the smell of release

bug report #1156287 , ftp upload from VMS
win resolve crash, win makefile fix
2005-04-05 07:37:08 +00:00 · 2005-04-05 07:33:30 +00:00 · 2005-04-04 22:38:53 +00:00 · 2005-04-04 21:23:04 +00:00 · 2005-04-04 13:21:03 +00:00 · 2005-04-04 12:30:03 +00:00
185 changed files with 8431 additions and 5401 deletions
--- a/2221
+++ b/2221
--- a/CHANGES.2004
+++ b/CHANGES.2004
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE

-Copyright (c) 1996 - 2004, Daniel Stenberg, <daniel@haxx.se>.
+Copyright (c) 1996 - 2005, Daniel Stenberg, <daniel@haxx.se>.

 All rights reserved.

--- a/Makefile.am
+++ b/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -48,6 +48,15 @@ pdf:

 check: test

+if CROSSCOMPILING
+test-full: test
+test-torture: test
+
+test:
+	@echo "NOTICE: we can't run the tests when cross-compiling!"
+
+else
+
 test:
 	@(cd tests; $(MAKE) all quiet-test)

@@ -57,6 +66,8 @@ test-full:
 test-torture:
 	@(cd tests; $(MAKE) all torture-test)

+endif
+
 #
 # Build source and binary rpms. For rpm-3.0 and above, the ~/.rpmmacros
 # must contain the following line:
--- a/Makefile.dist
+++ b/Makefile.dist
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -174,6 +174,12 @@ vc-zlib-dll:
 	cd ..\src
 	nmake /f Makefile.vc6 cfg=release-zlib-dll

+vc-sspi:
+	cd lib
+	nmake /f Makefile.vc6 cfg=release WINDOWS_SSPI=1
+	cd ..\src
+	nmake /f Makefile.vc6 cfg=release WINDOWS_SSPI=1
+
 djgpp:
 	$(MAKE) -C lib -f Makefile.dj
 	$(MAKE) -C src -f Makefile.dj
--- a/48
+++ b/48
@@ -1,27 +1,57 @@
-Curl and libcurl 7.13.1
+Curl and libcurl 7.13.2

- Public curl release number:               86
- Releases counted from the very beginning: 113
- Available command line options:           104
+ Public curl release number:               87
+ Releases counted from the very beginning: 114
+ Available command line options:           106
 Available curl_easy_setopt() options:     122
 Number of public functions in libcurl:    46
- Amount of public web site mirrors:        15
- Number of known libcurl bindings:         29
+ Amount of public web site mirrors:        20
+ Number of known libcurl bindings:         31

 This release includes the following changes:

- o
+ o Added --form-string
+ o libcurl can be built with SSPI support. curl_version_info() then returns
+   a new feature bit: CURL_VERSION_SSPI. configure --enable-sspi added
+ o Added --proxy-anyauth
+ o Added runtests.1 and testcurl.1 man pages

 This release includes the following bugfixes:

- o 
+ o the MSVC libcurl Makefile was fixed
+ o libcurl on Windows crash if resolver was active when easy handle was killed
+ o HTTP POST with auth and an initial 100 response before the 401/407
+ o configure's SSL-detection for msys/mingw
+ o better connection keep-alive when POSTing with HTTP Digest
+ o FTP-SSL
+ o reading FTP server response in multiple reads
+ o picking one out of multiple proxy auth methods
+ o inet_ntoa_r() when built with uClibc
+ o the so name issue for the LDAP library dynamic load
+ o crash when using SOCKS4 proxy
+ o a debug printf() was removed
+ o CURLOPT_FILETIME when downloading FTP corrupted data
+ o FTP upload resume now works even if no file is present on the site
+ o SSL seeding no longer attempts to read the whole random file

 Other curl-related news since the previous public release:

- o 
+ o the cURL project is now over 7 years old
+ o daily curl binary builds for Windows fresh from CVS:
+   http://cool.haxx.se/curl-daily/
+ o curl-tracker is a new mailinglist for "tracker" activities:
+   http://cool.haxx.se/mailman/listinfo/curl-tracker
+ o libcurl binding for Common Lisp: http://common-lisp.net/project/cl-curl/
+ o pycurl 7.13.1 http://pycurl.sf.net
+ o http://curl.tolix.org is a new Californian mirror
+ o http://curl.seekmeup.com/ is a new mirror in US Texas

 This release would not have looked like this without help, code, reports and
 advice from friends like these:

+ Dan Fandrich, Ignacio Vazquez-Abrams, Randy McMurchy, Dominick Meglio,
+ Jean-Marc Ranger, Tor Arntsen, Nodak Sodak, David Houlder, Gisle Vanem,
+ Christopher R. Palmer, Gwenole Beauchesne, Augustus Saunders, Jesper Jensen,
+ Tom Moers, Andres Garcia, Hardeep Singh, Marcelo Juchem

        Thanks! (and sorry if I forgot to mention someone)
--- a/13
+++ b/13
@@ -1,21 +1,15 @@
 Issues not sorted in any particular order.

-To get fixed in 7.13.1 (planned release: April 2005)
+To get fixed in 7.13.3 (planned release: June 2005)
 ======================

 58 - Fix KNOWN_BUGS #19: "FTP 3rd party transfers with the multi interface
     doesn't work"

-59 - Figure out a fix for David Byron's SSL problems:
-     http://curl.haxx.se/mail/lib-2005-01/0240.html
-
 47 - Peter Sylvester's patch for SRP on the TLS layer
     Awaits OpenSSL support for this, no need to support this in libcurl before
     there's an OpenSSL release that does it.

-54 - Turn the FTP code into a state machine to support the multi interface
-     100% non-blocking.
-
 To get fixed in 7.14.0
 ======================

@@ -30,7 +24,12 @@ To get fixed in 7.14.0
     internally use and assume the multi interface. The select()-loop should
     use the new function from (55).

+To get fixed in 7.15.0
+======================
+
 57 - Add an interface to libcurl for getting and setting cookies from an easy
     handle. One idea: http://curl.haxx.se/mail/lib-2004-12/0195.html the
     older idea: http://curl.haxx.se/dev/COOKIES. We need to settle on some
     middle ground I guess.
+
+60 - 
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -322,8 +322,24 @@ dnl program worked:
 [ ac_cv_working_ni_withscopeid="yes" ],
 dnl program failed:
 [ ac_cv_working_ni_withscopeid="no" ],
-dnl we cross-compile:
-[ ac_cv_working_ni_withscopeid="yes" ]
+dnl we cross-compile, check the headers using the preprocessor
+[
+
+ AC_EGREP_CPP(WORKS,
+[
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h>
+
+#ifdef NI_WITHSCOPEID
+WORKS
+#endif
+],
+  ac_cv_working_ni_withscopeid="yes",
+  ac_cv_working_ni_withscopeid="no" )
+
+ ]
 ) dnl end of AC_RUN_IFELSE

 ]) dnl end of AC_CACHE_CHECK
@@ -766,3 +782,72 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS],

 ]) dnl end of AC_DEFUN()

+
+dnl Determine the name of the library to pass to dlopen() based on the name
+dnl that would normally be given to AC_CHECK_LIB.  The preprocessor symbol
+dnl given is set to the quoted library file name. 
+dnl The standard dynamic library file name is first generated, based on the
+dnl current system type, then a search is performed for that file on the
+dnl standard dynamic library path.  If it is a symbolic link, the destination
+dnl of the link is used as the file name, after stripping off any minor
+dnl version numbers. If a library file can't be found, a guess is made.
+dnl This macro assumes AC_PROG_LIBTOOL has been called and requires perl
+dnl to be available in the PATH, or $PERL to be set to its location.
+dnl
+dnl CURL_DLLIB_NAME(VARIABLE, library_name)
+dnl e.g. CURL_DLLIB_NAME(LDAP_NAME, ldap) on a Linux system might result
+dnl in LDAP_NAME holding the string "libldap.so.2".
+
+AC_DEFUN([CURL_DLLIB_NAME],
+[
+AC_MSG_CHECKING([name of dynamic library $2])
+dnl The shared library extension variable name changes from version to
+dnl version of libtool.  Try a few names then just set one statically.
+test -z "$shared_ext" && shared_ext="$shrext_cmds"
+test -z "$shared_ext" && shared_ext="$shrext"
+test -z "$shared_ext" && shared_ext=".so"
+
+dnl Create the library link name of the correct form for this platform
+LIBNAME_LINK_SPEC=`echo "$library_names_spec" | $SED 's/^.* //'`
+DLGUESSLIB=`name=$2 eval echo "$libname_spec"`
+DLGUESSFILE=`libname="$DLGUESSLIB" release="" major="" versuffix="" eval echo "$LIBNAME_LINK_SPEC"`
+
+dnl Synthesize a likely dynamic library name in case we can't find an actual one
+SO_NAME_SPEC="$soname_spec"
+dnl soname_spec undefined when identical to the 1st entry in library_names_spec
+test -z "$SO_NAME_SPEC" && SO_NAME_SPEC=`echo "$library_names_spec" | $SED 's/ .*$//'`
+DLGUESSSOFILE=`libname="$DLGUESSLIB" release="" major="" versuffix="" eval echo "$SO_NAME_SPEC"`
+
+if test "$cross_compiling" = yes; then
+  dnl Can't look at filesystem when cross-compiling
+  AC_DEFINE_UNQUOTED($1, "$DLGUESSSOFILE", [$2 dynamic library file])
+  AC_MSG_RESULT([$DLGUESSSOFILE (guess while cross-compiling)])
+else
+
+  DLFOUNDFILE=""
+  if test "$sys_lib_dlsearch_path_spec" ; then
+    dnl Search for the link library name and see what it points to.
+    for direc in $sys_lib_dlsearch_path_spec ; do
+      DLTRYFILE="$direc/$DLGUESSFILE"
+      dnl Find where the symbolic link for this name points
+      changequote(<<, >>)dnl
+      <<
+      DLFOUNDFILE=`${PERL:-perl} -e 'use File::Basename; (basename(readlink($ARGV[0])) =~ /^(.*[^\d]\.\d+)[\d\.]*$/ && print ${1}) || exit 1;' "$DLTRYFILE" 2>&5`
+      >>
+      changequote([, ])dnl
+      if test "$?" -eq "0"; then
+        dnl Found the file link
+        break
+      fi
+    done
+  fi
+
+  if test -z "$DLFOUNDFILE" ; then
+    dnl Couldn't find a link library, so guess at a name.
+    DLFOUNDFILE="$DLGUESSSOFILE"
+  fi
+
+  AC_DEFINE_UNQUOTED($1, "$DLFOUNDFILE", [$2 dynamic library file])
+  AC_MSG_RESULT($DLFOUNDFILE)
+fi
+])
--- a/ares/CHANGES
+++ b/ares/CHANGES
@@ -1,5 +1,10 @@
  Changelog for the c-ares project

+* March 11, 2005
+
+- Dominick Meglio added ares_parse_aaaa_reply.c and did various
+  adjustments. The first little steps towards IPv6 support!
+
 * November 7

 - Fixed the VC project and makefile to use ares_cancel and ares_version
--- a/ares/Makefile.inc
+++ b/ares/Makefile.inc
@@ -3,7 +3,8 @@ ares__close_sockets.c ares_free_string.c ares_search.c ares__get_hostent.c \
 ares_gethostbyaddr.c ares_send.c ares__read_line.c ares_gethostbyname.c	   \
 ares_strerror.c ares_cancel.c ares_init.c ares_timeout.c ares_destroy.c	   \
 ares_mkquery.c ares_version.c ares_expand_name.c ares_parse_a_reply.c	   \
-windows_port.c ares_expand_string.c ares_parse_ptr_reply.c
+windows_port.c ares_expand_string.c ares_parse_ptr_reply.c                 \
+ares_parse_aaaa_reply.c

 HHEADERS = ares.h ares_private.h setup.h ares_dns.h ares_version.h nameser.h

@@ -12,4 +13,4 @@ MANPAGES= ares_destroy.3 ares_expand_name.3 ares_expand_string.3 ares_fds.3 \
 ares_gethostbyname.3 ares_init.3 ares_init_options.3 ares_mkquery.3	    \
 ares_parse_a_reply.3 ares_parse_ptr_reply.3 ares_process.3		    \
 ares_query.3 ares_search.3 ares_send.3 ares_strerror.3 ares_timeout.3	    \
- ares_version.3 ares_cancel.3
+ ares_version.3 ares_cancel.3 ares_parse_aaaa_reply.3
--- a/ares/Makefile.netware
+++ b/ares/Makefile.netware
@@ -20,7 +20,7 @@ endif
 TARGETS = adig.nlm ahost.nlm
 LTARGET = libcares.lib
 VERSION	= $(LIBCARES_VERSION)
-COPYR	= Copyright (c) 1996 - 2004, Daniel Stenberg, <daniel@haxx.se>
+COPYR	= Copyright (C) 1996 - 2005, Daniel Stenberg, <daniel@haxx.se>
 DESCR	= cURL $(subst .def,,$(notdir $@)) $(LIBCARES_VERSION_STR) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
@@ -297,6 +297,8 @@ config.h: Makefile.netware
 	@echo $(DL)#define SIZEOF_CURL_OFF_T 4$(DL) >> $@
 	@echo $(DL)#define STDC_HEADERS 1$(DL) >> $@
 	@echo $(DL)#define TIME_WITH_SYS_TIME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
 ifdef NW_WINSOCK
 	@echo $(DL)#define HAVE_CLOSESOCKET 1$(DL) >> $@
 else
--- a/ares/acinclude.m4
+++ b/ares/acinclude.m4
@@ -99,3 +99,50 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS],

 ]) dnl end of AC_DEFUN()

+
+dnl This macro determines if the specified struct exists in the specified file
+dnl Syntax:
+dnl CARES_CHECK_STRUCT(headers, struct name, if found, [if not found])
+
+AC_DEFUN([CARES_CHECK_STRUCT], [
+  AC_MSG_CHECKING([for struct $2])
+  AC_TRY_COMPILE([$1], 
+    [
+      struct $2 struct_instance;
+    ], ac_struct="yes", ac_found="no")
+  if test "$ac_struct" = "yes" ; then
+    AC_MSG_RESULT(yes)
+    $3
+  else
+    AC_MSG_RESULT(no)
+    $4
+  fi
+])
+
+dnl This macro determines if the specified constant exists in the specified file
+dnl Syntax:
+dnl CARES_CHECK_CONSTANT(headers, constant name, if found, [if not found])
+
+AC_DEFUN([CARES_CHECK_CONSTANT], [
+  AC_MSG_CHECKING([for $2])
+  AC_EGREP_CPP(VARIABLEWASDEFINED,
+   [
+      $1
+
+      #ifdef $2
+        VARIABLEWASDEFINED
+      #else
+        NJET
+      #endif
+    ], ac_constant="yes", ac_constant="no"
+  )
+  if test "$ac_constant" = "yes" ; then
+    AC_MSG_RESULT(yes)
+    $3
+  else
+    AC_MSG_RESULT(no)
+    $4
+  fi
+])
+
+
--- a/ares/ares.h
+++ b/ares/ares.h
@@ -137,12 +137,13 @@ int ares_expand_string(const unsigned char *encoded, const unsigned char *abuf,
                     int alen, unsigned char **s, long *enclen);
 int ares_parse_a_reply(const unsigned char *abuf, int alen,
                       struct hostent **host);
+int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
+                       struct hostent **host);
 int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr,
                         int addrlen, int family, struct hostent **host);
 void ares_free_string(void *str);
 void ares_free_hostent(struct hostent *host);
 const char *ares_strerror(int code);
-void ares_free_errmem(char *mem);

 #ifdef  __cplusplus
 }
--- a/ares/ares_gethostbyaddr.c
+++ b/ares/ares_gethostbyaddr.c
@@ -147,21 +147,20 @@ static int file_lookup(struct in_addr *addr, struct hostent **host)
  int status;

 #ifdef WIN32
-
  char PATH_HOSTS[MAX_PATH];
  if (IS_NT()) {
-        char tmp[MAX_PATH];
-        HKEY hkeyHosts;
+    char tmp[MAX_PATH];
+    HKEY hkeyHosts;

-        if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, WIN_NS_NT_KEY, 0, KEY_READ, &hkeyHosts)
-                == ERROR_SUCCESS)
-        {
-                DWORD dwLength = MAX_PATH;
-                RegQueryValueEx(hkeyHosts, DATABASEPATH, NULL, NULL, tmp,
-                        &dwLength);
-                ExpandEnvironmentStrings(tmp, PATH_HOSTS, MAX_PATH);
-                RegCloseKey(hkeyHosts);
-        }
+    if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, WIN_NS_NT_KEY, 0, KEY_READ, &hkeyHosts)
+        == ERROR_SUCCESS)
+    {
+      DWORD dwLength = MAX_PATH;
+      RegQueryValueEx(hkeyHosts, DATABASEPATH, NULL, NULL, (LPBYTE)tmp,
+                      &dwLength);
+      ExpandEnvironmentStrings(tmp, PATH_HOSTS, MAX_PATH);
+      RegCloseKey(hkeyHosts);
+    }
  }
  else
    GetWindowsDirectory(PATH_HOSTS, MAX_PATH);
--- a/ares/ares_gethostbyname.c
+++ b/ares/ares_gethostbyname.c
@@ -222,18 +222,18 @@ static int file_lookup(const char *name, struct hostent **host)
 #ifdef WIN32
  char PATH_HOSTS[MAX_PATH];
  if (IS_NT()) {
-        char tmp[MAX_PATH];
-        HKEY hkeyHosts;
+    char tmp[MAX_PATH];
+    HKEY hkeyHosts;

-        if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, WIN_NS_NT_KEY, 0, KEY_READ, &hkeyHosts)
-                == ERROR_SUCCESS)
-        {
-                DWORD dwLength = MAX_PATH;
-                RegQueryValueEx(hkeyHosts, DATABASEPATH, NULL, NULL, tmp,
-                        &dwLength);
-                ExpandEnvironmentStrings(tmp, PATH_HOSTS, MAX_PATH);
-                RegCloseKey(hkeyHosts);
-        }
+    if (RegOpenKeyEx(HKEY_LOCAL_MACHINE, WIN_NS_NT_KEY, 0, KEY_READ, &hkeyHosts)
+        == ERROR_SUCCESS)
+    {
+      DWORD dwLength = MAX_PATH;
+      RegQueryValueEx(hkeyHosts, DATABASEPATH, NULL, NULL, (LPBYTE)tmp,
+                      &dwLength);
+      ExpandEnvironmentStrings(tmp, PATH_HOSTS, MAX_PATH);
+      RegCloseKey(hkeyHosts);
+    }
  }
  else
    GetWindowsDirectory(PATH_HOSTS, MAX_PATH);
--- a/ares/ares_init.c
+++ b/ares/ares_init.c
@@ -54,19 +54,22 @@ static int init_by_options(ares_channel channel, struct ares_options *options,
 static int init_by_environment(ares_channel channel);
 static int init_by_resolv_conf(ares_channel channel);
 static int init_by_defaults(ares_channel channel);
+
+static int config_nameserver(struct server_state **servers, int *nservers,
+                             char *str);
+static int set_search(ares_channel channel, const char *str);
+static int set_options(ares_channel channel, const char *str);
+static const char *try_option(const char *p, const char *q, const char *opt);
+#ifndef WIN32
+static int ip_addr(const char *s, int len, struct in_addr *addr);
+static void natural_mask(struct apattern *pat);
 static int config_domain(ares_channel channel, char *str);
 static int config_lookup(ares_channel channel, const char *str,
                         const char *bindch, const char *filech);
-static int config_nameserver(struct server_state **servers, int *nservers,
-                             char *str);
 static int config_sortlist(struct apattern **sortlist, int *nsort,
                           const char *str);
-static int set_search(ares_channel channel, const char *str);
-static int set_options(ares_channel channel, const char *str);
 static char *try_config(char *s, const char *opt);
-static const char *try_option(const char *p, const char *q, const char *opt);
-static int ip_addr(const char *s, int len, struct in_addr *addr);
-static void natural_mask(struct apattern *pat);
+#endif

 int ares_init(ares_channel *channelptr)
 {
@@ -264,7 +267,8 @@ static int get_res_nt(HKEY hKey, const char *subkey, char **obuf)
  if (!*obuf)
    return 0;

-  if (RegQueryValueEx(hKey, subkey, 0, NULL, *obuf, &size) != ERROR_SUCCESS)
+  if (RegQueryValueEx(hKey, subkey, 0, NULL,
+                      (LPBYTE)*obuf, &size) != ERROR_SUCCESS)
  {
    free(*obuf);
    return 0;
@@ -709,6 +713,7 @@ static int init_by_defaults(ares_channel channel)
  return ARES_SUCCESS;
 }

+#ifndef WIN32
 static int config_domain(ares_channel channel, char *str)
 {
  char *q;
@@ -749,6 +754,8 @@ static int config_lookup(ares_channel channel, const char *str,
  return (channel->lookups) ? ARES_SUCCESS : ARES_ENOMEM;
 }

+#endif
+
 static int config_nameserver(struct server_state **servers, int *nservers,
                             char *str)
 {
@@ -810,6 +817,7 @@ static int config_nameserver(struct server_state **servers, int *nservers,
  return ARES_SUCCESS;
 }

+#ifndef WIN32
 static int config_sortlist(struct apattern **sortlist, int *nsort,
                           const char *str)
 {
@@ -856,6 +864,7 @@ static int config_sortlist(struct apattern **sortlist, int *nsort,

  return ARES_SUCCESS;
 }
+#endif

 static int set_search(ares_channel channel, const char *str)
 {
@@ -937,6 +946,7 @@ static int set_options(ares_channel channel, const char *str)
  return ARES_SUCCESS;
 }

+#ifndef WIN32
 static char *try_config(char *s, const char *opt)
 {
  size_t len;
@@ -950,12 +960,15 @@ static char *try_config(char *s, const char *opt)
  return s;
 }

+#endif
+
 static const char *try_option(const char *p, const char *q, const char *opt)
 {
  size_t len = strlen(opt);
  return ((size_t)(q - p) > len && !strncmp(p, opt, len)) ? &p[len] : NULL;
 }

