A new error code to be used when an internal field grows too large, like
when a dynbuf reaches its maximum. Previously it would return
CURLE_OUT_OF_MEMORY for this, which is highly misleading.
Ref: #12268Closes#12269
It is hard to name the scripts sensibly. Lots of them are similarly
named and the name did not tell which test that used them.
The new approach is rather to name them based on the test number that
runs them. Also helps us see which scripts are for individual tests
rather than for general test infra.
- badsymbols.pl -> test1167.pl
- check-deprecated.pl -> test1222.pl
- check-translatable-options.pl -> test1544.pl
- disable-scan.pl -> test1165.pl
- error-codes.pl -> test1175.pl
- errorcodes.pl -> test1477.pl
- extern-scan.pl -> test1135.pl
- manpage-scan.pl -> test1139.pl
- manpage-syntax.pl -> test1173.pl
- markdown-uppercase.pl -> test1275.pl
- mem-include-scan.pl -> test1132.pl
- nroff-scan.pl -> test1140.pl
- option-check.pl -> test1276.pl
- options-scan.pl -> test971.pl
- symbol-scan.pl -> test1119.pl
- version-scan.pl -> test1177.pl
Closes#12487
To help users better understand where the URL (and denied scheme) comes
from. Also removed "in libcurl" from the message, since the disabling
can be done by the application.
The error message now says "not supported" or "disabled" depending on
why it was denied:
Protocol "hej" not supported
Protocol "http" disabled
And in redirects:
Protocol "hej" not supported (in redirect)
Protocol "http" disabled (in redirect)
Reported-by: Mauricio Scheffer
Fixes#12465Closes#12469
char variables if unspecified can be either signed or unsigned depending
on the platform according to the C standard; in most platforms, they are
signed.
This meant that the *i<32 waas always true for bytes with the top bit
set. So they were always getting encoded as \uXXXX, and then since they
were also signed negative, they were getting extended with 1s causing
'\xe2' to be expanded to \uffffffe2, for example:
$ curl --variable 'v=“' --expand-write-out '{{v:json}}\n' file:///dev/null
\uffffffe2\uffffff80\uffffff9c
I fixed this bug by making the code use explicitly unsigned char*
variables instead of char* variables.
Test 268 verifies
Reported-by: iconoclasthero
Closes#12434
The script errorcodes.pl extracts all error codes from all headers and
checks that they are all documented, then checks that all documented
error codes are also specified in a header file.
Closes#12424
When the config file parser detects a word that *probably* should be
quoted, mention double-quotes as a possible remedy.
Test 459 verifies.
Proposed-by: Jiehong on github
Fixes#12409Closes#12412
Use the closure handle for disconnecting connection cache entries so
that anything that happens during the disconnect is not stored and
associated with the 'data' handle which already just finished a transfer
and it is important that details from the unrelated disconnect does not
taint meta-data in the data handle.
Like storing the response code.
This also adjust test 1506. Unfortunately it also removes a key part of
the test that verifies that a connection is closed since when this
output vanishes (because the closure handle is used), we don't know
exactly that the connection actually gets closed in this test...
Reported-by: ohyeaah on github
Fixes#12367Closes#12405
This PR has these changes:
Renaming of unencode_* to cwriter, e.g. client writers
- documentation of sendf.h functions
- move max decode stack checks back to content_encoding.c
- define writer phase which was used as order before
- introduce phases for monitoring inbetween decode phases
- offering default implementations for init/write/close
Add type paramter to client writer's do_write()
- always pass all writes through the writer stack
- writers who only care about BODY data will pass other writes unchanged
add RAW and PROTOCOL client writers
- RAW used for Curl_debug() logging of CURLINFO_DATA_IN
- PROTOCOL used for updates to data->req.bytecount, max_filesize checks and
Curl_pgrsSetDownloadCounter()
- remove all updates of data->req.bytecount and calls to
Curl_pgrsSetDownloadCounter() and Curl_debug() from other code
- adjust test457 expected output to no longer see the excess write
Closes#12184
Previously just ipfs://<cid> and ipns://<cid> was supported, which is
too strict for some usecases.
This patch allows paths and query arguments to be used too.
Making this work according to normal http semantics:
ipfs://<cid>/foo/bar?key=val
ipns://<cid>/foo/bar?key=val
The gateway url support is changed.
It now only supports gateways in the form of:
http://<gateway>/foo/bar
http://<gateway>
Query arguments here are explicitly not allowed and trigger an intended
malformed url error.
There also was a crash when IPFS_PATH was set with a non trailing
forward slash. This has been fixed.
Lastly, a load of test cases have been added to verify the above.
Reported-by: Steven Allen
Fixes#12148Closes#12152
Finding a 'Content-Range:' in the response changed the handling.
Add test case 1475 to verify -C - with 416 and Content-Range: header,
which is almost exactly like test 194 which instead uses a fixed -C
offset. Adjusted test 194 to also be considered fine.
