static void strstore(char **str, const char *newstr, size_t len);
+/* number of seconds in 400 days */
+#define COOKIES_MAXAGE (400*24*3600)
+
+/* Make sure cookies never expire further away in time than 400 days into the
+ future. (from RFC6265bis draft-19)
+
+ For the sake of easier testing, align the capped time to an even 60 second
+ boundary.
+*/
+static void cap_expires(time_t now, struct Cookie *co)
+{
+ if((TIME_T_MAX - COOKIES_MAXAGE - 30) > now) {
+ timediff_t cap = now + COOKIES_MAXAGE;
+ if(co->expires > cap) {
+ cap += 30;
+ co->expires = (cap/60)*60;
+ }
+ }
+}
+
static void freecookie(struct Cookie *co)
{
free(co->domain);
co->expires += now;
break;
}
+ cap_expires(now, co);
}
else if((nlen == 7) && strncasecompare("expires", namep, 7)) {
if(!co->expires && (vlen < MAX_DATE_LENGTH)) {
co->expires = 1;
else if(co->expires < 0)
co->expires = 0;
+ cap_expires(now, co);
}
}
%repeat[100 x hello]%
+## Insert capped epoch days
+
+Mostly to test capped cookie expire dates: `%days[NUM]` inserts the number of
+seconds for the given number of days into the future, aligned to the nearest
+minute. That is the same calculation the cookie engine uses to cap expiration
+dates.
+
## Include file
This instruction allows a test case to include another file. It is helpful to
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
-%if large-time
-.example.com TRUE / FALSE 17545593600 test7value test7
-.example.com TRUE / FALSE 17545593600 test4value test4
-.example.com TRUE / FALSE 17545593600 test2value test2
-%else
-.example.com TRUE / FALSE 2145830400 test7value test7
-.example.com TRUE / FALSE 2145830400 test4value test4
-.example.com TRUE / FALSE 2145830400 test2value test2
-%endif
+.example.com TRUE / FALSE %days[400] test7value test7
+.example.com TRUE / FALSE %days[400] test4value test4
+.example.com TRUE / FALSE %days[400] test2value test2
.example.com TRUE / FALSE 0 test1value test1
</file>
</verify>
test31.curl FALSE /we/want/ FALSE 0 withspaces yes within and around
.test31.curl TRUE /we/want/ FALSE 0 blexp yesyes
#HttpOnly_test31.curl FALSE /silly/ FALSE 0 magic yessir
-%if large-time
-test31.curl FALSE /we/want/ FALSE 17517902187 nodomain value
-%else
-test31.curl FALSE /we/want/ FALSE 2118138987 nodomain value
-%endif
+test31.curl FALSE /we/want/ FALSE %days[400] nodomain value
.test31.curl TRUE / FALSE 0 partmatch present
#HttpOnly_.test31.curl TRUE /p4/ FALSE 0 httponly myvalue1
#HttpOnly_.test31.curl TRUE /p4/ FALSE 0 httpo4 value4
domain..tld FALSE / FALSE 0 justaname
domain..tld FALSE / FALSE 0 ASPSESSIONIDQGGQQSJJ GKNBDIFAAOFDPDAIEAKDIBKE
domain..tld FALSE / FALSE 0 ckySession temporary
+domain..tld FALSE / FALSE %days[400] ckyPersistent permanent
%if large-time
-domain..tld FALSE / FALSE 17517902187 ckyPersistent permanent
domain..tld FALSE /want FALSE 0 empty
#HttpOnly_domain..tld FALSE /want FALSE 22139150993 mooo2 indeed2
domain..tld FALSE / FALSE 22139150993 mooo indeed
www.loser.com FALSE / FALSE 22139150993 UID 99
www.fake.come FALSE / FALSE 22147483647 cookiecliente si
%else
-domain..tld FALSE / FALSE 2118138987 ckyPersistent permanent
domain..tld FALSE /want FALSE 0 empty
#HttpOnly_domain..tld FALSE /want FALSE 2139150993 mooo2 indeed2
domain..tld FALSE / FALSE 2139150993 mooo indeed
# This file was generated by libcurl! Edit at your own risk.
127.0.0.1 FALSE / FALSE 0 name4 value
-127.0.0.1 FALSE / FALSE 5115959787 name3 value
+127.0.0.1 FALSE / FALSE %days[400] name3 value
127.0.0.1 FALSE / FALSE 0 name2 value
-127.0.0.1 FALSE / FALSE 5115959787 name value
+127.0.0.1 FALSE / FALSE %days[400] name value
</file>
</verify>
</testcase>
unlock: cookie [Pigs in space]: 91
loaded cookies:
-----------------
- www.host.foo.com FALSE / FALSE 1993463787 test6 six_more
- .www.host.foo.com TRUE / FALSE 1993463787 test6 six
- .host.foo.com TRUE / FALSE 1896263787 test5 five
- .host.foo.com TRUE / FALSE 2061978987 test4 overwritten4
- .foo.com TRUE / FALSE 1896263787 test3 three
- .host.foo.com TRUE / FALSE 1896263787 test2 two
- .foo.com TRUE / FALSE 1993463787 test1 overwritten1
- .host.foo.com TRUE / FALSE 1896263787 injected yes
+ www.host.foo.com FALSE / FALSE %days[400] test6 six_more
+ .www.host.foo.com TRUE / FALSE %days[400] test6 six
+ .host.foo.com TRUE / FALSE %days[400] test5 five
+ .host.foo.com TRUE / FALSE %days[400] test4 overwritten4
+ .foo.com TRUE / FALSE %days[400] test3 three
+ .host.foo.com TRUE / FALSE %days[400] test2 two
+ .foo.com TRUE / FALSE %days[400] test1 overwritten1
+ .host.foo.com TRUE / FALSE %days[400] injected yes
-----------------
try SHARE_CLEANUP...
