To allow running pytests on more curl configurations.
Also delete a redundant H3 feature check from test_17_14_expired_cert.
Cherry-picked from #19407Closes#19412
A regression in curl 8.17.0 led to a customer CAPATH set by the
application (or the curl command) to be ignored unless licurl was built
with a default CAPATH.
Add test cases using `--capath` on the custom pytest CA, generated with
the help of the openssl command when available.
Fixes#19401
Reported-by: Brad King
Closes#19308
curl is for transfers so disabling all protocols has to be a mistake.
Previously it would allow this to get set (even if curl_easy_setopt()
returns an error for it) and then let libcurl return error instead.
Updated 1474 accordingly.
Closes#19388
There is no more mixed-newline file in the repository after this patch.
Except for`.bat` and `.sln` files (4 in total), all files use LF
newlines.
Also:
- `spacecheck.pl`: drop mixed-EOL exception for test data.
- runtests: add option `-w` to check if test data has stray CR bytes in
them.
- build: enable the option above in test targets, except the CI-specific
one where `spacecheck.pl` does this job already.
- tested OK (with expected failures) in CI with stray CRs added.
- cmake: enable option `-a` for the `tests` target. To continue testing
after a failed test.
Follow-up to 63e9721b63#19313
Follow-up to 6cf3d7b1b1#19318
Follow-up to 4d2a05d3fe#19284Closes#19347
Use the %VERSION instead. The user-agent stripping was introduced at the
time before we had %VERSION (introduced in e6b21d4). The tests would
then remove the user-agent header to make them possible to be compared
in a version independent way.
Fixes#19355
Reported-by: Stefan Eissing
Closes#19356
- `reply/data*`, `verify/stdout`, `verify/stderr`, `verify/file*`,
`verify/proxy`:
- make `crlf="yes"` force CRLF to all lines, instead of just applying
to HTTP protocol headers.
- add support for `crlf="headers"` that only converts HTTP protocol
header lines to CRLF. (previously done via `crlf="yes"`.)
- use `crlf="headers"` where possible.
- `reply/connect*`:
- add support for `crlf="yes"` and `crlf="headers"`.
- use them where possible.
- `client/file*`, `client/stdin`:
- add support for `crlf="yes"`.
- use it where possible.
- `reply/data*`, `verify/protocol`:
- replace existing uses of `crlf="yes"` with `crlf="headers`" where it
does not change the result.
Reducing the number of `tests/data/test*`:
- CRLF newlines from 10295 to 1985. (119985 lines total)
- files with mixed newlines from 656 to 113. (1890 files total)
After this patch there remain 141 sections with mixed newlines, where
the mixing is not split between headers/non-headers. There is no obvious
pattern here. Some of the CRLF uses might be accidental, or
non-significant. They will be tackled in a future patch.
Follow-up to 6cf3d7b1b1#19318
Follow-up to 4d2a05d3fe#19284Closes#19313
The test FTP server returned LF newlines for 227/229 replies, instead of
the CRLF used for the rest.
Test data added later were explicitly made to expect an LF in these
response lines.
After this patch the FTP server returns CRLF newlines, allowing
to delete this special case in test data.
Follow-up to 3bfff57e1f
Follow-up to a7937ed49cCloses#19330
Test 696 and 556 share the same libtest code. Make sure to issue
the `GET` request to the correct runtime test number instead of using
the hard-wired "556".
It makes the `sws` test server read the response string from `test696`
`<data>` section, instead of reading it from `test556`. To avoid this
hidden interaction between test data.
AFAICS there is no other similar hard-coded string in reused libtests.
Ref: https://github.com/curl/curl/pull/19313#issuecomment-3477448933
Follow-up to be82a3605a#16003Closes#19329
- fix regex to not catch CR (from CRLF), in `PORT`, `EPRT`
commands, allowing to use `crlf="yes"` more.
- add `crlf="headers"` mode for `protocol` sections.
To call `subnewlines()` without its force option.
This is the mode used in `data` sections when `crlf="yes"`.
(This confusion may be subject to a future commit.)
- subnewlines: apply CRLF to `HEAD` and `CONNECT` HTTP requests.
- subnewlines: apply CRLF to RTSP requests.
- delete remaining empty `protocol` sections.
Reducing the number of `tests/data/test*`:
- CRLF newlines from 11325 to 10295. (119984 lines total)
- files with mixed newlines from 707 to 656. (1890 files total)
Follow-up to 4d2a05d3fe#19284Closes#19318
When the target host is on a different port than 443, the name
"_[port]._https.[name]" shall be used.
Fixes#19301
Reported-by: Gunni on github
Closes#19324
- add global init and deinit where missing.
- check global init success.
- improve cleaning up on error codepaths.
- drop `CLI_ERR()` macro, that could quit.
Also make error messages tell the reason.
Closes#19309
To make them explicit, visible, avoid being accidentally trimmed.
Also prevents Git warnings, e.g. on `git am`.