Fixes#10521
Reported-by: Smackd0wn
Fixes#12174
Reported-by: Anubhav Rai
Closes#12176
Python precheck/postcheck alternatives were included but commented out.
Since these are not used and perl is guaranteed to be available to run
the perl versions anyway, the Python ones are removed.
Prior to this change the state machine attempted to change the remote
resolve to a local resolve if the hostname was longer than 255
characters. Unfortunately that did not work as intended and caused a
security issue.
Bug: https://curl.se/docs/CVE-2023-38545.html
The test otherwise could do just about anything (except leak memory in
debug mode) and its bad behaviour wouldn't be detected. Now, check the
resulting cookie file to ensure the cookies are still there.
Closes#12041
Use the test macros to automatically propagate some errors, and check
and log others while running the tests. This can help in debugging
exactly why a test has failed.
On an overloaded server, the default 1 second timeout can go by without
the test server having a chance to respond with the expected headers,
causing tests to fail. Increase the 1 second timeout to 99 seconds so
this failure mode is no longer a problem on test 1129. Some other tests
already set a high value, but make them consistently 99 seconds so if
something goes wrong the test is stalled for less time.
Ref: #11328
The threee tags `<name>`, `</name>` and `<command>` were frequently used
with a leading space that this removes. The reason this habbit is so
widespread in testcases is probably that they have been copy and pasted.
Hence, fixing them all now might curb this practice from now on.
Closes#12028
- ipfs://<cid>
- ipns://<cid>
This allows you tu use ipfs in curl like:
curl ipfs://<cid>
and
curl ipns://<cid>
For more information consult the readme at:
https://curl.se/docs/ipfs.htmlCloses#8805
If uname -r returns something odd, perl could return an error code and
the test would be erroneously skipped. The qx// syntax avoid this.
Followup to 08f9b2148
These kernels only send a fraction of the requested amount of the first
large block, invalidating the assumptions of the test and causing it to
fail.
Assisted-by: Christian Weisgerber
Ref: https://curl.se/mail/lib-2023-09/0021.htmlCloses#11888
Generate alphanumerical random strings.
Prior this change curl used to create random hex strings. This was
mostly okay, but having alphanumerical random strings is better: The
strings have more entropy in the same space.
The MIME multipart boundary used to be mere 64-bits of randomness due
to being 16 hex chars. With these changes the boundary is 22
alphanumerical chars, or little over 130 bits of randomness.
Closes#11838
This test relies on the IPv6 scope field being ignored when connecting to
ipv6-localhost (i.e. [::1%259999] is treated as [::1]). Maybe this is a bit
dodgy, but it works on all our test platforms except Windows. This
test was disabled manually on all Windows CI builds already, so instead
add an incompatible feature and precheck so it's skipped on Windows
everywhere automatically.
This test is designed to connect to the server, then immediately send a
few bytes and disconnect. In some situations, such as on a loaded
server, this doesn't give the server enough time to write its lock file
before its existence is checked. The test harness then fails to find the
server's input log file (because it hasn't been written yet) and fails
the test. By adding a short delay after the test, the HTTP server has
enough time to write its lock file which gives itself more time to write
its remaining files.
Ref: #11328
These tests reduce the server lock wait timeout which can increase
flakiness on loaded machines. Since this is merely an optimization,
eliminate them in favour of reliability.
Ref: #11328
These tests can fail when the test machine is so slow that the test HTTP
server didn't get a chance to complete before the client's one second
100-continue timeout triggered. Increase that 1 second to 999 seconds so
this situation doesn't happen.
Ref: #11328
These are ones likely to fail on heavily-loaded machines that alter the
normal test timing. Most of these tests already had the flaky keyword
since this condition makes them more likely to fail on CI.
These tests are run in SLOWDOWN mode which adds a 10 msec delay after
each character output, which means it takes at least 1.6 seconds (and
320 kernel calls) just to get through the long welcome banner. On an
overloaded system, this can end up taking much more than 1.6 seconds,
and even more than the 7 or 16 second curl timeout that the tests rely
on, causing them to fail. Reducing the size of the welcome banner drops
the total number of characters sent before the transfer starts by more
than half, which reduces the opportunity for test-breaking slowdowns by
the same amount.
Ref: #11328
- Handle user headers in format 'name:' and 'name;' with no value.
The former is used when the user wants to remove an internal libcurl
header and the latter is used when the user actually wants to send a
no-value header in the format 'name:' (note the semi-colon is converted
by libcurl to a colon).
Prior to this change the AWS header import code did not special case
either of those and the generated AWS SignedHeaders would be incorrect.
Reported-by: apparentorder@users.noreply.github.com
Ref: https://curl.se/docs/manpage.html#-H
Fixes https://github.com/curl/curl/issues/11664
Closes https://github.com/curl/curl/pull/11668