lock: share [Pigs in space]: 92
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
-www.host.foo.com FALSE / FALSE 1993463787 test6 six_more
-.www.host.foo.com TRUE / FALSE 1993463787 test6 six
-.host.foo.com TRUE / FALSE 1896263787 test5 five
-.host.foo.com TRUE / FALSE 2061978987 test4 overwritten4
-.foo.com TRUE / FALSE 1896263787 test3 three
-.host.foo.com TRUE / FALSE 1896263787 test2 two
-.foo.com TRUE / FALSE 1993463787 test1 overwritten1
-.host.foo.com TRUE / FALSE 1896263787 injected yes
+www.host.foo.com FALSE / FALSE %days[400] test6 six_more
+.www.host.foo.com TRUE / FALSE %days[400] test6 six
+.host.foo.com TRUE / FALSE %days[400] test5 five
+.host.foo.com TRUE / FALSE %days[400] test4 overwritten4
+.foo.com TRUE / FALSE %days[400] test3 three
+.host.foo.com TRUE / FALSE %days[400] test2 two
+.foo.com TRUE / FALSE %days[400] test1 overwritten1
+.host.foo.com TRUE / FALSE %days[400] injected yes
</file>
</verify>
</testcase>
# https://curl.se/docs/http-cookies.html
# This file was generated by libcurl! Edit at your own risk.
-%if large-time
-.host.foo.com TRUE /we/want/ FALSE 17517902187 test2 yes
-#HttpOnly_.foo.com TRUE /we/want/ FALSE 17517902187 test yes
-%else
-.host.foo.com TRUE /we/want/ FALSE 2118138987 test2 yes
-#HttpOnly_.foo.com TRUE /we/want/ FALSE 2118138987 test yes
-%endif
+.host.foo.com TRUE /we/want/ FALSE %days[400] test2 yes
+#HttpOnly_.foo.com TRUE /we/want/ FALSE %days[400] test yes
</file>
</verify>
</testcase>
sub compareparts {
my ($firstref, $secondref)=@_;
+ # we cannot compare arrays index per index since with the base64 chunks,
+ # they may not be "evenly" distributed
my $first = join("", @$firstref);
my $second = join("", @$secondref);
- # we cannot compare arrays index per index since with the base64 chunks,
- # they may not be "evenly" distributed
+ if($first =~ /%alternatives\[/) {
+ die "bad use of compareparts\n";
+ }
- # NOTE: this no longer strips off carriage returns from the arrays. Is that
- # really necessary? It ruins the testing of newlines. I believe it was once
- # added to enable tests on Windows.
+ if($second =~ /%alternatives\[([^,]*),([^\]]*)\]/) {
+ # there can be many %alternatives in this chunk, so we call
+ # this function recursively
+ my $alt = $second;
+ $alt =~ s/%alternatives\[([^,]*),([^\]]*)\]/$1/;
+
+ # check first alternative
+ {
+ my @f;
+ my @s;
+ push @f, $first;
+ push @s, $alt;
+ if(!compareparts(\@f, \@s)) {
+ return 0;
+ }
+ }
+
+ $alt = $second;
+ $alt =~ s/%alternatives\[([^,]*),([^\]]*)\]/$2/;
+ # check second alternative
+ {
+ my @f;
+ my @s;
+ push @f, $first;
+ push @s, $alt;
+ if(!compareparts(\@f, \@s)) {
+ return 0;
+ }
+ }
+
+ # neither matched
+ return 1;
+ }
if($first ne $second) {
return 1;
$$thing =~ s/%%REPEAT%%/$all/;
}
+ # days
+ while($$thing =~ s/%days\[(.*?)\]/%%DAYS%%/i) {
+ # convert to now + given days in epoch seconds, align to a 60 second
+ # boundary. Then provide two alternatives.
+ my $now = time();
+ my $d = ($1 * 24 * 3600) + $now + 30;
+ $d = int($d/60) * 60;
+ my $d2 = $d + 60;
+ $$thing =~ s/%%DAYS%%/%alternatives[$d,$d2]/;
+ }
+
# include a file
$$thing =~ s/%include ([^%]*)%[\n\r]+/includefile($1)/ge;
}
projects / thirdparty / curl.git / commitdiff
