Runing the tests locally without valgrind test 518 and 537 would run
over their limits.
Plus init a variable in runtests.pl to avoid a warning output.
Closes#17919
Before this patch this test succeeded silently and unconditionally,
when run on an out-of-tree curl build.
Also fix to exit gracefully if no libcurl manuals are found.
Fixing:
```
readline() on closed filehandle $m at ../../tests/test1222.pl line 153.
```
Cherry-picked from #17877Closes#17892
Fix test 1175 by passing the source root directory (was: tests).
Before this patch this caused silent Perl warnings and returning success
without executing the tests, due to:
```
readline() on closed filehandle $f at ../../tests/test1175.pl line 55.
readline() on closed filehandle $f at ../../tests/test1175.pl line 39.
```
Running the test revealed these issues:
```
CURLE_FUNCTION_NOT_FOUND is not in libcurl-errors.md
CURLE_HTTP_POST_ERROR is not in libcurl-errors.md
CURLE_TELNET_OPTION_SYNTAX is not in libcurl-errors.md
CURLM_CALL_MULTI_SOCKET is not in libcurl-errors.md
```
Apply fixes:
- mark `CURLE_FUNCTION_NOT_FOUND` deprecated by 7.53.0
- mark `CURLE_HTTP_POST_ERROR` deprecated by 7.56.0
- mark `CURLE_TELNET_OPTION_SYNTAX` deprecated by 7.78.0
- document `CURLM_CALL_MULTI_SOCKET` as a synonym for
`CURLM_CALL_MULTI_PERFORM`
- test1477: exclude `CURLM_CALL_MULTI_SOCKET`.
But, these weren't officially deprecated. It may need more updates
to reflect that in other places, or fix the issues differently.
Follow-up to 66ec950004#12424
Follow-up to 74f441c6d3#4628
Cherry-picked from #17877Closes#17880
Use 'config' for pointing to a OperationConfig
Use 'global' for pointing to GlobalConfig
Bonus: add config_alloc(), an easier way to allocate + init a new
OperationConfig struct.
Closes#17888
The idea here is to set limits per test how many allocations and maximum
amount of memory it is allowed to use. This is a means to make sure the
number and total size of allocations are kept in check and don't
mistakenly "blow up".
If runtests.pl detects that the given limits have been exceeded it fails
the test case with an error.
The `<verify>` part now supports `<limits>`, and in this section two
limits can be set for each test (verified in debug builds only):
Allocations: [number of allocation calls]
Maximum allocated: [maximum concurrent memory allocated]
Default limits (used if nothing is set in the test file):
Allocations: 1000
Maximum allocated: 1000000
Closes#17821
This was spotted by Debian's lintian tool. It adds an informational
warning at every run, so my OCD was kicking in and I had to fix it :-)
Closes#17787
This test makes sure that a number of internal and public structs are
within their maximum allowed size limits.
The public structs can only grow in controlled ways, while the internal
ones may be allowed to grow if deemed right.
The idea here is to control, to know and make sure all important struct
growth is intentional.
Closes#17823
Replace the `libstubgss.so`-based overload solution with one built into
libcurl at compile-time.
The previous, `LD_PRELOAD`-based, solution was non-portable, allowlisted
for Linux, BSD and Solaris. It also required non-debug builds, which
turned out to be an accidental condition:
7d342c723c. It also required a curl tool
built against a shared libcurl. Detecting this condition wasn't always
accurate, e.g. with certain cmake configurations.
The overload solution also didn't work on macOS, though it theoretically
should have:
- #17653
- #2394
Experiments on making the overload solution work in more envs:
- #17759
That revealed that it also did not work on NetBSD, in CI.
The replacement solution is overloading the necessary GSS-API functions
for test 2056 and 2057 at compile time. It requires a debug-enabled curl
build (due to its insecure nature).
This makes these tests run on all platforms. Including most GSS jobs in
CI, that are running tests. (the exception is old-linux, non-debug jobs,
where it felt overkill to enable debug for this.)
The refactored GSS stub code needs to overload less than before because
it's free to use the official GSS API. (This didn't work with
the overload solution on Alpine for example). It can also use libcurl
functions, allowing to replace `snprintf()` with `msnprintf()`.
OS/400 is also overloading GSS API functions. I haven't tested how this
works after this PR. In theory it should, because this PR doesn't rely
on preprocessor overrides.
Note that for future GSS tests, it may be necessary to stub these GSS
API functions: `gss_inquire_context()`, `gss_unwrap()`, `gss_wrap()`.
