and tests
Closes #4598
|
|
Regression from e59371a4936f8 (7.67.0)
Added test 490, 491 and 492 to verify the functionality.
Reported-by: Kamil Dudka
Reported-by: Anderson Sasaki
Fixes #4588
Closes #4591
|
|
Pseudo header MUST come before regular headers or cause an error.
Reported-by: Cynthia Coan
Fixes #4571
Closes #4584
|
|
The disable-scan script used in test 1165 is extended to also verify
that the docs cover all used defines and all defines offered by
configure.
Reported-by: SLDiggie on github
Fixes #4545
Closes #4587
|
|
Classic MinGW / MSYS 1 doesn't support `MSYS2_ARG_CONV_EXCL`, so this
test unnecessarily failed when using `file:/` instead of `file:///`.
Closes https://github.com/curl/curl/pull/4554
|
|
- Use FORMAT_MESSAGE_IGNORE_INSERTS to ignore format specifiers in
Windows error strings.
Since we are not in control of the error code we don't know what
information may be needed by the error string's format specifiers.
Prior to this change Windows API error strings which contain specifiers
(think specifiers like similar to printf specifiers) would not be shown.
The FormatMessage Windows API call which turns a Windows error code into
a string could fail and set error ERROR_INVALID_PARAMETER if that error
string contained a format specifier. FormatMessage expects a va_list for
the specifiers, unless inserts are ignored in which case no substitution
is attempted.
Ref: https://devblogs.microsoft.com/oldnewthing/20071128-00/?p=24353
|
|
The URL parser function can't reject a bad IPv6 address properly when
curl was built without IPv6 support.
Reported-by: Marcel Raad
Fixes #4556
Closes #4572
|
|
All other certificates were regenerated in commit ba782baac30, but
this one was missed.
Fixes test3001 on modern systems.
Closes https://github.com/curl/curl/pull/4551
|
|
Closes #4547
|
|
This is the common pattern used in the code and by a unified approach we
avoid mistakes.
Closes #4534
|
|
The test never got run because the feature name is `http` in lowercase.
Closes https://github.com/curl/curl/pull/4520
|
|
Added test case 338 to verify.
Reported-by: Daniel Silverstone
Fixes #4499
Closes #4514
|
|
|
|
This way, we always have exactly one slash after the host name, making
the tests pass when curl is compiled with the MSYS GCC.
Closes https://github.com/curl/curl/pull/4512
|
|
These tests try to connect to ports nothing is listening on.
Closes https://github.com/curl/curl/pull/4511
|
|
The MSYS system on Windows can run the test suite for curl built with
any toolset. When built with the MSYS GCC, curl uses Unix line endings,
while it uses Windows line endings when built with the MinGW GCC, and
`^O` reports 'msys' in both cases. Use the curl executable itself to
determine the line endings instead, which reports 'x86_64-pc-msys' when
built with the MSYS GCC.
Closes https://github.com/curl/curl/pull/4506
|
|
This avoids MSYS2 converting the backslasb in the URL to a slash,
causing the test to fail.
|
|
The URL extracted with CURLINFO_EFFECTIVE_URL was returned as given as
input in most cases, which made it not get a scheme prefixed like before
if the URL was given without one, and it didn't remove dotdot sequences
etc.
Added test case 1907 to verify that this now works as intended and as
before 7.62.0.
Regression introduced in 7.62.0
Reported-by: Christophe Dervieux
Fixes #4491
Closes #4493
|
|
Mark some files as text.
Closes https://github.com/curl/curl/pull/4490
|
|
This makes the tests succeed when using --disable-proxy.
Closes https://github.com/curl/curl/pull/4488
|
|
Python 2's `ConfigParser` module is spelled `configparser` in Python 3.
Closes https://github.com/curl/curl/pull/4484
|
|
... when the tests want "connection refused".
|
|
Follow-up to 93373a960c3bb4
Reported-by: infinnovation-dev on github
Fixes #4474
Closes #4475
|
|
This completes #3794.
