7.16.4 preps

added better CodeWarrior detection (forgot to add with previos version).
added better CodeWarrior detection;
2007-07-10 21:36:30 +00:00 · 2007-07-09 02:00:39 +00:00 · 2007-07-08 23:19:24 +00:00 · 2007-07-08 23:18:47 +00:00 · 2007-07-08 23:17:56 +00:00 · 2007-07-07 16:26:02 +00:00
78 changed files with 3225 additions and 822 deletions
--- a/136
+++ b/136
@@ -6,6 +6,142 @@

                                  Changelog

+Version 7.16.4 (10 July 2007)
+
+Daniel S (10 July 2007)
+- Kees Cook notified us about a security flaw
+  (http://curl.haxx.se/docs/adv_20070710.html) in which libcurl failed to
+  properly reject some outdated or not yet valid server certificates when
+  built with GnuTLS. Kees also provided the patch.
+
+James H (5 July 2007)
+- Gavrie Philipson provided a patch that will use a more specific error
+  message for an scp:// upload failure.  If libssh2 has his matching
+  patch, then the error message return by the server will be used instead
+  of a more generic error.
+
+Daniel S (1 July 2007)
+- Thomas J. Moore provided a patch that introduces Kerberos5 support in
+  libcurl. This also makes the options change name to --krb (from --krb4) and
+  CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still 
+
+- Song Ma helped me verify and extend a fix for doing FTP over a SOCKS4/5
+  proxy.
+
+Daniel S (27 June 2007)
+- James Housley: Add two new options for the SFTP/SCP/FILE protocols:
+  CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS. These control the
+  premissions for files and directories created on the remote
+  server. CURLOPT_NEW_FILE_PERMS defaults to 0644 and
+  CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755
+
+- I corrected the 10-at-a-time.c example and applied a patch for it by James
+  Bursa.
+
+Daniel S (26 June 2007)
+- Robert Iakobashvili re-arranged the internal hash code to work with a custom
+  hash function for different hashes, and also expanded the default size for
+  the socket hash table used in multi handles to greatly enhance speed when
+  very many connections are added and the socket API is used.
+
+- James Housley made the CURLOPT_FTPLISTONLY mode work for SFTP directory
+  listings as well
+
+Daniel S (25 June 2007)
+- Adjusted how libcurl treats HTTP 1.1 responses without content-lenth or
+  chunked encoding (that also lacks "Connection: close"). It now simply
+  assumes that the connection WILL be closed to signal the end, as that is how
+  RFC2616 section 4.4 point #5 says we should behave.
+  
+Version 7.16.3 (25 June 2007)
+
+Daniel S (23 June 2007)
+- As reported by "Tro" in http://curl.haxx.se/mail/lib-2007-06/0161.html and
+  http://curl.haxx.se/mail/lib-2007-06/0238.html, libcurl didn't properly do
+  no-body requests on FTP files on re-used connections properly, or at least
+  it didn't provide the info back in the header callback properly in the
+  subsequent requests.
+
+Daniel S (21 June 2007)
+- Gerrit Bruchh<68>user pointed out a warning that the Intel(R) Thread Checker
+  tool reports and it was indeed a legitimate one and it is one fixed. It was
+  a use of a share without doing the proper locking first.
+  
+Daniel S (20 June 2007)
+- Adam Piggott filed bug report #1740263
+  (http://curl.haxx.se/bug/view.cgi?id=1740263). Adam discovered that when
+  getting a large amount of URLs with curl, they were fetched slower and
+  slower... which turned out to be because the --libcurl data collecting which
+  wrongly always was enabled, but no longer is...
+
+Daniel S (18 June 2007)
+- Robson Braga Araujo filed bug report #1739100
+  (http://curl.haxx.se/bug/view.cgi?id=1739100) that mentioned that libcurl
+  could not actually list the contents of the root directory of a given FTP
+  server if the login directory isn't root. I fixed the problem and added
+  three test cases (one is disabled for now since I identified KNOWN_BUGS #44,
+  we cannot use --ftp-method nocwd and list ftp directories).
+
+Daniel S (14 June 2007)
+- Shmulik Regev:
+
+  I've encountered (and hopefully fixed) a problem involving proxy CONNECT
+  requests and easy handles state management. The problem isn't simple to
+  reproduce since it depends on socket state. It only manifests itself when
+  working with non-blocking sockets.
+
+  Here is the scenario:
+
+  1. in multi_runsingle the easy handle is in the CURLM_STATE_WAITCONNECT and
+  calls Curl_protocol_connect
+
+  2. in Curl_proxyCONNECT, line 1247, if the socket isn't ready the function
+  returns and conn->bits.tunnel_connecting is TRUE
+
+  3. when the call to Curl_protocol_connect returns the protocol_connect flag
+  is false and the easy state is changed to CURLM_STATE_PROTOCONNECT which
+  isn't correct if a proxy is used.  Rather CURLM_STATE_WAITPROXYCONNECT
+  should be used.
+
+  I discovered this while performing an HTTPS request through a proxy (squid)
+  on my local network. The problem caused openssl to fail as it read the proxy
+  response to the CONNECT call ('HTTP/1.0 Established') rather than the SSL
+  handshake (the exact openssl error was 'wrong ssl version' but this isn't
+  very important)
+
+- Dave Vasilevsky filed bug report #1736875
+  (http://curl.haxx.se/bug/view.cgi?id=1736875) almost simultanouesly as Dan
+  Fandrich mentioned a related build problem on the libcurl mailing list:
+  http://curl.haxx.se/mail/lib-2007-06/0131.html. Both problems had the same
+  reason: the definitions of the POLL* defines and the pollfd struct in the
+  libcurl code was depending on HAVE_POLL instead of HAVE_SYS_POLL_H.
+
+Daniel S (13 June 2007)
+- Tom Regner provided a patch and worked together with James Housley, so now
+  CURLOPT_FTP_CREATE_MISSING_DIRS works for SFTP connections as well as FTP
+  ones.
+
+- Rich Rauenzahn filed bug report #1733119
+  (http://curl.haxx.se/bug/view.cgi?id=1733119) and we collaborated on the
+  fix.  The problem is that for 64bit HPUX builds, several socket-related
+  functions would still assume int (32 bit) arguments and not socklen_t (64
+  bit) ones.
+
+Daniel S (12 June 2007)
+- James Housley brought his revamped SSH code that is state-machine driven to
+  really take advantage of the now totally non-blocking libssh2 (in CVS).
+
+Dan F (8 June 2007)
+- Incorporated Daniel Black's test706 and test707 SOCKS test cases.
+
+- Fixed a few problems when starting the SOCKS server.
+
+- Reverted some recent changes to runtests.pl that weren't compatible with
+  perl 5.0.
+
+- Fixed the test harness so that it actually kills the ssh being used as
+  the SOCKS server.
+
 Daniel S (6 June 2007)
 - -s/--silent can now be used to toggle off the silence again if used a second
  time.
--- a/Makefile.dist
+++ b/Makefile.dist
@@ -234,6 +234,10 @@ netware-clean:
 	$(MAKE) -C lib -f Makefile.netware clean
 	$(MAKE) -C src -f Makefile.netware clean

+netware-install:
+	$(MAKE) -C lib -f Makefile.netware install
+	$(MAKE) -C src -f Makefile.netware install
+
 unix: all

 unix-ssl: ssl
--- a/79
+++ b/79
@@ -1,59 +1,30 @@
-Curl and libcurl 7.16.3
+Curl and libcurl 7.16.4

- Public curl release number:               99
+ Public curl release number:               100
 Releases counted from the very beginning: 126
 Available command line options:           118
- Available curl_easy_setopt() options:     141
- Number of public functions in libcurl:    54
- Amount of public web site mirrors:        38
+ Available curl_easy_setopt() options:     143
+ Number of public functions in libcurl:    55
+ Amount of public web site mirrors:        39
 Number of known libcurl bindings:         35
- Number of contributors:                   554
+ Number of contributors:                   572

 This release includes the following changes:
 
- o added curl_multi_socket_action()
- o deprecated curl_multi_socket()
- o uses less memory in non-pipelined use cases
- o CURLOPT_HTTP200ALIASES matched transfers assume HTTP 1.0 compliance
- o more than one test harness can run at the same time without conflict
- o SFTP now supports quote commands before a transfer
- o CURLMOPT_MAXCONNECTS added to curl_multi_setopt()
- o upload resume works for file:// URLs
- o asynchronous name resolves now require c-ares 1.4.0 or later
- o added SOCKS test cases
+ o added CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS
+ o improved hashing of sockets for the multi_socket API
+ o ftp kerberos5 support added

 This release includes the following bugfixes:

- o if2up too long interface name memory leak
- o test case 534 started to fail 2007-04-13 due to the existance of a
-   new host on the net with the same silly domain the test was using
-   for a host which was supposed not to exist.
- o test suite SSL certificate works better with newer stunnel
- o internal progress meter update frequency back to once per second
- o avoid some unnecessary calls to function gettimeofday
- o a double-free in the SSL-layer
- o GnuTLS free of NULL credentials
- o NSS-fix for closing down SSL
- o bad warning from configure when gnutls was selected
- o compilation on VMS 64-bit mode
- o SCP/SFTP downloads could hang on the last bytes of a transfer
- o curl_easy_duphandle() crash
- o curl -V / curl_version*() works even when GnuTLS is used on a system without
-   a good random source
- o curl_multi_socket() not "noticing" newly added handles
- o lack of Content-Length and chunked encoding now requires HTTP 1.1 as well
-   to be treated as without response body
- o connection cache growth in multi handles
- o better handling of out of memory conditions
- o overwriting an uploaded file with sftp now truncates it first
- o SFTP quote commands chmod, chown, chgrp can now set a value of 0
- o TFTP connect timouts less than 5 seconds
- o improved curl -w for TFTP transfers
- o memory leak when failed OpenSSL certificate CN field checking
- o memory leak when OpenSSL failed PKCS #12 parsing
- o FPL-SSL when built with NSS
- o out-of-boundary write in Curl_select()
- o -s/--silent can now be used to toggle off the silence again
+ o adjusted how libcurl treats HTTP 1.1 responses without content-lenth or
+   chunked encoding
+ o fixed the 10-at-a-time.c example
+ o FTP over SOCKS proxy
+ o improved error messages on SCP upload failures
+ o security flaw (http://curl.haxx.se/docs/adv_20070710.html) in which libcurl
+   failed to properly reject some outdated or not yet valid server certificates
+   when built with GnuTLS

 This release includes the following known bugs:

@@ -61,24 +32,16 @@ This release includes the following known bugs:

 Other curl-related news:

- o PycURL 7.16.2.1 was released: http://pycurl.sf.net/
- o TclCurl 7.16.2 was released:
-   http://personal1.iddeo.es/andresgarci/tclcurl/english/
+ o 

 New curl mirrors:

- o http://curl.spegulo.be is a new mirror in Belgium
- o http://curl.piotrkosoft.net is a new mirror in Poland
- o http://curl.smudge-it.net is a new mirror in St Louis, MO, USA
- o http://curl.askapache.com is a new mirror in Indiana, USA
+ o 

