From 950b53da0d47f8975a062b9fbba9e1db0efb8f31 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 6 Feb 2020 11:36:53 +0100
Subject: ftp: remove superfluous checking for crlf in user or pwd

... as this is already done much earlier in the URL parser.

Also add test case 894 that verifies that pop3 with an encodedd CR in
the user name is rejected.

Closes #4887
---
 tests/data/test894 | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 tests/data/test894

(limited to 'tests/data/test894')

diff --git a/tests/data/test894 b/tests/data/test894
new file mode 100644
index 000000000..db79830ca
--- /dev/null
+++ b/tests/data/test894
@@ -0,0 +1,37 @@
+<testcase>
+<info>
+<keywords>
+POP3
+Clear Text
+RETR
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+pop3
+</server>
+ <name>
+POP3 with CR in username
+ </name>
+ <command>
+pop3://user%0dFRIGGING_cmd:secret@%HOSTIP:%POP3PORT/894
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+# malformed URL
+<errorcode>
+3
+</errorcode>
+</verify>
+</testcase>
-- 
cgit v1.2.3