Also make sure the new tests from #4195 are enabled
Closes #4465
|
|
Follow-up from 2c20109a9b5d04
Added test 663 to verify.
Reported by OSS-Fuzz
Bug: https://crbug.com/oss-fuzz/17954
Closes #4453
|
|
... to make it handle for example (RFC violating) embeded spaces.
Reported-by: momala454 on github
Fixes #4445
Closes #4447
|
|
This should again enable crazy-large download ranges of the style
[1-10000000] that otherwise easily ran out of memory starting in 7.66.0
when this new handle allocating scheme was introduced.
Reported-by: Peter Sumatra
Fixes #4393
Closes #4438
|
|
Closes #4441
|
|
As mandated by the spec. Test 1654 is extended to verify.
Closes #4443
|
|
The 'share object' only sets the storage area for cookies. The "cookie
engine" still needs to be enabled or activated using the normal cookie
options.
This caused the curl command line tool to accidentally use cookies
without having been told to, since curl switched to using shared cookies
in 7.66.0.
Test 1166 verifies
Updated test 506
Fixes #4429
Closes #4434
|
|
Add libtest 661
Closes #4417
|
|
Closes #4428
|
|
`timediff_t` is 64 bits wide also on 32-bit systems since
commit b1616dad8f0.
Closes https://github.com/curl/curl/pull/4415
|
|
This reverts commit 2f036a72d543e96128bd75cb0fedd88815fd42e2.
|
|
Closes #4423
|
|
The parser would check for a query part before fragment, which caused it
to do wrong when the fragment contains a question mark.
Extended test 1560 to verify.
Reported-by: Alex Konev
Fixes #4412
Closes #4413
|
|
CURLU_NO_AUTHORITY is intended for use with unknown schemes (i.e. not
"file:///") to override cURL's default demand that an authority exists.
Closes #4349
|
|
Closes #4348
|
|
Unclear why this was not detected in the CI.
Follow-up to b7666027296a
|
|
Added unit test case 1655 to verify.
Close #4352
the code correctly finds the flaws in the old code,
if one temporarily restores doh.c to the old version.
|
|
This is a protocol violation but apparently there are legacy proprietary
servers doing this.
Added test 336 and 337 to verify.
Reported-by: Philippe Marguinaud
Closes #4339
|
|
Closes #4332
|
|
It needs to parse correctly. Otherwise it could be tricked into letting
through a-f using host names that libcurl would then resolve. Like
'[ab.be]'.
Reported-by: Thomas Vegas
Closes #4315
|
|
This allows the function to figure out if a unix domain socket has a
file name or not associated with it! When a socket is created with
socketpair(), as done in the fuzzer testing, the path struct member is
uninitialized and must not be accessed.
Bug: https://crbug.com/oss-fuzz/16699
Closes #4283
|
|
Double-underscored or underscore plus uppercase letter at least.
... as they're claimed to be reserved.
Reported-by: patnyb on github
Fixes #4254
Closes #4255
|
|
When a username and password are provided in the URL, they were wrongly
removed from the stored URL so that subsequent uses of the same URL
wouldn't find the crendentials. This made doing HTTP auth with multiple
connections (like Digest) mishave.
Regression from 46e164069d1a5230 (7.62.0)
Test case 335 added to verify.
Reported-by: Mike Crowe
Fixes #4228
Closes #4229
|
|
Tests are no longer grouped by numeric range[1]. Let's stop saying that
and provide some alternative advice for numbering tests.
[1] https://curl.haxx.se/mail/lib-2019-08/0043.html
Closes #4227
|
|
- Add new error code CURLE_AUTH_ERROR.
Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.
Ref: https://github.com/curl/curl/pull/3848
Co-authored-by: Dominik Hölzl
Closes https://github.com/curl/curl/pull/3864
|
|
Closes #4204
|