+#ifndef WIN32
 static int ip_addr(const char *s, int len, struct in_addr *addr)
 {
  char ipbuf[16];
@@ -991,3 +1004,4 @@ static void natural_mask(struct apattern *pat)
  else
    pat->mask.s_addr = htonl(IN_CLASSC_NET);
 }
+#endif
--- a/ares/ares_parse_aaaa_reply.3
+++ b/ares/ares_parse_aaaa_reply.3
@@ -0,0 +1,64 @@
+.\" $Id$
+.\"
+.\" Copyright 2005 by Dominick Meglio.
+.\"
+.\" Permission to use, copy, modify, and distribute this
+.\" software and its documentation for any purpose and without
+.\" fee is hereby granted, provided that the above copyright
+.\" notice appear in all copies and that both that copyright
+.\" notice and this permission notice appear in supporting
+.\" documentation, and that the name of M.I.T. not be used in
+.\" advertising or publicity pertaining to distribution of the
+.\" software without specific, written prior permission.
+.\" M.I.T. makes no representations about the suitability of
+.\" this software for any purpose.  It is provided "as is"
+.\" without express or implied warranty.
+.\"
+.TH ARES_PARSE_AAAA_REPLY 3 "10 March 2005"
+.SH NAME
+ares_parse_aaaa_reply \- Parse a reply to a DNS query of type AAAA into a hostent
+.SH SYNOPSIS
+.nf
+.B #include <ares.h>
+.PP
+.B int ares_parse_aaaa_reply(const unsigned char *\fIabuf\fP, int \fIalen\fP,
+.B 	struct hostent **\fIhost\fP);
+.fi
+.SH DESCRIPTION
+The
+.B ares_parse_aaaa_reply
+function parses the response to a query of type AAAA into a
+.BR "struct hostent" .
+The parameters
+.I abuf
+and
+.I alen
+give the contents of the response.  The result is stored in allocated
+memory and a pointer to it stored into the variable pointed to by
+.IR host .
+It is the caller's responsibility to free the resulting host structure
+using
+.BR ares_free_hostent (3)
+when it is no longer needed.
+.SH RETURN VALUES
+.B ares_parse_aaaa_reply
+can return any of the following values:
+.TP 15
+.B ARES_SUCCESS
+The response was successfully parsed.
+.TP 15
+.B ARES_EBADRESP
+The response was malformatted.
+.TP 15
+.B ARES_ENODATA
+The response did not contain an answer to the query.
+.TP 15
+.B ARES_ENOMEM
+Memory was exhausted.
+.SH SEE ALSO
+.BR ares_gethostbyname (3),
+.BR ares_free_hostent (3)
+.SH AUTHOR
+Dominick Meglio
+.br
+Copyright 2005 by Dominick Meglio.
--- a/ares/ares_parse_aaaa_reply.c
+++ b/ares/ares_parse_aaaa_reply.c
@@ -0,0 +1,173 @@
+/* Copyright 2005 Dominick Meglio
+ *
+ * Permission to use, copy, modify, and distribute this
+ * software and its documentation for any purpose and without
+ * fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright
+ * notice and this permission notice appear in supporting
+ * documentation, and that the name of M.I.T. not be used in
+ * advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is"
+ * without express or implied warranty.
+ */
+
+#include "setup.h"
+#include <sys/types.h>
+
+#if defined(WIN32) && !defined(WATT32)
+#include "nameser.h"
+#else
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+#include <arpa/nameser.h>
+#endif
+
+#include <stdlib.h>
+#include <string.h>
+#include "ares.h"
+#include "ares_dns.h"
+#include "ares_private.h"
+
+int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
+                       struct hostent **host)
+{
+  unsigned int qdcount, ancount;
+  int status, i, rr_type, rr_class, rr_len, naddrs;
+  int naliases;
+  long len;
+  const unsigned char *aptr;
+  char *hostname, *rr_name, *rr_data, **aliases;
+  struct in6_addr *addrs;
+  struct hostent *hostent;
+
+  /* Set *host to NULL for all failure cases. */
+  *host = NULL;
+
+  /* Give up if abuf doesn't have room for a header. */
+  if (alen < HFIXEDSZ)
+    return ARES_EBADRESP;
+
+  /* Fetch the question and answer count from the header. */
+  qdcount = DNS_HEADER_QDCOUNT(abuf);
+  ancount = DNS_HEADER_ANCOUNT(abuf);
+  if (qdcount != 1)
+    return ARES_EBADRESP;
+
+  /* Expand the name from the question, and skip past the question. */
+  aptr = abuf + HFIXEDSZ;
+  status = ares_expand_name(aptr, abuf, alen, &hostname, &len);
+  if (status != ARES_SUCCESS)
+    return status;
+  if (aptr + len + QFIXEDSZ > abuf + alen)
+    {
+      free(hostname);
+      return ARES_EBADRESP;
+    }
+  aptr += len + QFIXEDSZ;
+
+  /* Allocate addresses and aliases; ancount gives an upper bound for both. */
+  addrs = malloc(ancount * sizeof(struct in6_addr));
+  if (!addrs)
+    {
+      free(hostname);
+      return ARES_ENOMEM;
+    }
+  aliases = malloc((ancount + 1) * sizeof(char *));
+  if (!aliases)
+    {
+      free(hostname);
+      free(addrs);
+      return ARES_ENOMEM;
+    }
+  naddrs = 0;
+  naliases = 0;
+
+  /* Examine each answer resource record (RR) in turn. */
+  for (i = 0; i < (int)ancount; i++)
+    {
+      /* Decode the RR up to the data field. */
+      status = ares_expand_name(aptr, abuf, alen, &rr_name, &len);
+      if (status != ARES_SUCCESS)
+        break;
+      aptr += len;
+      if (aptr + RRFIXEDSZ > abuf + alen)
+        {
+          status = ARES_EBADRESP;
+          break;
+        }
+      rr_type = DNS_RR_TYPE(aptr);
+      rr_class = DNS_RR_CLASS(aptr);
+      rr_len = DNS_RR_LEN(aptr);
+      aptr += RRFIXEDSZ;
+
+      if (rr_class == C_IN && rr_type == T_AAAA
+          && rr_len == sizeof(struct in6_addr)
+          && strcasecmp(rr_name, hostname) == 0)
+        {
+          memcpy(&addrs[naddrs], aptr, sizeof(struct in6_addr));
+          naddrs++;
+          status = ARES_SUCCESS;
+        }
+
+      if (rr_class == C_IN && rr_type == T_CNAME)
+        {
+          /* Record the RR name as an alias. */
+          aliases[naliases] = rr_name;
+          naliases++;
+
+          /* Decode the RR data and replace the hostname with it. */
+          status = ares_expand_name(aptr, abuf, alen, &rr_data, &len);
+          if (status != ARES_SUCCESS)
+            break;
+          free(hostname);
+          hostname = rr_data;
+        }
+      else
+        free(rr_name);
+
+      aptr += rr_len;
+      if (aptr > abuf + alen)
+        {
+          status = ARES_EBADRESP;
+          break;
+        }
+    }
+
+  if (status == ARES_SUCCESS && naddrs == 0)
+    status = ARES_ENODATA;
+  if (status == ARES_SUCCESS)
+    {
+      /* We got our answer.  Allocate memory to build the host entry. */
+      aliases[naliases] = NULL;
+      hostent = malloc(sizeof(struct hostent));
+      if (hostent)
+        {
+          hostent->h_addr_list = malloc((naddrs + 1) * sizeof(char *));
+          if (hostent->h_addr_list)
+            {
+              /* Fill in the hostent and return successfully. */
+              hostent->h_name = hostname;
+              hostent->h_aliases = aliases;
+              hostent->h_addrtype = AF_INET6;
+              hostent->h_length = sizeof(struct in6_addr);
+              for (i = 0; i < naddrs; i++)
+                hostent->h_addr_list[i] = (char *) &addrs[i];
+              hostent->h_addr_list[naddrs] = NULL;
+              *host = hostent;
+              return ARES_SUCCESS;
+            }
+          free(hostent);
+        }
+      status = ARES_ENOMEM;
+    }
+  for (i = 0; i < naliases; i++)
+    free(aliases[i]);
+  free(aliases);
+  free(addrs);
+  free(hostname);
+  return status;
+}
--- a/ares/ares_private.h
+++ b/ares/ares_private.h
@@ -164,9 +164,5 @@ int ares__read_line(FILE *fp, char **buf, int *bufsize);
   libcurl lowlevel code from within library is ugly and only works when
   c-ares is built and linked with a similarly debug-build libcurl, but we do
   this anyway for convenience. */
-#ifndef CURL_EXTERN
-/* ugly hack to make this compile */
-#define CURL_EXTERN
-#endif
 #include "../lib/memdebug.h"
 #endif
--- a/ares/ares_process.c
+++ b/ares/ares_process.c
@@ -465,8 +465,12 @@ void ares__send_query(ares_channel channel, struct query *query, time_t now)

 static int open_tcp_socket(ares_channel channel, struct server_state *server)
 {
-  ares_socket_t s;
+#if defined(WIN32)
+  u_long flags;
+#else
  int flags;
+#endif
+  ares_socket_t s;
  struct sockaddr_in sockin;

  /* Acquire a socket. */
--- a/ares/configure.ac
+++ b/ares/configure.ac
@@ -41,6 +41,10 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
    dnl Checks for standard header files, to make memdebug.h inclusions bettter
    AC_HEADER_STDC

+    dnl the entire --enable-debug is a hack that lives and runs on top of
+    dnl libcurl stuff so this BUILDING_LIBCURL is not THAT much uglier
+    AC_DEFINE(BUILDING_LIBCURL, 1, [when building as static part of libcurl])
+
    CPPFLAGS="$CPPFLAGS -DCURLDEBUG -I$srcdir/../include"
    CFLAGS="$CFLAGS -g" 

@@ -61,6 +65,59 @@ AC_CHECK_HEADERS(
       sys/time.h \
       sys/select.h \
       sys/socket.h \
-       )
+       winsock.h \
+       netinet/in.h \
+  )
+
+dnl check for AF_INET6
+CARES_CHECK_CONSTANT(
+  [
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_WINSOCK_H
+#include <winsock.h>
+#endif
+
+  ], [PF_INET6], 
+     AC_DEFINE_UNQUOTED(HAVE_PF_INET6,1,[Define to 1 if you have PF_INET6.])
+)
+
+dnl check for PF_INET6
+CARES_CHECK_CONSTANT(
+  [
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#ifdef HAVE_WINSOCK_H
+#include <winsock.h>
+#endif
+
+  ], [AF_INET6], 
+     AC_DEFINE_UNQUOTED(HAVE_AF_INET6,1,[Define to 1 if you have AF_INET6.])
+)
+
+
+dnl check for the in6_addr structure
+CARES_CHECK_STRUCT(
+  [
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_WINSOCK_H
+#include <winsock.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+  ], [in6_addr], 
+     AC_DEFINE_UNQUOTED(HAVE_STRUCT_IN6_ADDR,1,[Define to 1 if you have struct in6_addr.])
+)

 AC_OUTPUT(Makefile)
--- a/ares/setup.h
+++ b/ares/setup.h
@@ -1,7 +1,7 @@
 #ifndef ARES_SETUP_H
 #define ARES_SETUP_H

-/* Copyright (C) 2004 by Daniel Stenberg et al
+/* Copyright (C) 2004 - 2005 by Daniel Stenberg et al
 *
 * Permission to use, copy, modify, and distribute this software and its
 * documentation for any purpose and without fee is hereby granted, provided
@@ -45,11 +45,11 @@ typedef int ares_socket_t;
 /* Assume a few thing unless they're set by configure
 */
 #if !defined(HAVE_SYS_TIME_H) && !defined(_MSC_VER)
-#define HAVE_SYS_TIME_H  
+#define HAVE_SYS_TIME_H
 #endif

 #if !defined(HAVE_UNISTD_H) && !defined(_MSC_VER)
-#define HAVE_UNISTD_H 
+#define HAVE_UNISTD_H 1
 #endif

 #if !defined(HAVE_SYS_UIO_H) && !defined(WIN32) && !defined(MSDOS)
@@ -69,4 +69,24 @@ int ares_strcasecmp(const char *s1, const char *s2);
 #define strcasecmp(a,b) ares_strcasecmp(a,b)
 #endif

+/* IPv6 compatibility */
+#if !defined(HAVE_AF_INET6)
+#if defined(HAVE_PF_INET6)
+#define AF_INET6 PF_INET6
+#else
+#define AF_INET6 AF_MAX+1
+#endif
+#endif
+
+#ifndef HAVE_PF_INET6
+#define PF_INET6 AF_INET6
+#endif
+
+#ifndef HAVE_STRUCT_IN6_ADDR
+struct in6_addr
+{
+  unsigned char s6_addr[16];
+};
+#endif
+
 #endif /* ARES_SETUP_H */
--- a/ares/vc/adig/adig.mak
+++ b/ares/vc/adig/adig.mak
@@ -185,24 +185,24 @@ SOURCE=..\..\getopt.c
 !IF  "$(CFG)" == "adig - Win32 Release"

 "areslib - Win32 Release" : 
-   cd "\ARES-1.1.1\vc\areslib"
+   cd "..\areslib"
   $(MAKE) /$(MAKEFLAGS) /F ".\areslib.mak" CFG="areslib - Win32 Release" 
   cd "..\adig"

 "areslib - Win32 ReleaseCLEAN" : 
-   cd "\ARES-1.1.1\vc\areslib"
+   cd "..\areslib"
   $(MAKE) /$(MAKEFLAGS) /F ".\areslib.mak" CFG="areslib - Win32 Release" RECURSE=1 CLEAN 
   cd "..\adig"

 !ELSEIF  "$(CFG)" == "adig - Win32 Debug"

 "areslib - Win32 Debug" : 
-   cd "\ARES-1.1.1\vc\areslib"
+   cd "..\areslib"
   $(MAKE) /$(MAKEFLAGS) /F ".\areslib.mak" CFG="areslib - Win32 Debug" 
   cd "..\adig"

 "areslib - Win32 DebugCLEAN" : 
-   cd "\ARES-1.1.1\vc\areslib"
+   cd "..\areslib"
   $(MAKE) /$(MAKEFLAGS) /F ".\areslib.mak" CFG="areslib - Win32 Debug" RECURSE=1 CLEAN 
   cd "..\adig"

--- a/ares/vc/ahost/ahost.mak
+++ b/ares/vc/ahost/ahost.mak
@@ -195,24 +195,24 @@ SOURCE=..\..\ahost.c
 !IF  "$(CFG)" == "ahost - Win32 Release"

 "areslib - Win32 Release" : 
-   cd "\ARES-1.1.1\vc\areslib"
+   cd "..\areslib"
   $(MAKE) /$(MAKEFLAGS) /F ".\areslib.mak" CFG="areslib - Win32 Release" 
   cd "..\ahost"

 "areslib - Win32 ReleaseCLEAN" : 
-   cd "\ARES-1.1.1\vc\areslib"
+   cd "..\areslib"
   $(MAKE) /$(MAKEFLAGS) /F ".\areslib.mak" CFG="areslib - Win32 Release" RECURSE=1 CLEAN 
   cd "..\ahost"

 !ELSEIF  "$(CFG)" == "ahost - Win32 Debug"

 "areslib - Win32 Debug" : 
-   cd "\ARES-1.1.1\vc\areslib"
+   cd "..\areslib"
   $(MAKE) /$(MAKEFLAGS) /F ".\areslib.mak" CFG="areslib - Win32 Debug" 
   cd "..\ahost"

 "areslib - Win32 DebugCLEAN" : 
-   cd "\ARES-1.1.1\vc\areslib"
+   cd "..\areslib"
   $(MAKE) /$(MAKEFLAGS) /F ".\areslib.mak" CFG="areslib - Win32 Debug" RECURSE=1 CLEAN 
   cd "..\ahost"

--- a/configure.ac
+++ b/configure.ac
@@ -66,6 +66,7 @@ dnl initialize all the info variables
    curl_idn_msg="no      (--with-libidn)"
 curl_manual_msg="no      (--enable-manual)"
 curl_verbose_msg="enabled (--disable-verbose)"
+   curl_sspi_msg="no      (--enable-sspi)"

 dnl
 dnl Detect the canonical host and target build environment
@@ -116,6 +117,17 @@ esac
 AC_MSG_RESULT($mimpure)
 AM_CONDITIONAL(MIMPURE, test x$mimpure = xyes)

+AC_MSG_CHECKING([if we need BUILDING_LIBCURL])
+case $host in
+  *-*-mingw*)
+    AC_DEFINE(BUILDING_LIBCURL, 1, [when building libcurl itself])
+    AC_MSG_RESULT(yes)
+    ;;
+  *)
+    AC_MSG_RESULT(no)
+    ;;
+esac
+
 dnl The install stuff has already been taken care of by the automake stuff
 dnl AC_PROG_INSTALL
 AC_PROG_MAKE_SET
@@ -306,6 +318,7 @@ then
  AC_TRY_LINK([#include <winsock2.h>],
               [gethostbyname("www.dummysite.com");],
               [ dnl worked!
+               ws2="yes"
               AC_MSG_RESULT([yes])
               HAVE_GETHOSTBYNAME="1"],
               [ dnl failed, restore LIBS
@@ -360,6 +373,55 @@ AC_HELP_STRING([--enable-libgcc],[use libgcc when linking]),
       AC_MSG_RESULT(no)
 )

+dnl **********************************************************************
+dnl Check for the name of dynamic OpenLDAP libraries
+dnl **********************************************************************
+
+LDAPLIBNAME=""
+AC_ARG_WITH(ldap-lib,
+AC_HELP_STRING([--with-ldap-lib=libname],[Specify name of dynamic ldap lib file]),
+ [LDAPLIBNAME="$withval"])
+
+LBERLIBNAME=""
+AC_ARG_WITH(lber-lib,
+AC_HELP_STRING([--with-lber-lib=libname],[Specify name of dynamic lber lib file]),
+ [LBERLIBNAME="$withval"])
+
+if test x$CURL_DISABLE_LDAP != x1 ; then
+
+  if test -z "$LDAPLIBNAME" ; then
+    case $host in
+      *-*-cygwin | *-*-mingw* | *-*-pw32*)
+        dnl Windows uses a single and unique OpenLDAP DLL name
+        LDAPLIBNAME="wldap32.dll"
+        LBERLIBNAME="no"
+        ;;
+    esac
+  fi
+
+  if test "$LDAPLIBNAME" ; then
+    AC_DEFINE_UNQUOTED(DL_LDAP_FILE, "$LDAPLIBNAME")
+    AC_MSG_CHECKING([name of dynamic library ldap])
+    AC_MSG_RESULT($LDAPLIBNAME)
+  else
+    dnl Try to find the right ldap library name for this system
+    CURL_DLLIB_NAME(DL_LDAP_FILE, ldap)
+  fi
+
+  if test "$LBERLIBNAME" ; then
+    dnl If name is "no" then don't define this variable at all
+    dnl (it's only needed if libldap.so's dependencies are broken).
+    if test "$LBERLIBNAME" != "no" ; then 
+      AC_DEFINE_UNQUOTED(DL_LBER_FILE, "$LBERLIBNAME")
+    fi
+    AC_MSG_CHECKING([name of dynamic library lber])
+    AC_MSG_RESULT($LBERLIBNAME)
+  else
+    dnl Try to find the right lber library name for this system
+    CURL_DLLIB_NAME(DL_LBER_FILE, lber)
+  fi
+fi
+
 dnl **********************************************************************
 dnl Check for the presence of the winmm library.
 dnl **********************************************************************
@@ -748,13 +810,29 @@ else
    fi
  fi

+  dnl This is for Msys/Mingw
+  AC_MSG_CHECKING([for gdi32])
+  my_ac_save_LIBS=$LIBS
+  LIBS="-lgdi32 $LIBS"
+  AC_TRY_LINK([#include <windef.h>
+               #include <wingdi.h>],
+               [GdiFlush();],
+               [ dnl worked!
+               AC_MSG_RESULT([yes])],
+               [ dnl failed, restore LIBS
+               LIBS=$my_ac_save_LIBS
+               AC_MSG_RESULT(no)]
+              )
+
  AC_CHECK_LIB(crypto, CRYPTO_lock,[
     HAVECRYPTO="yes"
+     LIBS="-lcrypto $LIBS"
     ],[
     LDFLAGS="$CLEANLDFLAGS -L$EXTRA_SSL/lib$libsuff"
     CPPFLAGS="$CLEANCPPFLAGS -I$EXTRA_SSL/include/openssl -I$EXTRA_SSL/include"
     AC_CHECK_LIB(crypto, CRYPTO_add_lock,[
-       HAVECRYPTO="yes" ], [
+       HAVECRYPTO="yes"
+       LIBS="-lcrypto $LIBS"], [
       LDFLAGS="$CLEANLDFLAGS"
       CPPFLAGS="$CLEANCPPFLAGS"
       LIBS="$CLEANLIBS"
@@ -769,21 +847,6 @@ else
    dnl This is only reasonable to do if crypto actually is there: check for
    dnl SSL libs NOTE: it is important to do this AFTER the crypto lib

-    dnl This is for Msys/Mingw
-    AC_MSG_CHECKING([for gdi32])
-    my_ac_save_LIBS=$LIBS
-    LIBS="-lgdi32 $LIBS"
-    AC_TRY_LINK([#include <windef.h>
-                 #include <wingdi.h>],
-               [GdiFlush();],
-               [ dnl worked!
-               AC_MSG_RESULT([yes])],
-               [ dnl failed, restore LIBS
-               LIBS=$my_ac_save_LIBS
-               AC_MSG_RESULT(no)]
-              )
-
-    AC_CHECK_LIB(crypto, CRYPTO_add_lock)
    AC_CHECK_LIB(ssl, SSL_connect)

    if test "$ac_cv_lib_ssl_SSL_connect" != yes; then
@@ -821,7 +884,11 @@ else

       dnl is there a pkcs12.h header present?
       AC_CHECK_HEADERS(openssl/pkcs12.h)
+    else
+       LIBS="$CLEANLIBS"
    fi
+    dnl USE_SSLEAY is the historical name for what configure calls
+    dnl OPENSSL_ENABLED; the names should really be unified
    USE_SSLEAY="$OPENSSL_ENABLED"
    AC_SUBST(USE_SSLEAY)

@@ -838,8 +905,12 @@ dnl **********************************************************************

  if test X"$OPENSSL_ENABLED" = X"1"; then
    dnl If the ENGINE library seems to be around, check for the OpenSSL engine
-    dnl header, it is kind of "separated" from the main SSL check
-    AC_CHECK_FUNC(ENGINE_init, [ AC_CHECK_HEADERS(openssl/engine.h) ])
+    dnl stuff, it is kind of "separated" from the main SSL check
+    AC_CHECK_FUNC(ENGINE_init,
+              [
+                AC_CHECK_HEADERS(openssl/engine.h)
+                AC_CHECK_FUNCS( ENGINE_load_builtin_engines )
+              ])

    AC_MSG_CHECKING([CA cert bundle install path])

@@ -926,71 +997,78 @@ dnl Check for & handle argument to --with-zlib.

