Commit Graph

3365 Commits

Author SHA1 Message Date
Jay Satiro
172b2beba6 SSL: Add an option to disable certificate revocation checks
New tool option --ssl-no-revoke.
New value CURLSSLOPT_NO_REVOKE for CURLOPT_SSL_OPTIONS.

Currently this option applies only to WinSSL where we have automatic
certificate revocation checking by default. According to the
ssl-compared chart there are other backends that have automatic checking
(NSS, wolfSSL and DarwinSSL) so we could possibly accommodate them at
some later point.

Bug: https://github.com/bagder/curl/issues/264
Reported-by: zenden2k <zenden2k@gmail.com>
2015-07-17 02:40:16 -04:00
Jay Satiro
606b29fe0d runtests: Allow for spaces in curl custom path
.. also fix some typos in test's FILEFORMAT spec.
2015-07-16 22:21:07 -04:00
Kamil Dudka
cd20e81e89 libtest: call PR_Cleanup() on exit if NSPR is used
This prevents valgrind from reporting possibly lost memory that NSPR
uses for file descriptor cache and other globally allocated internal
data structures.

Reported-by: Štefan Kremeň
2015-07-14 21:52:33 +02:00
Dan Fandrich
ce1bf87a04 test2041: fixed line endings in protocol part 2015-07-02 08:32:18 +02:00
moparisthebest
55b78c5ae9 SSL: Pinned public key hash support 2015-07-01 19:43:47 +02:00
Jay Satiro
66a5f76583 multi: Move http2 push function declarations to header end
This change necessary for binary compatibility.

Prior to this change test 1135 failed due to the order of functions.
2015-06-30 17:19:21 -04:00
Roger Leigh
e3e06e1aee tests: Distribute CMakeLists.txt files in subdirectories 2015-06-25 07:48:50 -07:00
Daniel Stenberg
5156982377 test1531: verify POSTFIELDSIZE set after add_handle
Following the fix made in 903b6e0556.
2015-06-23 17:51:03 -07:00
Kamil Dudka
24f0b6ebf7 test2040: verify basic auth on re-used connections 2015-06-17 07:43:13 +02:00
Dan Fandrich
55fc47a401 test1530: added http to required features 2015-06-14 22:38:39 +02:00
Daniel Stenberg
20ac345806 CURLOPT_OPENSOCKETFUNCTION: return error at once
When CURL_SOCKET_BAD is returned in the callback, it should be treated
as an error (CURLE_COULDNT_CONNECT) if no other socket is subsequently
created when trying to connect to a server.

Bug: http://curl.haxx.se/mail/lib-2015-06/0047.html
2015-06-09 00:22:02 +02:00
Isaac Boukris
4bb815a32e HTTP-NTLM: fail auth on connection close instead of looping
Bug: https://github.com/bagder/curl/issues/256
2015-05-31 23:21:15 +02:00
Dan Fandrich
4a79475b13 testcurl.pl: use rel2abs to make the source directory absolute
This function makes a platform-specific absolute path which uses
backslashes on Windows. This form works when passing it on the
command-line, as well as if the source is on another drive.
2015-05-24 12:09:34 +02:00
Dan Fandrich
ef02da3156 test1510: another flaky test 2015-05-23 16:28:09 +02:00
Dan Fandrich
126e7f7253 testcurl.pl: allow source to be in an arbitrary directory
This way, the build directory can be located on an entirely different
filesystem from the source code (e.g. a tmpfs).
2015-05-21 09:14:40 +02:00
Anthony Avina
4883f7019d hostip: fix unintended destruction of hash table
.. and added unit1602 for hash.c
2015-05-18 11:15:43 +02:00
Daniel Stenberg
d69eee0964 runtests.pl: use 'h2c' now, no -14 anymore 2015-05-18 10:10:55 +02:00
Daniel Stenberg
b419e7ae0c hostcache: made all host caches use structs, not pointers
This avoids unnecessary dynamic allocs and as this also removed the last
users of *hash_alloc() and *hash_destroy(), those two functions are now
removed.
2015-05-12 09:46:53 +02:00
Daniel Stenberg
6ba2e88a64 CURLOPT_HEADEROPT: default to separate
Make the HTTP headers separated by default for improved security and
reduced risk for information leakage.