 This release would not have looked like this without help, code, reports and
 advice from friends like these:

- Song Ma, Dan Fandrich, Yang Tse, Jay Austin, Robert Iakobashvil,
- James Housley, Daniel Black, Steve Little, Sonia Subramanian, Peter O'Gorman,
- Frank Hempel, Michael Wallner, Jeff Pohlmeyer, Tobias Rundstr<74>m,
- Anders Gustafsson, James Bursa, Kristian Gunstone, Feng Tu,
- Andre Guibert de Bruet, Rob Crittenden
+ Robert Iakobashvili, James Housley, G<>nter Knauf, James Bursa, Song Ma,
+ Thomas J. Moore, Gavrie Philipson, Kees Cook

        Thanks! (and sorry if I forgot to mention someone)
--- a/ares/Makefile.netware
+++ b/ares/Makefile.netware
@@ -35,10 +35,10 @@ ifndef LIBARCH
 LIBARCH = LIBC
 endif

-# must be equal to DEBUG or NDEBUG
+# must be equal to NDEBUG or DEBUG, CURLDEBUG
+ifndef DB
 DB	= NDEBUG
-# DB	= DEBUG
-# DB	= CURLDEBUG
+endif
 # Optimization: -O<n> or debugging: -g
 ifeq ($(DB),NDEBUG)
 	OPT	= -O2
@@ -51,12 +51,20 @@ endif
 # Include the version info retrieved from curlver.h
 -include $(OBJDIR)/version.inc

-# The following line defines your compiler.
+# The following lines defines your compiler.
+ifdef CWFolder
+	METROWERKS = $(CWFolder)
+endif
 ifdef METROWERKS
+	# MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support
+	MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support/Metrowerks Support
 	CC = mwccnlm
 else
 	CC = gcc
 endif
+# a native win32 awk can be downloaded from here:
+# http://www.gknw.net/development/prgtools/awk-20050424.zip
+AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
 # RM	= rm -f
@@ -82,8 +90,10 @@ ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.o
 	CFLAGS += -align 4
 else
-	PRELUDE = "$(METROWERKS)/Novell Support/libraries/runtime/prelude.obj"
-#	CFLAGS += -include "$(METROWERKS)/Novell Support/headers/nlm_prefix.h"
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.o
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+	PRELUDE = "$(MWCW_PATH)/libraries/runtime/prelude.obj"
+	# CFLAGS += -include "$(MWCW_PATH)/headers/nlm_clib_prefix.h"
 	CFLAGS += -align 1
 endif
 else
@@ -98,7 +108,10 @@ CFLAGS	+= -Wall -Wno-format -Wno-uninitialized # -pedantic
 ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
 else
-	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+	# http://www.gknw.net/development/mk_nlm/gcc_pre.zip
+	PRELUDE = $(NDK_ROOT)/pre/prelude.o
 	CFLAGS += -include $(NDKBASE)/nlmconv/genlm.h
 endif
 endif
@@ -108,14 +121,14 @@ SDK_CLIB = $(NDK_ROOT)/nwsdk
 SDK_LIBC = $(NDK_ROOT)/libc

 ifeq ($(LIBARCH),LIBC)
-	INCLUDES += -I$(SDK_LIBC)/include -I$(SDK_LIBC)/include/nks
+	INCLUDES += -I$(SDK_LIBC)/include
+	# INCLUDES += -I$(SDK_LIBC)/include/nks
 	# INCLUDES += -I$(SDK_LIBC)/include/winsock
 	CFLAGS += -D_POSIX_SOURCE
-#	CFLAGS += -D__ANSIC__
 else
-	INCLUDES += -I$(SDK_CLIB)/include/nlm -I$(SDK_CLIB)/include
+	INCLUDES += -I$(SDK_CLIB)/include/nlm
 	# INCLUDES += -I$(SDK_CLIB)/include/nlm/obsolete
-	CFLAGS += -DNETDB_USE_INTERNET
+	# INCLUDES += -I$(SDK_CLIB)/include
 endif
 CFLAGS	+= -I. $(INCLUDES)

@@ -135,13 +148,13 @@ endif
 include Makefile.inc

 OBJLIB	:= $(patsubst %.c,$(OBJDIR)/%.o,$(strip $(CSOURCES)))
-OBJEXE	= $(OBJLIB) $(OBJDIR)/ares_getopt.o  
+OBJEXE	= $(OBJLIB) $(OBJDIR)/ares_getopt.o

 .PHONY: lib nlm prebuild dist install clean

 lib: prebuild $(LTARGET)

-nlm: prebuild $(TARGETS) 
+nlm: prebuild $(TARGETS)

 prebuild: $(OBJDIR) $(OBJDIR)/version.inc config.h arpa/nameser.h

@@ -186,7 +199,7 @@ $(OBJDIR)/%.o: %.c

 $(OBJDIR)/version.inc: ares_version.h $(OBJDIR)
 	@echo Creating $@
-	@awk -f ../packages/NetWare/get_ver.awk $< > $@
+	@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@

 $(OBJDIR)/%.xdc: Makefile.netware
 	@echo Creating $@
@@ -267,25 +280,77 @@ config.h: Makefile.netware
 	@echo $(DL)#ifndef NETWARE$(DL) >> $@
 	@echo $(DL)#error This $(notdir $@) is created for NetWare platform!$(DL) >> $@
 	@echo $(DL)#endif$(DL) >> $@
-	@echo $(DL)#define OS "i586-pc-NetWare"$(DL) >> $@
 	@echo $(DL)#define VERSION "$(LIBCARES_VERSION_STR)"$(DL) >> $@
 	@echo $(DL)#define PACKAGE_BUGREPORT "a suitable curl mailing list => http://curl.haxx.se/mail/"$(DL) >> $@
-	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ARPA_NAMESER_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
+ifeq ($(LIBARCH),CLIB)
+	@echo $(DL)#define OS "i586-pc-clib-NetWare"$(DL) >> $@
+	@echo $(DL)#define MAXHOSTNAMELEN 256$(DL) >> $@
+	@echo $(DL)#define NETDB_USE_INTERNET 1$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG2 char *$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG3 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_RETV int$(DL) >> $@
+	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG2 char *$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
+	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
+	@echo $(DL)#define socklen_t int$(DL) >> $@
+	@echo $(DL)#define strncasecmp strnicmp$(DL) >> $@
+	@echo $(DL)#define strcasecmp stricmp$(DL) >> $@
+else
+	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
 	@echo $(DL)#define HAVE_DLFCN_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_DLOPEN 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
-	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FTRUNCATE 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETTIMEOFDAY 1$(DL) >> $@
-	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_PTON 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INTTYPES_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LIMITS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LONGLONG 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRTOLL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
+	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG2 void *$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG3 size_t$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_RETV ssize_t$(DL) >> $@
+	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG2 void *$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG3 size_t$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
+	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
+	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
+endif
+	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_ARPA_NAMESER_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GETHOSTBYNAME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GETPROTOBYNAME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GMTIME_R 1$(DL) >> $@
+	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
+	@echo $(DL)#define HAVE_LL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_LOCALTIME_R 1$(DL) >> $@
 	@echo $(DL)#define HAVE_MALLOC_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_NETINET_IN_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_RECV 1$(DL) >> $@
@@ -296,46 +361,26 @@ config.h: Makefile.netware
 	@echo $(DL)#define HAVE_SIGNAL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SIG_ATOMIC_T 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SOCKET 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STDLIB_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRDUP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRFTIME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRING_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRSTR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_IOCTL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_STAT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_TIME_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TIME_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_UNAME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_UNISTD_H 1$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG2 char *$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG3 int$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_RETV int$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME_H 1$(DL) >> $@
 	@echo $(DL)#define RETSIGTYPE void$(DL) >> $@
-	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_ARG2 char *$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define SIZEOF_CURL_OFF_T 4$(DL) >> $@
+	@echo $(DL)#define SIZEOF_STRUCT_IN_ADDR 4$(DL) >> $@
 	@echo $(DL)#define STDC_HEADERS 1$(DL) >> $@
 	@echo $(DL)#define TIME_WITH_SYS_TIME 1$(DL) >> $@
-	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
-	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
-	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
-	@echo $(DL)#define SIZEOF_STRUCT_IN_ADDR 4$(DL) >> $@
 ifdef NW_WINSOCK
 	@echo $(DL)#define HAVE_CLOSESOCKET 1$(DL) >> $@
 else
--- a/ares/RELEASE-NOTES
+++ b/ares/RELEASE-NOTES
@@ -1,24 +1,9 @@
-This is what's new and changed in the c-ares 1.4.0 release:
+This is what's new and changed in the c-ares 1.4.1 release:

- o fixed VS2005 compiler warnings due to time_t being 64bit
- o introduced cryptographically secure transaction IDs
- o added ares_save_options()
- o added ares_destroy_options()
- o added ares_process_fd()
- o fixed undefined return value in init_by_resolv_conf() function for windows
- o added ares_parse_ns_reply()
- o fix failure to get the search sequence of /etc/hosts and DNS from
-   /etc/nsswitch.conf, /etc/host.conf or /etc/svc.conf when /etc/resolv.conf
-   did not exist
- o when domains were sert in the options struct, and there were domain/search
-   entries in /etc/resolv.conf, the domains of the options struct would be
-   overridden
- o removed a couple of potential zero size memory allocations
- o fixed the line endings in areslib.dsp
+ o 

 Thanks go to these friendly people for their efforts and contributions:

- Andreas Rieke, Yang Tse, Michael Wallner, Vlad Dinulescu, Ravi Pratap,
- Brad House, Shmulik Regev, Brad Spencer
+ 

 Have fun!
--- a/ares/ares.h
+++ b/ares/ares.h
@@ -20,12 +20,15 @@

 #include <sys/types.h>

-#if defined(_AIX) || defined(NETWARE)
+#if defined(_AIX) || (defined(NETWARE) && defined(__NOVELL_LIBC__))
 /* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
   libc5-based Linux systems. Only include it on system that are known to
   require it! */
 #include <sys/select.h>
 #endif
+#if (defined(NETWARE) && !defined(__NOVELL_LIBC__))
+#include <sys/bsdskt.h>
+#endif

 #if defined(WATT32)
  #include <netinet/in.h>
--- a/ares/ares_getnameinfo.c
+++ b/ares/ares_getnameinfo.c
@@ -295,7 +295,11 @@ static char *lookup_service(unsigned short port, int flags,
 #endif
 #else
          /* Lets just hope the OS uses TLS! */
+#if (defined(NETWARE) && !defined(__NOVELL_LIBC__))
+          sep = getservbyport(port, (char*)proto);
+#else
          sep = getservbyport(port, proto);
+#endif
 #endif
        }
      if (sep && sep->s_name)
--- a/ares/ares_init.c
+++ b/ares/ares_init.c
@@ -23,7 +23,10 @@
 #include <malloc.h>