They are on codepaths not (yet) touched by tests.
Also:
- stub-gss: check for token buffer overrun.
- stub-gss: replace size macros with `sizeof()`.
- GHA: enable debug for some jobs with GSS.
- GHA/linux: ignore results for 2056 and 2057 in the valgrind job.
They leak the same way as seen with 2077 and 2078.
Ref: 7020ba7979#17462
Ref: 146759716c#14430
- GHA/linux: fix to ignore `gss_import_name()` leaks in valgrind builds.
only.
- lib/vauth/krb5_gssapi: reduce variable scope.
- lib/vauth/spnego_gssapi: reduce variable scope.
- tests/libtest: drop code and build logic dealing with `libstubgss`.
- runtests:
- drop `ld_preload` feature.
- drop special handling of `LD_PRELOAD` env in tests.
- drop logic dealing with shared curl tool detection.
- drop `LD_PRELOAD` envs from tests.
Follow-up to 56d949d31a#1687Closes#17752
For consistency. RFC 3986 section 2.1 says:
"URI producers and normalizers should use uppercase hexadecimal digits
for all percent-encodings."
Reported-by: Jeroen Ooms
Fixes#17685Closes#17739
Make the <dns> tag in a test case control what is stored there. Also
documented. Make test 2102 and 2103 use the new tag.
Lets the test case config the A and AAAA contents the server replies
with. Initial work for the HTTPS RR exists, but does not yet work.
Closes#17543
Allow prequotes to be sent after curl has changed the working directory,
just before the listing command if the URL is a directory.
FTP state machine is updated with the new FTP_LIST_PREQUOTE state and
FTP_RETR_LIST_TYPE type.
Test 754 verifies
Fixes#8602Closes#17616
Used by test 2056 and 2057, in a way that's Linux- & autotools-specific.
This patch builds it for all Unix, syncing cmake with autotools.
Adapt the two tests to find the library in CMake builds as well.
Tested OK on Linux. (CI does not test this. The corresponding jobs build
in debug mode, while the `LD_PRELOAD` feature is locked to non-debug.)
On macOS it didn't load without building everything for aarch64e arch:
"../bld/tests/libtest/libstubgss.dylib' (mach-o file, but is
an incompatible architecture (have 'arm64', need 'arm64e'))"
With that fixed it still did not load correctly and/or the tests did not
pass. So, for macOS these tests remain disabled.
Also:
- GHA/macos: build for aarch64e. (recognized by Apple clang as of this
patch. llvm and gcc fall back to aarch64.)
Follow-up to 56d949d31a#1687Closes#17653
Background:
As part of my work on reproducible builds for openSUSE, I check that
software still gives identical build results in the future. The usual
offset is +16 years, because that is how long I expect some software
will be used in some places. This showed up failing tests in our package
build. See https://reproducible-builds.org/ for why this matters.
I tested that it passes on x86_64 in year 2041 and i586 in year 2037.
(but on i586, I got `TESTFAIL: These test cases failed: 31 46 61 1415`)
Closes#17665
Fix building with `--disable-digest-auth`. Make test cases run in such
a build. Add such a build to our CI jobs.
Reported-by: Tristan Perrault
Fixes#17612Closes#17614
When `curl_easy_cleanup()` is invoked while still being part
of a multi handle, the code will auto-remove it. But since the
connection was detached first, the code in
`curl_multi_remove_handle()` that invalidates dirty connections
did not bite.
Attach the connection *after* the possible remove from a multi
handle, so that connection reuse can be prevented.
Add test753 to reproduce and verify the fix. This required adding
the new debug env var CURL_FTP_PWD_STOP, to have a transfer return
from multi_perform() early with a connection that does not show
and pending input.
Reported-by: Brian Harris
Fixes https://github.com/curl/curl/issues/17578
Closes https://github.com/curl/curl/pull/17607
Make test bundles the default. Drop non-bundle build mode.
Also do all the optimizations and tidy-ups this allows, simpler builds,
less bundle exceptions, streamlined build mechanics.
Also rework the init/deinit macro magic for unit tests. The new method
allows using unique init/deinit function names, and calling them with
arguments. This is in turn makes it possible to reduce the use of global
variables.
Note this drop existing build options `-DCURL_TEST_BUNDLES=` from cmake
and `--enable-test-bundles` / `--disable-test-bundles` from autotools.
Also:
- rename test entry functions to have unique names: `test_<testname>`
This removes the last exception that was handled in the generator.
- fix `make dist` to not miss test sources with test bundles enabled.
