Commit Graph

3445 Commits

Author SHA1 Message Date
Daniel Stenberg
2716350d1f sshserver: remove use of AuthorizedKeysFile2
Support for the (undocumented) AuthorizedKeysFile2 was removed in
OpenSSH 5.9, released in September 2011

Closes #715
2016-03-21 00:53:02 +01:00
Daniel Stenberg
42a93d4364 runtests: mention when run event-based 2016-03-14 15:39:16 +01:00
Daniel Stenberg
7f7fcd0d75 cookies: first n/v pair in Set-Cookie: is the cookie, then parameters
RFC 6265 section 4.1.1 spells out that the first name/value pair in the
header is the actual cookie name and content, while the following are
the parameters.

libcurl previously had a more liberal approach which causes significant
problems when introducing new cookie parameters, like the suggested new
cookie priority draft.

The previous logic read all n/v pairs from left-to-right and the first
name used that wassn't a known parameter name would be used as the
cookie name, thus accepting "Set-Cookie: Max-Age=2; person=daniel" to be
a cookie named 'person' while an RFC 6265 compliant parser should
consider that to be a cookie named 'Max-Age' with an (unknown) parameter
'person'.

Fixes #709
2016-03-10 11:26:12 +01:00
Tim Rühsen
c140bd7891 cookie: do not refuse cookies for localhost
Closes #658
2016-03-08 15:27:43 +01:00
Daniel Stenberg
e6293cf876 test46: change cookie expiry date
Since two of the cookies would now otherwise expire and cause the test
to fail after commit 20de9b4f09

Discussed in #697
2016-03-06 16:22:49 +01:00
Kamil Dudka
effa575fc7 tests/sshserver.pl: use RSA instead of DSA for host auth
DSA is no longer supported by OpenSSH 7.0, which causes all SCP/SFTP
test cases to be skipped.  Using RSA for host authentication works with
both old and new versions of OpenSSH.

Reported-by: Karlson2k

Closes #676
2016-02-23 11:55:18 +01:00
Jay Satiro
186546f1c5 TFTP: add option to suppress TFTP option requests (Part 2)
- Add tests.

- Add an example to CURLOPT_TFTP_NO_OPTIONS.3.

- Add --tftp-no-options to expose CURLOPT_TFTP_NO_OPTIONS.

Bug: https://github.com/curl/curl/issues/481
2016-02-23 03:01:07 -05:00
Karlson2k
527e86b054 runtests: Fixed usage of %PWD on MinGW64
Closes #672
2016-02-22 00:07:32 +01:00
Dan Fandrich
e50674ad28 Enabled test 1437 after the bug fix in commit 3fa220a6 2016-02-20 11:34:15 +01:00
Dan Fandrich
fe37695aa9 Added test 1437 to verify a memory leak
Reported-by: neex@users.noreply.github.com
2016-02-19 10:45:09 +01:00
Dan Fandrich
0443187611 test1604: Add to Makefile.inc so it gets run 2016-02-13 22:49:45 +01:00
Jay Satiro
4fc80f3e75 tool_doswin: Support for literal path prefix \\?\
For example something like --output \\?\C:\foo
2016-02-09 03:28:58 -05:00
Daniel Stenberg
18c735e790 cookies: allow spaces in cookie names, cut of trailing spaces
It turns out Firefox and Chrome both allow spaces in cookie names and
there are sites out there using that.

Turned out the code meant to strip off trailing space from cookie names
didn't work. Fixed now.

Test case 8 modified to verify both these changes.

Closes #639
2016-02-08 15:49:54 +01:00
Daniel Stenberg
113f04e664 Proxy-Connection: stop sending this header by default
RFC 7230 says we should stop. Firefox already stopped.

Bug: https://github.com/curl/curl/issues/633
Reported-By: Brad Fitzpatrick

Closes #633
2016-02-08 11:09:40 +01:00
Jay Satiro
a6208704e7 unit1604: Fix unit setup return code 2016-02-05 13:37:39 -05:00
Jay Satiro
4520534e6d tool_doswin: Improve sanitization processing
- Add unit test 1604 to test the sanitize_file_name function.

