http2: make pausing/unpausing set/clear local stream window

This reduces the HTTP/2 window size to 32 MB since libcurl might have to
buffer up to this amount of data in memory and yet we

http2: make pausing/unpausing set/clear local stream window

This reduces the HTTP/2 window size to 32 MB since libcurl might have to
buffer up to this amount of data in memory and yet we don't want it set
lower to potentially impact tranfer performance on high speed networks.

Requires nghttp2 commit b3f85e2daa629
(https://github.com/nghttp2/nghttp2/pull/1444) to work properly, to end
up in the next release after 1.40.0.

Fixes #4939
Closes #4940

show more ...

libssh: improve known hosts handling

Previously, it was not possible to get a known hosts file entry due to
the lack of an API. ssh_session_get_known_hosts_entry(), introduced in
li

libssh: improve known hosts handling

Previously, it was not possible to get a known hosts file entry due to
the lack of an API. ssh_session_get_known_hosts_entry(), introduced in
libssh-0.9.0, allows libcurl to obtain such information and behave the
same as when compiled with libssh2.

This also tries to avoid the usage of deprecated functions when the
replacements are available. The behaviour will not change if versions
older than libssh-0.8.0 are used.

Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Fixes #4953
Closes #4962

show more ...

tests: Automatically deduce the tool name from the test case for unit tests

It is still possible to override the executable to run during the test,
using the <tool> tag, but this patch r

tests: Automatically deduce the tool name from the test case for unit tests

It is still possible to override the executable to run during the test,
using the <tool> tag, but this patch removes the requirement that the
tag must be present for unit tests.

It also removes the possibility of human error when existing test cases
are used as the basis for new tests, as recently witnessed in 81c37124.

Reviewed-by: Daniel Stenberg
Closes #4976

show more ...

test1323: Added the missing 'unit test' feature requirement in the test case

cookie: remove unnecessary check for 'out != 0'

... as it will always be non-NULL at this point.

Detected by Coverity: CID 1459009

http: added 417 response treatment

When doing a request with a body + Expect: 100-continue and the server
responds with a 417, the same request will be retried immediately
without th

http: added 417 response treatment

When doing a request with a body + Expect: 100-continue and the server
responds with a 417, the same request will be retried immediately
without the Expect: header.

Added test 357 to verify.

Also added a control instruction to tell the sws test server to not read
the request body if Expect: is present, which the new test 357 uses.

Reported-by: bramus on github
Fixes #4949
Closes #4964

show more ...

smtp: Tidy up, following recent changes, to maintain the coding style

Closes #4892

smtp: Support the SMTPUTF8 extension for the EXPN command

Simply notify the server we support the SMTPUTF8 extension if it does.

smtp: Support the SMTPUTF8 extension in the VRFY command

smtp: Support the SMTPUTF8 extension in the RCPT TO command

Note: The RCPT TO command isn't required to advertise to the server that
it contains UTF-8 characters, instead the server is t

smtp: Support the SMTPUTF8 extension in the RCPT TO command

Note: The RCPT TO command isn't required to advertise to the server that
it contains UTF-8 characters, instead the server is told that a mail may
contain UTF-8 in any envelope command via the MAIL command.

show more ...

smtp: Support the SMTPUTF8 extension in the MAIL command

Support the SMTPUTF8 extension when sending mailbox information in the
MAIL command (FROM and AUTH parameters). Non-ASCII domain

smtp: Support the SMTPUTF8 extension in the MAIL command

Support the SMTPUTF8 extension when sending mailbox information in the
MAIL command (FROM and AUTH parameters). Non-ASCII domain names will
be ACE encoded, if IDN is supported, whilst non-ASCII characters in
the local address part are passed to the server.

Reported-by: ygthien on github
Fixes #4828

show more ...

smtp: Detect server support for the UTF-8 extension as defined in RFC-6531

smtp: Support UTF-8 based host names in the VRFY command

smtp: Support UTF-8 based host names in the RCPT TO command

smtp: Support UTF-8 based host names in the MAIL command

Non-ASCII host names will be ACE encoded if IDN is supported.

url: Make the IDN conversion functions available to others

smtp: Added UTF-8 mailbox tests to verify existing behaviour

ftpserver: Updated VRFY_smtp() so the response isn't necessary in the test case

ftpserver: Corrected the e-mail address regex in MAIL_smtp() and RCTP_smtp()

The dot character between the host and the tld was not being escaped,
which meant it specified a match of 'an

ftpserver: Corrected the e-mail address regex in MAIL_smtp() and RCTP_smtp()

The dot character between the host and the tld was not being escaped,
which meant it specified a match of 'any' character rather than an
explicit dot separator.

Additionally removed the dot character from the host name as it allowed
the following to be specified as a valid address in our test cases:

<bad@example......com>

Both are typos from 98f7ca7 and 8880f84 :(

I can't remember whether my intention was to allow sub-domains to be
specified in the host or not with these additional dots, but by placing
it outside of the host means it can only be specified once per domain
and by placing a + after the new grouping support for sub-domains is
kept.

Closes #4912

show more ...

hmac: Added a unit test for the HMAC hash generation

Closes #4973

ntlm: Moved the HMAC MD5 function into the HMAC module as a generic function

tests: Added a unit test for MD4 digest generation

Closes #4970

md4: Use const for the length input parameter

This keeps the interface the same as md5 and sha256.

test1610: Fixed the link to the unit test

Typo from 81c37124.

ntlm: Removed the dependency on the TLS libaries when using MD5

As we have our own MD5 implementation use the MD5 wrapper to remove the
TLS dependency.

Closes #4967