- sync and merge `tests/mk-bundle.pl` into `scripts/mk-unity.pl`.
- mk-unity.pl: add `--embed` option and use it when `CURL_CLANG_TIDY=ON`
to ensure that `clang-tidy` does not miss external test C sources.
(because `clang-tidy` ignores code that's #included.)
- tests/unit: drop no-op setup/stop functions.
- tests: reduce symbol scopes, global macros, other fixes and tidy-ups.
- tool1621: fix to run, also fix it to pass.
- sockfilt: fix Windows compiler warning in certain unity include order,
by explicitly including `warnless.h`.
Follow-up to 6897aeb105#17468Closes#17590
After this patch there is no more double/multiple compile of the same
libtest source under a different libtest ID. Each libtest is compiled
once, and changing behavior at runtime based on test ID.
- drop recently added physical clones for two prevously multi-compiled
tests:
- merge lib587 into lib554 again, branch at runtime.
- merge lib645 into lib643 again, branch at runtime.
- replace existing dynamic branching to use `testnum` instead of
a manually rolled `testno` based on an extra command-line argument.
lib1571, lib1576.
- mk-bundle.pl: stop defining `LIB*` macros. No longer used.
- libtests: drop all `LIB*_C` guards.
- Make these tests branch at runtime, stop building copies:
- lib585, based on lib500
- lib565, based on lib510
- lib529, based on lib525
- lib527, lib532, based on lib526
- lib545, based on lib544
- lib548, based on lib547
- lib696, based on lib556
- lib584, based on lib589
- lib1539, based on lib1514
- lib1543, based on lib1518
- lib1917, based on lib1916
- lib1946, based on lib1940
- lib671, 672, 673, based on lib670
Follow-up to 02dd471bbf#17591
Follow-up to 6897aeb105#17468Closes#17598
Adjust the differences at runtime instead of build-time, to avoid
extra buillds.
Set the `CURL_TESTNUM` env variable to pass test numbers to tests.
Make libtest/first.c use that env variable to set the `testnum` global
variable to allow tests to differ based on which test that runs it.
Closes#17591
These libraries do not support TLS 1.3 and have been marked for removal
for over a year. We want to help users select a TLS dependency that is
future-proof and reliable, and not supporting TLS 1.3 in 2025 does not
infer confidence. Users who build libcurl are likely to be served better
and get something more future-proof with a TLS library that supports
1.3.
Closes#16677
Using a mixture of techniques to avoid symbols collisions:
- reduce scope.
- add `t*_` / `T*_` prefix.
- move shared functions to `testutil.c`.
(`suburl()`, `rlim2str()`)
- clone re-used lib*.c sources.
(lib587, lib645)
- include shared symbols just once in re-used `lib*.c` sources.
(using `LIB*_C` guards.)
- drop re-used `lib*.c` sources where they were identical or
unused.
- make macros global.
- #undef macros before use.
What remain is the entry functions `test`, and `unit_setup`,
`unit_stop` in unit tests.
Also:
- fix formatting and other minor things along the way.
- add `const` where possible.
- sync some symbol names between tests.
- drop `mk-bundle-hints.sh` that's no longer necessary.
Closes#17468
This boolean option was moved to the wrong handling function. Make it
an ARG_NONE and move it to the correct handler and add a test to
verify that the option works.
Follow-up to 698491f44
Reported-by: fjaell on github
Fixes#17545Closes#17547
Test1117 seems to verify that a response, incoming slowly, is read
completely before sending another request on the same connection.
The previsou write delay of 1000ms made the test last 23+ seconds.
A delay of 100ms seems to achieve the same test on modern machines, but
the overall run time is less than 3 seconds.
Closes#17530
CURLOPT_NOPROGRESS is being set twice, if a file is uploaded from '.'.
Fix order of options so that '.' can override the global setting. Without
this, the `tool_readbusy_cb()` is never inoked and cannot unpause a
transfer waiting for more input.
Fixes#17513
Reported-by: denandz on github
Closes#17517
This started out as regression tests for the `curl_ws_recv()` and
`curl_ws_send()` implementation and ended up with a bugfix, additional
protocol validation and minor logging improvements.
- Fix reset of fragmented message decoder state when a PING/PONG is
received in between message fragments.
- Fix undefined behavior (applying zero offset to null pointer) in
curl_ws_send() when the given buffer is NULL.
- Detect invalid overlong PING/PONG/CLOSE frames.
- Detect invalid fragmented PING/PONG/CLOSE frames.
- Detect invalid sequences of fragmented frames.