- Use -DCURL_STATICLIB when building libcurltool for unit testing.

- Better detection of reserved DOS device names.

- New flags to modify sanitize behavior:

SANITIZE_ALLOW_COLONS: Allow colons
SANITIZE_ALLOW_PATH: Allow path separators and colons
SANITIZE_ALLOW_RESERVED: Allow reserved device names
SANITIZE_ALLOW_TRUNCATE: Allow truncating a long filename

- Restore sanitization of banned characters from user-specified outfile.

Prior to this commit sanitization of a user-specified outfile was
temporarily disabled in 2b6dadc because there was no way to allow path
separators and colons through while replacing other banned characters.
Now in such a case we call the sanitize function with
SANITIZE_ALLOW_PATH which allows path separators and colons to pass
through.


Closes https://github.com/curl/curl/issues/624
Reported-by: Octavio Schroeder
2016-02-05 01:44:27 -05:00
Viktor Szakats
d49881cb19 URLs: change more http to https 2016-02-04 18:46:54 -05:00
Viktor Szakats
20dcd19501 URLs: follow GitHub project rename (also Travis CI)
Closes #632
2016-02-04 23:01:38 +01:00
Viktor Szakats
b4f595bde4 URLs: change more http to https 2016-02-02 22:29:47 -05:00
Daniel Stenberg
4af40b3646 URLs: change all http:// URLs to https:// 2016-02-03 00:19:02 +01:00
Daniel Stenberg
41ae9f717a dotdot: allow an empty input string too
It isn't used by the code in current conditions but for safety it seems
sensible to at least not crash on such input.

Extended unit test 1395 to verify this too as well as a plain "/" input.
2016-02-02 22:43:54 +01:00
Jay Satiro
d566371130 tests: Add a test for pinnedpubkey fail even when insecure
Because disabling the peer verification (--insecure) must not disable
the public key pinning check (--pinnedpubkey).
2016-01-18 03:10:10 -05:00
Mohammad AlSaleh
3d209b5fb0 lib: Prefix URLs with lower-case protocol names/schemes
Before this patch, if a URL does not start with the protocol
name/scheme, effective URLs would be prefixed with upper-case protocol
names/schemes. This behavior might not be expected by library users or
end users.

For example, if `CURLOPT_DEFAULT_PROTOCOL` is set to "https". And the
URL is "hostname/path". The effective URL would be
"HTTPS://hostname/path" instead of "https://hostname/path".

After this patch, effective URLs would be prefixed with a lower-case
protocol name/scheme.

Closes #597

Signed-off-by: Mohammad AlSaleh <CE.Mohammad.AlSaleh@gmail.com>
2016-01-11 23:38:42 +01:00
Jay Satiro
036c465e88 runtests: Add mbedTLS to the SSL backends
.. and enable SSLpinning tests for mbedTLS, BoringSSL and LibreSSL.
2016-01-10 02:56:26 -05:00
Michael Kaufmann
d9b4d1ce20 connection reuse: IDN host names fixed
Use the ACE form of IDN hostnames as key in the connection cache.  Add
new tests.