 _cppflags=$CPPFLAGS
 _ldflags=$LDFLAGS
-OPT_ZLIB="/usr/local"
 AC_ARG_WITH(zlib,
 AC_HELP_STRING([--with-zlib=PATH],[search for zlib in PATH])
 AC_HELP_STRING([--without-zlib],[disable use of zlib]),
               [OPT_ZLIB="$withval"])

-case "$OPT_ZLIB" in
-  no)
-    AC_MSG_WARN([zlib disabled]) ;;
-  *)
+if test "$OPT_ZLIB" = "no" ; then
+    AC_MSG_WARN([zlib disabled])
+else
+  if test "$OPT_ZLIB" = "yes" ; then
+     OPT_ZLIB=""
+  fi
+
+  if test -z "$OPT_ZLIB" ; then
    dnl check for the lib first without setting any new path, since many
    dnl people have it in the default path

    AC_CHECK_LIB(z, inflateEnd,
                   dnl libz found, set the variable
                   [HAVE_LIBZ="1"],
-                   dnl if no lib found, try to add the given library
-                   [if test -d "$OPT_ZLIB"; then
-                      CPPFLAGS="$CPPFLAGS -I$OPT_ZLIB/include"
-                      LDFLAGS="$LDFLAGS -L$OPT_ZLIB/lib$libsuff"
-                   fi])
+                   dnl if no lib found, try /usr/local
+                   [OPT_ZLIB="/usr/local"])

-    AC_CHECK_HEADER(zlib.h,
-      [
-      dnl zlib.h was found
-      HAVE_ZLIB_H="1"
-      dnl if the lib wasn't found already, try again with the new paths
-      if test "$HAVE_LIBZ" != "1"; then
-        AC_CHECK_LIB(z, gzread,
-                     [
-                     dnl the lib was found!
-                     HAVE_LIBZ="1"
-                     ],
-                     [ CPPFLAGS=$_cppflags
-                     LDFLAGS=$_ldflags])
-      fi
-      ],
-      [
-        dnl zlib.h was not found, restore the flags
-        CPPFLAGS=$_cppflags
-        LDFLAGS=$_ldflags]
-      )
+  fi

-    if test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" != "1"
-    then
-      AC_MSG_WARN([configure found only the libz lib, not the header file!])
-    elif test "$HAVE_LIBZ" != "1" && test "$HAVE_ZLIB_H" = "1"
-    then
-      AC_MSG_WARN([configure found only the libz header file, not the lib!])
-    elif test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" = "1"
-    then
-      dnl both header and lib were found!
-      AC_SUBST(HAVE_LIBZ)
-      AC_DEFINE(HAVE_ZLIB_H, 1, [if you have the zlib.h header file])
-      AC_DEFINE(HAVE_LIBZ, 1, [if zlib is available])
+  dnl Add a nonempty path to the compiler flags
+  if test -n "$OPT_ZLIB"; then
+     CPPFLAGS="$CPPFLAGS -I$OPT_ZLIB/include"
+     LDFLAGS="$LDFLAGS -L$OPT_ZLIB/lib$libsuff"
+  fi

-      LIBS="$LIBS -lz"
-
-      dnl replace 'HAVE_LIBZ' in the automake makefile.ams
-      AMFIXLIB="1"
-      AC_MSG_NOTICE([found both libz and libz.h header])
-      curl_zlib_msg="enabled"
+  AC_CHECK_HEADER(zlib.h,
+    [
+    dnl zlib.h was found
+    HAVE_ZLIB_H="1"
+    dnl if the lib wasn't found already, try again with the new paths
+    if test "$HAVE_LIBZ" != "1"; then
+      AC_CHECK_LIB(z, gzread,
+                   [
+                   dnl the lib was found!
+                   HAVE_LIBZ="1"
+                   ],
+                   [ CPPFLAGS=$_cppflags
+                   LDFLAGS=$_ldflags])
    fi
-    ;;
-esac
+    ],
+    [
+      dnl zlib.h was not found, restore the flags
+      CPPFLAGS=$_cppflags
+      LDFLAGS=$_ldflags]
+    )
+
+  if test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" != "1"
+  then
+    AC_MSG_WARN([configure found only the libz lib, not the header file!])
+  elif test "$HAVE_LIBZ" != "1" && test "$HAVE_ZLIB_H" = "1"
+  then
+    AC_MSG_WARN([configure found only the libz header file, not the lib!])
+  elif test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" = "1"
+  then
+    dnl both header and lib were found!
+    AC_SUBST(HAVE_LIBZ)
+    AC_DEFINE(HAVE_ZLIB_H, 1, [if you have the zlib.h header file])
+    AC_DEFINE(HAVE_LIBZ, 1, [if zlib is available])
+
+    LIBS="$LIBS -lz"
+
+    dnl replace 'HAVE_LIBZ' in the automake makefile.ams
+    AMFIXLIB="1"
+    AC_MSG_NOTICE([found both libz and libz.h header])
+    curl_zlib_msg="enabled"
+  fi
+fi

 dnl set variable for use in automakefile(s)
 AM_CONDITIONAL(HAVE_LIBZ, test x"$AMFIXLIB" = x1)
@@ -1033,6 +1111,7 @@ case "$LIBIDN" in

       if test "x$idn" = "xyes"; then
         curl_idn_msg="enabled"
+         AC_SUBST(IDN_ENABLED, [1])
         dnl different versions of libidn have different setups of these:
         AC_CHECK_FUNCS( idn_free idna_strerror tld_strerror)
         AC_CHECK_HEADERS( idn-free.h tld.h )
@@ -1254,7 +1333,6 @@ AC_CHECK_FUNCS( strtoll \
                strdup \
                strstr \
                strtok_r \
-                strftime \
                uname \
                strcasecmp \
                stricmp \
@@ -1504,6 +1582,28 @@ AC_HELP_STRING([--disable-verbose],[Disable verbose strings]),
       AC_MSG_RESULT(yes)
 )

+dnl ************************************************************
+dnl enable SSPI support
+dnl
+AC_MSG_CHECKING([whether to enable SSPI support (win32 builds only)])
+AC_ARG_ENABLE(sspi,
+AC_HELP_STRING([--enable-sspi],[Enable SSPI])
+AC_HELP_STRING([--disable-sspi],[Disable SSPI]),
+[ case "$enableval" in
+  yes)
+       AC_MSG_RESULT(yes)
+       AC_DEFINE(USE_WINDOWS_SSPI, 1, [to enable SSPI support])
+       AC_SUBST(USE_WINDOWS_SSPI)
+       LIBS="$LIBS -lsecur32"
+       curl_sspi_msg="yes"
+       ;;
+  *)
+       AC_MSG_RESULT(no)
+       ;;
+  esac ],
+       AC_MSG_RESULT(no)
+)
+
 dnl ************************************************************
 dnl lame option to switch on debug options
 dnl
@@ -1567,6 +1667,17 @@ AC_HELP_STRING([--disable-cookies],[Disable cookies support]),
       AC_MSG_RESULT(yes)
 )

+if test "x$ws2" = "xyes"; then
+
+  dnl If ws2_32 is wanted, make sure it is the _last_ lib in LIBS (makes
+  dnl things work when built with c-ares). But we can't just move it last
+  dnl since then other stuff (SSL) won't build. So we simply append it to the
+  dnl end.
+
+  LIBS="$LIBS -lws2_32"
+
+fi
+
 AM_CONDITIONAL(CROSSCOMPILING, test x$cross_compiling = xyes)

 AC_CONFIG_FILES([Makefile \
@@ -1615,4 +1726,5 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
  Build libcurl:   Shared=${enable_shared}, Static=${enable_static} 
  Built-in manual: ${curl_manual_msg}
  Verbose errors:  ${curl_verbose_msg}
+  SSPI support:    ${curl_sspi_msg}
 ])
--- a/curl-config.in
+++ b/curl-config.in
@@ -60,6 +60,7 @@ while test $# -gt 0; do
    --feature|--features)
 	if test "@USE_SSLEAY@" = "1"; then
          echo "SSL"
+          NTLM=1
        fi
 	if test "@KRB4_ENABLED@" = "1"; then
          echo "KRB4"
@@ -73,6 +74,16 @@ while test $# -gt 0; do
 	if test "@HAVE_ARES@" = "1"; then
          echo "AsynchDNS"
        fi
+	if test "@IDN_ENABLED@" = "1"; then
+          echo "IDN"
+        fi
+	if test "@USE_WINDOWS_SSPI@" = "1"; then
+          echo "SSPI"
+          NTLM=1
+        fi
+	if test "$NTLM" = "1"; then
+          echo "NTLM"
+        fi
 	;;

    --protocols)
--- a/docs/BINDINGS
+++ b/docs/BINDINGS
@@ -75,6 +75,11 @@ Java
  Maintained by Vic Hanson
  http://curl.haxx.se/libcurl/java/

+Lisp
+
+  Written by Liam Healy
+  http://common-lisp.net/project/cl-curl/
+
 Lua

  Written by Steve Dekorte
@@ -87,8 +92,8 @@ Mono

 .NET

-  Written by Jeffrey Phillips
-  http://www.seasideresearch.com/downloads.html
+  libcurl-net Written by Jeffrey Phillips
+  http://sourceforge.net/projects/libcurl-net/

 Object-Pascal

@@ -150,6 +155,11 @@ Tcl
  Tclcurl is written by Andr<64>s Garc<72>a
  http://personal1.iddeo.es/andresgarci/tclcurl/english/docs.html

+Visual Basic
+
+  libcurl-vb is written by Jeffrey Phillips
+  http://sourceforge.net/projects/libcurl-vb/
+
 Q

  http://q-lang.sourceforge.net/
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,6 +3,21 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!

+22. Sending files to a FTP server using curl on VMS, might lead to curl
+  complaining on "unaligned file size" on completion. The problem is related
+  to VMS file structures and the perceived file sizes stat() returns. A
+  possible fix would involve sending a "STRU VMS" command.
+  http://sourceforge.net/support/tracker.php?aid=1156287
+  
+21. FTP ASCII transfers do not follow RFC959. They don't convert the data
+   accordingly (not for sending nor for receiving). RFC 959 section 3.1.1.1
+   clearly describes how this should be done:
+
+     The sender converts the data from an internal character representation to
+     the standard 8-bit NVT-ASCII representation (see the Telnet
+     specification).  The receiver will convert the data from the standard
+     form to his own internal form.
+
 20. valgrind errors occur too often when 'make test' is used. It is because
  too many third-party libs and tools have problems. When curl is built
  without --disable-shared, the testing is done with a front-end script which
@@ -91,7 +106,3 @@ may have been fixed since this was written!
  and havoc is what happens.
  More details on this is found in this libcurl mailing list thread:
  http://curl.haxx.se/mail/lib-2002-08/0000.html
-
-1. LDAP support requires that not only the OpenLDAP shared libraries be
-   present at run time, but the development libraries (liblber.so and
-   libldap.so) as well (not applicable to Windows).
--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -299,6 +299,13 @@ POST (HTTP)

        curl -F "docpicture=@dog.gif" -F "catpicture=@cat.gif" 

+  To send a field value literally without interpreting a leading '@'
+  or '<', or an embedded ';type=', use --form-string instead of
+  -F. This is recommended when the value is obtained from a user or
+  some other unpredictable source. Under these circumstances, using
+  -F instead of --form-string would allow a user to trick curl into
+  uploading a file.
+
 REFERRER

  A HTTP request has the option to include information about which address
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -21,7 +21,7 @@
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH curl 1 "25 Jan 2005" "Curl 7.13.0" "Curl Manual"
+.TH curl 1 "29 Mar 2005" "Curl 7.13.2" "Curl Manual"
 .SH NAME
 curl \- transfer a URL
 .SH SYNOPSIS
@@ -267,7 +267,7 @@ If this option is used several times, the last one will be used.
 be set with the \fI-H/--header\fP flag of course.  When used with
 \fI-L/--location\fP you can append ";auto" to the referer URL to make curl
 automatically set the previous URL when it follows a Location: header. The
-";auto" string can be used alone, even if you don't set an initial referer.
+\&";auto" string can be used alone, even if you don't set an initial referer.

 If this option is used several times, the last one will be used.
 .IP "--engine <name>"
@@ -343,7 +343,7 @@ will instead attempt to create missing directories. (Added in 7.10.7)

 If this option is used twice, the second will again disable silent failure.
 .IP "--ftp-pasv"
-(FTP) Use PASV when transfering. PASV is the internal default behavior, but
+(FTP) Use PASV when transferring. PASV is the internal default behavior, but
 using this option can be used to override a previous --ftp-port option. (Added
 in 7.11.0)

@@ -380,9 +380,20 @@ or

 \fBcurl\fP -F "name=daniel;type=text/foo" url.com

+You can also explicitly change the name field of an file upload part by
+setting filename=, like this:
+
+\fBcurl\fP -F "file=@localfile;filename=nameinpost" url.com
+
 See further examples and details in the MANUAL.

 This option can be used multiple times.
+.IP "--form-string <name=string>"
+(HTTP) Similar to \fI--form\fP except that the value string for the named
+parameter is used literally. Leading \&'@' and \&'<' characters, and the
+\&';type=' string in the value have no special meaning. Use this in preference
+to \fI--form\fP if there's any possibility that the string value may
+accidentally trigger the \&'@' or \&'<' features of \fI--form\fP.
 .IP "-g/--globoff"
 This option switches off the "URL globbing parser". When you set this option,
 you can specify URLs that contain the letters {}[] without having them being
@@ -636,6 +647,13 @@ You may use this option as many times as you have number of URLs.
 (SSL) Pass phrase for the private key

 If this option is used several times, the last one will be used.
+.IP "--proxy-anyauth"
+Tells curl to pick a suitable authentication method when communicating with
+the given proxy. This will cause an extra request/response round-trip. Added
+in curl 7.13.2.
+
+If this option is used twice, the second will again disable the proxy use-any
+authentication.
 .IP "--proxy-basic"
 Tells curl to use HTTP Basic authentication when communicating with the given
 proxy. Use \fI--basic\fP for enabling HTTP Basic with a remote host. Basic is
@@ -684,7 +702,7 @@ instead of PORT by using \fI--disable-eprt\fP. EPRT is really PORT++.
 .IP "-q"
 If used as the first parameter on the command line, the \fI$HOME/.curlrc\fP
 file will not be read and used as a config file.
-.IP "-Q/--quote <comand>"
+.IP "-Q/--quote <command>"
 (FTP) Send an arbitrary command to the remote FTP server. Quote commands are
 sent BEFORE the transfer is taking place (just after the initial PWD command
 to be exact). To make commands take place after a successful transfer, prefix
--- a/docs/examples/htmltitle.cc
+++ b/docs/examples/htmltitle.cc
@@ -131,7 +131,7 @@ static bool init(CURL *&conn, char *url)
 //  libxml start element callback function
 //

-static void startElement(void *voidContext,
+static void StartElement(void *voidContext,
                         const xmlChar *name,
                         const xmlChar **attributes)
 {
@@ -148,7 +148,7 @@ static void startElement(void *voidContext,
 //  libxml end element callback function
 //

-static void endElement(void *voidContext,
+static void EndElement(void *voidContext,
                       const xmlChar *name)
 {
  Context *context = (Context *)voidContext;
@@ -173,7 +173,7 @@ static void handleCharacters(Context *context,
 //  libxml PCDATA callback function
 //

-static void characters(void *voidContext,
+static void Characters(void *voidContext,
                       const xmlChar *chars,
                       int length)
 {
@@ -215,10 +215,10 @@ static htmlSAXHandler saxHandler =
  NULL,
  NULL,
  NULL,
-  startElement,
-  endElement,
+  StartElement,
+  EndElement,
  NULL,
-  characters,
+  Characters,
  NULL,
  NULL,
  NULL,
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -617,9 +617,9 @@ name of your file holding cookie data to read. The cookie data may be in
 Netscape / Mozilla cookie data format or just regular HTTP-style headers
 dumped to a file.

-Given an empty or non-existing file, this option will enable cookies for this
-curl handle, making it understand and parse received cookies and then use
-matching cookies in future request.
+Given an empty or non-existing file or by passing the empty string (""), this
+option will enable cookies for this curl handle, making it understand and
+parse received cookies and then use matching cookies in future request.
 .IP CURLOPT_COOKIEJAR
 Pass a file name as char *, zero terminated. This will make libcurl write all
 internally known cookies to the specified file when \fIcurl_easy_cleanup(3)\fP
--- a/docs/libcurl/curl_getdate.3
+++ b/docs/libcurl/curl_getdate.3
@@ -41,9 +41,9 @@ general you should instead use the specific relative time compared to
 UTC. Supported formats include: -1200, MST, +0100.
 .TP
 .B day of the week items
-Specifies a day of the week. Days of the week may be spelled out in full:
-`Sunday', `Monday', etc or they may be abbreviated to their first three
-letters. This is usually not info that adds anything.
+Specifies a day of the week. Days of the week may be spelled out in full
+(using english): `Sunday', `Monday', etc or they may be abbreviated to their
+first three letters. This is usually not info that adds anything.
 .TP
 .B pure numbers
 If a decimal number of the form YYYYMMDD appears, then YYYY is read as the
@@ -85,7 +85,12 @@ This function returns -1 when it fails to parse the date string. Otherwise it
 returns the number of seconds as described.

 If the year is larger than 2037 on systems with 32 bit time_t, this function
-will return 0x7fffffff (since that is the largest possible 31 bit number).
+will return 0x7fffffff (since that is the largest possible signed 32 bit
+number).
+
+Having a 64 bit time_t is not a guarantee that dates beyond 03:14:07 UTC,
+January 19, 2038 will work fine. On systems with a 64 bit time_t but with a
+crippled mktime(), \fIcurl_getdate\fP will return -1 in this case.
 .SH REWRITE
 The former version of this function was built with yacc and was not only very
 large, it was also never quite understood and it wasn't possible to build with
--- a/docs/libcurl/curl_version_info.3
+++ b/docs/libcurl/curl_version_info.3
@@ -1,8 +1,6 @@
-.\" You can view this file with:
-.\" nroff -man [file]
 .\" $Id$
 .\"
-.TH curl_version_info 3 "11 May 2004" "libcurl 7.12" "libcurl Manual"
+.TH curl_version_info 3 "11 Mar 2005" "libcurl 7.13.2" "libcurl Manual"
 .SH NAME
 curl_version_info - returns run-time libcurl version info
 .SH SYNOPSIS
@@ -73,9 +71,9 @@ supports IPv6
 .IP CURL_VERSION_KERBEROS4
 supports kerberos4 (when using FTP)
 .IP CURL_VERSION_SSL
-supports SSL (HTTPS/FTPS)
+supports SSL (HTTPS/FTPS) (Added in 7.10)
 .IP CURL_VERSION_LIBZ
-supports HTTP deflate using libz
+supports HTTP deflate using libz (Added in 7.10)
 .IP CURL_VERSION_NTLM
 supports HTTP NTLM (added in 7.10.6)
 .IP CURL_VERSION_GSSNEGOTIATE
@@ -91,10 +89,15 @@ interface. (added in 7.10.7)
 libcurl was built with support for SPNEGO authentication (Simple and Protected
 GSS-API Negotiation Mechanism, defined in RFC 2478.) (added in 7.10.8)
 .IP CURL_VERSION_LARGEFILE
-libcurl was built with support for large files.
+libcurl was built with support for large files. (Added in 7.11.1)
 .IP CURL_VERSION_IDN
 libcurl was built with support for IDNA, domain names with international
-letters.
+letters. (Added in 7.12.0)
+.IP CURL_VERSION_SSPI
+libcurl was built with support for SSPI. This is only available on Windows and
+makes libcurl use Windows-provided functions for NTLM authentication. It also
+allows libcurl to use the current user and the current user's password without
+the app having to pass them on. (Added in 7.13.2)
 .RE
 \fIssl_version\fP is an ascii string for the OpenSSL version used. If libcurl
 has no SSL support, this is NULL.
--- a/docs/libcurl/libcurl-errors.3
+++ b/docs/libcurl/libcurl-errors.3
@@ -2,7 +2,7 @@
 .\" nroff -man [file]
 .\" $Id$
 .\"
-.TH libcurl-errors 3 "27 Apr 2004" "libcurl 7.12" "libcurl errors"
+.TH libcurl-errors 3 "9 Feb 2005" "libcurl 7.13.1" "libcurl errors"
 .SH NAME
 libcurl-errors \- error codes in libcurl
 .SH DESCRIPTION
@@ -187,6 +187,13 @@ Invalid LDAP URL
 Maximum file size exceeded
 .IP "CURLE_FTP_SSL_FAILED (64)"
 Requested FTP SSL level failed
+.IP "CURLE_SEND_FAIL_REWIND (65)"
+When doing a send operation curl had to rewind the data to retransmit, but the
+rewinding operation failed
+.IP "CURLE_SSL_ENGINE_INITFAILED (66)"
+Initiating the SSL Engine failed
+.IP "CURLE_LOGIN_DENIED (67)"
+The remote server denied curl to login (Added in 7.13.1)
 .SH "CURLMcode"
 This is the generic return code used by functions in the libcurl multi
 interface. Also consider \fIcurl_multi_strerror(3)\fI.
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -245,7 +245,9 @@ typedef enum {
  CURLE_COULDNT_RESOLVE_HOST,    /* 6 */
  CURLE_COULDNT_CONNECT,         /* 7 */
  CURLE_FTP_WEIRD_SERVER_REPLY,  /* 8 */
-  CURLE_FTP_ACCESS_DENIED,       /* 9 */
+  CURLE_FTP_ACCESS_DENIED,       /* 9 a service was denied by the FTP server
+                                    due to lack of access - when login fails
+                                    this is not returned. */
  CURLE_FTP_USER_PASSWORD_INCORRECT, /* 10 */
  CURLE_FTP_WEIRD_PASS_REPLY,    /* 11 */
  CURLE_FTP_WEIRD_USER_REPLY,    /* 12 */
@@ -305,6 +307,8 @@ typedef enum {
  CURLE_SEND_FAIL_REWIND,        /* 65 - Sending the data requires a rewind
                                    that failed */
  CURLE_SSL_ENGINE_INITFAILED,   /* 66 - failed to initialise ENGINE */
+  CURLE_LOGIN_DENIED,            /* 67 - user, password or similar was not
+                                    accepted and we failed to login */
  CURL_LAST /* never use! */
 } CURLcode;

@@ -1378,6 +1382,7 @@ typedef struct {
 #define CURL_VERSION_SPNEGO    (1<<8)  /* SPNEGO auth */
 #define CURL_VERSION_LARGEFILE (1<<9)  /* supports files bigger than 2GB */
 #define CURL_VERSION_IDN       (1<<10) /* International Domain Names support */
+#define CURL_VERSION_SSPI      (1<<11) /* SSPI is supported */

 /*
 * NAME curl_version_info()
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -28,7 +28,7 @@

 /* This is the version number of the libcurl package from which this header
   file origins: */
-#define LIBCURL_VERSION "7.13.1-CVS"
+#define LIBCURL_VERSION "7.13.2-CVS"

 /* This is the numeric version of the libcurl version number, meant for easier
   parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -44,12 +44,12 @@
   always a greater number in a more recent release. It makes comparisons with
   greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x070d01
+#define LIBCURL_VERSION_NUM 0x070d02

 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBCURL_VERSION_MAJOR 7
 #define LIBCURL_VERSION_MINOR 13
-#define LIBCURL_VERSION_PATCH 1
+#define LIBCURL_VERSION_PATCH 2