 #else
+#ifdef HAVE_SYS_PARAM_H
 #include <sys/param.h>
+#endif
+
 #ifdef HAVE_SYS_TIME_H
 #include <sys/time.h>
 #endif
--- a/ares/ares_version.h
+++ b/ares/ares_version.h
@@ -5,11 +5,11 @@

 #define ARES_VERSION_MAJOR 1
 #define ARES_VERSION_MINOR 4
-#define ARES_VERSION_PATCH 0
+#define ARES_VERSION_PATCH 1
 #define ARES_VERSION ((ARES_VERSION_MAJOR<<16)|\
                       (ARES_VERSION_MINOR<<8)|\
                       (ARES_VERSION_PATCH))
-#define ARES_VERSION_STR "1.4.0-CVS"
+#define ARES_VERSION_STR "1.4.1-CVS"

 #ifdef  __cplusplus
 extern "C" {
--- a/ares/configure.ac
+++ b/ares/configure.ac
@@ -337,6 +337,7 @@ AC_CHECK_HEADERS(
       sys/select.h \
       sys/socket.h \
       sys/ioctl.h \
+       sys/param.h \
       netdb.h \
       netinet/in.h \
       net/if.h \
@@ -600,6 +601,7 @@ AC_CHECK_MEMBER(struct addrinfo.ai_flags,


 AC_CHECK_FUNCS( bitncmp \
+                gettimeofday \
                if_indextoname,
 dnl if found
 [],
--- a/ares/nameser.h
+++ b/ares/nameser.h
@@ -32,7 +32,9 @@ struct iovec
 int ares_writev (SOCKET s, const struct iovec *vector, size_t count);
 #define writev(s,vect,count)  ares_writev(s,vect,count)

+#ifndef HAVE_GETTIMEOFDAY
 struct timezone { int dummy; };
+#endif

 int ares_gettimeofday(struct timeval *tv, struct timezone *tz);
 #define gettimeofday(tv,tz) ares_gettimeofday(tv,tz)
--- a/configure.ac
+++ b/configure.ac
@@ -204,6 +204,9 @@ dnl The install stuff has already been taken care of by the automake stuff
 dnl AC_PROG_INSTALL
 AC_PROG_MAKE_SET

+dnl check if there's a way to force code inline
+AC_C_INLINE
+
 dnl **********************************************************************
 dnl Make sure that our checks for headers windows.h winsock.h winsock2.h 
 dnl and ws2tcpip.h take precedence over any other further checks which 
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -1,4 +1,4 @@
-Updated: February 11, 2007 (http://curl.haxx.se/docs/faq.html)
+Updated: June 26, 2007 (http://curl.haxx.se/docs/faq.html)
                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
@@ -446,6 +446,10 @@ FAQ

     curl -O ftp://download.com/coolfile -Q '-DELE coolfile'

+  or rename a file after upload:
+
+     curl -T infile ftp://upload.com/dir/ -Q "-RNFR infile" -Q "-RNTO newname"
+
  3.8 How do I tell curl to follow HTTP redirects?

  Curl does not follow so-called redirects by default. The Location: header
@@ -755,7 +759,9 @@ FAQ
  4.9 Curl can't authenticate to the server that requires NTLM?

  This is supported in curl 7.10.6 or later. No earlier curl version knows
-  of this magic.
+  of this magic. Later versions require the OpenSSL or Microsoft Windows 
+  libraries to provide this functionality. Using GnuTLS or NSS libraries will 
+  not provide NTLM authentication functionality in curl.

  NTLM is a Microsoft proprietary protocol. Proprietary formats are evil. You
  should not use such ones.
--- a/docs/FEATURES
+++ b/docs/FEATURES
@@ -73,7 +73,7 @@ HTTPS (*1)
 FTP
 - download
 - authentication
- - kerberos4 (*5)
+ - kerberos4 (*5), kerberos5 (*3)
 - active/passive using PORT, EPRT, PASV or EPSV
 - single file size information (compare to HTTP HEAD)
 - 'type=' URL support
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -484,17 +484,26 @@ NetWare
     http://www.gknw.net/development/prgtools/
   - recent Novell LibC SDK available from:
     http://developer.novell.com/ndk/libc.htm
-   - optional zlib sources (at the moment only dynamic linking with zlib.imp);
+   - or recent Novell CLib SDK available from:
+     http://developer.novell.com/ndk/clib.htm
+   - optional zlib sources (static or dynamic linking with zlib.imp);
     sources with NetWare Makefile can be obtained from:
     http://www.gknw.net/mirror/zlib/
-   - optional OpenSSL sources (version 0.9.8 or later which builds with BSD);
+   - optional OpenSSL sources (version 0.9.8 or later build with BSD sockets);
+     you can find precompiled packages at:
+     http://www.gknw.net/development/ossl/netware/
+     for CLIB-based builds OpenSSL needs to be extended to build with BSD
+     sockets (currently only a winsock-based CLIB build is supported); 
+   - optional SSH2 sources (version 0.15 or later);

   Set a search path to your compiler, linker and tools; on Linux make
-   sure that the var OSTYPE contains the string 'linux'; and then type
+   sure that the var OSTYPE contains the string 'linux'; set the var
+   NDKBASE to point to the base of your Novell NDK; and then type
   'make netware' from the top source directory; other tagets available
   are 'netware-ssl', 'netware-ssl-zlib', 'netware-zlib' and 'netware-ares';
   if you need other combinations you can control the build with the
-   environment variables WITH_SSL, WITH_ZLIB, WITH_ARES and ENABLE_IPV6.
+   environment variables WITH_SSL, WITH_ZLIB, WITH_ARES, WITH_SSH2, and
+   ENABLE_IPV6; you can set LINK_STATIC=1 to link curl.nlm statically.
   I found on some Linux systems (RH9) that OS detection didnt work although
   a 'set | grep OSTYPE' shows the var present and set; I simply overwrote it
   with 'OSTYPE=linux-rh9-gnu' and the detection in the Makefile worked...
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,6 +3,9 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!

+44. --ftp-method nocwd does not handle URLs ending with a slash properly (it
+  should list the contents of that directory). See test case 351.
+
 43. There seems to be a problem when connecting to the Microsoft telnet server.
  http://curl.haxx.se/bug/view.cgi?id=1720605

@@ -11,9 +14,6 @@ may have been fixed since this was written!
  and thus fails to issue the correct command:
  http://curl.haxx.se/bug/view.cgi?id=1693337

-40. Mac OS X test failures (Daniel Johnson)
-  http://curl.haxx.se/mail/lib-2007-03/0095.html
-
 39. Steffen Rumler's Race Condition in Curl_proxyCONNECT:
  http://curl.haxx.se/mail/lib-2007-01/0045.html

--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -809,18 +809,19 @@ CUSTOM OUTPUT

        curl -w 'We downloaded %{size_download} bytes\n' www.download.com

-KERBEROS4 FTP TRANSFER
+KERBEROS FTP TRANSFER

-  Curl supports kerberos4 for FTP transfers. You need the kerberos package
-  installed and used at curl build time for it to be used.
+  Curl supports kerberos4 and kerberos5/GSSAPI for FTP transfers. You need
+  the kerberos package installed and used at curl build time for it to be
+  used.

-  First, get the krb-ticket the normal way, like with the kauth tool. Then use
-  curl in way similar to:
+  First, get the krb-ticket the normal way, like with the kinit/kauth tool.
+  Then use curl in way similar to:

-        curl --krb4 private ftp://krb4site.com -u username:fakepwd
+        curl --krb private ftp://krb4site.com -u username:fakepwd

  There's no use for a password on the -u switch, but a blank one will make
-  curl ask for one and you already entered the real password to kauth.
+  curl ask for one and you already entered the real password to kinit/kauth.

 TELNET

--- a/docs/THANKS
+++ b/docs/THANKS
@@ -5,6 +5,7 @@
 If you have contributed but are missing here, please let us know!

 Adam D. Moss
+Adam Piggott
 Adrian Schuur
 Alan Pinstein
 Albert Chin-A-Young
@@ -21,7 +22,9 @@ Alexander Zhuravlev
 Alexey Simak
 Alexis Carvalho
 Amol Pattekar
+Anders Gustafsson
 Andi Jahja
+Andre Guibert de Bruet
 Andreas Damm
 Andreas Ntaflos
 Andreas Olsson
@@ -93,6 +96,7 @@ Dan Fandrich
 Dan Nelson
 Dan Torop
 Dan Zitter
+Daniel Black
 Daniel Johnson
 Daniel Stenberg
 Daniel at touchtunes
@@ -101,6 +105,7 @@ Dave Dribin
 Dave Halbakken
 Dave Hamilton
 Dave May
+Dave Vasilevsky
 David Byron
 David Cohen
 David Eriksson
@@ -163,8 +168,10 @@ Eygene Ryabinkin
 Fabrizio Ammollo
 Fedor Karpelevitch
 Felix von Leitner
+Feng Tu
 Florian Schoppmann
 Forrest Cahoon
+Frank Hempel
 Frank Keeney
 Frank Ticheler
 Fred New
@@ -177,6 +184,7 @@ Georg Huettenegger
 Georg Wicherski
 Gerd v. Egidy
 Gerhard Herre
+Gerrit Bruchh<68>user
 Giaslas Georgios
 Gilad
 Gilbert Ramirez Jr.
@@ -230,6 +238,7 @@ Jan Kunder
 Jared Lundell
 Jari Sundell
 Jason S. Priebe
+Jay Austin
 Jaz Fresh
 Jean Jacques Drouin
 Jean-Claude Chauve
@@ -292,6 +301,7 @@ Kjetil Jacobsen
 Klevtsov Vadim
 Kris Kennaway
 Krishnendu Majumdar
+Kristian Gunstone
 Kristian K<>hntopp
 Kyle Sallee
 Lachlan O'Dea
@@ -405,6 +415,7 @@ Pete Su
 Peter Bray
 Peter Forret
 Peter Heuchert
+Peter O'Gorman
 Peter Pentchev
 Peter Silva
 Peter Su
@@ -434,6 +445,7 @@ Rene Bernhardt
 Rene Rebe
 Ricardo Cadime
 Rich Gray
+Rich Rauenzahn
 Richard Archer
 Richard Atterer
 Richard Bramante
@@ -449,6 +461,7 @@ Rob Stanzel
 Robert A. Monat
 Robert D. Young
 Robert Foreman
+Robert Iakobashvil
 Robert Iakobashvili
 Robert Olson
 Robert Weaver
@@ -484,6 +497,8 @@ Siddhartha Prakash Jain
 Simon Dick
 Simon Josefsson
 Simon Liu
+Song Ma
+Sonia Subramanian
 Spiridonoff A.V
 Stadler Stephan
 Stefan Esser
@@ -495,6 +510,7 @@ Stephen More
 Sterling Hughes
 Steve Green
 Steve Lhomme
+Steve Little
 Steve Marx
 Steve Oliphant
 Steven Bazyl
@@ -512,6 +528,7 @@ Tim Baker
 Tim Bartley
 Tim Costello
 Tim Sneddon
+Tobias Rundstr<74>m
 Toby Peterson
 Todd Kulesza
 Todd Vierling
@@ -519,6 +536,7 @@ Tom Benoist
 Tom Lee
 Tom Mattison
 Tom Moers
+Tom Regner
 Tom Zerucha
 Tomas Pospisek
 Tomas Szepe
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -216,7 +216,8 @@ local directory hierarchy as needed. This option creates the dirs mentioned
 with the -o option, nothing else. If the -o file name uses no dir or if the
 dirs it mentions already exist, no dir will be created.

