960 Commits

Author SHA1 Message Date
Daniel Stenberg
c11c30a8c8 tests: test CRLF in URLs
Related to the security vulnerability: CVE-2012-0036

Bug: http://curl.haxx.se/docs/adv_20120124.html
2012-01-24 08:54:26 +01:00
Colin Hogben
5d70a61b94 Add two tests for telnet: URLs
Add simple telnet tests which (ab)use the http server.
The second test checks for an input file handling bug.
2012-01-18 22:20:33 +01:00
Daniel Stenberg
f1092b387e test: verify HTTP response code 308
This newly speced HTTP status code already works as intended in the new
spec:
http://greenbytes.de/tech/webdav/draft-reschke-http-status-308-02.html

Test 1325 is added to verify that the method is kept after the redirect
2012-01-14 16:34:59 +01:00
gsengun
d28411c3cc FTP: CURLE_PARTIAL_FILE should not cause control connection to be closed
Test 161 updated accordingly
2012-01-09 22:50:20 +01:00
Yang Tse
8ef7a5706e test1320 test1321: avoid User-Agent comparison 2012-01-04 19:34:52 +01:00
Daniel Stenberg
2f4a487a68 tests: test IMAP, POP3 and SMTP over HTTP proxy tunnel 2012-01-03 16:12:58 +01:00
Daniel Stenberg
82180643f4 test proxy supports CONNECT
There's a new 'http-proxy' server for tests that runs on a separate port
and lets clients do HTTP CONNECT to other ports on the same host to
allow us to test HTTP "tunneling" properly.

Test cases now have a <proxy> section in <verify> to check that the
proxy protocol part matches correctly.

Test case 80, 83, 95, 275, 503 and 1078 have been converted. Test 1316
was added.
2012-01-03 15:01:22 +01:00
Daniel Stenberg
207cf15032 changed case: use new host name for subsequent HTTP requests
When a HTTP connection is re-used for a subsequent request without
proxy, it would always re-use the Host: header of the first request. As
host names are case insensitive it would make curl send another host
name case that what the particular request used.

Now it will instead always use the most recent host name to always use
the desired casing.

Added test case 1318 to verify.

Bug: http://curl.haxx.se/mail/lib-2011-12/0314.html
Reported by: Alex Vinnik
2011-12-31 10:45:28 +01:00
Daniel Stenberg
3e4181f88e new test: verify --resolve
Test 1317 verifies --resolve (leaked memory)

Bug: http://curl.haxx.se/bug/view.cgi?id=3463121
Reported by: "tw84452852"
2011-12-23 14:46:20 +01:00
Gokhan Sengun
c834213ad5 FTP: perform active connections non-blocking
1- Two new error codes are introduced.

CURLE_FTP_ACCEPT_FAILED to be set whenever ACCEPTing fails because of
FTP server connected.

CURLE_FTP_ACCEPT_TIMEOUT to be set whenever ACCEPTing timeouts.

Neither of these errors are considered fatal and control connection
remains OK because it could just be a firewall blocking server to
connect to the client.

2- One new setopt option was introduced.

CURLOPT_ACCEPTTIMEOUT_MS

It sets the maximum amount of time FTP client is going to wait for a
server to connect. Internal default accept timeout is 60 seconds.
2011-12-20 20:30:02 +01:00
Daniel Stenberg
7b8590d1f5 curl -F: fix multiple file upload with custom type
Test case 1315 was added to verify this functionality. When passing in
multiple files to a single -F, the parser would get all confused if one
of the specified files had a custom type= assigned.

Reported by: Colin Hogben
2011-12-16 11:43:25 +01:00
Colin Hogben
9b185aac43 New test for multiple file upload
test 1315 checks correct behaviour when uploading multiple files.
Buggy behaviour has been seen where only two attachments are sent.
2011-12-16 11:39:53 +01:00
Gokhan Sengun
2b24dd870e multi interface: fix block when CONNECT_ONLY option is used 2011-12-07 15:37:05 +01:00
Daniel Stenberg
d5b5f64bce FTP: close callback fix
Keep track of which sockets that are the result of accept() calls and
refuse to call the closesocket callback for those sockets. Test case 596
now verifies that the open socket callback is called the same number of
times as the closed socket callback for active FTP connections.

Bug: http://curl.haxx.se/mail/lib-2011-12/0018.html
Reported by: Gokhan Sengun
2011-12-05 12:34:27 +01:00
Daniel Stenberg
088ba97a24 FTP: call opensocket callback properly
When the new socket is created for an active connection, it is now done
using the open socket callback.

Test case 596 was modified to run fine, although it hides the fact that
the close callback is still called too many times, as it also gets
called for closing sockets that were created with accept().
2011-12-05 11:42:10 +01:00
Daniel Stenberg
5971d401d4 test: verify the opensocket callback for FTP
test 595: for passive FTP
test 596: for active FTP
2011-12-04 23:10:12 +01:00
Daniel Stenberg
83350c9cc4 test 815: verify POP3 dot-first-on-line unescaping 2011-12-01 10:20:42 +01:00
Daniel Stenberg
af64666434 POP3: detect when LIST returns no mails
By making sure the function can detect an "end of body" sequence
immediately on the first line, test 811 is now enabled.
2011-11-29 13:43:46 +01:00
Daniel Stenberg
dda815b776 POP3: fix end of body detection
Curl_pop3_write() now has a state machine that scans for the end of a
POP3 body so that the CR LF '.' CR LF sequence can come in everything
from one up to five subsequent packets.

