Update curl from 7.68.0 to 7.69.1

[patrikjuvonen]

Summary

• Contains stability and security related fixes
• 7.69.1: curl-users mailing list archive, maintainer's blog post, changelog
• 7.69.0: curl-users mailing list archive, maintainer's blog post, changelog

Tests

• fetchRemote
  • Download test script (v1.0.1): test_fetchRemote.zip
    • Preferable not to run client and server simultaneously
  • URL for unauthenticated requests: http://ptsv2.com/t/mtasa-test-fetchRemote
  • URL for authenticated requests: http://ptsv2.com/t/mtasa-test-fetchRemote-auth
• callRemote
  • Download test script (v1.0.2): test_callRemote.zip
  • URL for unauthenticated requests: http://ptsv2.com/t/mtasa-test-callRemote
  • URL for authenticated requests: http://ptsv2.com/t/mtasa-test-callRemote-auth
• Please flush all your requests from ptsv2.com after testing!

Validation

To help validate the integrity of the update I have created the following bash script that diffs between my PR branch and the official package provided from the curl website.

#!/bin/bash

CURL_UPDATE_VERSION=7.69.1
CURL_PATH_NAME=curl-$CURL_UPDATE_VERSION

GIT_REPO_BRANCH=vendor/curl-$CURL_UPDATE_VERSION
GIT_REPO_URL=https://github.com/patrikjuvonen/mtasa-blue.git
GIT_DEST_DIR=mtasa-blue
GIT_REPO_CURL_PATH=$GIT_DEST_DIR/vendor/curl/

echo 1. Download and extract $CURL_PATH_NAME...
curl https://curl.haxx.se/download/$CURL_PATH_NAME.tar.xz | tar -xJ

echo 2. Clone the vendor update branch $GIT_REPO_BRANCH from $GIT_REPO_URL into $GIT_DEST_DIR...
git clone --depth 1 -b $GIT_REPO_BRANCH $GIT_REPO_URL $GIT_DEST_DIR

echo 3. Start checking integrity...
diff -r $GIT_REPO_CURL_PATH $CURL_PATH_NAME

echo 4. Completed.
exec $SHELL

Past curl updates in MTA

Date	From	To	Link
January 2020	7.67.0	7.68.0 (current)	#1216
November 2019	7.66.0	7.67.0	#1161
September 2019	7.65.3	7.66.0	#1099
July 2019	7.65.1	7.65.3	#1027
July 2019	7.64.1	7.65.1	#1018
April 2019	7.64.0	7.64.1	#898
February 2019	7.63.0	7.64.0	#819
January 2019	7.61.1	7.63.0	#744
September 2018	7.61.0	7.61.1	#428
August 2018	7.59.0	7.61.0	#271
March 2018	7.54.0	7.59.0	b99e343
June 2017	7.32.0	7.54.0	c15d999
August 2013	7.19.4	7.32.0	aaf3e21

Copy of curl changelogs

Fixed in 7.69.1 - March 11 2020

Bugfixes:

ares: store dns parameters for duphandle
cirrus-ci: disable the FreeBSD 13 builds
curl_share_setopt.3: Note sharing cookies doesn't enable the engine
lib1564: reduce number of mid-wait wakeup calls
libssh: Fix matching user-specified MD5 hex key
MANUAL: update a dict-using command line
mime: do not perform more than one read in a row
mime: fix the binary encoder to handle large data properly
mime: latch last read callback status
multi: skip EINTR check on wakeup socket if it was closed
pause: bail out on bad input
pause: force a connection recheck after unpausing (take 2)
pause: return early for calls that don't change pause state
runtests.1: rephrase how to specify what tests to run
runtests: fix missing use of exe_ext helper function
seek: fix fall back for missing ftruncate on Windows
sftp: fix segfault regression introduced by #4747 in 7.69.0
sha256: Added SecureTransport implementation
sha256: Added WinCrypt implementation
socks4: fix host resolve regression
socks5: host name resolv regression fix
tests/server: fix missing use of exe_ext helper function
tests: fix static ip:port instead of dynamic values being used
tests: make sleeping portable by avoiding select
unit1612: fix the inclusion and compilation of the HMAC unit test
urldata: remove the 'stream_was_rewound' connectdata struct member
version: make curl_version* thread-safe without using global context

Fixed in 7.69.0 - March 4 2020

Changes:

polarssl: removed
smtp: add CURLOPT_MAIL_RCPT_ALLLOWFAILS and --mail-rcpt-allowfails
wolfSSH: new SSH backend

Bugfixes:

altsvc: improved header parser
altsvc: keep a copy of the file name to survive handle reset
altsvc: make saving the cache an atomic operation
altsvc: use h3-27
azure: disable brotli on the macos debug-builds
build: remove all HAVE_OPENSSL_ENGINE_H defines
checksrc.bat: Fix not being able to run script from the main curl dir
cleanup: fix several comment typos
cleanup: fix typos and wording in docs and comments
cmake: add support for CMAKE_LTO option
cmake: clean up and improve build procedures
cmake: enable SMB for Windows builds
cmake: improve libssh2 check on Windows
cmake: Show HTTPS-proxy in the features output
cmake: support specifying the target Windows version
cmake: use check_symbol_exists also for inet_pton
configure.ac: fix comments about --with-quiche
configure: disable metalink if mbedTLS is specified
configure: disable metalink support for incompatible SSL/TLS
conn: do not reuse connection if SOCKS proxy credentials differ
conncache: removed unused Curl_conncache_bundle_size()
connect: remove some spurious infof() calls
connection reuse: respect the max_concurrent_streams limits
contributors: also include people who contributed to curl-www
contrithanks: use the most recent tag by default
cookie: check __Secure- and __Host- case sensitively
cookies: make saving atomic with a rename
create-dirs.d: mention the mode
curl: avoid using strlen for testing if a string is empty
curl: error on --alt-svc use w/o support
curl: let -D merge headers in one file again
curl: make #0 not output the full URL
curl: make the -# spaceship bar not wrap the line
curl: remove 'config' field from OutStruct
curl:progressbarinit: ignore column width from terminals < 20
curl_escape.3: add a link to curl_free
curl_getenv.3: fix the memory handling description
curl_global_init: assume the EINTR bit by default
curl_global_init: move the IPv6 works status bool to multi handle
CURLINFO_COOKIELIST.3: Fix example
CURLOPT_ALTSVC_CTRL.3: fix the DEFAULT wording
CURLOPT_PROXY_SSL_OPTIONS.3: Sync with CURLOPT_SSL_OPTIONS.3
CURLOPT_REDIR_PROTOCOLS.3: update the DEFAULT section
data.d: remove "Multiple files can also be specified"
digest: do not quote algorithm in HTTP authorisation
docs/HTTP3: add --enable-alt-svc to curl's configure
docs/HTTP3: update the OpenSSL branch to use for ngtcp2
docs: fix typo on CURLINFO_RETRY_AFTER
easy: remove dead code
form.d: fix two minor typos
ftp: convert 'sock_accepted' to a plain boolean
ftp: remove superfluous checking for crlf in user or pwd
ftp: shrink temp buffers used for PORT
github action: add CIFuzz
github: Instructions to post "uname -a" on Unix systems in issues
GnuTLS: always send client cert
gtls: fixed compilation when using GnuTLS < 3.5.0
hostip: move code to resolve IP address literals to `Curl_resolv`
HTTP-COOKIES: describe the cookie file format
HTTP-COOKIES: mention that a trailing newline is required
http2: make pausing/unpausing set/clear local stream window
http2: now requires nghttp2 >= 1.12.0
http: added 417 response treatment
http: increase EXPECT_100_THRESHOLD to 1Mb
http: mark POSTs with no body as "upload done" from the start
http: move "oauth_bearer" from connectdata to Curl_easy
include: remove non-curl prefixed defines
KNOWN_BUGS: Multiple methods in a single WWW-Authenticate: header
libssh2: add support for forcing a hostkey type
libssh2: fix variable type
libssh: improve known hosts handling
llist: removed unused Curl_llist_move()
location.d: the method change is from POST to GET only
md4: fixed compilation issues when using GNU TLS gcrypt
md4: use init/update/final functions in Secure Transport
md5: added implementation for mbedTLS
mk-ca-bundle: add support for CKA_NSS_SERVER_DISTRUST_AFTER
multi: change curl_multi_wait/poll to error on negative timeout
multi: fix outdated comment
multi: if Curl_readwrite sets 'comeback' use expire, not loop
multi_done: if multiplexed, make conn->data point to another transfer
multi_wait: stop loop when sread() returns zero
ngtcp2: add error code for QUIC connection errors
ngtcp2: fixed to only use AF_INET6 when ENABLE_IPV6
ngtcp2: update to git master and its draft-25 support
ntlm: move the winbind data into the NTLM data structure
ntlm: pass the Curl_easy structure to the private winbind functions
ntlm: removed the dependency on the TLS libaries when using MD5
ntlm_wb: use Curl_socketpair() for greater portability
oauth2-bearer.d: works for HTTP too
openssl: make CURLINFO_CERTINFO not truncate x509v3 fields
openssl: remove redundant assignment
os400: fixed the build
pause: force-drain the transfer on unpause
quiche: update to draft-25
README: mention that the docs is in docs/
RELEASE-PROCEDURE: feature win is closed post-release a few days
runtests: make random seed fixed for a month
runtests: restore the command log
schannel: make CURLOPT_CAINFO work better on Windows 7
schannel_verify: Fix alt names manual verify for UNICODE builds
sha256: use crypto implementations when available
singleuse.pl: support new API functions, fix curl_dbg_ handling
smtp: support the SMTPUTF8 extension
smtp: support UTF-8 based host names in MAIL FROM
SOCKS: make the connect phase non-blocking
strcase: turn Curl_raw_tolower into static
strerror: increase STRERROR_LEN 128 -> 256
test1323: added missing 'unit test' feature requirement
tests: add a unit test for MD4 digest generation
tests: add a unit test for SHA256 digest generation
tests: add a unit test for the HMAC hash generation
tests: deduce the tool name from the test case for unit tests
tests: fix Python 3 compatibility of smbserver.py
tool_dirhie: allow directory traversal during creation
tool_homedir: change GetEnv() to use libcurl's curl_getenv()
tool_util: improve Windows version of tvnow()
travis: update non-OpenSSL Linux jobs to Bionic
url: include the failure reason when curl_win32_idn_to_ascii() fails
urlapi: guess scheme properly with credentials given
urldata: do string enums without #ifdefs for build scripts
vtls: refactor Curl_multissl_version to make the code clearer
win32: USE_WIN32_CRYPTO to enable Win32 based MD4, MD5 and SHA256

[qaisjp]

LGTM go for the merge