-To create remote directories when using FTP, try \fI--ftp-create-dirs\fP.
+To create remote directories when using FTP or SFTP, try 
+\fI--ftp-create-dirs\fP.
 .IP "--crlf"
 (FTP) Convert LF to CRLF in upload. Useful for MVS (OS/390).

@@ -382,7 +383,7 @@ has been provided, this data is sent off using the ACCT command. (Added in

 If this option is used twice, the second will override the previous use.
 .IP "--ftp-create-dirs"
-(FTP) When an FTP URL/operation uses a path that doesn't currently exist on
+(FTP) When an FTP or SFTP URL/operation uses a path that doesn't currently exist on
 the server, the standard behavior of curl is to fail. Using this option, curl
 will instead attempt to create missing directories.

@@ -592,13 +593,14 @@ private key is. DER, PEM and ENG are supported. If not specified, PEM is
 assumed.

 If this option is used several times, the last one will be used.
-.IP "--krb4 <level>"
-(FTP) Enable Kerberos4 authentication and use. The level must be entered and
+.IP "--krb <level>"
+(FTP) Enable Kerberos authentication and use. The level must be entered and
 should be one of 'clear', 'safe', 'confidential' or 'private'. Should you use
 a level that is not one of these, 'private' will instead be used.

-This option requires that the library was built with Kerberos4 support. This
-is not very common. Use \fI-V/--version\fP to see if your curl supports it.
+This option requires that the library was built with kerberos4 or GSSAPI
+(GSS-Negotiate) support. This is not very common. Use \fI-V/--version\fP to
+see if your curl supports it.

 If this option is used several times, the last one will be used.
 .IP "-K/--config <config file>"
@@ -1152,7 +1154,7 @@ Automatic decompression of compressed files over HTTP is supported.
 .IP "NTLM"
 NTLM authentication is supported.
 .IP "GSS-Negotiate"
-Negotiate authentication is supported.
+Negotiate authentication and krb5 for ftp is supported.
 .IP "Debug"
 This curl uses a libcurl built with Debug. This enables more error-tracking
 and memory debugging etc. For curl-developers only!
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -13,7 +13,10 @@
 * Written by Michael Wallner
 */

+#include <errno.h>
 #include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
 #include <curl/multi.h>

 static const char *urls[] = {
@@ -106,6 +109,10 @@ int main(void)

  cm = curl_multi_init();

+  /* we can optionally limit the total amount of connections this multi handle
+     uses */
+  curl_multi_setopt(cm, CURLMOPT_MAXCONNECTS, MAX);
+
  for (C = 0; C < MAX; ++C) {
    init(cm, C);
  }
@@ -123,20 +130,24 @@ int main(void)
        return EXIT_FAILURE;
      }

-      /* In a real-world program you OF COURSE check the return that maxfd is
-         bigger than -1 so that the call to select() below makes sense! */
-
      if (curl_multi_timeout(cm, &L)) {
        fprintf(stderr, "E: curl_multi_timeout\n");
        return EXIT_FAILURE;
      }
+      if (L == -1)
+        L = 100;

-      T.tv_sec = L/1000;
-      T.tv_usec = (L%1000)*1000;
+      if (M == -1) {
+        sleep(L / 1000);
+      } else {
+        T.tv_sec = L/1000;
+        T.tv_usec = (L%1000)*1000;

-      if (0 > select(M+1, &R, &W, &E, &T)) {
-        fprintf(stderr, "E: select\n");
-        return EXIT_FAILURE;
+        if (0 > select(M+1, &R, &W, &E, &T)) {
+          fprintf(stderr, "E: select(%i,,,,%li): %i: %s\n",
+              M+1, L, errno, strerror(errno));
+          return EXIT_FAILURE;
+        }
      }
    }

@@ -155,6 +166,8 @@ int main(void)
      }
      if (C < CNT) {
        init(cm, C++);
+        U++; /* just to prevent it from remaining at 0 if there are more
+                URLs to get */
      }
    }
  }
--- a/docs/examples/ftpgetresp.c
+++ b/docs/examples/ftpgetresp.c
@@ -1,8 +1,8 @@
 /*****************************************************************************
- *                                  _   _ ____  _     
- *  Project                     ___| | | |  _ \| |    
- *                             / __| | | | |_) | |    
- *                            | (__| |_| |  _ <| |___ 
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * $Id$
@@ -34,7 +34,7 @@ int main(int argc, char **argv)
  CURLcode res;
  FILE *ftpfile;
  FILE *respfile;
-  
+
  /* local file name to store the file as */
  ftpfile = fopen("ftp-list", "wb"); /* b is binary, needed on win32 */

@@ -46,6 +46,8 @@ int main(int argc, char **argv)
    /* Get a file listing from sunet */
    curl_easy_setopt(curl, CURLOPT_URL, "ftp://ftp.sunet.se/");
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, ftpfile);
+    /* If you intend to use this on windows with a libcurl DLL, you must use
+       CURLOPT_WRITEFUNCTION as well */
    curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, write_response);
    curl_easy_setopt(curl, CURLOPT_WRITEHEADER, respfile);
    res = curl_easy_perform(curl);
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -810,6 +810,7 @@ it thinks fit.
 Enforce HTTP 1.0 requests.
 .IP CURL_HTTP_VERSION_1_1
 Enforce HTTP 1.1 requests.
+.RE
 .IP CURLOPT_IGNORE_CONTENT_LENGTH
 Ignore the Content-Length header. This is useful for Apache 1.x (and similar
 servers) which will report incorrect content length for files over 2
@@ -826,7 +827,6 @@ Pass a long to tell libcurl how to act on transfer decoding. If set to zero,
 transfer decoding will be disabled, if set to 1 it is enabled
 (default). libcurl does chunked transfer decoding by default unless this
 option is set to zero. (added in 7.16.2)
-.RE
 .SH FTP OPTIONS
 .IP CURLOPT_FTPPORT
 Pass a pointer to a zero terminated string as parameter. It will be used to
@@ -890,6 +890,11 @@ If the server is an IPv6 host, this option will have no effect as of 7.12.3.
 Pass a long. If the value is non-zero, curl will attempt to create any remote
 directory that it fails to CWD into. CWD is the command that changes working
 directory. (Added in 7.10.7)
+
+This setting also applies to SFTP-connections. curl will attempt to create
+the remote directory if it can't obtain a handle to the target-location. The
+creation will fail if a file of the same name as the directory to create
+already exists or lack of permissions prevents creation. (Added in 7.16.3)
 .IP CURLOPT_FTP_RESPONSE_TIMEOUT
 Pass a long.  Causes curl to set a timeout period (in seconds) on the amount
 of time that the server is allowed to take in order to generate a response
@@ -1365,12 +1370,14 @@ this to 1 to enable it. By default all transfers are done using the
 cache. Note that while nothing ever should get hurt by attempting to reuse SSL
 session-IDs, there seem to be broken SSL implementations in the wild that may
 require you to disable this in order for you to succeed. (Added in 7.16.0)
-.IP CURLOPT_KRB4LEVEL
-Pass a char * as parameter. Set the krb4 security level, this also enables
-krb4 awareness.  This is a string, 'clear', 'safe', 'confidential' or
-\&'private'.  If the string is set but doesn't match one of these, 'private'
-will be used. Set the string to NULL to disable Kerberos4. The Kerberos
-support only works for FTP.
+.IP CURLOPT_KRBLEVEL
+Pass a char * as parameter. Set the kerberos security level for FTP; this
+also enables kerberos awareness.  This is a string, 'clear', 'safe',
+'confidential' or \&'private'.  If the string is set but doesn't match one
+of these, 'private' will be used. Set the string to NULL to disable kerberos
+support for FTP.
+
+(This option was known as CURLOPT_KRB4LEVEL up to 7.16.3)
 .SH SSH OPTIONS
 .IP CURLOPT_SSH_AUTH_TYPES
 Pass a long set to a bitmask consisting of one or more of
@@ -1396,6 +1403,17 @@ this curl handle use the data from the shared handle instead of keeping the
 data to itself. This enables several curl handles to share data. If the curl
 handles are used simultaneously, you \fBMUST\fP use the locking methods in the
 share handle. See \fIcurl_share_setopt(3)\fP for details.
+.IP CURLOPT_NEW_FILE_PERMS
+Pass a long as a parameter, containing the value of the permissions that will
+be assigned to newly created files on the remote server.  The default value is
+\fI0644\fP, but any valid value can be used.  The only protocols that can use
+this are \fIsftp://\fP, \fIscp://\fP and \fIfile://\fP. (Added in 7.16.4)
+.IP CURLOPT_NEW_DIRECTORY_PERMS
+Pass a long as a parameter, containing the value of the permissions that will
+be assigned to newly created directories on the remote server.  The default
+value is \fI0755\fP, but any valid value can be used.  The only protocols that
+can use this are \fIsftp://\fP, \fIscp://\fP and \fIfile://\fP.
+(Added in 7.16.4)
 .SH TELNET OPTIONS
 .IP CURLOPT_TELNETOPTIONS
 Provide a pointer to a curl_slist with variables to pass to the telnet
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -151,7 +151,7 @@ extern "C" {
 /* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
   libc5-based Linux systems. Only include it on system that are known to
   require it! */
-#if defined(_AIX) || defined(NETWARE) || defined(__NetBSD__) || defined(__minix)
+#if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || defined(__minix)
 #include <sys/select.h>
 #endif

@@ -736,10 +736,12 @@ typedef enum {
  /* Set the interface string to use as outgoing network interface */
  CINIT(INTERFACE, OBJECTPOINT, 62),

-  /* Set the krb4 security level, this also enables krb4 awareness.  This is a
-   * string, 'clear', 'safe', 'confidential' or 'private'.  If the string is
-   * set but doesn't match one of these, 'private' will be used.  */
-  CINIT(KRB4LEVEL, OBJECTPOINT, 63),
+  /* Set the krb4/5 security level, this also enables krb4/5 awareness.  This
+   * is a string, 'clear', 'safe', 'confidential' or 'private'.  If the string
+   * is set but doesn't match one of these, 'private' will be used.  */
+  CINIT(KRBLEVEL, OBJECTPOINT, 63),
+  /* This is for compatibility with older curl releases */
+#define CURLOPT_KRB4LEVEL CURLOPT_KRBLEVEL

  /* Set if we should verify the peer in ssl handshake, set 1 to verify. */
  CINIT(SSL_VERIFYPEER, LONG, 64),
@@ -1076,6 +1078,11 @@ typedef enum {
  CINIT(HTTP_TRANSFER_DECODING, LONG, 157),
  CINIT(HTTP_CONTENT_DECODING, LONG, 158),

