Our test servers run either on ipv4 *or* on ipv6, as requested.
A test case using 'localhost' or '*.local' in the url needs to
run with the specific version of the server started.
Otherwise, curl's "happy eyeball"ing will connect to another
server that may be running due to parallel testing or for some
other reasons.
Note that port reuse here depends on the OS strategy and it
seems netbsd is especially likely to hit this.
Closes#15060
The threee tags `<name>`, `</name>` and `<command>` were frequently used
with a leading space that this removes. The reason this habbit is so
widespread in testcases is probably that they have been copy and pasted.
Hence, fixing them all now might curb this practice from now on.
Closes#12028
Adds Schannel variants of SSLpinning tests that include the option
--ssl-revoke-best-effort to ignore certificate revocation check
failures which is required due to our custom test CA certificate.
Disable the original variants if the Schannel backend is enabled.
Also skip all IDN tests which are broken while using an msys shell.
This is a step to simplify test exclusions for Windows and MinGW.
Reviewed-by: Jay Satiro
Reviewed-by: Marcel Raad
Reviewed-by: Daniel Stenberg
Closes#7968
missing CRs and modified %hostip
lib556/test556: use a real HTTP version to make test reuse more convenient
make sure the weekday in Date headers matches the date
test61: replace stray "^M" (5e 4d) at the end of a cookie with a '^M' (0d)
Gets the test working with external proxies like Privoxy again.
Closes#6463
Option --pinnedpubkey takes a path to a public key in DER format and
only connect if it matches (currently only implemented with OpenSSL).
Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt().
Extract a public RSA key from a website like so:
openssl s_client -connect google.com:443 2>&1 < /dev/null | \
sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \
| openssl rsa -pubin -outform DER > google.com.der