Test case 810 is modified to use SLOWDOWN which makes the server pause
between each single byte and thus makes the POP3 body get sent to curl
basically one byte at a time.
2011-11-29 00:25:21 +01:00
Daniel Stenberg
8d3efb6be0 test: added POP3 test with dot-prefixed line
Test 815 is disabled for now since libcurl currently doesn't unescape
such lines the way it should. See mail:

http://curl.haxx.se/mail/lib-2011-11/0324.html
2011-11-28 23:34:16 +01:00
Daniel Stenberg
71ce2470dc test 1211: FTP test to repeat bug #3429299
"Active FTP hangs if server does not open data connection"

The server first sends a 150 and then when libcurl waits for the data
transfer, the server sends a 425.
2011-11-25 23:15:58 +01:00
Daniel Stenberg
ac54d27d4b FTP tests 1206 - 1209: don't expect QUIT
The protocol parts for these tests do not include QUIT simply because
the error is CURLE_OPERATION_TIMEDOUT (28) which is a generic timeout
error without specificly saying for which connection it concerns, and
for timeouts libcurl marks the control channel as "invalid". As this
test case times out for the data connection it could still use the
control channel.
2011-11-25 22:49:49 +01:00
Jonas Schnelli
2c905fd1f8 query-part: ignore the URI part for given protocols
By setting PROTOPT_NOURLQUERY in the protocol handler struct, the
protocol will get the "query part" of the URL cut off before the data is
handled by the protocol-specific code. This makes libcurl adhere to
RFC3986 section 2.2.

Test 1220 is added to verify a file:// URL with query-part.
2011-11-24 23:31:19 +01:00
Daniel Stenberg
c532604b13 -J -O: use -O name if no Content-Disposition header comes!
A regression between 7.22.0 and 7.23.0 -- downloading a file with the
flags -O and -J results in the content being written to stdout if and
only if there was no Content-Disposition header in the http response. If
there is a C-D header with a filename attribute, the output is correctly
written.

Reported by: Dave Reisner
Bug: http://curl.haxx.se/mail/archive-2011-11/0030.html
2011-11-20 23:35:49 +01:00
Jonas Schnelli
c0db5ff678 test: SFTP quote commands with * prefix
Related to the f64812ca63 commit
2011-11-18 20:30:46 +01:00
Jonas Schnelli
f64812ca63 SFTP: support '*' prefix for quote operations
prefixing a command with '*' means it is allowed to fail without
aborting the chain actions
2011-11-18 16:04:52 +01:00
Yang Tse
082e8a3b03 Active mode FTP test cases with server not establishing data connection
591 -> FTP multi PORT and 425 on upload
592 -> FTP multi PORT and 421 on upload
593 -> FTP multi PORT upload, no data conn and no transient neg. reply
594 -> FTP multi PORT upload, no data conn and no positive prelim. reply

1206 -> FTP PORT and 425 on download
1207 -> FTP PORT and 421 on download
1208 -> FTP PORT download, no data conn and no transient negative reply
1209 -> FTP PORT download, no data conn and no positive preliminary reply
2011-11-11 19:46:44 +01:00
Daniel Stenberg
2c09d21fdf test 590: verify the bug fix in 4851dafcf1
This test is created to verify Rene Bernhardt's patch which makes sure
libcurl properly _not_ deals with Negotiate if not asked to even if the
proxy says it can serve it.
2011-11-06 17:28:28 +01:00
Yang Tse
692f344118 test 589: active FTP upload using multi timeout and EPRT disabled server 2011-10-26 18:57:14 +02:00
Daniel Stenberg
22502c9550 dist: add test 587
I created test 587 in commit 840eff44f2b but forgot to add the file to
the tarball. Added now.
2011-10-24 23:09:59 +02:00
Daniel Stenberg
39c6d18d9c test 588: verify active FTP with multi interface without EPRT
This is using the verbatim 525 test code but it disables EPRT in the
server and this should work just as well anyway.
2011-10-24 23:08:16 +02:00
Daniel Stenberg
f4405d30e0 FTP server: allow EPRT by default
EPRT is now supported by default by the server. To disable it, use the
generic REPLY instruction in the <servercmd> tag. Test 116 now has it
disabled. All other existing active FTP port tests strip out the port
commands from the logs already so the change of the server isn't that
noticable.
2011-10-24 23:07:53 +02:00
Daniel Stenberg
515f11e79b large headers: have curl accept >16K headers
As commit 5850cc4808ab clarifies, libcurl can deliver header lines that
are longer than CURL_MAX_WRITE_SIZE, only body data is limited to that
size. The curl tool has check (when built debug-enabled) that made the
wrong checks and this new test 1205 verifies that larger headers work.
2011-10-24 17:28:41 +02:00
Dan Fandrich
d67b75c9f9 Added some missing test case XML tags and keywords 2011-10-21 13:33:40 -07:00
Yang Tse
629d2e3450 multi tests: OOM handling fixes
Additionally, improved error checking and logging.
2011-10-21 16:52:14 +02:00
Daniel Stenberg
ff0a295cdb Curl_http_input_auth: handle multiple auths in WWW-Authenticate
The fix is pretty much the one Nick Zitzmann provided, just edited to do
the right indent levels and with test case 1204 added to verify the fix.