+  /* Permission used when creating new files and directories on the remote
+     server for protocols that support it, SFTP/SCP/FILE */
+  CINIT(NEW_FILE_PERMS, LONG, 159),
+  CINIT(NEW_DIRECTORY_PERMS, LONG, 160),
+
  CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;

--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -28,13 +28,13 @@

 /* This is the version number of the libcurl package from which this header
   file origins: */
-#define LIBCURL_VERSION "7.16.3-CVS"
+#define LIBCURL_VERSION "7.16.4-CVS"

 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBCURL_VERSION_MAJOR 7
 #define LIBCURL_VERSION_MINOR 16
-#define LIBCURL_VERSION_PATCH 3
+#define LIBCURL_VERSION_PATCH 4

 /* This is the numeric version of the libcurl version number, meant for easier
   parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -51,7 +51,7 @@
   and it is always a greater number in a more recent release. It makes
   comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071003
+#define LIBCURL_VERSION_NUM 0x071004

 /*
 * This is the date and time when the full source package was created. The
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -4,6 +4,7 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
  cookie.c http.c sendf.c ftp.c url.c dict.c if2ip.c speedcheck.c	\
  ldap.c ssluse.c version.c getenv.c escape.c mprintf.c telnet.c	\
  netrc.c getinfo.c transfer.c strequal.c easy.c security.c krb4.c	\
+  krb5.c \
  memdebug.c http_chunks.c strtok.c connect.c llist.c hash.c multi.c	\
  content_encoding.c share.c http_digest.c md5.c http_negotiate.c	\
  http_ntlm.c inet_pton.c strtoofft.c strerror.c hostares.c hostasyn.c	\
--- a/lib/Makefile.m32
+++ b/lib/Makefile.m32
@@ -19,6 +19,8 @@ ifndef ZLIB_PATH
 ZLIB_PATH = ../../zlib-1.2.3
 endif

+ARES_LIB = ../ares
+
 CC = gcc
 AR = ar
 RM = rm -f
@@ -30,6 +32,11 @@ STRIP = strip -g

 INCLUDES = -I. -I../include
 CFLAGS = -g -O2 -DBUILDING_LIBCURL -DHAVE_LONGLONG
+ifdef ARES
+  INCLUDES += -I$(ARES_LIB)
+  CFLAGS += -DUSE_ARES
+  DLL_LIBS += -L$(ARES_LIB) -lcares
+endif
 ifdef SSH2
  INCLUDES += -I"$(LIBSSH2_PATH)/include" -I"$(LIBSSH2_PATH)/win32"
  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
--- a/lib/Makefile.netware
+++ b/lib/Makefile.netware
@@ -25,7 +25,7 @@ endif

 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-0.14
+LIBSSH2_PATH = ../../libssh2-0.15
 endif

 ifndef INSTDIR
@@ -36,7 +36,7 @@ endif
 TARGET  = libcurl
 VERSION	= $(LIBCURL_VERSION)
 COPYR	= Copyright (C) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>
-DESCR	= cURL libcurl $(LIBCURL_VERSION_STR) - http://curl.haxx.se
+DESCR	= cURL libcurl $(LIBCURL_VERSION_STR) ($(LIBARCH)) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
 SCREEN	= none
@@ -47,10 +47,10 @@ ifndef LIBARCH
 LIBARCH = LIBC
 endif

-# must be equal to DEBUG or NDEBUG
+# must be equal to NDEBUG or DEBUG, CURLDEBUG
+ifndef DB
 DB	= NDEBUG
-# DB	= DEBUG
-# DB	= CURLDEBUG
+endif
 # Optimization: -O<n> or debugging: -g
 ifeq ($(DB),NDEBUG)
 	OPT	= -O2
@@ -60,15 +60,19 @@ else
 	OBJDIR	= debug
 endif

-# Include the version info retrieved from curlver.h
-include $(OBJDIR)/version.inc
-
-# The following line defines your compiler.
+# The following lines defines your compiler.
+ifdef CWFolder
+	METROWERKS = $(CWFolder)
+endif
 ifdef METROWERKS
+	# MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support
+	MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support/Metrowerks Support
 	CC = mwccnlm
 else
 	CC = gcc
 endif
+# a native win32 awk can be downloaded from here:
+# http://www.gknw.net/development/prgtools/awk-20050424.zip
 AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
@@ -78,6 +82,12 @@ CP	= cp -afv
 # http://www.gknw.net/development/prgtools/mkxdc.zip
 MPKXDC	= mkxdc

+# LIBARCH_U = $(shell $(AWK) 'BEGIN {print toupper(ARGV[1])}' $(LIBARCH))
+LIBARCH_L = $(shell $(AWK) 'BEGIN {print tolower(ARGV[1])}' $(LIBARCH))
+
+# Include the version info retrieved from curlver.h
+-include $(OBJDIR)/version.inc
+
 # Global flags for all compilers
 CFLAGS	= $(OPT) -D$(DB) -DNETWARE -DHAVE_CONFIG_H -nostdinc

@@ -95,8 +105,10 @@ ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.o
 	CFLAGS += -align 4
 else
-	PRELUDE = "$(METROWERKS)/Novell Support/libraries/runtime/prelude.obj"
-#	CFLAGS += -include "$(METROWERKS)/Novell Support/headers/nlm_prefix.h"
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.o
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+	PRELUDE = "$(MWCW_PATH)/libraries/runtime/prelude.obj"
+	# CFLAGS += -include "$(MWCW_PATH)/headers/nlm_clib_prefix.h"
 	CFLAGS += -align 1
 endif
 else
@@ -111,7 +123,10 @@ CFLAGS	+= -Wall # -pedantic
 ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
 else
-	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+	# http://www.gknw.net/development/mk_nlm/gcc_pre.zip
+	PRELUDE = $(NDK_ROOT)/pre/prelude.o
 	CFLAGS += -include $(NDKBASE)/nlmconv/genlm.h
 endif
 endif
@@ -128,15 +143,15 @@ INCLUDES = -I$(CURL_INC) -I$(CURL_LIB)

 ifdef WITH_ARES
 	INCLUDES += -I$(ARES_LIB)
-	LDLIBS = $(ARES_LIB)/libcares.$(LIBEXT)
+	LDLIBS += $(ARES_LIB)/libcares.$(LIBEXT)
 endif
 ifdef WITH_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
 ifdef LINK_STATIC
-	LDLIBS += $(ZLIB_PATH)/nw/libz.$(LIBEXT)
+	LDLIBS += $(ZLIB_PATH)/nw/$(LIBARCH)/libz.$(LIBEXT)
 else
 	MODULES += libz.nlm
-	IMPORTS += @$(ZLIB_PATH)/nw/libz.imp
+	IMPORTS += @$(ZLIB_PATH)/nw/$(LIBARCH)/libz.imp
 endif
 endif
 ifdef WITH_SSH2
@@ -149,23 +164,25 @@ else
 endif
 endif
 ifdef WITH_SSL
-	INCLUDES += -I$(OPENSSL_PATH)/outinc_nw_libc -I$(OPENSSL_PATH)/outinc_nw_libc/openssl
-	LDLIBS += $(OPENSSL_PATH)/out_nw_libc/ssl.$(LIBEXT)
-	LDLIBS += $(OPENSSL_PATH)/out_nw_libc/crypto.$(LIBEXT)
+	INCLUDES += -I$(OPENSSL_PATH)/outinc_nw_$(LIBARCH_L) -I$(OPENSSL_PATH)/outinc_nw_$(LIBARCH_L)/openssl
+	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
+	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
 	IMPORTS += GetProcessSwitchCount RunningProcess
 endif

 ifeq ($(LIBARCH),LIBC)
-	INCLUDES += -I$(SDK_LIBC)/include -I$(SDK_LIBC)/include/nks
+	INCLUDES += -I$(SDK_LIBC)/include
+	# INCLUDES += -I$(SDK_LIBC)/include/nks
 	# INCLUDES += -I$(SDK_LIBC)/include/winsock
 	# INCLUDES += -I$(SDK_LDAP)/libc/inc
 	CFLAGS += -D_POSIX_SOURCE
-	# CFLAGS += -D__ANSIC__
 else
-	INCLUDES += -I$(SDK_CLIB)/include/nlm -I$(SDK_CLIB)/include
+	INCLUDES += -I$(SDK_CLIB)/include/nlm
 	# INCLUDES += -I$(SDK_CLIB)/include/nlm/obsolete
+	# INCLUDES += -I$(SDK_CLIB)/include
 	# INCLUDES += -I$(SDK_LDAP)/clib/inc
-	CFLAGS += -DNETDB_USE_INTERNET
+	# for now disable LDAP unless we have coded a CLIB dynaloader.
+	DISABLE_LDAP = 1
 endif
 CFLAGS	+= $(INCLUDES)

