Commit Graph

2100 Commits

Author SHA1 Message Date
Daniel Stenberg
debf23eead
mqtt: handle POST/PUBLISH without a set POSTFIELDSIZE
Detected by OSS-Fuzz
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28735

Added test 1916 and 1917 to verify.

Closes #6338
2020-12-18 12:54:05 +01:00
Daniel Stenberg
c7dd08ce58
tests: updated tests for Hyper 2020-12-18 09:58:04 +01:00
Daniel Stenberg
a5bc272223
http: show the request as headers even when split-sending
When the initial request isn't possible to send in its entirety, the
remainder of request would be delivered to the debug callback as data
and would wrongly be counted internally as body-bytes sent.

Extended test 1295 to verify.

Closes #6328
2020-12-17 14:00:27 +01:00
Daniel Stenberg
3abfadfc19
test1198/9: add two mqtt publish tests without payload lengths
Closes #6335
2020-12-17 13:55:02 +01:00
Daniel Stenberg
354bc95d96
test1272: fix line ending
Follow-up to f24784f914
2020-12-15 17:38:42 +01:00
Daniel Stenberg
f24784f914
test1272: test gophers 2020-12-15 12:58:19 +01:00
Daniel Stenberg
eddae97406
test1564/1565: require the 'wakeup' feature to run
Fixes #6299
Fixes #6300
Closes #6301
2020-12-11 17:42:18 +01:00
Daniel Stenberg
3a63c190bb
tests: make --libcurl tests only test FTP options if ftp enabled
Adjust six --libcurl tests to only check the FTP option if FTP is
actually present in the build.

Fixes #6303
Closes #6305
2020-12-11 17:28:35 +01:00
Daniel Stenberg
ec9cc725d5
ftp: CURLOPT_FTP_SKIP_PASV_IP by default
The command line tool also independently sets --ftp-skip-pasv-ip by
default.

Ten test cases updated to adapt the modified --libcurl output.

Bug: https://curl.se/docs/CVE-2020-8284.html
CVE-2020-8284

Reported-by: Varnavas Papaioannou
2020-12-07 08:38:05 +01:00
Daniel Stenberg
abd846c374
urlapi: don't accept blank port number field without scheme
... as it makes the URL parser accept "very-long-hostname://" as a valid
host name and we don't want that. The parser now only accepts a blank
(no digits) after the colon if the URL starts with a scheme.

Reported-by: d4d on hackerone

Closes #6283
2020-12-07 00:50:49 +01:00
Daniel Stenberg
72ae6737e0 test506: make it not run in c-ares builds
As the asynch nature of it may trigger events in another order. A c-ares
upgrade made it break.

Reported-by: Marc Hörsken
Fixes #6247
2020-11-26 17:24:55 +01:00
Daniel Stenberg
ee644bc8b3
test493: verify --hsts upgrade and that %{url_effective} reflects that
Closes #6175
2020-11-06 08:22:34 +01:00
Daniel Stenberg
4d2f800677
curl.se: new home
Closes #6172
2020-11-04 23:59:47 +01:00
Daniel Stenberg
2cfc4ed983
hsts: add read/write callbacks
- read/write callback options
- man pages for the 4 new setopts
- test 1915 verifies the callbacks

Closes #5896
2020-11-03 16:08:48 +01:00
Daniel Stenberg
7385610d0c
hsts: add support for Strict-Transport-Security
- enable in the build (configure)
- header parsing
- host name lookup
- unit tests for the above
- CI build
- CURL_VERSION_HSTS bit
- curl_version_info support
- curl -V output
- curl-config --features
- CURLOPT_HSTS_CTRL
- man page for CURLOPT_HSTS_CTRL
- curl --hsts (sets CURLOPT_HSTS_CTRL and works with --libcurl)
- man page for --hsts
- save cache to disk
- load cache from disk
- CURLOPT_HSTS
- man page for CURLOPT_HSTS
- added docs/HSTS.md
- fixed --version docs
- adjusted curl_easy_duphandle

Closes #5896
2020-11-03 16:08:42 +01:00
Jay Satiro
e4d38014cd tests: fix some http/2 tests for older versions of nghttpx
- Add regex that strips http/2 server header name to those http/2 tests
  that don't already have it.

- Improve that regex in all http/2 tests.

Tests 358 and 359 were failing for me before this change on a system
that uses an older version of nghttpx which includes its version number
in the server header.

Closes https://github.com/curl/curl/pull/6139
2020-10-29 23:08:03 -04:00
Emil Engler
499b3b6ff6
tool_help: make "output" description less confusing
Currently the description of "output" is misleading when comparing it
"verbose".

Closes #6118
2020-10-24 23:46:02 +02:00
Daniel Stenberg
15997f6db5
test122[12]: remove these two tests
... and remove the objnames scripts they tested. They're not used for
anything anymore so testing them serves no purpose!