 #endif /* __CURL_CURLVER_H */
--- a/include/curl/multi.h
+++ b/include/curl/multi.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -25,7 +25,7 @@ AUTOMAKE_OPTIONS = foreign nostdinc
 DSP = curllib.dsp

 EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 Makefile.riscos $(DSP)    \
- curllib.dsw config-vms.h config-win32.h config-win32ce.h config-riscos.h     \
+ curllib.dsw config-win32.h config-win32ce.h config-riscos.h     \
 config-mac.h config.h.in ca-bundle.crt README.encoding README.memoryleak     \
 README.ares README.curlx makefile.dj config.dj libcurl.framework.make	      \
 libcurl.plist libcurl.rc config-amigaos.h amigaos.c amigaos.h makefile.amiga \
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -13,8 +13,8 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
 HHEADERS = arpa_telnet.h netrc.h file.h timeval.h base64.h hostip.h	\
  progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h	\
  if2ip.h speedcheck.h urldata.h ldap.h ssluse.h escape.h telnet.h	\
-  getinfo.h strequal.h security.h krb4.h memdebug.h inet_ntoa_r.h	\
+  getinfo.h strequal.h krb4.h memdebug.h inet_ntoa_r.h \
  http_chunks.h strtok.h connect.h llist.h hash.h content_encoding.h	\
  share.h md5.h http_digest.h http_negotiate.h http_ntlm.h ca-bundle.h	\
  inet_pton.h strtoofft.h strerror.h inet_ntop.h curlx.h memory.h	\
-  setup.h transfer.h select.h easyif.h multiif.h
+  setup.h transfer.h select.h easyif.h multiif.h parsedate.h
--- a/lib/Makefile.netware
+++ b/lib/Makefile.netware
@@ -27,7 +27,7 @@ endif
 # Edit the vars below to change NLM target settings.
 TARGET  = libcurl
 VERSION	= $(LIBCURL_VERSION)
-COPYR	= Copyright (c) 1996 - 2004, Daniel Stenberg, <daniel@haxx.se>
+COPYR	= Copyright (C) 1996 - 2005, Daniel Stenberg, <daniel@haxx.se>
 DESCR	= cURL libcurl $(LIBCURL_VERSION_STR) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
@@ -336,6 +336,7 @@ config.h: Makefile.netware
 	@echo $(DL)#define SIZEOF_CURL_OFF_T 4$(DL) >> $@
 	@echo $(DL)#define STDC_HEADERS 1$(DL) >> $@
 	@echo $(DL)#define TIME_WITH_SYS_TIME 1$(DL) >> $@
+	@echo $(DL)#define CURL_DISABLE_LDAP 1$(DL) >> $@
 ifdef NW_WINSOCK
 	@echo $(DL)#define HAVE_CLOSESOCKET 1$(DL) >> $@
 else
--- a/lib/Makefile.vc6
+++ b/lib/Makefile.vc6
@@ -42,6 +42,24 @@ OPENSSL_PATH   = ../../openssl-0.9.7e
 ZLIB_PATH  = ../../zlib-1.2.1
 !ENDIF

+# USE_WINDOWS_SSPI uses windows libraries to allow NTLM authentication
+# without an openssl installation and offers the ability to authenticate
+# using the "current logged in user".  It does however require that the
+# Windows SDK be installed.
+#
+# If, for some reason the Windows SDK is installed but not installed
+# in the default location, you can specify WINDOWS_SDK_PATH.
+# It can be downloaded from:
+# http://www.microsoft.com/msdownload/platformsdk/sdkupdate/
+
+# USE_WINDOWS_SSPI = 1
+
+!IFDEF WINDOWS_SSPI
+!IFNDEF WINDOWS_SDK_PATH
+WINDOWS_SDK_PATH = "C:\Program Files\Microsoft SDK"
+!ENDIF
+!ENDIF
+
 # Use the high resolution time by default.  Comment this out to use low
 # resolution time and not require winmm.lib
 USEMM_LIBS = YES
@@ -69,6 +87,11 @@ CFLAGS     = $(CFLAGS) /DWITHOUT_MM_LIB
 #  RSAglue.lib was formerly needed in the SSLLIBS
 CFGSET     = FALSE

+!IFDEF WINDOWS_SSPI
+CFLAGS = $(CFLAGS) /DUSE_WINDOWS_SSPI /I$(WINDOWS_SDK_PATH)\include
+LFLAGS = $(LFLAGS) $(WINDOWS_SDK_PATH)\lib\secur32.lib
+!ENDIF
+
 ######################
 # release

@@ -120,10 +143,10 @@ CFGSET   = TRUE
 # release-ssl-dll

 !IF "$(CFG)" == "release-ssl-dll"
-TARGET   = $(LIB_NAME).lib
+TARGET   = $(LIB_NAME).dll
 DIROBJ   = $(CFG)
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK      = $(LNKLIB) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /out:$(DIROBJ)\$(TARGET)
+LNK      = $(LNKDLL) $(WINLIBS) /out:$(DIROBJ)\$(TARGET) $(SSLLIBS) $(LFLAGSSSL) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME).lib
 CC       = $(CCNODBG) $(CFLAGSSSL)
 CFGSET   = TRUE
 !ENDIF
@@ -297,7 +320,7 @@ CFGSET   = TRUE
 !IF "$(CFG)" == "debug-dll"
 TARGET = $(LIB_NAME_DEBUG).dll
 DIROBJ = $(CFG)
-LNK    = $(LNKDLL) $(WINLIBS) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
+LNK    = $(LNKDLL) $(WINLIBS) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
 CC     = $(CCDEBUG)
 CFGSET = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -310,7 +333,7 @@ RESOURCE = $(DIROBJ)\libcurl.res
 TARGET   = $(LIB_NAME_DEBUG).dll
 DIROBJ   = $(CFG)
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
+LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(LFLAGSSSL) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
 CC       = $(CCDEBUG) $(CFLAGSSSL)
 CFGSET   = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -323,7 +346,7 @@ RESOURCE = $(DIROBJ)\libcurl.res
 TARGET   = $(LIB_NAME_DEBUG).dll
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
-LNK      = $(LNKDLL) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
+LNK      = $(LNKDLL) $(WINLIBS) $(ZLIBLIBSDLL) $(LFLAGSZLIB) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
 CC       = $(CCDEBUG) $(CFLAGSZLIB)
 CFGSET   = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -337,7 +360,7 @@ TARGET   = $(LIB_NAME_DEBUG).dll
 DIROBJ   = $(CFG)
 LFLAGSZLIB = "/LIBPATH:$(ZLIB_PATH)"
 LFLAGSSSL = "/LIBPATH:$(OPENSSL_PATH)\out32dll"
-LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL) $(LFLAGSZLIB) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(LIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
+LNK      = $(LNKDLL) $(WINLIBS) $(SSLLIBS) $(ZLIBLIBSDLL) $(LFLAGSSSL) $(LFLAGSZLIB) /DEBUG /out:$(DIROBJ)\$(TARGET) /IMPLIB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib /PDB:$(DIROBJ)\$(IMPLIB_NAME_DEBUG).pdb
 CC       = $(CCDEBUG) $(CFLAGSSSL) $(CFLAGSZLIB)
 CFGSET   = TRUE
 RESOURCE = $(DIROBJ)\libcurl.res
@@ -454,7 +477,7 @@ $(TARGET): $(X_OBJS)
 	-xcopy $(DIROBJ)\$(LIB_NAME_DEBUG).dll . /y
 	-xcopy $(DIROBJ)\$(LIB_NAME_DEBUG).lib . /y
 	-xcopy $(DIROBJ)\$(IMPLIB_NAME).lib    . /y
-	-xcopy $(DIROBJ)\$(IMPLIB_NAME).lib    . /y
+	-xcopy $(DIROBJ)\$(IMPLIB_NAME_DEBUG).lib . /y
 	-xcopy $(DIROBJ)\*.exp                 . /y
 	-xcopy $(DIROBJ)\*.pdb                 . /y

--- a/lib/base64.c
+++ b/lib/base64.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -76,10 +76,10 @@ static void decodeQuantum(unsigned char *dest, const char *src)
 /*
 * Curl_base64_decode()
 *
- * Given a base64 string at src, decode it into the memory pointed to by
- * dest. Returns the length of the decoded data.
+ * Given a base64 string at src, decode it and return an allocated memory in
+ * the *outptr. Returns the length of the decoded data.
 */
-size_t Curl_base64_decode(const char *src, char *dest)
+size_t Curl_base64_decode(const char *src, unsigned char **outptr)
 {
  int length = 0;
  int equalsTerm = 0;
@@ -87,25 +87,49 @@ size_t Curl_base64_decode(const char *src, char *dest)
  int numQuantums;
  unsigned char lastQuantum[3];
  size_t rawlen=0;
+  unsigned char *newstr;
+
+  *outptr = NULL;

  while((src[length] != '=') && src[length])
    length++;
-  while(src[length+equalsTerm] == '=')
+  /* A maximum of two = padding characters is allowed */
+  if(src[length] == '=') {
    equalsTerm++;
-
+    if(src[length+equalsTerm] == '=')
+      equalsTerm++;
+  }
  numQuantums = (length + equalsTerm) / 4;

+  /* Don't allocate a buffer if the decoded length is 0 */
+  if (numQuantums <= 0)
+    return 0;
+
  rawlen = (numQuantums * 3) - equalsTerm;

+  /* The buffer must be large enough to make room for the last quantum
+  (which may be partially thrown out) and the zero terminator. */
+  newstr = malloc(rawlen+4);
+  if(!newstr)
+    return 0;
+
+  *outptr = newstr;
+
+  /* Decode all but the last quantum (which may not decode to a
+  multiple of 3 bytes) */
  for(i = 0; i < numQuantums - 1; i++) {
-    decodeQuantum((unsigned char *)dest, src);
-    dest += 3; src += 4;
+    decodeQuantum((unsigned char *)newstr, src);
+    newstr += 3; src += 4;
  }

+  /* This final decode may actually read slightly past the end of the buffer
+  if the input string is missing pad bytes.  This will almost always be
+  harmless. */
  decodeQuantum(lastQuantum, src);
  for(i = 0; i < 3 - equalsTerm; i++)
-    dest[i] = lastQuantum[i];
+    newstr[i] = lastQuantum[i];

+  newstr[i] = 0; /* zero terminate */
  return rawlen;
 }

--- a/lib/base64.h
+++ b/lib/base64.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -23,5 +23,5 @@
 * $Id$
 ***************************************************************************/
 size_t Curl_base64_encode(const char *input, size_t size, char **str);
-size_t Curl_base64_decode(const char *source, char *dest);
+size_t Curl_base64_decode(const char *source, unsigned char **outptr);
 #endif
--- a/lib/config-amigaos.h
+++ b/lib/config-amigaos.h
@@ -57,6 +57,8 @@

 #define USE_OPENSSL 1
 #define USE_SSLEAY 1
+#define CURL_DISABLE_LDAP 1
+

 #define OS "AmigaOS"

--- a/lib/config-mac.h
+++ b/lib/config-mac.h
@@ -36,6 +36,8 @@
 #       define USE_OPENSSL      1
 #endif

+#define CURL_DISABLE_LDAP       1
+
 #define HAVE_RAND_STATUS        1
 #define HAVE_RAND_EGD           1

--- a/lib/config-riscos.h
+++ b/lib/config-riscos.h
@@ -388,3 +388,6 @@

 #define HAVE_FIONBIO

+/* to disable LDAP */
+#define CURL_DISABLE_LDAP
+
--- a/lib/config-vms.h
+++ b/lib/config-vms.h
@@ -1,385 +0,0 @@
-/* Define if on AIX 3.
-   System headers sometimes define this.
-   We just want to avoid a redefinition error message.  */
-#ifndef _ALL_SOURCE
-#undef _ALL_SOURCE
-#endif
-
-/* Define to empty if the keyword does not work.  */
-#undef const
-
-/* Define as the return type of signal handlers (int or void).  */
-#undef RETSIGTYPE
-
-/* Define to `unsigned' if <sys/types.h> doesn't define.  */
-#undef size_t
-
-/* Define if you have the ANSI C header files.  */
-#define STDC_HEADERS 1
-
-/* Define if you can safely include both <sys/time.h> and <time.h>.  */
-#define TIME_WITH_SYS_TIME 1
-
-/* Define cpu-machine-OS */
-#define OS "ALPHA-COMPAQ-VMS"
-
-/* Define if you have the gethostbyaddr_r() function with 5 arguments */
-#undef HAVE_GETHOSTBYADDR_R_5
-
-/* Define if you have the gethostbyaddr_r() function with 7 arguments */
-#undef HAVE_GETHOSTBYADDR_R_7
-
-/* Define if you have the gethostbyaddr_r() function with 8 arguments */
-#undef HAVE_GETHOSTBYADDR_R_8
-
-/* Define if you have the gethostbyname_r() function with 3 arguments */
-#undef HAVE_GETHOSTBYNAME_R_3
-
-/* Define if you have the gethostbyname_r() function with 5 arguments */
-#undef HAVE_GETHOSTBYNAME_R_5
-
-/* Define if you have the gethostbyname_r() function with 6 arguments */
-#undef HAVE_GETHOSTBYNAME_R_6
-
-/* Define if you have the inet_ntoa_r function declared. */
-#undef HAVE_INET_NTOA_R_DECL
-
-/* Define if you need the _REENTRANT define for some functions */
-#undef NEED_REENTRANT
-
-/* Define if you have the Kerberos4 libraries (including -ldes) */
-#undef HAVE_KRB4
-
-/* Define this to 'int' if ssize_t is not an available typedefed type */
-#undef ssize_t
-
-/* Define this to 'int' if socklen_t is not an available typedefed type */
-#define socklen_t size_t
-
-/* Define this as a suitable file to read random data from */
-#undef RANDOM_FILE
-
-/* Define this to your Entropy Gathering Daemon socket pathname */
-#undef EGD_SOCKET
-
-/* The number of bytes in a long double.  */
-#define SIZEOF_LONG_DOUBLE 8
-
-/* The number of bytes in a long long.  */
-#define SIZEOF_LONG_LONG 8
-
-/* Define if you have the RAND_egd function.  */
-#undef HAVE_RAND_EGD
-
-/* Define if you have the RAND_screen function.  */
-#undef HAVE_RAND_SCREEN
-
-/* Define if you have the RAND_status function.  */
-#undef HAVE_RAND_STATUS
-
-/* Define if you have the closesocket function.  */
-#undef HAVE_CLOSESOCKET
-
-/* Define if you have the geteuid function.  */
-#define HAVE_GETEUID 1
-
-/* Define if you have the gethostbyaddr function.  */
-#define HAVE_GETHOSTBYADDR 1
-
-/* Define if you have the gethostbyaddr_r function.  */
-#undef HAVE_GETHOSTBYADDR_R
-
-/* Define if you have the gethostbyname_r function.  */
-#undef HAVE_GETHOSTBYNAME_R
-
-/* Define if you have the gethostname function.  */
-#define HAVE_GETHOSTNAME 1
-
-/* Define if you have the getpass_r function.  */
-#undef HAVE_GETPASS_R
-
-/* Define if you have the getpwuid function.  */
-#define HAVE_GETPWUID 1
-
-/* Define if you have the getservbyname function.  */
-#define HAVE_GETSERVBYNAME 1
-
-/* Define if you have the gettimeofday function.  */
-#define HAVE_GETTIMEOFDAY 1
-
-/* Define if you have the inet_addr function.  */
-#define HAVE_INET_ADDR 1
-
-/* Define if you have the inet_ntoa function.  */
-#define HAVE_INET_NTOA 1
-
-/* Define if you have the inet_ntoa_r function.  */
-#undef HAVE_INET_NTOA_R
-
-/* Define if you have the krb_get_our_ip_for_realm function.  */
-#undef HAVE_KRB_GET_OUR_IP_FOR_REALM
-
-/* Define if you have the localtime_r function.  */
-#undef HAVE_LOCALTIME_R
-
-/* Define if you have the perror function.  */
-#define HAVE_PERROR 1
-
-/* Define if you have the select function.  */
-#define HAVE_SELECT 1
-
-/* Define if you have the setvbuf function.  */
-#undef HAVE_SETVBUF
-
-/* Define if you have the sigaction function.  */
-#define HAVE_SIGACTION 1
-
-/* Define if you have the signal function.  */
-#define HAVE_SIGNAL 1
-
-/* Define if you have the socket function.  */
-#define HAVE_SOCKET 1
-
-/* Define if you have the strcasecmp function.  */
-#define HAVE_STRCASECMP 1
-
-/* Define if you have the strcmpi function.  */
-#define HAVE_STRCMPI 1
-
-/* Define if you have the strdup function.  */
-#define HAVE_STRDUP 1
-
-/* Define if you have the strftime function.  */
-#define HAVE_STRFTIME 1
-
-/* Define if you have the stricmp function.  */
-#define HAVE_STRICMP 1
-
-/* Define if you have the strlcat function.  */
-#undef HAVE_STRLCAT
-
-/* Define if you have the strlcpy function.  */
-#undef HAVE_STRLCPY
-
-/* Define if you have the strstr function.  */
-#define  HAVE_STRSTR 1
-
-/* Define if you have the tcgetattr function.  */
-#undef HAVE_TCGETATTR
-
-/* Define if you have the tcsetattr function.  */
-#undef HAVE_TCSETATTR
-
-/* Define if you have the uname function.  */
-#define HAVE_UNAME 1
-
-/* Define if you have the <alloca.h> header file.  */
-#undef HAVE_ALLOCA_H
-
-/* Define if you have the <arpa/inet.h> header file.  */
-#undef HAVE_ARPA_INET_H
-
-/* Define if you have the <crypto.h> header file.  */
-#undef HAVE_CRYPTO_H
-
-/* Define if you have the <des.h> header file.  */
-#undef HAVE_DES_H
-
-/* Define if you have the <dlfcn.h> header file.  */
-#undef HAVE_DLFCN_H
-
-/* Define if you have the <err.h> header file.  */
-#define HAVE_ERR_H 1
-
-/* Define if you have the <fcntl.h> header file.  */
-#define HAVE_FCNTL_H 1
-
-/* Define if you have the <getopt.h> header file.  */
-#define HAVE_GETOPT_H 1
-
-/* Define if you have the <io.h> header file.  */
-#undef HAVE_IO_H
-
-/* Define if you have the <krb.h> header file.  */
-#undef HAVE_KRB_H
-
-/* Define if you have the <malloc.h> header file.  */
-#define HAVE_MALLOC_H 1
-
-/* Define if you have the <net/if.h> header file.  */
-#define HAVE_NET_IF_H 1
-
-/* Define if you have the <netdb.h> header file.  */
-#define HAVE_NETDB_H 1
-
-/* Define if you have the <netinet/if_ether.h> header file.  */
-#define HAVE_NETINET_IF_ETHER_H 1
-
-/* Define if you have the <netinet/in.h> header file.  */
-#define HAVE_NETINET_IN_H 1
-
-/* Define if you have the <openssl/crypto.h> header file.  */
-#define HAVE_OPENSSL_CRYPTO_H 1
-
-/* Define if you have the <openssl/err.h> header file.  */
-#define HAVE_OPENSSL_ERR_H      1
-
-/* Define if you have the <openssl/pem.h> header file.  */
-#define HAVE_OPENSSL_PEM_H      1
-
-/* Define if you have the <openssl/rsa.h> header file.  */
-#define HAVE_OPENSSL_RSA_H 1
-
-/* Define if you have the <openssl/ssl.h> header file.  */
-#define HAVE_OPENSSL_SSL_H      1
-
-/* Define if you have the <openssl/x509.h> header file.  */
-#define HAVE_OPENSSL_X509_H     1
-
-/* Define if you have the <pem.h> header file.  */
-#undef HAVE_PEM_H
-
-/* Define if you have the <pwd.h> header file.  */
-#define HAVE_PWD_H 1
-
-/* Define if you have the <rsa.h> header file.  */
-#undef HAVE_RSA_H
-
-/* Define if you have the <sgtty.h> header file.  */
-#define HAVE_SGTTY_H 1
-
-/* Define if you have the <ssl.h> header file.  */
-#undef HAVE_SSL_H
-
-/* Define if you have the <stdlib.h> header file.  */
-#define HAVE_STDLIB_H 1
-
-/* Define if you have the <sys/param.h> header file.  */
-#undef HAVE_SYS_PARAM_H
-
-/* Define if you have the <sys/select.h> header file.  */
-#undef HAVE_SYS_SELECT_H
-
-/* Define if you have the <sys/socket.h> header file.  */
-#define HAVE_SYS_SOCKET_H 1
-
-/* Define if you have the <sys/sockio.h> header file.  */
-#undef HAVE_SYS_SOCKIO_H
-
-/* Define if you have the <sys/stat.h> header file.  */
-#define HAVE_SYS_STAT_H 1
-
-/* Define if you have the <sys/time.h> header file.  */
-#define HAVE_SYS_TIME_H 1
-
-/* Define if you have the <sys/types.h> header file.  */
-#define HAVE_SYS_TYPES_H 1
-
-/* Define if you have the <termio.h> header file.  */
-#undef HAVE_TERMIO_H
-
-/* Define if you have the <termios.h> header file.  */
-#define HAVE_TERMIOS_H 1
-
-/* Define if you have the <time.h> header file.  */
-#define HAVE_TIME_H 1
-
-/* Define if you have the <unistd.h> header file.  */
-#define HAVE_UNISTD_H 1
-
-/* Define if you have the <winsock.h> header file.  */
-#undef HAVE_WINSOCK_H
-
-/* Define if you have the <x509.h> header file.  */
-#undef HAVE_X509_H
-
-/* Define if you have the crypto library (-lcrypto).  */
-#define HAVE_LIBCRYPTO 1
-
-/* Define if you have the dl library (-ldl).  */
-#undef HAVE_LIBDL
-
-/* Define if you have the nsl library (-lnsl).  */
-#undef HAVE_LIBNSL
-
-/* Define if you have the resolv library (-lresolv).  */
-#define HAVE_LIBRESOLV 1
-
-/* Define if you have the resolve library (-lresolve).  */
-#undef HAVE_LIBRESOLVE
-
-/* Define if you have the socket library (-lsocket).  */
-#define HAVE_LIBSOCKET 1
-
-/* Define if you have the ssl library (-lssl).  */
-#define HAVE_LIBSSL     1
-
-/* Define if you have the ucb library (-lucb).  */
-#undef HAVE_LIBUCB
-
-/* Number of bits in a file offset, on hosts where this is settable. */
-#undef _FILE_OFFSET_BITS
-
-/* Define for large files, on AIX-style hosts. */
-#undef _LARGE_FILES
-
-/* Define if getaddrinfo exists and works */
-#define HAVE_GETADDRINFO 1
-
-/* Define if you want to enable IPv6 support */
-#undef ENABLE_IPV6
-
-/* Set to explicitly specify we don't want to use thread-safe functions */
-#undef DISABLED_THREADSAFE
-
-#define HAVE_TIMEVAL_H  1
-
-/* Name of this package! */
-#define PACKAGE "not-used"
-
-/* Version number of this archive. */
-#define VERSION "not-used"
-
-/* Define if you have the getpass function.  */
-#undef HAVE_GETPASS
-
-/* if OpenSSL is in use */
-#define USE_OPENSSL 1
-
-/* if SSL is enabled */
-#define USE_SSLEAY 1
-
-/* Define if you have the `dlopen' function. */
-#undef HAVE_DLOPEN
-
-/* Define if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define if you have the <strings.h> header file. */
-#define HAVE_STRINGS_H 1
-
-/* Define if you have the <string.h> header file. */
-#define HAVE_STRING_H 1
-
-/* Define if you have the `strtok_r' function. */
-#undef HAVE_STRTOK_R
-
-/* Define if you have the `strtoll' function. */
-#undef HAVE_STRTOLL
-
-#define HAVE_MEMORY_H   1
-
-#define HAVE_FIONBIO    1
-
-/* Define if you have the `sigsetjmp' function. */
-#define HAVE_SIGSETJMP 1
-
-/* Define to 1 if you have the <setjmp.h> header file. */
-#define HAVE_SETJMP_H 1
-
-/*
- * This needs to be defined for OpenSSL 0.9.7 and other versions that have the
- * ENGINE stuff supported. If an include of "openssl/engine.h" fails, then
- * undefine the define below.
-*/
-#define HAVE_OPENSSL_ENGINE_H 1
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -232,6 +232,12 @@
 /* use ioctlsocket() for non-blocking sockets */
 #define HAVE_IOCTLSOCKET