@@ -274,13 +291,14 @@ ifdef SCREEN
 else
 	@echo $(DL)screenname "DEFAULT"$(DL) >> $@
 endif
-ifeq ($(DB),DEBUG)
+ifneq ($(DB),NDEBUG)
 	@echo $(DL)debug$(DL) >> $@
 endif
 	@echo $(DL)threadname "$(TARGET)"$(DL) >> $@
 ifdef XDCDATA
 	@echo $(DL)xdcdata $(XDCDATA)$(DL) >> $@
 endif
+	@echo $(DL)flag_on 64$(DL) >> $@
 ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)start _Prelude$(DL) >> $@
 	@echo $(DL)exit _Stop$(DL) >> $@
@@ -293,7 +311,6 @@ ifeq ($(LIBARCH),CLIB)
 #	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
 	@echo $(DL)module clib$(DL) >> $@
 else
-	@echo $(DL)flag_on 64$(DL) >> $@
 	@echo $(DL)pseudopreemption$(DL) >> $@
 	@echo $(DL)start _LibCPrelude$(DL) >> $@
 	@echo $(DL)exit _LibCPostlude$(DL) >> $@
@@ -332,24 +349,78 @@ config.h: Makefile.netware
 	@echo $(DL)#ifndef NETWARE$(DL) >> $@
 	@echo $(DL)#error This $(notdir $@) is created for NetWare platform!$(DL) >> $@
 	@echo $(DL)#endif$(DL) >> $@
-	@echo $(DL)#define OS "i586-pc-NetWare"$(DL) >> $@
 	@echo $(DL)#define VERSION "$(LIBCURL_VERSION_STR)"$(DL) >> $@
 	@echo $(DL)#define PACKAGE_BUGREPORT "a suitable curl mailing list => http://curl.haxx.se/mail/"$(DL) >> $@
-	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
+ifeq ($(LIBARCH),CLIB)
+	@echo $(DL)#define OS "i586-pc-clib-NetWare"$(DL) >> $@
+	@echo $(DL)#define NETDB_USE_INTERNET 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRICMP 1$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG2 char *$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG3 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_RETV int$(DL) >> $@
+	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG2 char *$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
+	@echo $(DL)#define socklen_t int$(DL) >> $@
+	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
+else
+	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
 	@echo $(DL)#define HAVE_DLFCN_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_DLOPEN 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
-	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FTRUNCATE 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETTIMEOFDAY 1$(DL) >> $@
-	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_PTON 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INTTYPES_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LIMITS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LONGLONG 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRTOLL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
+	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG2 void *$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG3 size_t$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_RETV ssize_t$(DL) >> $@
+	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG2 void *$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG3 size_t$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
+	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
+	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
+ifdef ENABLE_IPV6
+	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
+endif
+endif
+	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GETHOSTBYNAME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GETPROTOBYNAME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GMTIME_R 1$(DL) >> $@
+	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
+	@echo $(DL)#define HAVE_LL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_LOCALTIME_R 1$(DL) >> $@
+	@echo $(DL)#define HAVE_MALLOC_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_NETINET_IN_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_RECV 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SELECT 1$(DL) >> $@
@@ -359,52 +430,28 @@ config.h: Makefile.netware
 	@echo $(DL)#define HAVE_SIGNAL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SIG_ATOMIC_T 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SOCKET 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STDLIB_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRDUP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRFTIME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRING_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRSTR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_IOCTL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_STAT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_TIME_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TIME_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_UNAME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_UNISTD_H 1$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG2 char *$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG3 int$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_RETV int$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME_H 1$(DL) >> $@
 	@echo $(DL)#define RETSIGTYPE void$(DL) >> $@
-	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_ARG2 char *$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
-	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define SIZEOF_CURL_OFF_T 4$(DL) >> $@
+	@echo $(DL)#define SIZEOF_STRUCT_IN_ADDR 4$(DL) >> $@
 	@echo $(DL)#define STDC_HEADERS 1$(DL) >> $@
 	@echo $(DL)#define TIME_WITH_SYS_TIME 1$(DL) >> $@
-	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
-	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
-	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
-	@echo $(DL)#define SIZEOF_STRUCT_IN_ADDR 4$(DL) >> $@
 ifdef DISABLE_LDAP
 	@echo $(DL)#define CURL_DISABLE_LDAP 1$(DL) >> $@
-else
-	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
-endif
-ifdef ENABLE_IPV6
-	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
 endif
 ifdef NW_WINSOCK
 	@echo $(DL)#define HAVE_CLOSESOCKET 1$(DL) >> $@
@@ -463,6 +510,7 @@ endif

 info: $(OBJDIR)/version.inc
 	@echo Configured to build $(TARGET) with these options:
+	@echo libarchitecture: $(LIBARCH)
 	@echo curl version:    $(LIBCURL_VERSION_STR)
 	@echo compiler/linker: $(CC) / $(LD)
 ifdef CABUNDLE
@@ -494,7 +542,7 @@ else
 	@echo ipv6 support:    no
 endif

-$(LIBCARES):
+$(ARES_LIB)/libcares.$(LIBEXT):
 	$(MAKE) -C $(ARES_LIB) -f Makefile.netware lib


--- a/lib/connect.c
+++ b/lib/connect.c
@@ -59,10 +59,13 @@
 #include <stdlib.h> /* required for free() prototype, without it, this crashes */
 #endif              /* on macos 68K */

-#if (defined(HAVE_FIONBIO) && defined(__NOVELL_LIBC__))
+#if (defined(HAVE_FIONBIO) && defined(NETWARE))
 #include <sys/filio.h>
 #endif
-#if (defined(NETWARE) && defined(__NOVELL_LIBC__))
+#ifdef NETWARE
+#ifndef __NOVELL_LIBC__
+NETDB_DEFINE_CONTEXT
+#endif
 #undef in_addr_t
 #define in_addr_t unsigned long
 #endif
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -731,6 +731,8 @@ void curl_easy_reset(CURL *curl)

  data->set.ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
                                                      type */
+  data->set.new_file_perms = 0644;    /* Default permissions */
+  data->set.new_directory_perms = 0755; /* Default permissions */
 }

 #ifdef CURL_DOES_CONVERSIONS
--- a/lib/file.c
+++ b/lib/file.c
@@ -217,8 +217,22 @@ static CURLcode file_upload(struct connectdata *conn)

  if(data->reqdata.resume_from)
    fp = fopen( file->path, "ab" );
-  else
-    fp = fopen(file->path, "wb");
+  else {
+    int fd;
+
+#if defined(WIN32) || defined(MSDOS) || defined(__EMX__)
+    fd = open(file->path, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY,
+              conn->data->set.new_file_perms);
+#else /* !(WIN32 || MSDOS || __EMX__) */
+    fd = open(file->path, O_WRONLY|O_CREAT|O_TRUNC,
+              conn->data->set.new_file_perms);
+#endif /* !(WIN32 || MSDOS || __EMX__) */
+    if (fd < 0) {
+      failf(data, "Can't open %s for writing", file->path);
+      return CURLE_WRITE_ERROR;
+    }
+    fp = fdopen(fd, "wb");
+  }

  if(!fp) {
    failf(data, "Can't open %s for writing", file->path);
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -75,7 +75,7 @@
 #include "socks.h"
 #include "ftp.h"

-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
 #include "krb4.h"
 #endif

@@ -319,8 +319,17 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
      ftpc->cache_size = 0; /* zero the size just in case */
    }
    else {
-      int res = Curl_read(conn, sockfd, ptr, BUFSIZE-ftpc->nread_resp,
-                          &gotbytes);
+      int res;
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+      enum protection_level prot = conn->data_prot;
+
+      conn->data_prot = 0;
+#endif
+      res = Curl_read(conn, sockfd, ptr, BUFSIZE-ftpc->nread_resp,
+		      &gotbytes);
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+      conn->data_prot = prot;
+#endif
      if(res < 0)
        /* EWOULDBLOCK */
        return CURLE_OK; /* return */
@@ -360,6 +369,9 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
             the line isn't really terminated until the LF comes */

          /* output debug output if that is requested */
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+	  if(!conn->sec_complete)
+#endif
          if(data->set.verbose)
            Curl_debug(data, CURLINFO_HEADER_IN,
                       ftpc->linestart_resp, (size_t)perline, conn);
@@ -414,18 +426,18 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
  if(!result)
    code = atoi(buf);

-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  /* handle the security-oriented responses 6xx ***/
  /* FIXME: some errorchecking perhaps... ***/
  switch(code) {
  case 631:
-    Curl_sec_read_msg(conn, buf, prot_safe);
+    code = Curl_sec_read_msg(conn, buf, prot_safe);
    break;
  case 632:
-    Curl_sec_read_msg(conn, buf, prot_private);
+    code = Curl_sec_read_msg(conn, buf, prot_private);
    break;
  case 633:
-    Curl_sec_read_msg(conn, buf, prot_confidential);
+    code = Curl_sec_read_msg(conn, buf, prot_confidential);
    break;
  default:
    /* normal ftp stuff we pass through! */
@@ -553,7 +565,17 @@ CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return number of bytes read */
        ftpc->cache_size = 0; /* zero the size just in case */
      }
      else {
-        int res = Curl_read(conn, sockfd, ptr, BUFSIZE-*nreadp, &gotbytes);
+	int res;
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+	enum protection_level prot = conn->data_prot;
+
+	conn->data_prot = 0;
+#endif
+	res = Curl_read(conn, sockfd, ptr, BUFSIZE-*nreadp,
+			&gotbytes);
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+	conn->data_prot = prot;
+#endif
        if(res < 0)
          /* EWOULDBLOCK */
          continue; /* go looping again */
@@ -593,6 +615,9 @@ CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return number of bytes read */
               the line isn't really terminated until the LF comes */

            /* output debug output if that is requested */
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+	  if(!conn->sec_complete)
+#endif
            if(data->set.verbose)
              Curl_debug(data, CURLINFO_HEADER_IN,
                         line_start, (size_t)perline, conn);
@@ -646,18 +671,18 @@ CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return number of bytes read */
  if(!result)
    code = atoi(buf);

-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  /* handle the security-oriented responses 6xx ***/
  /* FIXME: some errorchecking perhaps... ***/
  switch(code) {
  case 631:
-    Curl_sec_read_msg(conn, buf, prot_safe);
+    code = Curl_sec_read_msg(conn, buf, prot_safe);
    break;
  case 632:
-    Curl_sec_read_msg(conn, buf, prot_private);
+    code = Curl_sec_read_msg(conn, buf, prot_private);
    break;
  case 633:
-    Curl_sec_read_msg(conn, buf, prot_confidential);
+    code = Curl_sec_read_msg(conn, buf, prot_confidential);
    break;
  default:
    /* normal ftp stuff we pass through! */
@@ -1253,9 +1278,8 @@ static CURLcode ftp_state_post_rest(struct connectdata *conn)
  struct FTP *ftp = conn->data->reqdata.proto.ftp;
  struct SessionHandle *data = conn->data;

-  if(ftp->no_transfer || conn->bits.no_body) {
+  if(ftp->no_transfer) {
    /* doesn't transfer any data */
-    ftp->no_transfer = TRUE;

    /* still possibly do PRE QUOTE jobs */
    state(conn, FTP_RETR_PREQUOTE);
@@ -1611,7 +1635,9 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
        if(ptr) {
          newport = (unsigned short)(num & 0xffff);

-          if (conn->bits.tunnel_proxy)
+          if (conn->bits.tunnel_proxy ||
+              data->set.proxytype == CURLPROXY_SOCKS5 ||
+              data->set.proxytype == CURLPROXY_SOCKS4)
            /* proxy tunnel -> use other host info because ip_addr_str is the
               proxy address not the ftp host */
            snprintf(newhost, sizeof(newhost), "%s", conn->host.name);
@@ -1663,7 +1689,9 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
      infof(data, "Skips %d.%d.%d.%d for data connection, uses %s instead\n",
            ip[0], ip[1], ip[2], ip[3],
            conn->ip_addr_str);
-      if (conn->bits.tunnel_proxy)
+      if (conn->bits.tunnel_proxy ||
+          data->set.proxytype == CURLPROXY_SOCKS5 ||
+          data->set.proxytype == CURLPROXY_SOCKS4)
        /* proxy tunnel -> use other host info because ip_addr_str is the
           proxy address not the ftp host */
        snprintf(newhost, sizeof(newhost), "%s", conn->host.name);
@@ -2296,14 +2324,7 @@ static CURLcode ftp_state_loggedin(struct connectdata *conn)
  CURLcode result = CURLE_OK;

 #ifdef HAVE_KRB4
-  if(conn->data->set.krb4) {
-    /* We are logged in, asked to use Kerberos. Set the requested
-     * protection level
-     */
-    if(conn->sec_complete)
-      /* BLOCKING */
-      Curl_sec_set_protection_level(conn);
-
+  if(conn->data->set.krb) {
    /* We may need to issue a KAUTH here to have access to the files
     * do it if user supplied a password
     */
@@ -2350,7 +2371,8 @@ static CURLcode ftp_state_user_resp(struct connectdata *conn,
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  (void)instate; /* no use for this yet */

