| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Enabled test 206
Closes #7888
|
|
|
|
| |
Closes #7866
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to check the actual code better, checksrc now ignores
everything that look like preprocessor instructions. It also means
that code in macros are now longer checked.
Note that some rules then still don't need to be followed when code is
exactly below a cpp instruction.
Removes two checksrc exceptions we needed previously because of
preprocessor lines being checked.
Reported-by: Marcel Raad
Fixes #7863
Closes #7864
|
|
|
|
|
|
|
|
|
| |
... to let curl_easy_escape() itself do the strlen. This avoids a (false
positive) Coverity warning and it avoids us having to store the strlen()
return value in an int variable.
Reviewed-by: Daniel Gustafsson
Closes #7862
|
| |
|
|
|
|
|
|
|
|
|
| |
User sets the post fields size for binary data. Hence, we should not be
using strlen on it.
Added test 1937 and 1938 to verify.
Closes #7844
|
|
|
|
|
|
|
|
|
| |
- Free the allocated http request struct on cleanup.
Prior to this change if sws was built with leak sanitizer it would
report a memory leak error during testing.
Closes https://github.com/curl/curl/pull/7849
|
|
|
|
| |
Closes #7802
|
|
|
|
|
|
|
|
| |
It uses revoked.badssl.com which now is expired and therefor this now
permafails. We should not use external sites for tests, this test should
be converted to use our own infra.
Closes #7845
|
|
|
|
|
|
|
|
|
|
|
| |
Report ignore tests separately from the actual fails.
Don't exit non-zero if test servers couldn't get killed.
Assisted-by: Jay Satiro
Fixes #7818
Closes #7841
|
|
|
|
| |
Follow-up to 8758a26f8878
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The host name is stored decoded and can be encoded when used to extract
the full URL. By default when extracting the URL, the host name will not
be URL encoded to work as similar as possible as before. When not URL
encoding the host name, the '%' character will however still be encoded.
Getting the URL with the CURLU_URLENCODE flag set will percent encode
the host name part.
As a bonus, setting the host name part with curl_url_set() no longer
accepts a name that contains space, CR or LF.
Test 1560 has been extended to verify percent encodings.
Reported-by: Noam Moshe
Reported-by: Sharon Brizinov
Reported-by: Raul Onitza-Klugman
Reported-by: Kirill Efimov
Fixes #7830
Closes #7834
|
|
|
|
|
|
|
|
|
|
| |
Make it easy to use the same set of test flags
throughout all current and future CI builds.
Reviewed-by: Jay Satiro
Follow up to #7690
Closes #7785
|
|
|
|
|
|
|
|
| |
Add test 367 to verify.
Reported-by: Rick Lane
Fixes #7819
Closes #7820
|
|
|
|
|
|
|
|
|
| |
... and close connections that are too old instead of reusing them.
By default, this behavior is disabled.
Bug: https://curl.se/mail/lib-2021-09/0058.html
Closes #7751
|
|
|
|
|
|
|
|
| |
Adjust the description position to make an aligned column when doing
help listings, which is more pleasing to the eye.
Suggested-by: Gisle Vanem
Closes #7792
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
tool_listhelp.c is now a separate file with only the command line --help
output, exactly as generated by gen.pl. This makes it easier to generate
updates according to what's in the docs/cmdline-opts docs.
cd $srcroot/docs/cmdline-opts
./gen.pl listhelp *.d > $srcroot/src/tool_listhelp.c
With a configure build, this also works:
make -C src listhelp
Closes #7787
|
|
|
|
| |
And update 5 files with old copyright year range
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Triggered before a request is made but after a connection is set up
Changes:
- callback: Update docs and callback for pre-request callback
- Add documentation for CURLOPT_PREREQDATA and CURLOPT_PREREQFUNCTION,
- Add redirect test and callback failure test
- Note that the function may be called multiple times on a redirection
- Disable new 2086 test due to Windows weirdness
Closes #7477
|
|
|
|
|
|
|
|
|
|
| |
- file://host.name/path/file.txt is a valid UNC path
\\host.name\path\files.txt to a non-local file transformed into URI
(RFC 8089 Appendix E.3)
- UNC paths on other OSs must be smb: URLs
Closes #7366
|
|
|
|
|
|
|
|
|
|
| |
Add curl_url_strerror() to convert CURLUcode into readable string and
facilitate easier troubleshooting in programs using URL API.