Reported-by: Marc Hörsken
Fixes #6080
Closes #6081
2020-10-15 07:56:19 +02:00
Daniel Stenberg
b8e4d1cb0a
runtests: add %repeat[]% for test files
... and use this new keywords in all the test files larger than 50K to reduce
their sizes and make them a lot easier to read and understand.

Closes #6040
2020-10-04 17:16:53 +02:00
Daniel Stenberg
e6b21d422e
runtests: provide curl's version string as %VERSION for tests
... so that we can check HTTP requests for User-Agent: curl/%VERSION

Update 600+ test cases accordingly.

Closes #6037
2020-10-02 22:54:23 +02:00
Daniel Stenberg
ddecd28268
test1465: verify --libcurl with binary POST data 2020-10-02 09:35:38 +02:00
Daniel Stenberg
4a4c724599
ftp: make a 552 response return CURLE_REMOTE_DISK_FULL
Added test 348 to verify. Added a 'STOR' command to the test FTP
server to enable test 348. Documented the command in FILEFORMAT.md

Reported-by: Duncan Wilcox
Fixes #6016
Closes #6017
2020-09-26 13:37:15 +02:00
Daniel Stenberg
11522d7292
test163[12]: require http to be built-in to run
... as speaking over an HTTPS proxy implies http!

Closes #6014
2020-09-25 14:29:45 +02:00
Daniel Stenberg
1397a7de6e
ftp: separate FTPS from FTP over "HTTPS proxy"
When using HTTPS proxy, SSL is used but not in the view of the FTP
protocol handler itself so separate the connection's use of SSL from the
FTP control connection's sue.

Reported-by: Mingtao Yang
Fixes #5523
Closes #6006
2020-09-24 14:09:20 +02:00
Dan Fandrich
93653ef9e2 tests/data: Fix some mismatched XML tags in test cases
This allows these test files to pass xmllint.
2020-09-23 14:53:26 -07:00
Daniel Stenberg
3e80895da7
test1297: verify GOT_NOTHING with http proxy tunnel 2020-09-22 10:54:42 +02:00
Daniel Stenberg
2cc6857247
test3015: verify stdout "as text"
Follow-up from 0c1e767e83 to please win32 tests

Closes #5962
2020-09-15 22:51:08 +02:00
anio
0c1e767e83
tool_writeout: add new writeout variable, %{num_headers}
This variable gives the number of headers.

Closes #5947
2020-09-15 00:37:08 +02:00
Daniel Stenberg
7ea2e1d0c5
ftp: a 550 response to SIZE returns CURLE_REMOTE_FILE_NOT_FOUND
This is primarily interesting for cases where CURLOPT_NOBODY is set as
previously curl would not return an error for this case.

MDTM getting 550 now also returns this error (it returned
CURLE_FTP_COULDNT_RETR_FILE before) in order to unify return codes for
missing files across protocols and specific FTP commands.

libcurl already returns error on a 550 as a MDTM response (when
CURLOPT_FILETIME is set). If CURLOPT_NOBODY is not set, an error would
happen subsequently anyway since the RETR command would fail.

Add test 1913 and 1914 to verify. Updated several tests accordingly due
to the updated SIZE behavior.

Reported-by: Tomas Berger
Fixes #5953
Closes #5957
2020-09-14 12:53:12 +02:00
Daniel Stenberg
5c2d2d2ace
test434: test -K use in a single line without newline
Closes #5946
2020-09-14 08:32:49 +02:00
Daniel Stenberg
47dd957daf
curl: use curlx_dynbuf for realloc when loading config files
... fixes an integer overflow at the same time.

Reported-by: ihsinme on github
Assisted-by: Jay Satiro

Closes #5946
2020-09-14 08:32:45 +02:00
Daniel Stenberg
5fbc3ee520
tests: add test1912 to the dist
Follow-up to 70984ce1be
2020-09-12 18:09:49 +02:00
Daniel Stenberg
f93455eb04
altsvc: clone setting in curl_easy_duphandle
The cache content is not duplicated, like other caches, but the setting
and specified file name are.

Test 1908 is extended to verify this somewhat. Since the duplicated
handle gets the same file name, the test unfortunately overwrites the
same file twice (with different contents) which makes it hard to check
automatically.

Closes #5923
2020-09-06 09:54:54 +02:00
Daniel Stenberg
8ca54a03ea
test1541: remove since it is a known bug
A shared connection cache is not thread-safe is a known issue. Stop
testing this until we believe this issue is addressed. Reduces
occasional test failures we don't care about.

The test code in lib1541.c is left in git to allow us to restore it when
we get to fix this.