Bug: http://curl.haxx.se/docs/adv_20150429.html
Reported-by: Yehezkel Horowitz, Oren Souroujon
2015-04-28 21:02:37 +02:00
Daniel Stenberg
1945f99d59 sws: init http2 state properly
It would otherwise cause problems when running tests after 1801 etc.
2015-04-27 08:38:52 +02:00
Daniel Stenberg
c0700e3c7f runtests: use a DISABLED.local file too
... and have git ignore that. Allows for a dev to add tests to ignore in
local tests and yet don't obstruct a normal git work flow.
2015-04-26 19:59:13 +02:00
Dan Fandrich
f1e0a0aae7 test2039: fixed line endings that caused a test failure 2015-04-25 10:17:46 +02:00
Viktor Szakats
047e6aa05c netrc: add unit tests for 'default' support 2015-04-24 23:57:55 +02:00
Kamil Dudka
710a2e99b5 curl -z: do not write empty file on unmet condition
This commit fixes a regression introduced in curl-7_41_0-186-g261a0fe.
It also introduces a regression test 1424 based on tests 78 and 1423.

Reported-by: Viktor Szakats
Bug: https://github.com/bagder/curl/issues/237
2015-04-23 14:42:07 +02:00
Jay Satiro
0675abbc75 cyassl: Implement public key pinning
Also add public key extraction example to CURLOPT_PINNEDPUBLICKEY doc.
2015-04-22 17:07:19 -04:00
Kamil Dudka
27ace9893c tests/unit/.gitignore: hide unit1601 and above, too 2015-04-22 14:20:20 +02:00
Kamil Dudka
b47c17d67c nss: implement public key pinning for NSS backend
Bug: https://bugzilla.redhat.com/1195771
2015-04-22 13:21:31 +02:00
Dan Fandrich
1e6d0e06f7 test1423: added missing "file" to server section 2015-04-18 21:12:36 +02:00
Kamil Dudka
992a731116 test142[23]: verify that an empty file is stored on success 2015-04-08 09:43:13 +02:00
Stefan Bühler
0db831976e fix refreshing of obsolete dns cache entries
- cache entries must be also refreshed when they are in use
- have the cache count as inuse reference too, freeing timestamp == 0 special
  value
- use timestamp == 0 for CURLOPT_RESOLVE entries which don't get refreshed
- remove CURLOPT_RESOLVE special inuse reference (timestamp == 0 will prevent refresh)
- fix Curl_hostcache_clean - CURLOPT_RESOLVE entries don't have a special
  reference anymore, and it would also release non CURLOPT_RESOLVE references
- fix locking in Curl_hostcache_clean
- fix unit1305.c: hash now keeps a reference, need to set inuse = 1
2015-04-03 16:46:14 +02:00
Tatsuhiro Tsujikawa
21e82bd635 http2: Fix missing nghttp2_session_send call in Curl_http2_switched
Previously in Curl_http2_switched, we called nghttp2_session_mem_recv to
parse incoming data which were already received while curl was handling
upgrade.  But we didn't call nghttp2_session_send, and it led to make
curl not send any response to the received frames.  Most likely, we
received SETTINGS from server at this point, so we missed opportunity to
send SETTINGS + ACK.  This commit adds missing nghttp2_session_send call
in Curl_http2_switched to fix this issue.

Bug: https://github.com/bagder/curl/issues/192
Reported-by: Stefan Eissing
2015-04-02 15:19:29 +02:00
Daniel Stenberg
2685041a5c cookie: handle spaces after the name in Set-Cookie
"name =value" is fine and the space should just be skipped.

Updated test 31 to also test for this.

Bug: https://github.com/bagder/curl/issues/195
Reported-by: cromestant
Help-by: Frank Gevaerts
2015-04-01 23:25:29 +02:00
Dan Fandrich
9a743bc5fc runtests.pl: detect WolfSSL as yassl 2015-03-28 00:26:45 +01:00
Dan Fandrich
a45146868b testcurl.pl: add the --notes option to supply more info about a build
Support for notes has been in place for a while, but it required
being added to the setup file manually.
2015-03-24 23:47:01 +01:00
Daniel Stenberg
5d23279299 CURLOPT_PATH_AS_IS: added
--path-as-is is the command line option