+/* lber dynamic library file */
+/* #undef DL_LBER_FILE */
+
+/* ldap dynamic library file */
+#define DL_LDAP_FILE "wldap32.dll"
+
 /*************************************************
 * This section is for compiler specific defines.*
 *************************************************/
--- a/lib/config.dj
+++ b/lib/config.dj
@@ -93,6 +93,9 @@
  #define USE_OPENSSL            1
 #endif

+/* to disable LDAP */
+#define CURL_DISABLE_LDAP        1
+
 /* Because djgpp <= 2.03 doesn't have snprintf() etc.
 */
 #if (DJGPP_MINOR < 4)
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -364,6 +364,9 @@ static CURLcode bindlocal(struct connectdata *conn,
    return CURLE_OK;

  } /* end of device selection support */
+#else
+  (void)conn;
+  (void)sockfd;
 #endif /* end of HAVE_INET_NTOA */

  return CURLE_HTTP_PORT_FAILED;
@@ -640,8 +643,10 @@ singleipconnect(struct connectdata *conn,
    /* user selected to bind the outgoing socket to a specified "device"
       before doing connect */
    CURLcode res = bindlocal(conn, sockfd);
-    if(res)
+    if(res) {
+      sclose(sockfd); /* close socket and bail out */
      return res;
+    }
  }

  /* set socket non-blocking */
--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -651,6 +651,10 @@ struct CookieInfo *Curl_cookie_init(struct SessionHandle *data,
    fp = stdin;
    fromfile=FALSE;
  }
+  else if(file && !*file) {
+    /* points to a "" string */
+    fp = NULL;
+  }
  else
    fp = file?fopen(file, "r"):NULL;

--- a/lib/dict.c
+++ b/lib/dict.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -85,7 +85,7 @@
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>

-CURLcode Curl_dict(struct connectdata *conn)
+CURLcode Curl_dict(struct connectdata *conn, bool *done)
 {
  char *word;
  char *ppath;
@@ -100,6 +100,8 @@ CURLcode Curl_dict(struct connectdata *conn)
  char *path = conn->path;
  curl_off_t *bytecount = &conn->bytecount;

+  *done = TRUE; /* unconditionally */
+
  if(conn->bits.user_passwd) {
    /* AUTH is missing */
  }
--- a/lib/dict.h
+++ b/lib/dict.h
@@ -2,18 +2,18 @@
 #define __DICT_H

 /***************************************************************************
- *                                  _   _ ____  _     
- *  Project                     ___| | | |  _ \| |    
- *                             / __| | | | |_) | |    
- *                            | (__| |_| |  _ <| |___ 
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
- * 
+ *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
@@ -24,7 +24,7 @@
 * $Id$
 ***************************************************************************/
 #ifndef CURL_DISABLE_DICT
-CURLcode Curl_dict(struct connectdata *conn);
+CURLcode Curl_dict(struct connectdata *conn, bool *done);
 CURLcode Curl_dict_done(struct connectdata *conn);
 #endif
 #endif
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -201,7 +201,8 @@ CURLcode curl_global_init(long flags)
  Curl_ccalloc = (curl_calloc_callback)calloc;

  if (flags & CURL_GLOBAL_SSL)
-    Curl_SSL_init();
+    if (!Curl_SSL_init())
+      return CURLE_FAILED_INIT;

  if (flags & CURL_GLOBAL_WIN32)
    if (win32_init() != CURLE_OK)
--- a/lib/easyif.h
+++ b/lib/easyif.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
--- a/lib/file.c
+++ b/lib/file.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -87,6 +87,7 @@
 #include "transfer.h"
 #include "url.h"
 #include "memory.h"
+#include "parsedate.h" /* for the week day and month names */

 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -266,7 +267,7 @@ static CURLcode file_upload(struct connectdata *conn)
 * opposed to sockets) we instead perform the whole do-operation in this
 * function.
 */
-CURLcode Curl_file(struct connectdata *conn)
+CURLcode Curl_file(struct connectdata *conn, bool *done)
 {
  /* This implementation ignores the host name in conformance with
     RFC 1738. Only local files (reachable via the standard file system)
@@ -286,6 +287,8 @@ CURLcode Curl_file(struct connectdata *conn)
  int fd;
  struct timeval now = Curl_tvnow();

+  *done = TRUE; /* unconditionally */
+
  Curl_readwrite_init(conn);
  Curl_initinfo(data);
  Curl_pgrsStartNow(data);
@@ -319,7 +322,6 @@ CURLcode Curl_file(struct connectdata *conn)
    if(result)
      return result;

-#ifdef HAVE_STRFTIME
    if(fstated) {
      struct tm *tm;
      time_t clock = (time_t)statbuf.st_mtime;
@@ -330,11 +332,17 @@ CURLcode Curl_file(struct connectdata *conn)
      tm = gmtime(&clock);
 #endif
      /* format: "Tue, 15 Nov 1994 12:45:26 GMT" */
-      strftime(buf, BUFSIZE-1, "Last-Modified: %a, %d %b %Y %H:%M:%S GMT\r\n",
-               tm);
+      snprintf(buf, BUFSIZE-1,
+               "Last-Modified: %s, %02d %s %4d %02d:%02d:%02d GMT\r\n",
+               Curl_wkday[tm->tm_wday?tm->tm_wday-1:6],
+               tm->tm_mday,
+               Curl_month[tm->tm_mon],
+               tm->tm_year + 1900,
+               tm->tm_hour,
+               tm->tm_min,
+               tm->tm_sec);
      result = Curl_client_write(data, CLIENTWRITE_BOTH, buf, 0);
    }
-#endif
    return result;
  }

--- a/lib/file.h
+++ b/lib/file.h
@@ -2,18 +2,18 @@
 #define __FILE_H

 /***************************************************************************
- *                                  _   _ ____  _     
- *  Project                     ___| | | |  _ \| |    
- *                             / __| | | | |_) | |    
- *                            | (__| |_| |  _ <| |___ 
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
- * 
+ *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
@@ -24,7 +24,7 @@
 * $Id$
 ***************************************************************************/
 #ifndef CURL_DISABLE_FILE
-CURLcode Curl_file(struct connectdata *);
+CURLcode Curl_file(struct connectdata *, bool *done);
 CURLcode Curl_file_done(struct connectdata *, CURLcode);
 CURLcode Curl_file_connect(struct connectdata *);
 #endif
--- a/lib/ftp.c
+++ b/lib/ftp.c
--- a/lib/ftp.h
+++ b/lib/ftp.h
@@ -1,18 +1,18 @@
 #ifndef __FTP_H
 #define __FTP_H
 /***************************************************************************
- *                                  _   _ ____  _     
- *  Project                     ___| | | |  _ \| |    
- *                             / __| | | | |_) | |    
- *                            | (__| |_| |  _ <| |___ 
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
- * 
+ *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
@@ -24,14 +24,21 @@
 ***************************************************************************/

 #ifndef CURL_DISABLE_FTP
-CURLcode Curl_ftp(struct connectdata *conn);
+CURLcode Curl_ftp(struct connectdata *conn, bool *done);
 CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode);
-CURLcode Curl_ftp_connect(struct connectdata *conn);
+CURLcode Curl_ftp_connect(struct connectdata *conn, bool *done);
 CURLcode Curl_ftp_disconnect(struct connectdata *conn);
 CURLcode Curl_ftpsendf(struct connectdata *, const char *fmt, ...);
+CURLcode Curl_nbftpsendf(struct connectdata *, const char *fmt, ...);
 CURLcode Curl_GetFTPResponse(ssize_t *nread, struct connectdata *conn,
                             int *ftpcode);
 CURLcode Curl_ftp_nextconnect(struct connectdata *conn);
-#endif
-
-#endif
+CURLcode Curl_ftp_multi_statemach(struct connectdata *conn, bool *done);
+CURLcode Curl_ftp_fdset(struct connectdata *conn,
+                        fd_set *read_fd_set,
+                        fd_set *write_fd_set,
+                        int *max_fdp);
+CURLcode Curl_ftp_doing(struct connectdata *conn,
+                        bool *dophase_done);
+#endif /* CURL_DISABLE_FTP */
+#endif /* __FTP_H */
--- a/lib/hostares.c
+++ b/lib/hostares.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -99,7 +99,7 @@
 #ifdef CURLRES_ARES

 /*
- * Curl_fdset() is called when someone from the outside world (using
+ * Curl_resolv_fdset() is called when someone from the outside world (using
 * curl_multi_fdset()) wants to get our fd_set setup and we're talking with
 * ares. The caller must make sure that this function is only called when we
 * have a working ares channel.
@@ -107,10 +107,10 @@
 * Returns: CURLE_OK always!
 */

-CURLcode Curl_fdset(struct connectdata *conn,
-                    fd_set *read_fd_set,
-                    fd_set *write_fd_set,
-                    int *max_fdp)
+CURLcode Curl_resolv_fdset(struct connectdata *conn,
+                           fd_set *read_fd_set,
+                           fd_set *write_fd_set,
+                           int *max_fdp)

 {
  int max = ares_fds(conn->data->state.areschannel,
--- a/lib/hostasyn.c
+++ b/lib/hostasyn.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -67,11 +67,6 @@
 #include <process.h>
 #endif

-#if (defined(NETWARE) && defined(__NOVELL_LIBC__))
-#undef in_addr_t
-#define in_addr_t unsigned long
-#endif
-
 #include "urldata.h"
 #include "sendf.h"
 #include "hostip.h"
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -67,11 +67,6 @@
 #include <process.h>
 #endif

-#if (defined(NETWARE) && defined(__NOVELL_LIBC__))
-#undef in_addr_t
-#define in_addr_t unsigned long
-#endif
-
 #include "urldata.h"
 #include "sendf.h"
 #include "hostip.h"
--- a/lib/hostip.h
+++ b/lib/hostip.h
@@ -159,13 +159,13 @@ CURLcode Curl_is_resolved(struct connectdata *conn,
 CURLcode Curl_wait_for_resolv(struct connectdata *conn,
                              struct Curl_dns_entry **dnsentry);

-/* Curl_fdset() is a generic function that exists in multiple versions
+/* Curl_resolv_fdset() is a generic function that exists in multiple versions
   depending on what name resolve technology we've built to use. The function
   is called from the curl_multi_fdset() function */
-CURLcode Curl_fdset(struct connectdata *conn,
-                    fd_set *read_fd_set,
-                    fd_set *write_fd_set,
-                    int *max_fdp);
+CURLcode Curl_resolv_fdset(struct connectdata *conn,
+                           fd_set *read_fd_set,
+                           fd_set *write_fd_set,
+                           int *max_fdp);
 /* unlock a previously resolved dns entry */
 void Curl_resolv_unlock(struct SessionHandle *data, struct Curl_dns_entry *dns);

@@ -240,6 +240,13 @@ struct Curl_dns_entry *
 Curl_cache_addr(struct SessionHandle *data, Curl_addrinfo *addr,
                char *hostname, int port);

+/*
+ * Curl_destroy_thread_data() cleans up async resolver data.
+ * Complementary of ares_destroy.
+ */
+struct Curl_async; /* forward-declaration */
+void Curl_destroy_thread_data(struct Curl_async *async);
+
 #ifndef INADDR_NONE
 #define CURL_INADDR_NONE (in_addr_t) ~0
 #else
--- a/lib/hostip4.c
+++ b/lib/hostip4.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -79,6 +79,7 @@
 #include "share.h"
 #include "strerror.h"
 #include "url.h"
+#include "inet_pton.h"

 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -202,11 +203,9 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,

  *waitp = 0; /* don't wait, we act synchronously */

-  in=inet_addr(hostname);
-  if (in != CURL_INADDR_NONE) {
+  if(1 == Curl_inet_pton(AF_INET, hostname, &in))
    /* This is a dotted IP address 123.123.123.123-style */
    return Curl_ip2addr(in, hostname, port);
-  }

 #if defined(HAVE_GETHOSTBYNAME_R)
  /*
--- a/lib/hostip6.c
+++ b/lib/hostip6.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -67,11 +67,6 @@
 #include <process.h>
 #endif

-#if (defined(NETWARE) && defined(__NOVELL_LIBC__))
-#undef in_addr_t
-#define in_addr_t unsigned long
-#endif
-
 #include "urldata.h"
 #include "sendf.h"
 #include "hostip.h"
@@ -79,6 +74,7 @@
 #include "share.h"
 #include "strerror.h"
 #include "url.h"
+#include "inet_pton.h"

 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -247,8 +243,8 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
    }
  }

-  if((1 == inet_pton(AF_INET, hostname, addrbuf)) ||
-     (1 == inet_pton(AF_INET6, hostname, addrbuf))) {
+  if((1 == Curl_inet_pton(AF_INET, hostname, addrbuf)) ||
+     (1 == Curl_inet_pton(AF_INET6, hostname, addrbuf))) {
    /* the given address is numerical only, prevent a reverse lookup */
    ai_flags = AI_NUMERICHOST;
  }
--- a/lib/hostsyn.c
+++ b/lib/hostsyn.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -67,11 +67,6 @@
 #include <process.h>
 #endif

-#if (defined(NETWARE) && defined(__NOVELL_LIBC__))
-#undef in_addr_t
-#define in_addr_t unsigned long
-#endif
-
 #include "urldata.h"
 #include "sendf.h"
 #include "hostip.h"
@@ -133,10 +128,10 @@ CURLcode Curl_is_resolved(struct connectdata *conn,
 * It is present here to keep #ifdefs out from multi.c
 */

-CURLcode Curl_fdset(struct connectdata *conn,
-                    fd_set *read_fd_set,
-                    fd_set *write_fd_set,
-                    int *max_fdp)
+CURLcode Curl_resolv_fdset(struct connectdata *conn,
+                           fd_set *read_fd_set,
+                           fd_set *write_fd_set,
+                           int *max_fdp)
 {
  (void)conn;
  (void)read_fd_set;
--- a/lib/hostthre.c
+++ b/lib/hostthre.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -155,7 +155,7 @@ struct thread_data {
  HANDLE thread_hnd;
  unsigned thread_id;
  DWORD  thread_status;
-  curl_socket_t dummy_sock;   /* dummy for Curl_fdset() */
+  curl_socket_t dummy_sock;   /* dummy for Curl_resolv_fdset() */
  FILE *stderr_file;
  HANDLE mutex_waiting;  /* marks that we are still waiting for a resolve */
  HANDLE event_resolved; /* marks that the thread obtained the information */
@@ -301,10 +301,10 @@ static unsigned __stdcall getaddrinfo_thread (void *arg)
 #endif

 /*
- * destroy_thread_data() cleans up async resolver data.
+ * Curl_destroy_thread_data() cleans up async resolver data.
 * Complementary of ares_destroy.
 */
-static void destroy_thread_data (struct Curl_async *async)
+void Curl_destroy_thread_data (struct Curl_async *async)
 {
  if (async->hostname)
    free(async->hostname);
@@ -319,6 +319,7 @@ static void destroy_thread_data (struct Curl_async *async)
    /* destroy the synchronization objects */
    if (td->mutex_waiting)
      CloseHandle(td->mutex_waiting);
+    td->mutex_waiting = NULL;
    if (td->event_resolved)
      CloseHandle(td->event_resolved);

@@ -365,7 +366,7 @@ static bool init_resolve_thread (struct connectdata *conn,
   */
  td->mutex_waiting = CreateMutex(NULL, TRUE, NULL);
  if (td->mutex_waiting == NULL) {
-    destroy_thread_data(&conn->async);
+    Curl_destroy_thread_data(&conn->async);
    SetLastError(EAGAIN);
    return FALSE;
  }
@@ -375,7 +376,7 @@ static bool init_resolve_thread (struct connectdata *conn,
   */
  td->event_resolved = CreateEvent(NULL, TRUE, FALSE, NULL);
  if (td->event_resolved == NULL) {
-    destroy_thread_data(&conn->async);
+    Curl_destroy_thread_data(&conn->async);
    SetLastError(EAGAIN);
    return FALSE;
  }
@@ -401,12 +402,12 @@ static bool init_resolve_thread (struct connectdata *conn,
  if (!td->thread_hnd) {
     SetLastError(errno);
     TRACE(("_beginthreadex() failed; %s\n", Curl_strerror(conn,errno)));
-     destroy_thread_data(&conn->async);
+     Curl_destroy_thread_data(&conn->async);
     return FALSE;
  }
-  /* This socket is only to keep Curl_fdset() and select() happy; should never
-   * become signalled for read/write since it's unbound but Windows needs
-   * atleast 1 socket in select().
+  /* This socket is only to keep Curl_resolv_fdset() and select() happy;
+   * should never become signalled for read/write since it's unbound but
+   * Windows needs atleast 1 socket in select().
   */
  td->dummy_sock = socket(AF_INET, SOCK_DGRAM, 0);
  return TRUE;
@@ -508,7 +509,7 @@ CURLcode Curl_wait_for_resolv(struct connectdata *conn,
      rc = CURLE_OPERATION_TIMEDOUT;
  }

-  destroy_thread_data(&conn->async);
+  Curl_destroy_thread_data(&conn->async);

  if(!conn->async.dns)
    conn->bits.close = TRUE;
@@ -528,7 +529,7 @@ CURLcode Curl_is_resolved(struct connectdata *conn,

  if (conn->async.done) {
    /* we're done */
-    destroy_thread_data(&conn->async);
+    Curl_destroy_thread_data(&conn->async);
    if (!conn->async.dns) {
      TRACE(("Curl_is_resolved(): CURLE_COULDNT_RESOLVE_HOST\n"));
      return CURLE_COULDNT_RESOLVE_HOST;
@@ -536,15 +537,13 @@ CURLcode Curl_is_resolved(struct connectdata *conn,
    *entry = conn->async.dns;
    TRACE(("resolved okay, dns %p\n", *entry));
  }
-  else
-    TRACE(("not yet\n"));
  return CURLE_OK;
 }

-CURLcode Curl_fdset(struct connectdata *conn,
-                    fd_set *read_fd_set,
-                    fd_set *write_fd_set,
-                    int *max_fdp)
+CURLcode Curl_resolv_fdset(struct connectdata *conn,
+                           fd_set *read_fd_set,
+                           fd_set *write_fd_set,
+                           int *max_fdp)
 {
  const struct thread_data *td =
    (const struct thread_data *) conn->async.os_specific;
--- a/lib/http.c
+++ b/lib/http.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -95,6 +95,7 @@
 #include "http.h"
 #include "memory.h"
 #include "select.h"
+#include "parsedate.h" /* for the week day and month names */

 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -229,42 +230,58 @@ static CURLcode perhapsrewind(struct connectdata *conn)

  bytessent = http->writebytecount;

-  /* figure out how much data we are expected to send */
-  switch(data->set.httpreq) {
-  case HTTPREQ_POST:
-    if(data->set.postfieldsize != -1)
-      expectsend = data->set.postfieldsize;
-    break;
-  case HTTPREQ_PUT:
-    if(data->set.infilesize != -1)
-      expectsend = data->set.infilesize;
-    break;
-  case HTTPREQ_POST_FORM:
-    expectsend = http->postsize;
-    break;
-  default:
-    break;
+  if(conn->bits.authneg)
+    /* This is a state where we are known to be negotiating and we don't send
+       any data then. */
+    expectsend = 0;
+  else {
+    /* figure out how much data we are expected to send */
+    switch(data->set.httpreq) {
+    case HTTPREQ_POST:
+      if(data->set.postfieldsize != -1)
+        expectsend = data->set.postfieldsize;
+      break;
+    case HTTPREQ_PUT:
+      if(data->set.infilesize != -1)
+        expectsend = data->set.infilesize;
+      break;
+    case HTTPREQ_POST_FORM:
+      expectsend = http->postsize;
+      break;
+    default:
+      break;
+    }
  }

  conn->bits.rewindaftersend = FALSE; /* default */

  if((expectsend == -1) || (expectsend > bytessent)) {
    /* There is still data left to send */
-    if((data->state.authproxy.picked == CURLAUTH_NTLM) ||/* using NTLM */
-       (data->state.authhost.picked == CURLAUTH_NTLM) ) {
-      conn->bits.close = FALSE; /* don't close, keep on sending */
+    if((data->state.authproxy.picked == CURLAUTH_NTLM) ||
+       (data->state.authhost.picked == CURLAUTH_NTLM)) {
+      if(((expectsend - bytessent) < 2000) ||
+         (conn->ntlm.state != NTLMSTATE_NONE)) {
+        /* The NTLM-negotiation has started *OR* there is just a little (<2K)
+           data left to send, keep on sending. */

-      /* rewind data when completely done sending! */
-      conn->bits.rewindaftersend = TRUE;
-      return CURLE_OK;
-    }
-    else {
-      /* If there is more than just a little data left to send, close the
-       * current connection by force.
-       */
-      conn->bits.close = TRUE;
-      conn->size = 0; /* don't download any more than 0 bytes */
+        /* rewind data when completely done sending! */
+        if(!conn->bits.authneg)
+          conn->bits.rewindaftersend = TRUE;
+
+        return CURLE_OK;
+      }
+      if(conn->bits.close)
+        /* this is already marked to get closed */
+        return CURLE_OK;
+
+      infof(data, "NTLM send, close instead of sending %ld bytes\n",
+            expectsend - bytessent);
    }
+
+    /* This is not NTLM or NTLM with many bytes left to send: close
+     */
+    conn->bits.close = TRUE;
+    conn->size = 0; /* don't download any more than 0 bytes */
  }

  if(bytessent)
@@ -287,6 +304,10 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
  bool pickproxy = FALSE;
  CURLcode code = CURLE_OK;