Also:
- runtests: add support for `%spc%` and `%tab%` macros.
- test59: delete non-significant line-ending space.
- spacecheck.pl: drop line-ending whitespace exception for tests.
Closes#19300
To make special newlines more explicit and visible.
Mostly in `<protocol>` sections, some in `<data*>` and `<upload>`.
Reducing the number of `tests/data/test*`:
- CRLF newlines from 21535 to 11337.
- files with mixed newlines from 1335 to 707.
Also delete empty `<protocol>` sections.
Closes#19284
Also:
- tests/libtest/cli_h2_serverpush: re-sync formatting.
Previously fixed in tests based on a local clang-tidy v20 report.
Pointed out by TIOBE scanner via Coverity 2025.3.0.
Follow-up to 83a8818cfe#17706Closes#19291
Custom IMAP commands using -X (e.g. 'FETCH 123 BODY[1]') were only
returning the first line of responses containing literals, instead of
the full multi-line body data.
The issue was that custom commands route through imap_perform_list()
and imap_state_listsearch_resp(), which didn't detect or handle IMAP
literal syntax {size}.
This commit adds literal detection to imap_state_listsearch_resp():
- Detects literal syntax {size} in untagged responses
- Writes the response header line containing the literal marker
- Handles any literal body data already in the pingpong buffer
- Sets up transfer layer to read remaining literal data from socket
- Configures maxdownload and transfer size to include header + body
- Initializes pp->overflow to 0 when no buffered data present
- Modifies imap_done() to transition to FETCH_FINAL for custom
commands that set up downloads
Test 841 and 3206 verify.
Fixes#18847
Reported-by: BohwaZ
Bug: https://github.com/curl/curl/issues/18847Closes#19246
In pytests test_08 with the Caddy server, the new rate-limiting in
ngtcp2 did close the connection because it found "too many" stream data
packet repeats.
It is unclear if this is some Caddy issue or if the ngtcp2 implementaton
is wrong. Or if curl can do anything here.
Reported as https://github.com/ngtcp2/ngtcp2/issues/1850
This PR overwrites the ratelimit defaults in ngtcp2 with ten times
increased values. This makes the errors disappear on macOS.
Enable test_08_04/05 in CI again to see if there are any issues
to be found there. (We had those disabled before having parallel
pytests.)
Closes#19274
Change the test certificate to carry a altname 'dns:127.0.0.1' which
should *not* match in test_17_05_bad_ip_addr.
wolfSSL: since `wolfSSL_check_domain_name()` does not differentiate
between DNS and IP names, use if only for DNS names. For IP addresses,
get the peer certificate after the handshake and check that using
wolfSSL_X509_check_ip_asc().
Unfortunately, this succeeds where it should not, as wolfSSL internally
used the same check code for both cases. So, skip the test case until
wolfSSL fixes that.
Reported-by: Joshua Rogers
Closes#19252
- cryptography from 46.0.2 to 46.0.3 in /tests
- filelock from 3.19.1 to 3.20.0 in /tests
- psutil from 7.1.0 to 7.1.1 in /tests
Closes#19217Closes#19218Closes#19219
SMTP automatically appends a \n.\n to an upload if there is not already
one at the end of the input. The implementation had a bug where this did
not happen, depending on read size and buffering.
Change test 900 to reproduce the failure. The bug only happened for mail
body input of known length, where EOS was known on the last chunk read.
Change test 900 to use an input file and make it large enough.
Fixes#18798Closes#19193
Reported-by: madoe on github
When a reused connection did transfer 0 bytes, it assumed the transfer
had failed and needed a retry. Add a check for data->red.done, so we can
successfully accept the transfer of a 0-length file via SFTP.
Add test case 1583 to verfiy.
Fix SFTP disconnect debug trace when there was nothing to
disconnect (like when reusing a connection).
Fixes#19165
Reported-by: Alexander Blach
Closes#19189
The config file parser now has a maximum level of inclusions allowed (5)
to detect and prevent recursive inclusions of itself leading to badness.
Bonus: clean up return code handling from the config parser.
Test 774 verifies
Closes#19168
Unless it is identical to the previous one.
Follow-up to dbcaa00657
Adjusted test 580, added test 772 and 773
Fixes#19130
Reported-by: Jakub Stasiak
Closes#19134
It was mistakenly removed in 8dab7465a5 (shipped in 8.9.0)
Also fix test 1139 which should have detected this but didn't due to a
bad regex check.
Reported-by: Jonathan Cardoso
Fixes#19151Closes#119152
This function could previously accidentally return true and a NULL path
if only whitespace was provided as argument.
Also, make it stricter and do not allow CR or LF within the string.
Use more strparse parsing.
Drop the comment saying this is from OpenSSH as it has now been
rewritten since then.
Closes#19141
To make sure callers can properly differentiate between errors and know
cleanly when EOF happens. Updated all users and unit test 3200.
Triggered by a remark by ZeroPath
Closes#19140