Extend CURLUcode with CURLU_LAST for iteration in unit tests.
Update man pages with a mention of new function.
Update example code and tests with new functionality where it fits.
Closes #7605
|
|
|
|
|
|
|
| |
Added support for SHA256 fingerprint in command line curl and in
libcurl.
Closes #7646
|
|
|
|
|
|
|
| |
Constify a number of static structs that are never modified. Make them
const to show this.
Closes #7759
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "content" is delivered as "body" by curl, but the envelope continues
after the body and the rest of it should be delivered as header.
The IMAP server can now get 'POSTFETCH' set to include more data to
include after the body and test 897 is done to verify that such "extra"
header data is in fact delivered by curl as header.
Ref: #7284 but fails to reproduce the issue
Closes #7748
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the "reason phrase" in the HTTP status line starts with a digit,
that was treated as the forth response code digit and curl would claim
the response to be non-compliant.
Added test 1466 to verify this case.
Regression brought by 5dc594e44f73b17
Reported-by: Glenn de boer
Fixes #7738
Closes #7739
|
|
|
|
|
|
|
|
|
|
| |
... and have CURLE_ABORTED_BY_CALLBACK returned.
Extended test 1915 to verify.
Reported-by: Jonathan Cardoso
Fixes #7726
Closes #7729
|
|
|
|
|
|
|
|
|
| |
The test should be fine and it works for me repeated when run manually,
but clearly it causes CI failures and it needs more research.
Reported-by: RiderALT on github
Fixes #7725
Closes #7732
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
... by not using options with no argument where an argument is required:
=== Start of file tests/log/ssh_server.log
curl_sshd_config line 6: no argument after keyword "DenyGroups"
curl_sshd_config line 7: no argument after keyword "AllowGroups"
curl_sshd_config line 10: Deprecated option AuthorizedKeysFile2
curl_sshd_config line 29: Deprecated option KeyRegenerationInterval
curl_sshd_config line 39: Deprecated option RhostsRSAAuthentication
curl_sshd_config line 40: Deprecated option RSAAuthentication
curl_sshd_config line 41: Deprecated option ServerKeyBits
curl_sshd_config line 45: Deprecated option UseLogin
curl_sshd_config line 56: no argument after keyword "AcceptEnv"
curl_sshd_config: terminating, 3 bad configuration options
=== End of file tests/log/ssh_server.log
=== Start of file log/sftp_server.log
curl_sftp_config line 33: Unsupported option "rhostsrsaauthentication"
curl_sftp_config line 34: Unsupported option "rsaauthentication"
curl_sftp_config line 52: no argument after keyword "sendenv"
curl_sftp_config: terminating, 1 bad configuration options
Connection closed.
Connection closed
=== End of file log/sftp_server.log
Closes #7724
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When setting a blank expire string, meaning unlimited, curl would pass
TIME_T_MAX to getime_r() when creating the output, while on 64 bit
systems such a large value cannot be convetered to a tm struct making
curl to exit the loop with an error instead. It can't be converted
because the year it would represent doesn't fit in the 'int tm_year'
field!
Starting now, unlimited expiry is instead handled differently by using a
human readable expiry date spelled out as "unlimited" instead of trying
to use a distant actual date.
Test 1660 and 1915 have been updated to help verify this change.
Reported-by: Jonathan Cardoso
Fixes #7720
Closes #7721
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a server pipelines future responses within the STARTTLS response, the
former are preserved in the pingpong cache across TLS negotiation and
used as responses to the encrypted commands.