Added docs in curl.1 and CURLOPT_PATH_AS_IS.3

Added test in test 1241
2015-03-24 10:31:58 +01:00
Dan Fandrich
148207e2d7 test1513: eliminated race condition in test run
It seems that some systems (e.g. fairly consistently in some recent
Solaris autobuilds) would manage to get to the connect phase before the
progress callback was called, resulting in a CURLE_COULDNT_CONNECT
error. Reworked the test to point at a test server that never returns a
full result so the progress callback always gets a chance to be called
before the transfer can complete in some other way.
2015-03-22 00:03:44 +01:00
Dan Fandrich
f9251a5c86 tests/certs: rebuild certificates with modified key usage bits
The certificates were missing the digitalSignature and keyAgreement
usage types, of which at least digitalSignature was checked by CyaSSL.
This caused the test server in test 310 (among others) to fail the
startup verification and therefore run (see
http://curl.haxx.se/mail/lib-2014-07/0303.html).
2015-03-21 16:33:58 +01:00
Dan Fandrich
38c304a58f tests/certs: added make target to rebuild certificates
The certificate generation scripts were also updated to better match the
format of the certificates currently checked in.
2015-03-21 16:33:58 +01:00
Dagobert Michelsen
57dc2f7e40 testcurl: Allow '=' in values given on command line 2015-03-21 15:57:08 +01:00
Dan Fandrich
61ff197a27 test938: added missing closing tags 2015-03-21 01:27:44 +01:00
Daniel Stenberg
0f4a03cbb6 free: instead of Curl_safefree()
Since we just started make use of free(NULL) in order to simplify code,
this change takes it a step further and:

- converts lots of Curl_safefree() calls to good old free()
- makes Curl_safefree() not check the pointer before free()

The (new) rule of thumb is: if you really want a function call that
frees a pointer and then assigns it to NULL, then use Curl_safefree().
But we will prefer just using free() from now on.
2015-03-16 15:01:15 +01:00
Markus Elfring
29c655c0a6 Bug #149: Deletion of unnecessary checks before calls of the function "free"
The function "free" is documented in the way that no action shall occur for
a passed null pointer. It is therefore not needed that a function caller
repeats a corresponding check.
http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first

This issue was fixed by using the software Coccinelle 1.0.0-rc24.

Signed-off-by: Markus Elfring <elfring@users.sourceforge.net>
2015-03-16 12:13:56 +01:00
Daniel Stenberg
0cf649d9cc http2: detect prematures close without data transfered
... by using the regular Curl_http_done() method which checks for
that. This makes test 1801 fail consistently with error 56 (which seems
fine) to that test is also updated here.

Reported-by: Ben Darnell
Bug: https://github.com/bagder/curl/issues/166
2015-03-14 18:19:51 +01:00
Dan Fandrich
0911b96399 test320: Expect the Host header to be the first header
Required for the test to work after a5d994941c.
2015-03-13 22:37:23 +01:00
Fabian Keil
6d3260af64 test203[0-3]: Expect the Host header to be the first header
Required for the tests to work after a5d994941c.
2015-03-12 16:06:11 +01:00
Daniel Stenberg
a5d994941c http: always send Host: header as first header
...after the method line:

 "Since the Host field-value is critical information for handling a
 request, a user agent SHOULD generate Host as the first header field
 following the request-line." / RFC 7230 section 5.4

Additionally, this will also make libcurl ignore multiple specified
custom Host: headers and only use the first one. Test 1121 has been
updated accordingly

Bug: http://curl.haxx.se/bug/view.cgi?id=1491
Reported-by: Rainer Canavan
2015-03-12 12:15:24 +01:00
Daniel Stenberg
852d35b6ea proxy: re-use proxy connections (regression)
When checking for a connection to re-use, a proxy-using request must
check for and use a proxy connection and not one based on the host
name!

Added test 1421 to verify

Bug: http://curl.haxx.se/bug/view.cgi?id=1492
2015-03-11 11:54:22 +01:00
Jay Satiro
f39b1c0801 memanalyze.pl: handle free(NULL) 2015-03-10 22:05:46 +01:00
Daniel Stenberg
709cf76f6b openssl: remove all uses of USE_SSLEAY
SSLeay was the name of the library that was subsequently turned into
OpenSSL many moons ago (1999). curl does not work with the old SSLeay
library since years. This is now reflected by only using USE_OPENSSL in
code that depends on OpenSSL.
2015-03-05 10:57:52 +01:00
Sergei Nikulov
43eb8b2874 libtest: fixed linker errors on msvc
Bug: https://github.com/bagder/curl/pull/144
2015-03-03 14:33:11 +01:00