Bug: http://curl.haxx.se/mail/lib-2011-10/0190.html
Reported by: Nick Zitzmann
2011-10-20 13:12:02 +02:00
Daniel Stenberg
840eff44f2 formdata: ack read callback abort
When doing a multipart formpost with a read callback, and that callback
returns CURL_READFUNC_ABORT, that return code must be properly
propagated back and handled accordingly. Previously it would be handled
as a zero byte read which would cause a hang!

Added test case 587 to verify. It uses the lib554.c source code with a
small ifdef.

Reported by: Anton Bychkov
Bug: http://curl.haxx.se/mail/lib-2011-10/0097.html
2011-10-16 01:09:56 +02:00
Yang Tse
1958fe5745 test harness: non-stunnel https server integration overhaul 2011-10-06 20:26:42 +02:00
Daniel Stenberg
e9cf4cb791 test 814: smtp without --mail-from
Verifies the fix from commit 322f3d5af7093
2011-09-21 22:32:27 +02:00
Daniel Stenberg
81b41095ef Curl_follow: handle redirects to "//hostname/path" 2011-09-20 11:16:40 +02:00
warp kawada
aff70e2e95 Curl_add_custom_headers: support headers with no data
A custom HTTP header ending in a semicolon instead of a colon
will be treated as a header to be added without any data
portion.
2011-09-13 16:17:21 -07:00
Yang Tse
f764da8afb test case 583: ensure that test failures don't go unnoticed 2011-09-06 17:56:39 +02:00
Yang Tse
eb44ac0138 test suite: use test case specific netrc file names 2011-09-05 12:39:50 +02:00
Yang Tse
b976d108f1 NTLM_WB: final congruency naming adjustments
Configure script option --enable-wb-ntlm-auth renamed to --enable-ntlm-wb
Configure script option --disable-wb-ntlm-auth renamed to --disable-ntlm-wb

Preprocessor symbol WINBIND_NTLM_AUTH_ENABLED renamed to NTLM_WB_ENABLED
Preprocessor symbol WINBIND_NTLM_AUTH_FILE renamed to NTLM_WB_FILE

Test harness env var CURL_NTLM_AUTH renamed to CURL_NTLM_WB_FILE

Static function wb_ntlm_close renamed to ntlm_wb_cleanup
Static function wb_ntlm_initiate renamed to ntlm_wb_init
Static function wb_ntlm_response renamed to ntlm_wb_response
2011-08-27 06:31:18 +02:00
Yang Tse
b4f6319cf7 NTLM single-sign on adjustments (XI)
Feature string literal NTLM_SSO renamed to NTLM_WB.
Preprocessor symbol USE_NTLM_SSO renamed to WINBIND_NTLM_AUTH_ENABLED.
curl's 'long' option 'ntlm-sso' renamed to 'ntlm-wb'.
Fix some comments to make clear that this is actually a NTLM delegation.
2011-08-27 01:33:35 +02:00
Daniel Stenberg
7b054a42aa test573: fix the keywords 2011-08-19 00:15:37 +02:00
Daniel Stenberg
ef2059a44c test572: fixed
Two problems were fixed:

GET_PARAMETER responses that have no body must be 204 response or
properly set length to 0.

One of the <data> sections had the wrong content-length for its
GET_PARAMETER response.

Enabled test 572 again.
2011-08-15 22:40:28 +02:00
Yang Tse
6a7ce5cc76 tests: disable #572 2011-08-15 00:20:32 +02:00
Daniel Stenberg
7c21c1c4f9 cookie parser: handle 'secure='
There are two keywords in cookie headers that don't follow the regular
name=value style: secure and httponly. Still we must support that they
are written like 'secure=' and then treat them as if they were written
'secure'. Test case 31 was much extended by Rob Ward to test this.

Bug: http://curl.haxx.se/bug/view.cgi?id=3349227
Reported by: "gnombat"
2011-08-09 14:02:05 +02:00
Daniel Stenberg
45d883d88d CURLFORM_BUFFER: insert filename as documented
A regression where CURLFORM_BUFFER stopped to properly insert the file
name part in the formpart. Bug introduced in commit f851f768578dc096.

Added CURLFORM_BUFFER use to test 554 to verify this.

Bug: http://curl.haxx.se/mail/lib-2011-07/0176.html
Reported by: Henry Ludemann
2011-08-08 18:45:03 +02:00