This fix detects pipelined STARTTLS responses and rejects them with an
error.
CVE-2021-22947
Bug: https://curl.se/docs/CVE-2021-22947.html
|
|
|
|
|
|
|
|
|
|
|
|
| |
In imap and pop3, check if TLS is required even when capabilities
request has failed.
In ftp, ignore preauthentication (230 status of server greeting) if TLS
is required.
Bug: https://curl.se/docs/CVE-2021-22946.html
CVE-2021-22946
|
|
|
|
|
|
|
|
|
|
|
|
| |
It should not refer to the uagent string that is allocated and created
for the end server http request, as that pointer may be cleared on
subsequent CONNECT requests.
Added test case 1184 to verify.
Reported-by: T200proX7 on github
Fixes #7705
Closes #7707
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's try to actually handle the server unexpectedly alive
case by first making them visible on CI builds as failures.
This is needed to detect issues with killing of the test
servers completely including nested process chains with
multiple PIDs per test server (including bash and perl).
On Windows/cygwin platforms this is especially helpful with
debugging PID mixups due to cygwin using its own PID space.
Reviewed-by: Daniel Stenberg
Closes #7180
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If Retry-After: specifies a period that is longer than what fits within
--retry-max-time, then stop retrying immediately.
Added test 366 to verify.
Reported-by: Kari Pahula
Fixes #7675
Closes #7676
|
|
|
|
|
|
|
| |
... that they refer to actual existing libcurl options.
Reviewed-by: Daniel Gustafsson
Closes #7656
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In every libcurl option man page there are now 8 mandatory sections that
must use the right name in the correct order and test 1173 verifies
this. Only 14 man pages needed adjustments.
The sections and the order is as follows:
- NAME
- SYNOPSIS
- DESCRIPTION
- PROTOCOLS
- EXAMPLE
- AVAILABILITY
- RETURN VALUE
- SEE ALSO
Reviewed-by: Daniel Gustafsson
Closes #7656
|
|
|
|
|
|
|
|
|
| |
Extended manpage-syntax.pl (run by test 1173) to check that every man
page for a libcurl option has an EXAMPLE section that is more than two
lines. Then fixed all errors it found and added examples.
Reviewed-by: Daniel Gustafsson
Closes #7656
|
|
|
|
|
|
|
|
|
|
|
|
| |
Regression. In d6a37c23a3c (7.75.0) we removed the duplicated storage
(connection + easy handle), so this info needs be extracted again even
for re-used connections.
Add test 435 to verify
Reported-by: Max Dymond
Fixes #7660
Closes #7662
|
|
|
|
|
|
|
|
|
|
| |
By making them look less like http headers, the hyper mode "tweak"
doesn't interfere.
Enable test 2002 and 2003 in hyper builds (and 1280 which is unrelated
but should be enabled).
Closes #7658
|
| |
|
|
|
|
|
| |
Fixes #7643
Closes #7649
|
|
|
|
|
|
|
|
|
|
| |
Make the built-in HTTP parser behave similar to hyper and reject any
HTTP response using more than 3 digits for the response code.
Updated test 1432 accordingly.
Enabled test 1432 in the hyper builds.
Closes #7641
|
|
|
|
| |
Closes #7639
|
|
|
|
| |
Closes #7638
|
|
|
|
|
|
| |
Enable test 1074
Closes #7617
|
|
|
|
|
|
| |
Enable test 1130 and 1131
Closes #7616
|
|
|
|
|
|
|
| |
This fixes running tests in virtualenvs (or on distros) that no longer
have a symlink from python to python2 or python3.
Closes #7602
|
|
|
|
| |
Closes #7612
|
|
|
|
|
|
|
|
|
|
|
| |
Since this option is also used for FTP, it needs to work to set for
applications even if hyper doesn't support it for HTTP. Verified by test
1137.
Updated docs to specify that the option doesn't work for HTTP when using
the hyper backend.
Closes #7614
|