- a) A continuation frame (0x80...) is received without any ongoing
fragmented message.
- b) A new fragmented message is started (0x81/0x01/0x82/0x02...)
before the ongoing fragmented message has terminated.
- Made logs for invalid opcodes easier to understand.
- Moved noisy logs to the `CURL_TRC_WS` log level.
- Unified the prefixes for WebSocket log messages: `[WS] ...`
- Add env var `CURL_WS_FORCE_ZERO_MASK` in debug builds.
- If set, it forces the bit mask applied to outgoing payloads to
0x00000000, which effectively means the payload is not masked at
all. This drastically simplifies defining the expected `<protocol>`
data in test cases.
- 2700: Frame types
- 2701: Invalid opcode 0x3
- 2702: Invalid opcode 0xB
- 2703: Invalid reserved bit RSV1 _(replaces 2310)_
- 2704: Invalid reserved bit RSV2
- 2705: Invalid reserved bit RSV3
- 2706: Invalid masked server message
- 2707: Peculiar frame sizes _(part. replaces 2311)_
- 2708: Automatic PONG
- 2709: No automatic PONG _(replaces 2312)_
- 2710: Unsolicited PONG
- 2711: Empty PING/PONG/CLOSE
- 2712: Max sized PING/PONG/CLOSE
- 2713: Invalid oversized PING _(replaces 2307)_
- 2714: Invalid oversized PONG
- 2715: Invalid oversized CLOSE
- 2716: Invalid fragmented PING
- 2717: Invalid fragmented PONG
- 2718: Invalid fragmented CLOSE
- 2719: Fragmented messages _(part. replaces 2311)_
- 2720: Fragmented messages with empty fragments
- 2721: Fragmented messages with interleaved pong
- 2722: Invalid fragmented message without initial frame
- 2723: Invalid fragmented message without final frame
- 2305: curl_ws_recv() loop reading three larger frames
- This test involuntarily sent an invalid sequence of opcodes (0x01...,0x01...,0x81...) , but neither libcurl nor the test caught this! The correct sequence was tested in 2311 (0x01...,0x00...,0x80...). See below for 2311.
- Validation of the opcode sequence was added to libcurl and is now tested in 2723.
- Superseded by 2719 (fragmented message) and 2707 (large frames).
- 2307: overlong PING payload
- The tested PING payload length check was actually missing, but the test didn't catch this since it involuntarily sent an invalid opcode (0x19... instead of 0x89...) so that the expected error occurred, but for the wrong reason.
- Superseded by 2713.
- 2310: unknown reserved bit set in frame header
- Superseded by 2703 and extended by 2704 and 2705.
- 2311: curl_ws_recv() read fragmented message
- Superseded by 2719 (fragmented message) and 2707 (large frames).
- 2312: WebSockets no auto ping
- Superseded by 2709.
- No tests for `CURLOPT_WRITEFUNCTION`.
- No tests for sending of invalid frames/fragments.
Closes#17136
The test had `Closing connection 0` in its expectations, but a stripfile
expression that removes such lines. No recent changes, but started failing
this morning.
Too little coffee for me? Or what triggered this?
Closes#17515
- test1510: it was marked flaky, then disabled. Keep the flaky flag
and allow it to run again.
Ref: ef02da3156
Ref: 0110cced2a
- GHA/linux: extend information about the heimdal valgrind failures.
- GHA/macos: unignore 2037 2041 in torture tests. They no longer
appear flaky.
Follow-up to 4b791dca37#14667Closes#17462
Due to someone being stupid, the resizing of the multi's transfer
table was actually shrinking it. Oh my.
Add test751 to reproduce, add code assertion.
Fixes#17473
Reported-by: Jeroen Ooms
Closes#17475
- Simplify canon_query() a bit. Avoid unconditionally using length -1
where length risks being zero at times. Pointed out by Coverity.
- Fix indent errors
- narrow some variable scopes
- fix keywords in tests
Closes#17402
If /dev/null or another character device etc is used for output, trying
to truncate that only causes errors.
Add test 1497 to verify
Fixes#17371
Reported-by: Brendan Dolan-Gavitt
Closes#17374
To decrease size and complexity. Complexity taken down from 190 to 80.
Bonus:
- remove leftover HTTP/0.9 warning never triggered since hyper was dropped
- remove the ftp-skip-ip option unless FTP is used
- only set HTTP options if HTTP(S) is used
- remove use of the pointless SETOPT_CHECK macro
Side-effect:
- The order of the options in --libcurl is modified
Closes#17352