Closes #5922
2020-09-06 09:51:06 +02:00
Daniel Stenberg
e50a877df7
tests: remove pipelining tests
Remove the tests 530, 584, 1900, 1901, 1902, 1903 and 2033. They were
previously disabled.

The Pipelining code was removed from curl in commit 2f44e94efb,
April 2019.

Closes #5921
2020-09-06 09:48:17 +02:00
Emil Engler
a86cc7e2ab
tests: Add tests for new --help
This commit is a part of "--help me if you can"

Closes #5680
2020-09-04 15:38:22 +02:00
Daniel Stenberg
e22682b908
test971: show test mismatches "inline" 2020-09-02 09:27:51 +02:00
Jeroen Ooms
70984ce1be
tests: add test1912 with typechecks
Validates that gcc-typecheck macros match the new option type API.

Closes #5873
2020-08-28 23:36:55 +02:00
Daniel Stenberg
6ebe63fac2
options: API for meta-data about easy options
const struct curl_easyoption *curl_easy_option_by_name(const char *name);

 const struct curl_easyoption *curl_easy_option_by_id (CURLoption id);

 const struct curl_easyoption *
 curl_easy_option_next(const struct curl_easyoption *prev);

The purpose is to provide detailed enough information to allow for
example libcurl bindings to get option information at run-time about
what easy options that exist and what arguments they expect.

Assisted-by: Jeroen Ooms
Closes #5365
2020-08-27 14:17:36 +02:00
Daniel Stenberg
5620d2cc78
curl: add --output-dir
Works with --create-dirs and with -J

Add test 3008, 3009, 3011, 3012 and 3013 to verify.

Closes #5637
2020-08-24 22:41:37 +02:00
Daniel Stenberg
4be1f8dc01
curl: support XDG_CONFIG_HOME to find .curlrc
Added test433 to verify. Updated documentation.

Reviewed-by: Jay Satiro
Suggested-by: Eli Schwartz
Fixes #5829
Closes #5837
2020-08-24 16:37:09 +02:00
Daniel Stenberg
98c94596f5
etag: save and use the full received contents
... which makes it support weak tags and non-standard etags too!

Added test case 347 to verify blank incoming ETag:

Fixes #5610
Closes #5833
2020-08-24 10:02:41 +02:00
Daniel Stenberg
88b1ca7cba
CURLE_PROXY: new error code
Failures clearly returned from a (SOCKS) proxy now causes this return
code. Previously the situation was not very clear as what would be
returned and when.

In addition: when this error code is returned, an application can use
CURLINFO_PROXY_ERROR to query libcurl for the detailed error, which then
returns a value from the new 'CURLproxycode' enum.

Closes #5770
2020-08-24 08:41:48 +02:00
Daniel Stenberg
86dc9867a5
test1140: compare stdout
To make problems more immediately obvious when tests fail.

Closes #5814
2020-08-15 00:10:36 +02:00
Daniel Stenberg
2429f45a97
TLS naming: fix more Winssl and Darwinssl leftovers
The CMake option is now called CMAKE_USE_SCHANNEL

The winbuild flag is USE_SCHANNEL

The CI jobs and build scripts only use the new names and the new name
options

Tests now require 'Schannel' (when necessary)

Closes #5795
2020-08-08 00:19:21 +02:00
Daniel Stenberg
337a28d810
runtests: move the TELNET server to a dynamic port
Rename the port variable to TELNETPORT to better match the existing
pattern.

Closes #5785
2020-08-06 23:47:08 +02:00
Daniel Stenberg
424092e70f
runtests: support dynamicly base64 encoded sections in tests
This allows us to make test cases to use base64 at run-time and still
use and verify information determined at run-time, such as the IMAP test
server's port number in test 842.

This change makes 12 tests run again that basically never ran since we
moved to dynamic port numbers.

ftpserver.pl is adjusted to load test instructions and test number from
the preprocessed test file.

FILEFORMAT.md now documents the new base64 encoding syntax.

Reported-by: Marcel Raad
Fixes #5761
Closes #5775
2020-08-04 18:12:42 +02:00
Marcel Raad
07fd3fa07f
test1908: treat file as text
Fixes the line endings on Windows.

Closes https://github.com/curl/curl/pull/5767
2020-08-03 12:14:27 +02:00
Marcel Raad
87e0fcfe5c
TrackMemory tests: ignore realloc and free in getenv.c
These are only called for WIN32.

Closes https://github.com/curl/curl/pull/5767
2020-08-03 12:14:23 +02:00
Marc Aldorasi
d5bb459ccf
multi_remove_handle: close unused connect-only connections
Previously any connect-only connections in a multi handle would be kept
alive until the multi handle was closed.  Since these connections cannot
be re-used, they can be marked for closure when the associated easy
handle is removed from the multi handle.

Closes #5749
2020-08-01 15:26:08 +02:00