+  if(100 == conn->keep.httpcode)
+    /* this is a transient response code, ignore */
+    return CURLE_OK;
+
  if(data->state.authproblem)
    return data->set.http_fail_on_error?CURLE_HTTP_RETURNED_ERROR:CURLE_OK;

@@ -309,7 +330,8 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
    conn->newurl = strdup(data->change.url); /* clone URL */

    if((data->set.httpreq != HTTPREQ_GET) &&
-       (data->set.httpreq != HTTPREQ_HEAD)) {
+       (data->set.httpreq != HTTPREQ_HEAD) &&
+       !conn->bits.rewindaftersend) {
      code = perhapsrewind(conn);
      if(code)
        return code;
@@ -391,26 +413,19 @@ Curl_http_output_auth(struct connectdata *conn,
       and if this is one single bit it'll be used instantly. */
    authproxy->picked = authproxy->want;

-  /* To prevent the user+password to get sent to other than the original
-     host due to a location-follow, we do some weirdo checks here */
-  if(!data->state.this_is_a_follow ||
-     !data->state.first_host ||
-     curl_strequal(data->state.first_host, conn->host.name) ||
-     data->set.http_disable_hostname_check_before_authentication) {
-
-    /* Send proxy authentication header if needed */
-    if (conn->bits.httpproxy &&
-        (conn->bits.tunnel_proxy == proxytunnel)) {
-#ifdef USE_SSLEAY
-      if(authproxy->want == CURLAUTH_NTLM) {
-        auth=(char *)"NTLM";
-        result = Curl_output_ntlm(conn, TRUE);
-        if(result)
-          return result;
-      }
-      else
+  /* Send proxy authentication header if needed */
+  if (conn->bits.httpproxy &&
+      (conn->bits.tunnel_proxy == proxytunnel)) {
+#if defined(USE_SSLEAY) || defined(USE_WINDOWS_SSPI)
+    if(authproxy->picked == CURLAUTH_NTLM) {
+      auth=(char *)"NTLM";
+      result = Curl_output_ntlm(conn, TRUE);
+      if(result)
+        return result;
+    }
+    else
 #endif
-      if(authproxy->want == CURLAUTH_BASIC) {
+      if(authproxy->picked == CURLAUTH_BASIC) {
        /* Basic */
        if(conn->bits.proxy_user_passwd &&
           !checkheaders(data, "Proxy-authorization:")) {
@@ -424,7 +439,7 @@ Curl_http_output_auth(struct connectdata *conn,
        authproxy->done = TRUE;
      }
 #ifndef CURL_DISABLE_CRYPTO_AUTH
-      else if(authproxy->want == CURLAUTH_DIGEST) {
+      else if(authproxy->picked == CURLAUTH_DIGEST) {
        auth=(char *)"Digest";
        result = Curl_output_digest(conn,
                                    TRUE, /* proxy */
@@ -442,16 +457,23 @@ Curl_http_output_auth(struct connectdata *conn,
      else
        authproxy->multi = FALSE;
    }
-    else
-      /* we have no proxy so let's pretend we're done authenticating
-         with it */
-      authproxy->done = TRUE;
+  else
+    /* we have no proxy so let's pretend we're done authenticating
+       with it */
+    authproxy->done = TRUE;
+
+  /* To prevent the user+password to get sent to other than the original
+     host due to a location-follow, we do some weirdo checks here */
+  if(!data->state.this_is_a_follow ||
+     !data->state.first_host ||
+     curl_strequal(data->state.first_host, conn->host.name) ||
+     data->set.http_disable_hostname_check_before_authentication) {

    /* Send web authentication header if needed */
    {
      auth = NULL;
 #ifdef HAVE_GSSAPI
-      if((authhost->want == CURLAUTH_GSSNEGOTIATE) &&
+      if((authhost->picked == CURLAUTH_GSSNEGOTIATE) &&
         data->state.negotiate.context &&
         !GSS_ERROR(data->state.negotiate.status)) {
        auth=(char *)"GSS-Negotiate";
@@ -462,7 +484,7 @@ Curl_http_output_auth(struct connectdata *conn,
      }
      else
 #endif
-#ifdef USE_SSLEAY
+#if defined(USE_SSLEAY) || defined(USE_WINDOWS_SSPI)
      if(authhost->picked == CURLAUTH_NTLM) {
        auth=(char *)"NTLM";
        result = Curl_output_ntlm(conn, FALSE);
@@ -575,7 +597,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
  }
  else
 #endif
-#ifdef USE_SSLEAY
+#if defined(USE_SSLEAY) || defined(USE_WINDOWS_SSPI)
    /* NTLM support requires the SSL crypto libs */
    if(checkprefix("NTLM", start)) {
      *availp |= CURLAUTH_NTLM;
@@ -1222,7 +1244,7 @@ CURLcode Curl_ConnectHTTPProxyTunnel(struct connectdata *conn,
 * Curl_http_connect() performs HTTP stuff to do at connect-time, called from
 * the generic Curl_connect().
 */
-CURLcode Curl_http_connect(struct connectdata *conn)
+CURLcode Curl_http_connect(struct connectdata *conn, bool *done)
 {
  struct SessionHandle *data;
  CURLcode result;
@@ -1261,6 +1283,8 @@ CURLcode Curl_http_connect(struct connectdata *conn)
    data->state.first_host = strdup(conn->host.name);
  }

+  *done = TRUE;
+
  return CURLE_OK;
 }

@@ -1328,7 +1352,7 @@ CURLcode Curl_http_done(struct connectdata *conn,
 * request is to be performed. This creates and sends a properly constructed
 * HTTP request.
 */
-CURLcode Curl_http(struct connectdata *conn)
+CURLcode Curl_http(struct connectdata *conn, bool *done)
 {
  struct SessionHandle *data=conn->data;
  char *buf = data->state.buffer; /* this is a short cut to the buffer */
@@ -1342,6 +1366,11 @@ CURLcode Curl_http(struct connectdata *conn)
  Curl_HttpReq httpreq = data->set.httpreq;
  char *addcookies = NULL;

+  /* Always consider the DO phase done after this function call, even if there
+     may be parts of the request that is not yet sent, since we can deal with
+     the rest of the request in the PERFORM phase. */
+  *done = TRUE;
+
  if(!conn->proto.http) {
    /* Only allocate this struct if we don't already have it! */

@@ -1776,7 +1805,7 @@ CURLcode Curl_http(struct connectdata *conn)
 #endif

    if(data->set.timecondition) {
-      struct tm *thistime;
+      struct tm *tm;

      /* Phil Karn (Fri, 13 Apr 2001) pointed out that the If-Modified-Since
       * header family should have their times set in GMT as RFC2616 defines:
@@ -1788,18 +1817,22 @@ CURLcode Curl_http(struct connectdata *conn)
 #ifdef HAVE_GMTIME_R
      /* thread-safe version */
      struct tm keeptime;
-      thistime = (struct tm *)gmtime_r(&data->set.timevalue, &keeptime);
+      tm = (struct tm *)gmtime_r(&data->set.timevalue, &keeptime);
 #else
-      thistime = gmtime(&data->set.timevalue);
+      tm = gmtime(&data->set.timevalue);
 #endif

-#ifdef HAVE_STRFTIME
      /* format: "Tue, 15 Nov 1994 12:45:26 GMT" */
-      strftime(buf, BUFSIZE-1, "%a, %d %b %Y %H:%M:%S GMT", thistime);
-#else
-      /* TODO: Right, we *could* write a replacement here */
-      strcpy(buf, "no strftime() support");
-#endif
+      snprintf(buf, BUFSIZE-1,
+               "%s, %02d %s %4d %02d:%02d:%02d GMT",
+               Curl_wkday[tm->tm_wday?tm->tm_wday-1:6],
+               tm->tm_mday,
+               Curl_month[tm->tm_mon],
+               tm->tm_year + 1900,
+               tm->tm_hour,
+               tm->tm_min,
+               tm->tm_sec);
+
      switch(data->set.timecondition) {
      case CURL_TIMECOND_IFMODSINCE:
      default:
--- a/lib/http.h
+++ b/lib/http.h
@@ -8,7 +8,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -34,9 +34,9 @@ CURLcode Curl_ConnectHTTPProxyTunnel(struct connectdata *conn,
                                     char *hostname, int remote_port);

 /* protocol-specific functions set up to be called by the main engine */
-CURLcode Curl_http(struct connectdata *conn);
+CURLcode Curl_http(struct connectdata *conn, bool *done);
 CURLcode Curl_http_done(struct connectdata *, CURLcode);
-CURLcode Curl_http_connect(struct connectdata *conn);
+CURLcode Curl_http_connect(struct connectdata *conn, bool *done);

 /* The following functions are defined in http_chunks.c */
 void Curl_httpchunk_init(struct connectdata *conn);
--- a/lib/http_chunks.c
+++ b/lib/http_chunks.c
@@ -1,16 +1,16 @@
 /***************************************************************************
- *                                  _   _ ____  _     
- *  Project                     ___| | | |  _ \| |    
- *                             / __| | | | |_) | |    
- *                            | (__| |_| |  _ <| |___ 
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
- * 
+ *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
@@ -43,7 +43,7 @@
 /* The last #include file should be: */
 #include "memdebug.h"

-/* 
+/*
 * Chunk format (simplified):
 *
 * <HEX SIZE>[ chunk extension ] CRLF
@@ -188,7 +188,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
 #ifdef HAVE_LIBZ
          break;

-        case DEFLATE: 
+        case DEFLATE:
          /* update conn->keep.str to point to the chunk data. */
          conn->keep.str = datap;
          result = Curl_unencode_deflate_write(conn->data, &conn->keep,
--- a/lib/http_chunks.h
+++ b/lib/http_chunks.h
@@ -1,18 +1,18 @@
 #ifndef __HTTP_CHUNKS_H
 #define __HTTP_CHUNKS_H
 /***************************************************************************
- *                                  _   _ ____  _     
- *  Project                     ___| | | |  _ \| |    
- *                             / __| | | | |_) | |    
- *                            | (__| |_| |  _ <| |___ 
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
- * 
+ *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -166,12 +166,7 @@ int Curl_input_negotiate(struct connectdata *conn, char *header)

  len = strlen(header);
  if (len > 0) {
-    int rawlen;
-    input_token.length = (len+3)/4 * 3;
-    input_token.value = malloc(input_token.length);
-    if (input_token.value == NULL)
-      return ENOMEM;
-    rawlen = Curl_base64_decode(header, input_token.value);
+    int rawlen = Curl_base64_decode(header, (unsigned char **)&input_token.value);
    if (rawlen < 0)
      return -1;
    input_token.length = rawlen;
@@ -211,7 +206,7 @@ int Curl_input_negotiate(struct connectdata *conn, char *header)
          input_token.length = mechTokenLength;
          free(mechToken);
          mechToken = NULL;
-          infof(conn->data, "Parse SPNEGO Target Token succeded\n");
+          infof(conn->data, "Parse SPNEGO Target Token succeeded\n");
        }
    }
 #endif
@@ -292,7 +287,7 @@ CURLcode Curl_output_negotiate(struct connectdata *conn)
      neg_ctx->output_token.length = spnegoTokenLength;
      free(spnegoToken);
      spnegoToken = NULL;
-      infof(conn->data, "Make SPNEGO Initial Token succeded\n");
+      infof(conn->data, "Make SPNEGO Initial Token succeeded\n");
    }
  }
 #endif
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -30,7 +30,7 @@
 */

 #ifndef CURL_DISABLE_HTTP
-#ifdef USE_SSLEAY
+#if defined(USE_SSLEAY) || defined(USE_WINDOWS_SSPI)
 /* We need OpenSSL for the crypto lib to provide us with MD4 and DES */

 /* -- WIN32 approved -- */
@@ -51,6 +51,8 @@
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>

+#ifndef USE_WINDOWS_SSPI
+
 #include <openssl/des.h>
 #include <openssl/md4.h>
 #include <openssl/ssl.h>
@@ -71,6 +73,12 @@
 #define DESKEY(x) &x
 #endif

+#else
+
+#include <rpc.h>
+
+#endif
+
 /* The last #include file should be: */
 #include "memdebug.h"

@@ -103,7 +111,6 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
    header++;

  if(checkprefix("NTLM", header)) {
-    unsigned char buffer[256];
    header += strlen("NTLM");

    while(*header && isspace((int)*header))
@@ -123,17 +130,31 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
         (40)    Target Information  (optional) security buffer(*)
         32 (48) start of data block
      */
-
-      size_t size = Curl_base64_decode(header, (char *)buffer);
+      size_t size;
+      unsigned char *buffer;
+      size = Curl_base64_decode(header, &buffer);
+      if(!buffer)
+        return CURLNTLM_BAD;

      ntlm->state = NTLMSTATE_TYPE2; /* we got a type-2 */

+#ifdef USE_WINDOWS_SSPI
+      if ((ntlm->type_2 = malloc(size+1)) == NULL) {
+        free(buffer);
+        return CURLE_OUT_OF_MEMORY;
+      }
+      ntlm->n_type_2 = size;
+      memcpy(ntlm->type_2, buffer, size);
+#else
      if(size >= 48)
        /* the nonce of interest is index [24 .. 31], 8 bytes */
        memcpy(ntlm->nonce, &buffer[24], 8);
+      /* FIX: add an else here! */

      /* at index decimal 20, there's a 32bit NTLM flag field */

+      free(buffer);
+#endif
    }
    else {
      if(ntlm->state >= NTLMSTATE_TYPE1)
@@ -145,6 +166,8 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
  return CURLNTLM_FINE;
 }

+#ifndef USE_WINDOWS_SSPI
+
 /*
 * Turns a 56 bit key into the 64 bit, odd parity key and sets the key.  The
 * key schedule ks is also set.
@@ -271,6 +294,32 @@ static void mkhash(char *password,
  free(pw);
 }

+#endif
+
+#ifdef USE_WINDOWS_SSPI
+
+static void
+ntlm_sspi_cleanup(struct ntlmdata *ntlm)
+{
+  if (ntlm->type_2) {
+    free(ntlm->type_2);
+    ntlm->type_2 = NULL;
+  }
+  if (ntlm->has_handles) {
+    DeleteSecurityContext(&ntlm->c_handle);
+    FreeCredentialsHandle(&ntlm->handle);
+    ntlm->has_handles = 0;
+  }
+  if (ntlm->p_identity) {
+    if (ntlm->identity.User) free(ntlm->identity.User);
+    if (ntlm->identity.Password) free(ntlm->identity.Password);
+    if (ntlm->identity.Domain) free(ntlm->identity.Domain);
+    ntlm->p_identity = NULL;
+  }
+}
+
+#endif
+
 #define SHORTPAIR(x) ((x) & 0xff), ((x) >> 8)
 #define LONGQUARTET(x) ((x) & 0xff), (((x) >> 8)&0xff), \
  (((x) >>16)&0xff), ((x)>>24)
@@ -281,10 +330,12 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
 {
  const char *domain=""; /* empty */
  const char *host=""; /* empty */
+#ifndef USE_WINDOWS_SSPI
  int domlen=(int)strlen(domain);
  int hostlen = (int)strlen(host);
  int hostoff; /* host name offset */
  int domoff;  /* domain name offset */
+#endif
  size_t size;
  char *base64=NULL;
  unsigned char ntlmbuf[256]; /* enough, unless the host/domain is very long */
@@ -329,6 +380,90 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
  switch(ntlm->state) {
  case NTLMSTATE_TYPE1:
  default: /* for the weird cases we (re)start here */
+#ifdef USE_WINDOWS_SSPI
+  {
+    SecBuffer buf;
+    SecBufferDesc desc;
+    SECURITY_STATUS status;
+    ULONG attrs;
+    const char *user;
+    int domlen;
+
+    ntlm_sspi_cleanup(ntlm);
+
+    user = strchr(userp, '\\');
+    if (!user)
+      user = strchr(userp, '/');
+
+    if (user) {
+      domain = userp;
+      domlen = user - userp;
+      user++;
+    }
+    else {
+      user = userp;
+      domain = "";
+      domlen = 0;
+    }
+
+    if (user && *user) {
+      /* note: initialize all of this before doing the mallocs so that
+       * it can be cleaned up later without leaking memory.
+       */
+      ntlm->p_identity = &ntlm->identity;
+      memset(ntlm->p_identity, 0, sizeof(*ntlm->p_identity));
+      if ((ntlm->identity.User = (unsigned char *)strdup(user)) == NULL)
+        return CURLE_OUT_OF_MEMORY;
+      ntlm->identity.UserLength = strlen(user);
+      if ((ntlm->identity.Password = (unsigned char *)strdup(passwdp)) == NULL)
+        return CURLE_OUT_OF_MEMORY;
+      ntlm->identity.PasswordLength = strlen(passwdp);
+      if ((ntlm->identity.Domain = malloc(domlen+1)) == NULL)
+        return CURLE_OUT_OF_MEMORY;
+      strncpy((char *)ntlm->identity.Domain, domain, domlen);
+      ntlm->identity.Domain[domlen] = '\0';
+      ntlm->identity.DomainLength = domlen;
+      ntlm->identity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
+    }
+    else {
+      ntlm->p_identity = NULL;
+    }
+
+    if (AcquireCredentialsHandle(
+          NULL, (char *)"NTLM", SECPKG_CRED_OUTBOUND, NULL, ntlm->p_identity,
+          NULL, NULL, &ntlm->handle, NULL
+        ) != SEC_E_OK) {
+      return CURLE_OUT_OF_MEMORY;
+    }
+
+    desc.ulVersion = SECBUFFER_VERSION;
+    desc.cBuffers  = 1;
+    desc.pBuffers  = &buf;
+    buf.cbBuffer   = sizeof(ntlmbuf);
+    buf.BufferType = SECBUFFER_TOKEN;
+    buf.pvBuffer   = ntlmbuf;
+
+    status = InitializeSecurityContext(&ntlm->handle, NULL, (char *) host,
+                                       ISC_REQ_CONFIDENTIALITY |
+                                       ISC_REQ_REPLAY_DETECT |
+                                       ISC_REQ_CONNECTION,
+                                       0, SECURITY_NETWORK_DREP, NULL, 0,
+                                       &ntlm->c_handle, &desc, &attrs, NULL
+                                      );
+
+    if (status == SEC_I_COMPLETE_AND_CONTINUE ||
+        status == SEC_I_CONTINUE_NEEDED) {
+      CompleteAuthToken(&ntlm->c_handle, &desc);
+    }
+    else if (status != SEC_E_OK) {
+      FreeCredentialsHandle(&ntlm->handle);
+      return CURLE_RECV_ERROR;
+    }
+
+    ntlm->has_handles = 1;
+    size = buf.cbBuffer;
+  }
+#else
    hostoff = 32;
    domoff = hostoff + hostlen;

@@ -378,6 +513,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,

    /* initial packet length */
    size = 32 + hostlen + domlen;
+#endif

    /* now keeper of the base64 encoded package size */
    size = Curl_base64_encode((char *)ntlmbuf, size, &base64);
@@ -413,6 +549,41 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
    */

  {
+#ifdef USE_WINDOWS_SSPI
+    SecBuffer type_2, type_3;
+    SecBufferDesc type_2_desc, type_3_desc;
+    SECURITY_STATUS status;
+    ULONG attrs;
+
+    type_2_desc.ulVersion  = type_3_desc.ulVersion  = SECBUFFER_VERSION;
+    type_2_desc.cBuffers   = type_3_desc.cBuffers   = 1;
+    type_2_desc.pBuffers   = &type_2;
+    type_3_desc.pBuffers   = &type_3;
+
+    type_2.BufferType = SECBUFFER_TOKEN;
+    type_2.pvBuffer   = ntlm->type_2;
+    type_2.cbBuffer   = ntlm->n_type_2;
+    type_3.BufferType = SECBUFFER_TOKEN;
+    type_3.pvBuffer   = ntlmbuf;
+    type_3.cbBuffer   = sizeof(ntlmbuf);
+
+    status = InitializeSecurityContext(&ntlm->handle, &ntlm->c_handle,
+                                       (char *) host,
+                                       ISC_REQ_CONFIDENTIALITY |
+                                       ISC_REQ_REPLAY_DETECT |
+                                       ISC_REQ_CONNECTION,
+                                       0, SECURITY_NETWORK_DREP, &type_2_desc,
+                                       0, &ntlm->c_handle, &type_3_desc,
+                                       &attrs, NULL);
+
+    if (status != SEC_E_OK)
+      return CURLE_RECV_ERROR;
+
+    size = type_3.cbBuffer;
+
+    ntlm_sspi_cleanup(ntlm);
+
+#else
    int lmrespoff;
    int ntrespoff;
    int useroff;
@@ -552,6 +723,8 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
    ntlmbuf[56] = (unsigned char)(size & 0xff);
    ntlmbuf[57] = (unsigned char)(size >> 8);

+#endif
+
    /* convert the binary blob into base64 */
    size = Curl_base64_encode((char *)ntlmbuf, size, &base64);

@@ -583,5 +756,18 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,

  return CURLE_OK;
 }
+
+
+void
+Curl_ntlm_cleanup(struct connectdata *conn)
+{
+#ifdef USE_WINDOWS_SSPI
+  ntlm_sspi_cleanup(&conn->ntlm);
+  ntlm_sspi_cleanup(&conn->proxyntlm);
+#else
+  (void)conn;
+#endif
+}
+
 #endif /* USE_SSLEAY */
 #endif /* !CURL_DISABLE_HTTP */
--- a/lib/http_ntlm.h
+++ b/lib/http_ntlm.h
@@ -1,18 +1,18 @@
 #ifndef __HTTP_NTLM_H
 #define __HTTP_NTLM_H
 /***************************************************************************
- *                                  _   _ ____  _     
- *  Project                     ___| | | |  _ \| |    
- *                             / __| | | | |_) | |    
- *                            | (__| |_| |  _ <| |___ 
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
- * 
+ *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
@@ -38,7 +38,7 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn, bool proxy, char *header);
 /* this is for creating ntlm header output */
 CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy);

-void Curl_ntlm_cleanup(struct SessionHandle *data);
+void Curl_ntlm_cleanup(struct connectdata *conn);


 /* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */
--- a/lib/if2ip.c
+++ b/lib/if2ip.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -31,6 +31,8 @@
 #include <unistd.h>
 #endif

+#include "if2ip.h"
+
 #if !defined(WIN32) && !defined(__BEOS__) && !defined(__CYGWIN32__) && \
    !defined(__riscos__) && !defined(__INTERIX) && !defined(NETWARE)

@@ -55,7 +57,6 @@
 #include <sys/ioctl.h>
 #endif

-/* -- if2ip() -- */
 #ifdef HAVE_NETDB_H
 #include <netdb.h>
 #endif
@@ -64,15 +65,11 @@
 #include <sys/sockio.h>
 #endif

