delta/curl.git/lib, branch bagder/manpages-https github.com: bagder/curl.git vtls: deduplicate client certificates in ssl_config_data 2020-09-14T10:56:47+00:00 Gergely Nagy ngg@tresorit.com 2020-06-29T18:07:37+00:00 182ff2d63c9a25c14ee1e7dc9e6d63e9079df677 Closes #5629 
Closes #5629
ftp: a 550 response to SIZE returns CURLE_REMOTE_FILE_NOT_FOUND 2020-09-14T10:53:12+00:00 Daniel Stenberg daniel@haxx.se 2020-09-12T16:27:08+00:00 7ea2e1d0c5a7fc7e2797a2d3c2a2429d6e09e581 This is primarily interesting for cases where CURLOPT_NOBODY is set as previously curl would not return an error for this case. MDTM getting 550 now also returns this error (it returned CURLE_FTP_COULDNT_RETR_FILE before) in order to unify return codes for missing files across protocols and specific FTP commands. libcurl already returns error on a 550 as a MDTM response (when CURLOPT_FILETIME is set). If CURLOPT_NOBODY is not set, an error would happen subsequently anyway since the RETR command would fail. Add test 1913 and 1914 to verify. Updated several tests accordingly due to the updated SIZE behavior. Reported-by: Tomas Berger Fixes #5953 Closes #5957 
This is primarily interesting for cases where CURLOPT_NOBODY is set as
previously curl would not return an error for this case.

MDTM getting 550 now also returns this error (it returned
CURLE_FTP_COULDNT_RETR_FILE before) in order to unify return codes for
missing files across protocols and specific FTP commands.

libcurl already returns error on a 550 as a MDTM response (when
CURLOPT_FILETIME is set). If CURLOPT_NOBODY is not set, an error would
happen subsequently anyway since the RETR command would fail.

Add test 1913 and 1914 to verify. Updated several tests accordingly due
to the updated SIZE behavior.

Reported-by: Tomas Berger
Fixes #5953
Closes #5957
imap: set cselect_bits to CURL_CSELECT_IN initially 2020-09-14T10:29:44+00:00 Antarpreet Singh antarpreet.singh@gmail.com 2020-05-07T19:20:26+00:00 da5ae38db0642dc6f676217a7d77119cda4cce5a ... when continuing a transfer from a FETCH response. When the size of the file was small enough that the entirety of the transfer happens in a single go and schannel buffers holds the entire data. However, it wasn't completely read in Curl_pp_readresp since a line break was found before that could happen. So, by the time we are in imap_state_fetch_resp - there's data in buffers that needs to be read via Curl_read but nothing to read from the socket. After we setup a transfer (Curl_setup_transfer), curl just waits on the socket state to change - which doesn't happen since no new data ever comes. Closes #5961 
... when continuing a transfer from a FETCH response.

When the size of the file was small enough that the entirety of the
transfer happens in a single go and schannel buffers holds the entire
data. However, it wasn't completely read in Curl_pp_readresp since a
line break was found before that could happen. So, by the time we are in
imap_state_fetch_resp - there's data in buffers that needs to be read
via Curl_read but nothing to read from the socket. After we setup a
transfer (Curl_setup_transfer), curl just waits on the socket state to
change - which doesn't happen since no new data ever comes.

Closes #5961
dynbuf: provide curlx_ names for reuse by the curl tool 2020-09-14T06:32:35+00:00 Daniel Stenberg daniel@haxx.se 2020-09-09T13:41:05+00:00 c4ea71ae3235cca8c6837f48664d587e52eb32d2 Closes #5946 
Closes #5946
dynbuf: make sure Curl_dyn_tail() zero terminates 2020-09-14T06:29:46+00:00 Daniel Stenberg daniel@haxx.se 2020-09-13T21:08:45+00:00 9fffe925d2049d925dbc4b52beda5b35c7b3aaa5 Closes #5959 
Closes #5959
http: consolidate nghttp2_session_mem_recv() call paths 2020-09-10T15:43:47+00:00 Laramie Leavitt laramie.leavitt@gmail.com 2020-07-03T20:10:27+00:00 25a25f45ae55aae510a6de1b5bbcfa7547f5db6c Previously there were several locations that called nghttp2_session_mem_recv and handled responses slightly differently. Those have been converted to call the existing h2_process_pending_input() function. Moved the end-of-session check to h2_process_pending_input() since the only place the end-of-session state can change is after nghttp2 processes additional input frames. This will likely fix the fuzzing error. While I don't have a root cause the out-of-bounds read seems like a use after free, so moving the nghttp2_session_check_request_allowed() call to a location with a guaranteed nghttp2 session seems reasonable. Also updated a few nghttp2 callsites to include error messages and added a few additional error checks. Closes #5648 
Previously there were several locations that called
nghttp2_session_mem_recv and handled responses slightly differently.
Those have been converted to call the existing
h2_process_pending_input() function.

Moved the end-of-session check to h2_process_pending_input() since the
only place the end-of-session state can change is after nghttp2
processes additional input frames.

This will likely fix the fuzzing error. While I don't have a root cause
the out-of-bounds read seems like a use after free, so moving the
nghttp2_session_check_request_allowed() call to a location with a
guaranteed nghttp2 session seems reasonable.

Also updated a few nghttp2 callsites to include error messages and added
a few additional error checks.

Closes #5648
base64: also build for pop3 and imap 2020-09-10T06:50:04+00:00 Daniel Stenberg daniel@haxx.se 2020-09-09T20:32:17+00:00 11ab0ad60f1e106ad84f33ea9843c0da0433e49e Follow-up to the fix in 20417a13fb8f83 Reported-by: Michael Olbrich Fixes #5937 Closes #5948 
Follow-up to the fix in 20417a13fb8f83

Reported-by: Michael Olbrich
Fixes #5937
Closes #5948
base64: enable in build with SMTP 2020-09-09T07:23:06+00:00 Daniel Stenberg daniel@haxx.se 2020-09-08T07:23:09+00:00 20417a13fb8f8355d4144c7accc206ca101e1a3a The oauth2 support is used with SMTP and it uses base64 functions. Reported-by: Michael Olbrich Fixes #5937 Closes #5938 
The oauth2 support is used with SMTP and it uses base64 functions.

Reported-by: Michael Olbrich
Fixes #5937
Closes #5938
lib: fix -Wassign-enum warnings 2020-09-08T11:53:02+00:00 Daniel Stenberg daniel@haxx.se 2020-09-07T08:52:48+00:00 17fcdf6a310d4c80762455ee9d5e4f52bd55c809 configure --enable-debug now enables -Wassign-enum with clang, identifying several enum "abuses" also fixed. Reported-by: Gisle Vanem Bug: https://github.com/curl/curl/commit/879007f8118771f4896334731aaca5850a154675#commitcomment-42087553 Closes #5929 
configure --enable-debug now enables -Wassign-enum with clang,
identifying several enum "abuses" also fixed.

Reported-by: Gisle Vanem
Bug: https://github.com/curl/curl/commit/879007f8118771f4896334731aaca5850a154675#commitcomment-42087553

Closes #5929
url: use blank credentials when using proxy w/o username and password 2020-09-07T22:48:09+00:00 Diven Qi diven.qi@zoom.us 2020-09-07T09:30:04+00:00 3532262edd13e191862b55dec546a732f7d79144 Fixes proxy regression brought in commit ad829b21ae (7.71.0) Fixed #5911 Closes #5914 
Fixes proxy regression brought in commit ad829b21ae (7.71.0)

Fixed #5911
Closes #5914