Closes #592
2016-01-08 00:19:46 +01:00
Daniel Stenberg
336e8feec4 tests: mark IPv6 FTP and FTPS tests with the FTP keyword 2016-01-07 14:30:55 +01:00
Marc Hoersken
2aec4359db test 1515: add data check 2015-12-26 17:25:59 +01:00
Marc Hoersken
38b055446a test 1515: add MSYS support by passing a relative path
MSYS would otherwise turn a /-style path into a C:\-style path.
2015-12-26 17:25:42 +01:00
Marc Hoersken
4ca246c3a8 test 539: use datacheck mode text for ASCII-mode LISTings
While still using datacheck mode binary for the inline reply data.
2015-12-26 11:01:47 +01:00
Marc Hoersken
a9ebd1bddc runtests.pl: check up to 5 data parts with different text modes
Move the text-mode conversion for reply/replycheck from the verify
section into the load section and add support for 4 more check parts.
2015-12-26 11:01:47 +01:00
Marc Hoersken
8fb8e16ea4 tests 1048 and 1050: use datacheck mode text for ASCII-mode LISTings 2015-12-24 14:56:47 +01:00
Marc Hoersken
2eb933e8aa tests 706 and 707: use datacheck mode text for ASCII-mode LISTings 2015-12-24 14:48:36 +01:00
Marc Hoersken
08554dff65 tests 400,403,406: use datacheck mode text for ASCII-mode LISTings 2015-12-24 14:22:26 +01:00
Marc Hoersken
7bf5f6e054 sockfilt.c: fix calculation of sleep timeout on Windows
Not converting to double caused small timeouts to be skipped.
2015-12-23 15:04:02 +01:00
Marc Hoersken
520bd9e49f tests first.c: fix calculation of sleep timeout on Windows
Not converting to double caused small timeouts to be skipped.
2015-12-23 15:03:40 +01:00
Marc Hoersken
24cf20ec68 test 573: add more debug output 2015-12-23 15:02:43 +01:00
Marc Hoersken
fcabed6cd8 test 16: fix on Linux (and Windows) by using plain ASCII characters
Follow up on b064ff0c35, thanks Daniel.
2015-12-23 13:35:36 +01:00
Marc Hoersken
18c95d4bc0 tftpd server: add Windows support by writing files in binary mode 2015-12-23 13:04:00 +01:00
Marc Hoersken
328771981a tests 252-255: use datacheck mode text for ASCII-mode LISTings 2015-12-23 12:49:40 +01:00
Marc Hoersken
b064ff0c35 test 16: fix on Windows by converting data file from ANSI to UTF-8 2015-12-23 12:41:52 +01:00
Marc Hoersken
5e0e81a9c4 test 1326: fix file check since curl is outputting binary data 2015-12-17 16:04:33 +01:00
Marc Hoersken
9e093f0e74 test 1326: fix getting stuck on Windows due to incomplete request
The request needs to be read and send in binary mode in order to use
CRLF instead of LF. Adding --upload-file - causes curl to read stdin
in binary mode.
2015-12-17 15:14:36 +01:00
Marc Hoersken
c3eeb526ae sockfilt.c: added some debug output to select_ws 2015-12-16 15:33:36 +01:00
Marc Hoersken
234abd9013 sockfilt.c: keep lines shorter than 80 chars 2015-12-16 15:33:13 +01:00
Marc Hoersken
f4646b9069 sockfilt.c: do not wait on unreliable file or pipe handle
The previous implementation caused issues on modern MSYS2 runtimes.
2015-12-16 15:32:31 +01:00
Daniel Stenberg
536f5f442e curl: use 2TLS by default
Make this the default for the curl tool (if built with HTTP/2 powers
enabled) unless a specific HTTP version is requested on the command
line.

This should allow more users to get HTTP/2 powers without having to
change anything.
2015-12-13 09:26:43 +01:00
Steve Holme
a62000ecc9 tests: Corrected copy and pasted comments from commit e643c5c908 2015-12-03 23:31:24 +00:00
Steve Holme
5eba895b4c test947: Corrected typo in test name 2015-12-02 23:45:29 +00:00
Steve Holme
e643c5c908 tests: Disable the OAUTHBEARER tests when using a non-default port number
Tests 842, 843, 844, 845, 887, 888, 889, 890, 946, 947, 948 and 949 fail
if a custom port number is specified via the -b option of runtests.pl.

Suggested by: Kamil Dudka
Bug: http://curl.haxx.se/mail/lib-2015-12/0003.html
2015-12-02 23:10:02 +00:00
Daniel Stenberg
facf2925c7 test1513: make sure the callback is only called once 2015-11-24 23:33:37 +01:00