-#if defined(HAVE_INET_NTOA_R) && !defined(HAVE_INET_NTOA_R_DECL)
-#include "inet_ntoa_r.h"
-#endif
-
 #ifdef VMS
 #include <inet.h>
 #endif

-#include "if2ip.h"
+#include "inet_ntop.h"
 #include "memory.h"

 /* The last #include file should be: */
@@ -113,12 +110,7 @@ char *Curl_if2ip(const char *interface, char *buf, int buf_size)

      struct sockaddr_in *s = (struct sockaddr_in *)&req.ifr_dstaddr;
      memcpy(&in, &(s->sin_addr.s_addr), sizeof(in));
-#if defined(HAVE_INET_NTOA_R)
-      ip = inet_ntoa_r(in,buf,buf_size);
-#else
-      ip = strncpy(buf,inet_ntoa(in),buf_size);
-      ip[buf_size - 1] = 0;
-#endif
+      ip = Curl_inet_ntop(s->sin_family, &in, buf, buf_size);
    }
    sclose(dummy);
  }
--- a/lib/if2ip.h
+++ b/lib/if2ip.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -24,12 +24,8 @@
 ***************************************************************************/
 #include "setup.h"

-#if !defined(WIN32) && !defined(__BEOS__) && !defined(__CYGWIN32__) && \
-    !defined(__riscos__) && !defined(__INTERIX)
-extern char *Curl_if2ip(const char *interface, char *buf, int buf_size);
-#else
-#define Curl_if2ip(a,b,c) NULL
-#endif
+extern char *Curl_if2ip(const char *interf, char *buf, int buf_size);
+
 #ifdef __INTERIX
 /* Nedelcho Stanev's work-around for SFU 3.0 */
 struct ifreq {
--- a/lib/inet_ntoa_r.h
+++ b/lib/inet_ntoa_r.h
@@ -1,5 +1,16 @@
 #ifndef __INET_NTOA_R_H
 #define __INET_NTOA_R_H
+
+#include "setup.h"
+
+#ifdef HAVE_INET_NTOA_R_2_ARGS
+/*
+ * uClibc 0.9.26 (at least) doesn't define this prototype. The buffer
+ * must be at least 16 characters long.
+ */
+char *inet_ntoa_r(const struct in_addr in, char buffer[]);
+
+#else
 /*
 * My solaris 5.6 system running gcc 2.8.1 does *not* have this prototype
 * in any system include file! Isn't that weird?
@@ -7,3 +18,5 @@
 char *inet_ntoa_r(const struct in_addr in, char *buffer, int buflen);

 #endif
+
+#endif
--- a/lib/inet_ntop.c
+++ b/lib/inet_ntop.c
@@ -54,10 +54,17 @@
 *  - uses no statics
 *  - takes a u_char* not an in_addr as input
 */
-static const char *inet_ntop4 (const u_char *src, char *dst, size_t size)
+static char *inet_ntop4 (const u_char *src, char *dst, size_t size)
 {
-#ifdef HAVE_INET_NTOA_R
+#if defined(HAVE_INET_NTOA_R_2_ARGS)
+  const char *ptr;
+  curlassert(size >= 16);
+  ptr = inet_ntoa_r(*(struct in_addr*)src, dst);
+  return (char *)memmove(dst, ptr, strlen(ptr)+1);
+
+#elif defined(HAVE_INET_NTOA_R)
  return inet_ntoa_r(*(struct in_addr*)src, dst, size);
+
 #else
  const char *addr = inet_ntoa(*(struct in_addr*)src);

@@ -74,7 +81,7 @@ static const char *inet_ntop4 (const u_char *src, char *dst, size_t size)
 /*
 * Convert IPv6 binary address into presentation (printable) format.
 */
-static const char *inet_ntop6 (const u_char *src, char *dst, size_t size)
+static char *inet_ntop6 (const u_char *src, char *dst, size_t size)
 {
  /*
   * Note that int32_t and int16_t need only be "at least" large enough
@@ -178,10 +185,10 @@ static const char *inet_ntop6 (const u_char *src, char *dst, size_t size)
 /*
 * Convert a network format address to presentation format.
 *
- * Returns pointer to presentation format address (`dst'),
+ * Returns pointer to presentation format address (`buf'),
 * Returns NULL on error (see errno).
 */
-const char *Curl_inet_ntop(int af, const void *src, char *buf, size_t size)
+char *Curl_inet_ntop(int af, const void *src, char *buf, size_t size)
 {
  switch (af) {
  case AF_INET:
--- a/lib/inet_ntop.h
+++ b/lib/inet_ntop.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -31,7 +31,7 @@
 #include <arpa/inet.h>
 #endif
 #else
-const char *Curl_inet_ntop(int af, const void *addr, char *buf, size_t size);
+char *Curl_inet_ntop(int af, const void *addr, char *buf, size_t size);
 #endif

 #endif /* __INET_NTOP_H */
--- a/lib/inet_pton.h
+++ b/lib/inet_pton.h
@@ -1,18 +1,18 @@
 #ifndef __INET_PTON_H
 #define __INET_PTON_H
 /***************************************************************************
- *                                  _   _ ____  _     
- *  Project                     ___| | | |  _ \| |    
- *                             / __| | | | |_) | |    
- *                            | (__| |_| |  _ <| |___ 
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
- * 
+ *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
--- a/lib/krb4.c
+++ b/lib/krb4.c
@@ -43,8 +43,6 @@
 #ifndef CURL_DISABLE_FTP
 #ifdef HAVE_KRB4

-#include "security.h"
-#include "base64.h"
 #include <stdlib.h>
 #ifdef HAVE_NETDB_H
 #include <netdb.h>
@@ -57,6 +55,8 @@
 #include <unistd.h> /* for getpid() */
 #endif

+#include "urldata.h"
+#include "base64.h"
 #include "ftp.h"
 #include "sendf.h"
 #include "krb4.h"
@@ -199,7 +199,8 @@ krb4_auth(void *app_data, struct connectdata *conn)
 {
  int ret;
  char *p;
-  int len;
+  unsigned char *ptr;
+  size_t len;
  KTEXT_ST adat;
  MSG_DAT msg_data;
  int checksum;
@@ -275,11 +276,17 @@ krb4_auth(void *app_data, struct connectdata *conn)
    return AUTH_ERROR;
  }
  p += 5;
-  len = Curl_base64_decode(p, (char *)adat.dat);
-  if(len < 0) {
+  len = Curl_base64_decode(p, &ptr);
+  if(len > sizeof(adat.dat)-1) {
+    free(ptr);
+    len=0;
+  }
+  if(!len || !ptr) {
    Curl_failf(data, "Failed to decode base64 from server");
    return AUTH_ERROR;
  }
+  memcpy((char *)adat.dat, ptr, len);
+  free(ptr);
  adat.length = len;
  ret = krb_rd_safe(adat.dat, adat.length, &d->key,
                    (struct sockaddr_in *)hisctladdr,
@@ -317,10 +324,11 @@ CURLcode Curl_krb_kauth(struct connectdata *conn)
  char *name;
  char *p;
  char passwd[100];
-  int tmp;
+  size_t tmp;
  ssize_t nread;
  int save;
  CURLcode result;
+  unsigned char *ptr;

  save = Curl_set_command_prot(conn, prot_private);

@@ -346,12 +354,18 @@ CURLcode Curl_krb_kauth(struct connectdata *conn)
  }

  p += 2;
-  tmp = Curl_base64_decode(p, (char *)tkt.dat);
-  if(tmp < 0) {
+  tmp = Curl_base64_decode(p, &ptr);
+  if(tmp >= sizeof(tkt.dat)) {
+    free(ptr);
+    tmp=0;
+  }
+  if(!tmp || !ptr) {
    Curl_failf(conn->data, "Failed to decode base64 in reply.\n");
    Curl_set_command_prot(conn, save);
    return CURLE_FTP_WEIRD_SERVER_REPLY;
  }
+  memcpy((char *)tkt.dat, ptr, tmp);
+  free(ptr);
  tkt.length = tmp;
  tktcopy.length = tkt.length;

--- a/lib/krb4.h
+++ b/lib/krb4.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___ 
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -22,6 +22,48 @@
 *
 * $Id$
 ***************************************************************************/
+
+struct Curl_sec_client_mech {
+  const char *name;
+  size_t size;
+  int (*init)(void *);
+  int (*auth)(void *, struct connectdata *);
+  void (*end)(void *);
+  int (*check_prot)(void *, int);
+  int (*overhead)(void *, int, int);
+  int (*encode)(void *, void*, int, int, void**, struct connectdata *);
+  int (*decode)(void *, void*, int, int, struct connectdata *);
+};
+
+
+#define AUTH_OK         0
+#define AUTH_CONTINUE   1
+#define AUTH_ERROR      2
+
+extern struct Curl_sec_client_mech Curl_krb4_client_mech;
+
 CURLcode Curl_krb_kauth(struct connectdata *conn);
+int Curl_sec_fflush_fd(struct connectdata *conn, int fd);
+int Curl_sec_fprintf (struct connectdata *, FILE *, const char *, ...);
+int Curl_sec_getc (struct connectdata *conn, FILE *);
+int Curl_sec_putc (struct connectdata *conn, int, FILE *);
+int Curl_sec_read (struct connectdata *conn, int, void *, int);
+int Curl_sec_read_msg (struct connectdata *conn, char *, int);
+
+int Curl_sec_vfprintf(struct connectdata *, FILE *, const char *, va_list);
+int Curl_sec_fprintf2(struct connectdata *conn, FILE *f, const char *fmt, ...);
+int Curl_sec_vfprintf2(struct connectdata *conn, FILE *, const char *, va_list);
+int Curl_sec_write (struct connectdata *conn, int, char *, int);
+
+void Curl_sec_end (struct connectdata *);
+int Curl_sec_login (struct connectdata *);
+void Curl_sec_prot (int, char **);
+int Curl_sec_request_prot (struct connectdata *conn, const char *level);
+void Curl_sec_set_protection_level(struct connectdata *conn);
+void Curl_sec_status (void);
+
+enum protection_level Curl_set_command_prot(struct connectdata *,
+                                            enum protection_level);
+

 #endif
--- a/lib/ldap.c
+++ b/lib/ldap.c
@@ -5,7 +5,7 @@
 *                | (__| |_| |  _ <| |___
 *                \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -110,7 +110,7 @@ typedef void * (*dynafunc)(void *input);
 */
 #if defined(HAVE_DLOPEN) || defined(HAVE_LIBDL) || defined(WIN32)
 static void *libldap = NULL;
-#ifndef WIN32
+#if defined(DL_LBER_FILE)
 static void *liblber = NULL;
 #endif
 #endif
@@ -120,24 +120,26 @@ static int DynaOpen(const char **mod_name)
 #if defined(HAVE_DLOPEN) || defined(HAVE_LIBDL)
  if (libldap == NULL) {
    /*
-     * libldap.so should be able to resolve its dependency on
-     * liblber.so automatically, but since it does not we will
+     * libldap.so can normally resolve its dependency on liblber.so
+     * automatically, but in broken installation it does not so
     * handle it here by opening liblber.so as global.
     */
-    *mod_name = "liblber.so";
+#ifdef DL_LBER_FILE
+    *mod_name = DL_LBER_FILE;
    liblber = dlopen(*mod_name, DLOPEN_MODE);
+    if (!liblber)
+      return 0;
+#endif

    /* Assume loading libldap.so will fail if loading of liblber.so failed
     */
-    if (liblber)  {
-      *mod_name = "libldap.so";
-      libldap = dlopen(*mod_name, RTLD_LAZY);
-    }
+    *mod_name = DL_LDAP_FILE;
+    libldap = dlopen(*mod_name, RTLD_LAZY);
  }
-  return (libldap != NULL && liblber != NULL);
+  return (libldap != NULL);

 #elif defined(WIN32)
-  *mod_name = "wldap32.dll";
+  *mod_name = DL_LDAP_FILE;
  if (!libldap)
    libldap = (void*)LoadLibrary(*mod_name);
  return (libldap != NULL);
@@ -155,10 +157,12 @@ static void DynaClose(void)
    dlclose(libldap);
    libldap=NULL;
  }
+#ifdef DL_LBER_FILE
  if (liblber) {
    dlclose(liblber);
    liblber=NULL;
  }
+#endif
 #elif defined(WIN32)
  if (libldap) {
    FreeLibrary ((HMODULE)libldap);
@@ -224,7 +228,7 @@ static void (*ldap_free_urldesc)(LDAPURLDesc *) = _ldap_free_urldesc;
 #endif


-CURLcode Curl_ldap(struct connectdata *conn)
+CURLcode Curl_ldap(struct connectdata *conn, bool *done)
 {
  CURLcode status = CURLE_OK;
  int rc = 0;
@@ -256,6 +260,7 @@ CURLcode Curl_ldap(struct connectdata *conn)
  int num = 0;
  struct SessionHandle *data=conn->data;

+  *done = TRUE; /* unconditionally */
  infof(data, "LDAP local: %s\n", data->change.url);

  if (!DynaOpen(&mod_name)) {
@@ -379,6 +384,7 @@ quit:

  /* no data to transfer */
  Curl_Transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
+  conn->bits.close = TRUE;

  return status;
 }
@@ -473,9 +479,9 @@ static bool unescape_elements (LDAPURLDesc *ludp)
    char *new_dn = curl_unescape(dn, 0);

    free(dn);
+    ludp->lud_dn = new_dn;
    if (!new_dn)
       return (FALSE);
-    ludp->lud_dn = new_dn;
  }
  return (TRUE);
 }
--- a/lib/ldap.h
+++ b/lib/ldap.h
@@ -2,18 +2,18 @@
 #define __LDAP_H

 /***************************************************************************
- *                                  _   _ ____  _     
- *  Project                     ___| | | |  _ \| |    
- *                             / __| | | | |_) | |    
- *                            | (__| |_| |  _ <| |___ 
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
- * 
+ *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
@@ -24,6 +24,6 @@
 * $Id$
 ***************************************************************************/
 #ifndef CURL_DISABLE_LDAP
-CURLcode Curl_ldap(struct connectdata *conn);
+CURLcode Curl_ldap(struct connectdata *conn, bool *done);
 #endif
 #endif /* __LDAP_H */
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -6,7 +6,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
--- a/lib/memdebug.h
+++ b/lib/memdebug.h
@@ -8,7 +8,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -45,6 +45,7 @@
 #include "memory.h"
 #include "easyif.h"
 #include "multiif.h"
+#include "sendf.h"

 /* The last #include file should be: */
 #include "memdebug.h"
@@ -56,11 +57,14 @@ struct Curl_message {
 };

 typedef enum {
-  CURLM_STATE_INIT,
+  CURLM_STATE_INIT,        /* start in this state */
  CURLM_STATE_CONNECT,     /* resolve/connect has been sent off */
-  CURLM_STATE_WAITRESOLVE, /* we're awaiting the resolve to finalize */
-  CURLM_STATE_WAITCONNECT, /* we're awaiting the connect to finalize */
-  CURLM_STATE_DO,          /* send off the request (part 1) */
+  CURLM_STATE_WAITRESOLVE, /* awaiting the resolve to finalize */
+  CURLM_STATE_WAITCONNECT, /* awaiting the connect to finalize */
+  CURLM_STATE_PROTOCONNECT, /* completing the protocol-specific connect
+                               phase */
+  CURLM_STATE_DO,          /* start send off the request (part 1) */
+  CURLM_STATE_DOING,       /* sending off the request (part 1) */
  CURLM_STATE_DO_MORE,     /* send off the request (part 2) */
  CURLM_STATE_PERFORM,     /* transfer data */
  CURLM_STATE_DONE,        /* post data transfer operation */
@@ -111,6 +115,33 @@ struct Curl_multi {
  struct curl_hash *hostcache;
 };

+/* always use this function to change state, to make debugging easier */
+static void multistate(struct Curl_one_easy *easy, CURLMstate state)
+{
+#ifdef CURLDEBUG
+  const char *statename[]={
+    "INIT",
+    "CONNECT",
+    "WAITRESOLVE",
+    "WAITCONNECT",
+    "PROTOCONNECT",
+    "DO",
+    "DOING",
+    "DO_MORE",
+    "PERFORM",
+    "DONE",
+    "COMPLETED",
+  };
+  CURLMstate oldstate = easy->state;
+#endif
+  easy->state = state;
+
+#ifdef CURLDEBUG
+  infof(easy->easy_handle,
+        "STATE: %s => %s handle %p: \n",
+        statename[oldstate], statename[easy->state], (char *)easy);
+#endif
+}

 CURLM *curl_multi_init(void)
 {
@@ -158,7 +189,7 @@ CURLMcode curl_multi_add_handle(CURLM *multi_handle,

  /* set the easy handle */
  easy->easy_handle = easy_handle;
-  easy->state = CURLM_STATE_INIT;
+  multistate(easy, CURLM_STATE_INIT);

  /* for multi interface connections, we share DNS cache automaticly */
  easy->easy_handle->hostcache = multi->hostcache;
@@ -258,7 +289,22 @@ CURLMcode curl_multi_fdset(CURLM *multi_handle,
      break;
    case CURLM_STATE_WAITRESOLVE:
      /* waiting for a resolve to complete */
-      Curl_fdset(easy->easy_conn, read_fd_set, write_fd_set, &this_max_fd);
+      Curl_resolv_fdset(easy->easy_conn, read_fd_set, write_fd_set,
+                        &this_max_fd);
+      if(this_max_fd > *max_fd)
+        *max_fd = this_max_fd;
+      break;
+
+    case CURLM_STATE_PROTOCONNECT:
+      Curl_protocol_fdset(easy->easy_conn, read_fd_set, write_fd_set,
+                          &this_max_fd);
+      if(this_max_fd > *max_fd)
+        *max_fd = this_max_fd;
+      break;
+
+    case CURLM_STATE_DOING:
+      Curl_doing_fdset(easy->easy_conn, read_fd_set, write_fd_set,
+                       &this_max_fd);
      if(this_max_fd > *max_fd)
        *max_fd = this_max_fd;
      break;
@@ -318,6 +364,8 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
  struct Curl_message *msg = NULL;
  bool connected;
  bool async;
+  bool protocol_connect;
+  bool dophase_done;

  *running_handles = 0; /* bump this once for every living handle */

@@ -326,10 +374,6 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)

  easy=multi->easy.next;
  while(easy) {
-#if 0
-    fprintf(stderr, "HANDLE %p: State: %x\n",
-            (char *)easy, easy->state);
-#endif
    do {
      if (CURLM_STATE_WAITCONNECT <= easy->state &&
          easy->state <= CURLM_STATE_DO &&
@@ -344,13 +388,13 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
            easy->easy_handle->change.url_changed = FALSE;
            easy->result = Curl_follow(easy->easy_handle, gotourl, FALSE);
            if(CURLE_OK == easy->result)
-              easy->state = CURLM_STATE_CONNECT;
+              multistate(easy, CURLM_STATE_CONNECT);
            else
              free(gotourl);
          }
          else {
            easy->result = CURLE_OUT_OF_MEMORY;
-            easy->state = CURLM_STATE_COMPLETED;
+            multistate(easy, CURLM_STATE_COMPLETED);
            break;
          }
        }
@@ -365,7 +409,7 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)

        if(CURLE_OK == easy->result) {
          /* after init, go CONNECT */
-          easy->state = CURLM_STATE_CONNECT;
+          multistate(easy, CURLM_STATE_CONNECT);
          result = CURLM_CALL_MULTI_PERFORM;

          easy->easy_handle->state.used_interface = Curl_if_multi;
@@ -376,16 +420,22 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
        /* Connect. We get a connection identifier filled in. */
        Curl_pgrsTime(easy->easy_handle, TIMER_STARTSINGLE);
        easy->result = Curl_connect(easy->easy_handle, &easy->easy_conn,
-                                    &async);
+                                    &async, &protocol_connect);

        if(CURLE_OK == easy->result) {
          if(async)
            /* We're now waiting for an asynchronous name lookup */
-            easy->state = CURLM_STATE_WAITRESOLVE;
+            multistate(easy, CURLM_STATE_WAITRESOLVE);
          else {
-            /* after the connect has been sent off, go WAITCONNECT */
-            easy->state = CURLM_STATE_WAITCONNECT;
+            /* after the connect has been sent off, go WAITCONNECT unless the
+               protocol connect is already done and we can go directly to
+               DO! */
            result = CURLM_CALL_MULTI_PERFORM;
+
+            if(protocol_connect)
+              multistate(easy, CURLM_STATE_DO);
+            else
+              multistate(easy, CURLM_STATE_WAITCONNECT);
          }
        }
        break;
@@ -401,14 +451,17 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
        if(dns) {
          /* Perform the next step in the connection phase, and then move on
             to the WAITCONNECT state */
-          easy->result = Curl_async_resolved(easy->easy_conn);
+          easy->result = Curl_async_resolved(easy->easy_conn,
+                                             &protocol_connect);

          if(CURLE_OK != easy->result)
            /* if Curl_async_resolved() returns failure, the connection struct
               is already freed and gone */
            easy->easy_conn = NULL;           /* no more connection */
-
-          easy->state = CURLM_STATE_WAITCONNECT;
+          else {
+            /* FIX: what if protocol_connect is TRUE here?! */
+            multistate(easy, CURLM_STATE_WAITCONNECT);
+          }
        }

        if(CURLE_OK != easy->result) {
@@ -425,7 +478,8 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
        easy->result = Curl_is_connected(easy->easy_conn, FIRSTSOCKET,
                                         &connected);
        if(connected)
-          easy->result = Curl_protocol_connect(easy->easy_conn);
+          easy->result = Curl_protocol_connect(easy->easy_conn,
+                                               &protocol_connect);

        if(CURLE_OK != easy->result) {
          /* failure detected */
@@ -435,29 +489,63 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
        }

        if(connected) {
+          if(!protocol_connect) {
+            /* We have a TCP connection, but 'protocol_connect' may be false
+               and then we continue to 'STATE_PROTOCONNECT'. If protocol
+               connect is TRUE, we move on to STATE_DO. */
+            multistate(easy, CURLM_STATE_PROTOCONNECT);
+          }
+          else {
+            /* after the connect has completed, go DO */
+            multistate(easy, CURLM_STATE_DO);
+            result = CURLM_CALL_MULTI_PERFORM;
+          }
+        }
+        break;
+
+      case CURLM_STATE_PROTOCONNECT:
+        /* protocol-specific connect phase */
+        easy->result = Curl_protocol_connecting(easy->easy_conn,
+                                                &protocol_connect);
+        if(protocol_connect) {
          /* after the connect has completed, go DO */
-          easy->state = CURLM_STATE_DO;
+          multistate(easy, CURLM_STATE_DO);
          result = CURLM_CALL_MULTI_PERFORM;
        }
+        else if(easy->result) {
+          /* failure detected */
+          Curl_posttransfer(easy->easy_handle);
+          Curl_done(&easy->easy_conn, easy->result);
+          Curl_disconnect(easy->easy_conn); /* close the connection */
+          easy->easy_conn = NULL;           /* no more connection */
+        }
        break;

      case CURLM_STATE_DO:
-        /* Do the fetch or put request */
-        easy->result = Curl_do(&easy->easy_conn);
+        /* Perform the protocol's DO action */
+        easy->result = Curl_do(&easy->easy_conn, &dophase_done);
+
        if(CURLE_OK == easy->result) {

-          /* after do, go PERFORM... or DO_MORE */
-          if(easy->easy_conn->bits.do_more) {
+          if(!dophase_done) {
+            /* DO was not completed in one function call, we must continue
+               DOING... */
+            multistate(easy, CURLM_STATE_DOING);
+            result = CURLM_OK;
+          }
+
+          /* after DO, go PERFORM... or DO_MORE */
+          else if(easy->easy_conn->bits.do_more) {
            /* we're supposed to do more, but we need to sit down, relax
               and wait a little while first */
-            easy->state = CURLM_STATE_DO_MORE;
+            multistate(easy, CURLM_STATE_DO_MORE);
            result = CURLM_OK;
          }
          else {
            /* we're done with the DO, now PERFORM */
            easy->result = Curl_readwrite_init(easy->easy_conn);
            if(CURLE_OK == easy->result) {
-              easy->state = CURLM_STATE_PERFORM;
+              multistate(easy, CURLM_STATE_PERFORM);
              result = CURLM_CALL_MULTI_PERFORM;
            }
          }
@@ -471,10 +559,39 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
        }
        break;

+      case CURLM_STATE_DOING:
+        /* we continue DOING until the DO phase is complete */
+        easy->result = Curl_protocol_doing(easy->easy_conn, &dophase_done);
+        if(CURLE_OK == easy->result) {
+          if(dophase_done) {
+            /* after DO, go PERFORM... or DO_MORE */
+            if(easy->easy_conn->bits.do_more) {
+              /* we're supposed to do more, but we need to sit down, relax
+                 and wait a little while first */
+              multistate(easy, CURLM_STATE_DO_MORE);
+              result = CURLM_OK;
+            }
+            else {
+              /* we're done with the DO, now PERFORM */
+              easy->result = Curl_readwrite_init(easy->easy_conn);
+              if(CURLE_OK == easy->result) {
+                multistate(easy, CURLM_STATE_PERFORM);
+                result = CURLM_CALL_MULTI_PERFORM;
+              }
+            }
+          } /* dophase_done */
+        }
+        else {
+          /* failure detected */
+          Curl_posttransfer(easy->easy_handle);
+          Curl_done(&easy->easy_conn, easy->result);
+          Curl_disconnect(easy->easy_conn); /* close the connection */
+          easy->easy_conn = NULL;           /* no more connection */
+        }
+        break;
+
      case CURLM_STATE_DO_MORE:
-        /*
-         * First, check if we really are ready to do more.
-         */
+        /* Ready to do more? */
        easy->result = Curl_is_connected(easy->easy_conn, SECONDARYSOCKET,
                                         &connected);
        if(connected) {
@@ -487,7 +604,7 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
            easy->result = Curl_readwrite_init(easy->easy_conn);

          if(CURLE_OK == easy->result) {
-            easy->state = CURLM_STATE_PERFORM;
+            multistate(easy, CURLM_STATE_PERFORM);
            result = CURLM_CALL_MULTI_PERFORM;
          }
        }
@@ -532,7 +649,7 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
            if(easy->result == CURLE_OK)
              easy->result = Curl_follow(easy->easy_handle, newurl, retry);
            if(CURLE_OK == easy->result) {
-              easy->state = CURLM_STATE_CONNECT;
+              multistate(easy, CURLM_STATE_CONNECT);
              result = CURLM_CALL_MULTI_PERFORM;
            }
            else
@@ -542,7 +659,7 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
          }
          else {
            /* after the transfer is done, go DONE */
-            easy->state = CURLM_STATE_DONE;
+            multistate(easy, CURLM_STATE_DONE);
            result = CURLM_CALL_MULTI_PERFORM;
          }
        }
@@ -553,7 +670,7 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)

        /* after we have DONE what we're supposed to do, go COMPLETED, and
           it doesn't matter what the Curl_done() returned! */
-        easy->state = CURLM_STATE_COMPLETED;
+        multistate(easy, CURLM_STATE_COMPLETED);
        break;

      case CURLM_STATE_COMPLETED:
@@ -571,7 +688,7 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)
          /*
           * If an error was returned, and we aren't in completed state now,
           * then we go to completed and consider this transfer aborted.  */
-          easy->state = CURLM_STATE_COMPLETED;
+          multistate(easy, CURLM_STATE_COMPLETED);
        }
        else
          /* this one still lives! */
@@ -600,7 +717,6 @@ CURLMcode curl_multi_perform(CURLM *multi_handle, int *running_handles)

      multi->num_msgs++; /* increase message counter */
    }
-
    easy = easy->next; /* operate on next handle */
  }

--- a/lib/multiif.h
+++ b/lib/multiif.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -27,5 +27,4 @@
 * Prototypes for library-wide functions provided by multi.c
 */
 void Curl_multi_rmeasy(void *multi, CURL *data);
-
 #endif /* __MULTIIF_H */
--- a/lib/parsedate.c
+++ b/lib/parsedate.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -86,14 +86,14 @@

 static time_t Curl_parsedate(const char *date);

-static const char * const wkday[] =
-  {"Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"};
+const char * const Curl_wkday[] =
+{"Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"};
 static const char * const weekday[] =
-  { "Monday", "Tuesday", "Wednesday", "Thursday",
-                                 "Friday", "Saturday", "Sunday" };
-static const char * const month[]=
-  { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
-    "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
+{ "Monday", "Tuesday", "Wednesday", "Thursday",
+  "Friday", "Saturday", "Sunday" };
+const char * const Curl_month[]=
+{ "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+  "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };

 struct tzinfo {
  const char *name;
@@ -161,7 +161,7 @@ static int checkday(char *check, size_t len)
  if(len > 3)
    what = &weekday[0];
  else
-    what = &wkday[0];
+    what = &Curl_wkday[0];
  for(i=0; i<7; i++) {
    if(curl_strequal(check, what[0])) {
      found=TRUE;
@@ -178,7 +178,7 @@ static int checkmonth(char *check)
  const char * const *what;
  bool found= FALSE;

-  what = &month[0];
+  what = &Curl_month[0];
  for(i=0; i<12; i++) {
    if(curl_strequal(check, what[0])) {
      found=TRUE;
@@ -369,10 +369,17 @@ static time_t Curl_parsedate(const char *date)
  tm.tm_yday = 0;
  tm.tm_isdst = 0;

+  /* mktime() returns a time_t. time_t is often 32 bits, even on many
+     architectures that feature 64 bit 'long'.
+
+     Some systems have 64 bit time_t and deal with years beyond 2038. However,
+     even some of the systems with 64 bit time_t returns -1 for dates beyond
+     03:14:07 UTC, January 19, 2038. (Such as AIX 5100-06)
+  */
  t = mktime(&tm);

  /* time zone adjust */
-  {
+  if(-1 != t) {
    struct tm *gmt;
    long delta;
    time_t t2;
--- a/lib/parsedate.h
+++ b/lib/parsedate.h
@@ -0,0 +1,28 @@
+#ifndef __PARSEDATE_H
+#define __PARSEDATEL_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * $Id$
+ ***************************************************************************/
+extern const char * const Curl_wkday[7];
+extern const char * const Curl_month[12];
+
+#endif
--- a/lib/security.c
+++ b/lib/security.c
@@ -46,7 +46,6 @@
 #define _MPRINTF_REPLACE /* we want curl-functions instead of native ones */
 #include <curl/mprintf.h>

-#include "security.h"
 #include <stdlib.h>
 #include <string.h>
 #include <netdb.h>
@@ -55,6 +54,8 @@
 #include <unistd.h>
 #endif

+#include "urldata.h"
+#include "krb4.h"
 #include "base64.h"
 #include "sendf.h"
 #include "ftp.h"
@@ -297,13 +298,15 @@ int
 Curl_sec_read_msg(struct connectdata *conn, char *s, int level)
 {
  int len;
-  char *buf;
+  unsigned char *buf;
  int code;

-  buf = malloc(strlen(s));
-  len = Curl_base64_decode(s + 4, buf); /* XXX */
+  len = Curl_base64_decode(s + 4, &buf); /* XXX */
+  if(len > 0)
+    len = (conn->mech->decode)(conn->app_data, buf, len, level, conn);
+  else
+    return -1;

-  len = (conn->mech->decode)(conn->app_data, buf, len, level, conn);
  if(len < 0) {
    free(buf);
    return -1;
@@ -314,10 +317,10 @@ Curl_sec_read_msg(struct connectdata *conn, char *s, int level)
  if(buf[3] == '-')
    code = 0;
  else
-    sscanf(buf, "%d", &code);
+    sscanf((char *)buf, "%d", &code);
  if(buf[len-1] == '\n')
    buf[len-1] = '\0';
-  strcpy(s, buf);
+  strcpy(s, (char *)buf);
  free(buf);
  return code;
 }
--- a/lib/security.h
+++ b/lib/security.h
@@ -1,72 +0,0 @@
-#ifndef __SECURITY_H
-#define __SECURITY_H
-/***************************************************************************
- *                                  _   _ ____  _
- *  Project                     ___| | | |  _ \| |
- *                             / __| | | | |_) | |
- *                            | (__| |_| |  _ <| |___
- *                             \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at http://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- * $Id$
- ***************************************************************************/
-
-/* this is a re-write */
-
-#include <stdarg.h>
-#include "urldata.h"  /* for struct connectdata * */
-
-struct Curl_sec_client_mech {
-  const char *name;
-  size_t size;
-  int (*init)(void *);
-  int (*auth)(void *, struct connectdata *);
-  void (*end)(void *);
-  int (*check_prot)(void *, int);
-  int (*overhead)(void *, int, int);
-  int (*encode)(void *, void*, int, int, void**, struct connectdata *);
-  int (*decode)(void *, void*, int, int, struct connectdata *);
-};
-
-
-#define AUTH_OK         0
-#define AUTH_CONTINUE   1
-#define AUTH_ERROR      2
-
-extern struct Curl_sec_client_mech Curl_krb4_client_mech;
-
-int Curl_sec_fflush_fd(struct connectdata *conn, int fd);
-int Curl_sec_fprintf (struct connectdata *, FILE *, const char *, ...);
-int Curl_sec_getc (struct connectdata *conn, FILE *);
-int Curl_sec_putc (struct connectdata *conn, int, FILE *);
-int Curl_sec_read (struct connectdata *conn, int, void *, int);
-int Curl_sec_read_msg (struct connectdata *conn, char *, int);
-
-int Curl_sec_vfprintf(struct connectdata *, FILE *, const char *, va_list);
-int Curl_sec_fprintf2(struct connectdata *conn, FILE *f, const char *fmt, ...);
-int Curl_sec_vfprintf2(struct connectdata *conn, FILE *, const char *, va_list);
-int Curl_sec_write (struct connectdata *conn, int, char *, int);
-
-void Curl_sec_end (struct connectdata *);
-int Curl_sec_login (struct connectdata *);
-void Curl_sec_prot (int, char **);
-int Curl_sec_request_prot (struct connectdata *conn, const char *level);
-void Curl_sec_set_protection_level(struct connectdata *conn);
-void Curl_sec_status (void);
-
-enum protection_level Curl_set_command_prot(struct connectdata *,
-                                            enum protection_level);
-
-#endif
--- a/lib/select.c
+++ b/lib/select.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -51,9 +51,15 @@
 #include "select.h"

 #ifdef WIN32
-#define VALID_SOCK(s) (1)  /* Win-sockets are not in range [0..FD_SETSIZE> */
+#define VERIFY_SOCK(x)  /* Win-sockets are not in range [0..FD_SETSIZE> */
 #else
 #define VALID_SOCK(s) (((s) >= 0) && ((s) < FD_SETSIZE))
+#define VERIFY_SOCK(x) do { \
+  if(!VALID_SOCK(x)) { \
+    errno = EINVAL; \
+    return -1; \
+  } \
+} while(0)
 #endif

 /*
@@ -129,10 +135,7 @@ int Curl_select(curl_socket_t readfd, curl_socket_t writefd, int timeout_ms)

  FD_ZERO(&fds_read);
  if (readfd != CURL_SOCKET_BAD) {
-    if (!VALID_SOCK(readfd)) {
-      errno = EINVAL;
-      return -1;
-    }
+    VERIFY_SOCK(readfd);
    FD_SET(readfd, &fds_read);
    FD_SET(readfd, &fds_err);
    maxfd = readfd;
@@ -140,10 +143,7 @@ int Curl_select(curl_socket_t readfd, curl_socket_t writefd, int timeout_ms)

  FD_ZERO(&fds_write);
  if (writefd != CURL_SOCKET_BAD) {
-    if (!VALID_SOCK(writefd)) {
-      errno = EINVAL;
-      return -1;
-    }
+    VERIFY_SOCK(writefd);
    FD_SET(writefd, &fds_write);
    FD_SET(writefd, &fds_err);
    if (writefd > maxfd)
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -49,7 +49,7 @@
 #include <curl/mprintf.h>

 #ifdef HAVE_KRB4
-#include "security.h"
+#include "krb4.h"
 #endif
 #include <string.h>
 #include "memory.h"
--- a/lib/sendf.h
+++ b/lib/sendf.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
--- a/lib/setup.h
+++ b/lib/setup.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -160,7 +160,7 @@ typedef unsigned char bool;
 #define WIN32_LEAN_AND_MEAN  /* Prevent including <winsock*.h> in <windows.h> */
 #endif

-#if HAVE_WINSOCK2_H
+#ifdef HAVE_WINSOCK2_H
 #include <winsock2.h>        /* required by telnet.c */
 #endif

@@ -276,4 +276,8 @@ typedef int curl_socket_t;

 #define LIBIDN_REQUIRED_VERSION "0.4.1"

+#ifdef __UCLIBC__
+#define HAVE_INET_NTOA_R_2_ARGS 1
+#endif
+
 #endif /* __CONFIG_H */
--- a/lib/ssluse.c
+++ b/lib/ssluse.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -103,6 +103,13 @@
 #define HAVE_ERR_ERROR_STRING_N 1
 #endif

+/*
+ * Number of bytes to read from the random number seed file. This must be
+ * a finite value (because some entropy "files" like /dev/urandom have
+ * an infinite length), but must be large enough to provide enough
+ * entopy to properly seed OpenSSL's PRNG.
+ */
+#define RAND_LOAD_LENGTH 1024

 #ifndef HAVE_USERDATA_IN_PWD_CALLBACK
 static char global_passwd[64];
@@ -169,7 +176,7 @@ int random_the_seed(struct SessionHandle *data)
    /* let the option override the define */
    nread += RAND_load_file((data->set.ssl.random_file?
                             data->set.ssl.random_file:RANDOM_FILE),
-                            16384);
+                            RAND_LOAD_LENGTH);
    if(seed_enough(nread))
      return nread;
  }
@@ -231,7 +238,7 @@ int random_the_seed(struct SessionHandle *data)
  RAND_file_name(buf, BUFSIZE);
  if(buf[0]) {
    /* we got a file name to try */
-    nread += RAND_load_file(buf, 16384);
+    nread += RAND_load_file(buf, RAND_LOAD_LENGTH);
    if(seed_enough(nread))
      return nread;
  }
@@ -450,6 +457,11 @@ int cert_stuff(struct connectdata *conn,
    }

    ssl=SSL_new(ctx);
+    if (NULL == ssl) {
+      failf(data,"unable to create an SSL structure\n");
+      return 0;
+    }
+
    x509=SSL_get_certificate(ssl);

    /* This version was provided by Evan Jordan and is supposed to not
@@ -515,15 +527,18 @@ static int init_ssl=0;
 static bool ssl_seeded = FALSE;
 #endif /* USE_SSLEAY */

-/* Global init */
-void Curl_SSL_init(void)
+/**
+ * Global SSL init
+ *
+ * @retval 0 error initializing SSL
+ * @retval 1 SSL initialized successfully
+ */
+int Curl_SSL_init(void)
 {
 #ifdef USE_SSLEAY
  /* make sure this is only done once */
-  if(0 != init_ssl)
-    return;
-
-  init_ssl++; /* never again */
+  if(init_ssl)
+    return 1;

 #ifdef HAVE_ENGINE_LOAD_BUILTIN_ENGINES
  ENGINE_load_builtin_engines();
@@ -533,10 +548,16 @@ void Curl_SSL_init(void)
  SSL_load_error_strings();

  /* Setup all the global SSL stuff */
-  SSLeay_add_ssl_algorithms();
+  if (!SSLeay_add_ssl_algorithms())
+    return 0;
+
+  init_ssl++; /* never again */
+
 #else
  /* SSL disabled, do nothing */
 #endif
+
+  return 1;
 }

 /* Global cleanup */
@@ -784,6 +805,7 @@ int Curl_SSL_Close_All(struct SessionHandle *data)

    /* free the cache data */
    free(data->state.session);
+    data->state.session = NULL;
  }
 #ifdef HAVE_OPENSSL_ENGINE_H
  if(data->state.engine) {
@@ -798,7 +820,7 @@ int Curl_SSL_Close_All(struct SessionHandle *data)
 /*
 * Extract the session id and store it in the session cache.
 */
-static int Store_SSL_Session(struct connectdata *conn,
+static CURLcode Store_SSL_Session(struct connectdata *conn,
                             struct ssl_connect_data *ssl)
 {
  SSL_SESSION *ssl_sessionid;
@@ -810,7 +832,7 @@ static int Store_SSL_Session(struct connectdata *conn,

  clone_host = strdup(conn->host.name);
  if(!clone_host)
-    return -1; /* bail out */
+    return CURLE_OUT_OF_MEMORY; /* bail out */

  /* ask OpenSSL, say please */

@@ -857,9 +879,10 @@ static int Store_SSL_Session(struct connectdata *conn,
  store->name = clone_host;               /* clone host name */
  store->remote_port = conn->remote_port; /* port number */

-  Curl_clone_ssl_config(&conn->ssl_config, &store->ssl_config);
+  if (!Curl_clone_ssl_config(&conn->ssl_config, &store->ssl_config))
+    return CURLE_OUT_OF_MEMORY;

-  return 0;
+  return CURLE_OK;
 }

 static int Curl_ASN1_UTCTIME_output(struct connectdata *conn,
@@ -1313,9 +1336,16 @@ Curl_SSLConnect(struct connectdata *conn,

 #ifdef SSL_CTRL_SET_MSG_CALLBACK
  if (data->set.fdebug) {
-    SSL_CTX_callback_ctrl(connssl->ctx, SSL_CTRL_SET_MSG_CALLBACK,
-                          ssl_tls_trace);
-    SSL_CTX_ctrl(connssl->ctx, SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, conn);
+    if (!SSL_CTX_callback_ctrl(connssl->ctx, SSL_CTRL_SET_MSG_CALLBACK,
+                               ssl_tls_trace)) {
+      failf(data, "SSL: couldn't set callback!");
+      return CURLE_SSL_CONNECT_ERROR;
+    }
+
+    if (!SSL_CTX_ctrl(connssl->ctx, SSL_CTRL_SET_MSG_CALLBACK_ARG, 0, conn)) {
+      failf(data, "SSL: couldn't set callback argument!");
+      return CURLE_SSL_CONNECT_ERROR;
+    }
  }
 #endif

@@ -1409,6 +1439,10 @@ Curl_SSLConnect(struct connectdata *conn,

  /* Lets make an SSL structure */
  connssl->handle = SSL_new(connssl->ctx);
+  if (!connssl->handle) {
+    failf(data, "SSL: couldn't create a context (handle)!");
+    return CURLE_OUT_OF_MEMORY;
+  }
  SSL_set_connect_state(connssl->handle);

  connssl->server_cert = 0x0;
@@ -1418,14 +1452,22 @@ Curl_SSLConnect(struct connectdata *conn,
       can/should use here! */
    if(!Get_SSL_Session(conn, &ssl_sessionid)) {
      /* we got a session id, use it! */
-      SSL_set_session(connssl->handle, ssl_sessionid);
+        if (!SSL_set_session(connssl->handle, ssl_sessionid)) {
+          failf(data, "SSL: SSL_set_session failed: %s",
+                ERR_error_string(ERR_get_error(),NULL));
+          return CURLE_SSL_CONNECT_ERROR;
+        }
      /* Informational message */
      infof (data, "SSL re-using session ID\n");
    }
  }

  /* pass the raw socket into the SSL layers */
-  SSL_set_fd(connssl->handle, sockfd);
+  if (!SSL_set_fd(connssl->handle, sockfd)) {
+     failf(data, "SSL: SSL_set_fd failed: %s",
+           ERR_error_string(ERR_get_error(),NULL));
+     return CURLE_SSL_CONNECT_ERROR;
+  }

  while(1) {
    int writefd;
@@ -1563,7 +1605,11 @@ Curl_SSLConnect(struct connectdata *conn,
  if(!ssl_sessionid) {
    /* Since this is not a cached session ID, then we want to stach this one
       in the cache! */
-    Store_SSL_Session(conn, connssl);
+    retcode = Store_SSL_Session(conn, connssl);
+    if(retcode) {
+      failf(data,"failure to store ssl session");
+      return retcode;
+    }
  }


@@ -1585,6 +1631,7 @@ Curl_SSLConnect(struct connectdata *conn,
  if(!str) {
    failf(data, "SSL: couldn't get X509-subject!");
    X509_free(connssl->server_cert);
+    connssl->server_cert = NULL;
    return CURLE_SSL_CONNECT_ERROR;
  }
  infof(data, "\t subject: %s\n", str);
@@ -1600,6 +1647,7 @@ Curl_SSLConnect(struct connectdata *conn,
    retcode = verifyhost(conn, connssl->server_cert);
    if(retcode) {
      X509_free(connssl->server_cert);
+      connssl->server_cert = NULL;
      return retcode;
    }
  }
@@ -1637,6 +1685,7 @@ Curl_SSLConnect(struct connectdata *conn,
  }

  X509_free(connssl->server_cert);
+  connssl->server_cert = NULL;
 #else /* USE_SSLEAY */
  (void)conn;
  (void)sockindex;
--- a/lib/ssluse.h
+++ b/lib/ssluse.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -25,7 +25,7 @@
 #include "urldata.h"
 CURLcode Curl_SSLConnect(struct connectdata *conn, int sockindex);

-void Curl_SSL_init(void);    /* Global SSL init */
+int Curl_SSL_init(void);    /* Global SSL init */
 void Curl_SSL_cleanup(void); /* Global SSL cleanup */

 /* init the SSL session ID cache */
--- a/Show More
+++ b/Show More