-  if((ftpcode == 331) && (ftpc->state == FTP_USER)) {
+  /* some need password anyway, and others just return 2xx ignored */
+  if((ftpcode == 331 || ftpcode/100 == 2) && (ftpc->state == FTP_USER)) {
    /* 331 Password required for ...
       (the server requires to send the user's password too) */
    NBFTPSENDF(conn, "PASS %s", ftp->passwd?ftp->passwd:"");
@@ -2458,15 +2480,15 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
      }

      /* We have received a 220 response fine, now we proceed. */
-#ifdef HAVE_KRB4
-      if(data->set.krb4) {
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+      if(data->set.krb) {
        /* If not anonymous login, try a secure login. Note that this
           procedure is still BLOCKING. */

        Curl_sec_request_prot(conn, "private");
        /* We set private first as default, in case the line below fails to
           set a valid level */
-        Curl_sec_request_prot(conn, data->set.krb4_level);
+	Curl_sec_request_prot(conn, data->set.krb_level);

        if(Curl_sec_login(conn) != 0)
          infof(data, "Logging in with password in cleartext!\n");
@@ -3083,7 +3105,7 @@ CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status, bool premature
  /* free the dir tree and file parts */
  freedirs(conn);

-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  Curl_sec_fflush_fd(conn, conn->sock[SECONDARYSOCKET]);
 #endif

@@ -3351,7 +3373,7 @@ CURLcode Curl_ftp_nextconnect(struct connectdata *conn)

  DEBUGF(infof(data, "DO-MORE phase starts\n"));

-  if(!ftp->no_transfer && !conn->bits.no_body) {
+  if(!ftp->no_transfer) {
    /* a transfer is about to take place */

    if(data->set.upload) {
@@ -3415,6 +3437,13 @@ CURLcode ftp_perform(struct connectdata *conn,

  DEBUGF(infof(conn->data, "DO phase starts\n"));

+  if(conn->bits.no_body) {
+    /* requested no body means no transfer... */
+    struct FTP *ftp = conn->data->reqdata.proto.ftp;
+    ftp->no_transfer = TRUE;
+  }
+
+
  *dophase_done = FALSE; /* not done yet */

  /* start the first command in the DO phase */
@@ -3486,16 +3515,21 @@ CURLcode Curl_nbftpsendf(struct connectdata *conn,
                       const char *fmt, ...)
 {
  ssize_t bytes_written;
-  char s[256];
+/* may still not be big enough for some krb5 tokens */
+#define SBUF_SIZE 1024
+  char s[SBUF_SIZE];
  size_t write_len;
  char *sptr=s;
  CURLcode res = CURLE_OK;
  struct SessionHandle *data = conn->data;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+  enum protection_level data_sec = conn->data_prot;
+#endif

  va_list ap;
  va_start(ap, fmt);
-  vsnprintf(s, 250, fmt, ap);
+  vsnprintf(s, SBUF_SIZE-3, fmt, ap);
  va_end(ap);

  strcat(s, "\r\n"); /* append a trailing CRLF */
@@ -3513,8 +3547,14 @@ CURLcode Curl_nbftpsendf(struct connectdata *conn,
  }
 #endif /* CURL_DOES_CONVERSIONS */

+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+  conn->data_prot = prot_cmd;
+#endif
  res = Curl_write(conn, conn->sock[FIRSTSOCKET], sptr, write_len,
                   &bytes_written);
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+  conn->data_prot = data_sec;
+#endif

  if(CURLE_OK != res)
    return res;
@@ -3547,14 +3587,17 @@ CURLcode Curl_ftpsendf(struct connectdata *conn,
                       const char *fmt, ...)
 {
  ssize_t bytes_written;
-  char s[256];
+  char s[SBUF_SIZE];
  size_t write_len;
  char *sptr=s;
  CURLcode res = CURLE_OK;
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+  enum protection_level data_sec = conn->data_prot;
+#endif

  va_list ap;
  va_start(ap, fmt);
-  vsnprintf(s, 250, fmt, ap);
+  vsnprintf(s, SBUF_SIZE-3, fmt, ap);
  va_end(ap);

  strcat(s, "\r\n"); /* append a trailing CRLF */
@@ -3571,8 +3614,14 @@ CURLcode Curl_ftpsendf(struct connectdata *conn,
 #endif /* CURL_DOES_CONVERSIONS */

  while(1) {
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+    conn->data_prot = prot_cmd;
+#endif
    res = Curl_write(conn, conn->sock[FIRSTSOCKET], sptr, write_len,
                     &bytes_written);
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+    conn->data_prot = data_sec;
+#endif

    if(CURLE_OK != res)
      break;
@@ -3691,6 +3740,12 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)

  case FTPFILE_SINGLECWD:
    /* get the last slash */
+    if(!path_to_use[0]) {
+      /* no dir, no file */
+      ftpc->dirdepth = 0;
+      ftp->file = NULL;
+      break;
+    }
    slash_pos=strrchr(cur_pos, '/');
    if(slash_pos || !*cur_pos) {
      ftpc->dirs = (char **)calloc(1, sizeof(ftpc->dirs[0]));
@@ -3719,55 +3774,61 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
    if(!ftpc->dirs)
      return CURLE_OUT_OF_MEMORY;

-    /* parse the URL path into separate path components */
-    while ((slash_pos = strchr(cur_pos, '/')) != NULL) {
-      /* 1 or 0 to indicate absolute directory */
-      bool absolute_dir = (bool)((cur_pos - data->reqdata.path > 0) &&
-        (ftpc->dirdepth == 0));
+    /* we have a special case for listing the root dir only */
+    if(strequal(path_to_use, "/")) {
+      cur_pos++; /* make it point to the zero byte */
+      ftpc->dirs[0] = strdup("/");
+      ftpc->dirdepth++;
+    }
+    else {
+      /* parse the URL path into separate path components */
+      while ((slash_pos = strchr(cur_pos, '/')) != NULL) {
+        /* 1 or 0 to indicate absolute directory */
+        bool absolute_dir = (bool)((cur_pos - data->reqdata.path > 0) &&
+                                   (ftpc->dirdepth == 0));

-      /* seek out the next path component */
-      if (slash_pos-cur_pos) {
-        /* we skip empty path components, like "x//y" since the FTP command
-           CWD requires a parameter and a non-existant parameter a) doesn't
-           work on many servers and b) has no effect on the others. */
-        int len = (int)(slash_pos - cur_pos + absolute_dir);
-        ftpc->dirs[ftpc->dirdepth] = curl_easy_unescape(conn->data,
-                                                        cur_pos - absolute_dir,
-                                                        len, NULL);
-        if (!ftpc->dirs[ftpc->dirdepth]) { /* run out of memory ... */
-          failf(data, "no memory");
-          freedirs(conn);
-          return CURLE_OUT_OF_MEMORY;
+        /* seek out the next path component */
+        if (slash_pos-cur_pos) {
+          /* we skip empty path components, like "x//y" since the FTP command
+             CWD requires a parameter and a non-existant parameter a) doesn't
+             work on many servers and b) has no effect on the others. */
+          int len = (int)(slash_pos - cur_pos + absolute_dir);
+          ftpc->dirs[ftpc->dirdepth] =
+            curl_easy_unescape(conn->data, cur_pos - absolute_dir, len, NULL);
+          if (!ftpc->dirs[ftpc->dirdepth]) { /* run out of memory ... */
+            failf(data, "no memory");
+            freedirs(conn);
+            return CURLE_OUT_OF_MEMORY;
+          }
+          if (isBadFtpString(ftpc->dirs[ftpc->dirdepth])) {
+            free(ftpc->dirs[ftpc->dirdepth]);
+            freedirs(conn);
+            return CURLE_URL_MALFORMAT;
+          }
        }
-        if (isBadFtpString(ftpc->dirs[ftpc->dirdepth])) {
-          free(ftpc->dirs[ftpc->dirdepth]);
-          freedirs(conn);
-          return CURLE_URL_MALFORMAT;
+        else {
+          cur_pos = slash_pos + 1; /* jump to the rest of the string */
+          continue;
        }
-      }
-      else {
+
        cur_pos = slash_pos + 1; /* jump to the rest of the string */
-        continue;
-      }
-
-      cur_pos = slash_pos + 1; /* jump to the rest of the string */
-      if(++ftpc->dirdepth >= ftpc->diralloc) {
-	/* enlarge array */
-	char *bigger;
-	ftpc->diralloc *= 2; /* double the size each time */
-	bigger = realloc(ftpc->dirs, ftpc->diralloc * sizeof(ftpc->dirs[0]));
-	if(!bigger) {
-	  freedirs(conn);
-	  return CURLE_OUT_OF_MEMORY;
-	}
-	ftpc->dirs = (char **)bigger;
+        if(++ftpc->dirdepth >= ftpc->diralloc) {
+          /* enlarge array */
+          char *bigger;
+          ftpc->diralloc *= 2; /* double the size each time */
+          bigger = realloc(ftpc->dirs, ftpc->diralloc * sizeof(ftpc->dirs[0]));
+          if(!bigger) {
+            freedirs(conn);
+            return CURLE_OUT_OF_MEMORY;
+          }
+          ftpc->dirs = (char **)bigger;
+        }
      }
    }
-
    ftp->file = cur_pos;  /* the rest is the file name */
  }

-  if(*ftp->file) {
+  if(ftp->file && *ftp->file) {
    ftp->file = curl_easy_unescape(conn->data, ftp->file, 0, NULL);
    if(NULL == ftp->file) {
      freedirs(conn);
@@ -3783,8 +3844,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
    ftp->file=NULL; /* instead of point to a zero byte, we make it a NULL
                       pointer */

-  if(data->set.upload && !ftp->file &&
-     (!ftp->no_transfer || conn->bits.no_body)) {
+  if(data->set.upload && !ftp->file && !ftp->no_transfer) {
    /* We need a file name when uploading. Return error! */
    failf(data, "Uploading to a URL without a file name!");
    return CURLE_URL_MALFORMAT;
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -420,6 +420,43 @@ Curl_gtls_connect(struct connectdata *conn,
  else
    infof(data, "\t common name: %s (matched)\n", certbuf);

+  /* Check for time-based validity */
+  clock = gnutls_x509_crt_get_expiration_time(x509_cert);
+
+  if(clock == (time_t)-1) {
+    failf(data, "server cert expiration date verify failed");
+    return CURLE_SSL_CONNECT_ERROR;
+  }
+
+  if(clock < time(NULL)) {
+    if (data->set.ssl.verifypeer) {
+      failf(data, "server certificate expiration date has passed.");
+      return CURLE_SSL_PEER_CERTIFICATE;
+    }
+    else
+      infof(data, "\t server certificate expiration date FAILED\n");
+  }
+  else
+    infof(data, "\t server certificate expiration date OK\n");
+
+  clock = gnutls_x509_crt_get_activation_time(x509_cert);
+
+  if(clock == (time_t)-1) {
+    failf(data, "server cert activation date verify failed");
+    return CURLE_SSL_CONNECT_ERROR;
+  }
+
+  if(clock > time(NULL)) {
+    if (data->set.ssl.verifypeer) {
+      failf(data, "server certificate not activated yet.");
+      return CURLE_SSL_PEER_CERTIFICATE;
+    }
+    else
+      infof(data, "\t server certificate activation date FAILED\n");
+  }
+  else
+    infof(data, "\t server certificate activation date OK\n");
+
  /* Show:

  - ciphers used
--- a/lib/hash.c
+++ b/lib/hash.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -33,20 +33,6 @@
 /* this must be the last include file */
 #include "memdebug.h"

-static unsigned long
-hash_str(const char *key, size_t key_length)
-{
-  char *end = (char *) key + key_length;
-  unsigned long h = 5381;
-
-  while (key < end) {
-    h += h << 5;
-    h ^= (unsigned long) *key++;
-  }
-
-  return h;
-}
-
 static void
 hash_element_dtor(void *user, void *element)
 {
@@ -63,10 +49,20 @@ hash_element_dtor(void *user, void *element)

 /* return 1 on error, 0 is fine */
 int
-Curl_hash_init(struct curl_hash *h, int slots, curl_hash_dtor dtor)
+Curl_hash_init(struct curl_hash *h,
+               int slots,
+               hash_function hfunc,
+               comp_function comparator,
+               curl_hash_dtor dtor)
 {
  int i;

+  if (!slots || !hfunc || !comparator ||!dtor) {
+    return 1; /* failure */
+  }
+
+  h->hash_func = hfunc;
+  h->comp_func = comparator;
  h->dtor = dtor;
  h->size = 0;
  h->slots = slots;
@@ -89,13 +85,20 @@ Curl_hash_init(struct curl_hash *h, int slots, curl_hash_dtor dtor)
 }

 struct curl_hash *
-Curl_hash_alloc(int slots, curl_hash_dtor dtor)
+Curl_hash_alloc(int slots,
+                hash_function hfunc,
+                comp_function comparator,
+                curl_hash_dtor dtor)
 {
  struct curl_hash *h;

+  if (!slots || !hfunc || !comparator ||!dtor) {
+    return NULL; /* failure */
+  }
+
  h = (struct curl_hash *) malloc(sizeof(struct curl_hash));
  if (h) {
-    if(Curl_hash_init(h, slots, dtor)) {
+    if(Curl_hash_init(h, slots, hfunc, comparator, dtor)) {
      /* failure */
      free(h);
      h = NULL;
@@ -105,26 +108,16 @@ Curl_hash_alloc(int slots, curl_hash_dtor dtor)
  return h;
 }

-static int
-hash_key_compare(char *key1, size_t key1_len, char *key2, size_t key2_len)
-{
-  if (key1_len == key2_len &&
-      *key1 == *key2 &&
-      memcmp(key1, key2, key1_len) == 0) {
-    return 1;
-  }

-  return 0;
-}

 static struct curl_hash_element *
-mk_hash_element(char *key, size_t key_len, const void *p)
+mk_hash_element(void *key, size_t key_len, const void *p)
 {
  struct curl_hash_element *he =
    (struct curl_hash_element *) malloc(sizeof(struct curl_hash_element));

  if(he) {
-    char *dup = malloc(key_len);
+    void *dup = malloc(key_len);
    if(dup) {
      /* copy the key */
      memcpy(dup, key, key_len);
@@ -142,22 +135,20 @@ mk_hash_element(char *key, size_t key_len, const void *p)
  return he;
 }

-#define find_slot(__h, __k, __k_len) (hash_str(__k, __k_len) % (__h)->slots)
-
-#define FETCH_LIST(x,y,z) x->table[find_slot(x, y, z)]
+#define FETCH_LIST(x,y,z) x->table[x->hash_func(y, z, x->slots)]

 /* Return the data in the hash. If there already was a match in the hash,
   that data is returned. */
 void *
-Curl_hash_add(struct curl_hash *h, char *key, size_t key_len, void *p)
+Curl_hash_add(struct curl_hash *h, void *key, size_t key_len, void *p)
 {
  struct curl_hash_element  *he;
  struct curl_llist_element *le;
-  struct curl_llist *l = FETCH_LIST(h, key, key_len);
+  struct curl_llist *l = FETCH_LIST (h, key, key_len);

  for (le = l->head; le; le = le->next) {
    he = (struct curl_hash_element *) le->ptr;
-    if (hash_key_compare(he->key, he->key_len, key, key_len)) {
+    if (h->comp_func(he->key, he->key_len, key, key_len)) {
      h->dtor(p);     /* remove the NEW entry */
      return he->ptr; /* return the EXISTING entry */
    }
@@ -183,7 +174,7 @@ Curl_hash_add(struct curl_hash *h, char *key, size_t key_len, void *p)
 }

 /* remove the identified hash entry, returns non-zero on failure */
-int Curl_hash_delete(struct curl_hash *h, char *key, size_t key_len)
+int Curl_hash_delete(struct curl_hash *h, void *key, size_t key_len)
 {
  struct curl_llist_element *le;
  struct curl_hash_element  *he;
@@ -191,7 +182,7 @@ int Curl_hash_delete(struct curl_hash *h, char *key, size_t key_len)

  for (le = l->head; le; le = le->next) {
    he = le->ptr;
-    if (hash_key_compare(he->key, he->key_len, key, key_len)) {
+    if (h->comp_func(he->key, he->key_len, key, key_len)) {
      Curl_llist_remove(l, le, (void *) h);
      return 0;
    }
@@ -200,7 +191,7 @@ int Curl_hash_delete(struct curl_hash *h, char *key, size_t key_len)
 }

 void *
-Curl_hash_pick(struct curl_hash *h, char *key, size_t key_len)
+Curl_hash_pick(struct curl_hash *h, void *key, size_t key_len)
 {
  struct curl_llist_element *le;
  struct curl_hash_element  *he;
@@ -208,7 +199,7 @@ Curl_hash_pick(struct curl_hash *h, char *key, size_t key_len)

  for (le = l->head; le; le = le->next) {
    he = le->ptr;
-    if (hash_key_compare(he->key, he->key_len, key, key_len)) {
+    if (h->comp_func(he->key, he->key_len, key, key_len)) {
      return he->ptr;
    }
  }
@@ -282,6 +273,34 @@ Curl_hash_destroy(struct curl_hash *h)
  free(h);
 }

+size_t Curl_hash_str(void* key, size_t key_length, size_t slots_num)
+{
+  char* key_str = (char *) key;
+  char *end = (char *) key_str + key_length;
+  unsigned long h = 5381;
+
+  while (key_str < end) {
+    h += h << 5;
+    h ^= (unsigned long) *key_str++;
+  }
+
+  return (h % slots_num);
+}
+
+size_t Curl_str_key_compare(void*k1, size_t key1_len, void*k2, size_t key2_len)
+{
+  char *key1 = (char *)k1;
+  char *key2 = (char *)k2;
+
+  if (key1_len == key2_len &&
+      *key1 == *key2 &&
+      memcmp(key1, key2, key1_len) == 0) {
+    return 1;
+  }
+
+  return 0;
+}
+
 #if 0 /* useful function for debugging hashes and their contents */
 void Curl_hash_print(struct curl_hash *h,
                     void (*func)(void *))
--- a/lib/hash.h
+++ b/lib/hash.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -29,10 +29,29 @@

 #include "llist.h"

+/* Hash function prototype */
+typedef size_t (*hash_function) (void* key,
+                                 size_t key_length,
+                                 size_t slots_num);
+
+/*
+   Comparator function prototype. Compares two keys.
+*/
+typedef size_t (*comp_function) (void* key1,
+                                 size_t key1_len,
+                                 void*key2,
+                                 size_t key2_len);
+
 typedef void (*curl_hash_dtor)(void *);

 struct curl_hash {
  struct curl_llist **table;
+
+  /* Hash function to be used for this hash table */
+  hash_function hash_func;
+
+  /* Comparator function to compare keys */
+  comp_function comp_func;
  curl_hash_dtor   dtor;
  int slots;
  size_t size;
@@ -45,11 +64,20 @@ struct curl_hash_element {
 };


-int Curl_hash_init(struct curl_hash *, int, curl_hash_dtor);
-struct curl_hash *Curl_hash_alloc(int, curl_hash_dtor);
-void *Curl_hash_add(struct curl_hash *, char *, size_t, void *);
-int Curl_hash_delete(struct curl_hash *h, char *key, size_t key_len);
-void *Curl_hash_pick(struct curl_hash *, char *, size_t);
+int Curl_hash_init(struct curl_hash *h,
+                   int slots,
+                   hash_function hfunc,
+                   comp_function comparator,
+                   curl_hash_dtor dtor);
+
+struct curl_hash *Curl_hash_alloc(int slots,
+                                  hash_function hfunc,
+                                  comp_function comparator,
+                                  curl_hash_dtor dtor);
+
+void *Curl_hash_add(struct curl_hash *h, void *key, size_t key_len, void *p);
+int Curl_hash_delete(struct curl_hash *h, void *key, size_t key_len);
+void *Curl_hash_pick(struct curl_hash *, void * key, size_t key_len);
 void Curl_hash_apply(struct curl_hash *h, void *user,
                     void (*cb)(void *user, void *ptr));
 int Curl_hash_count(struct curl_hash *h);
@@ -58,4 +86,8 @@ void Curl_hash_clean_with_criterium(struct curl_hash *h, void *user,
                                    int (*comp)(void *, void *));
 void Curl_hash_destroy(struct curl_hash *h);

+size_t Curl_hash_str(void* key, size_t key_length, size_t slots_num);
+size_t Curl_str_key_compare(void*k1, size_t key1_len, void*k2,
+                            size_t key2_len);
+
 #endif
--- a/lib/hostares.c
+++ b/lib/hostares.c
@@ -253,8 +253,10 @@ CURLcode Curl_wait_for_resolv(struct connectdata *conn,

    tvp = ares_timeout(data->state.areschannel, &store, &tv);

-    if(!ares_waitperform(conn, tv.tv_sec * 1000 + tv.tv_usec/1000))
-      /* no sockets to wait on, get out of the loop */
+    /* use the timeout period ares returned to us above */
+    ares_waitperform(conn, tv.tv_sec * 1000 + tv.tv_usec/1000);
+
+    if(conn->async.done)
      break;

    timediff = Curl_tvdiff(Curl_tvnow(), now); /* spent time */
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -131,7 +131,8 @@ static void freednsentry(void *freethis);
 void Curl_global_host_cache_init(void)
 {
  if (!host_cache_initialized) {
-    Curl_hash_init(&hostname_cache, 7, freednsentry);
+    Curl_hash_init(&hostname_cache, 7, Curl_hash_str, Curl_str_key_compare,
+                   freednsentry);
    host_cache_initialized = 1;
  }
 }
@@ -537,7 +538,7 @@ static void freednsentry(void *freethis)
 */
 struct curl_hash *Curl_mk_dnscache(void)
 {
-  return Curl_hash_alloc(7, freednsentry);
+  return Curl_hash_alloc(7, Curl_hash_str, Curl_str_key_compare, freednsentry);
 }

 #ifdef CURLRES_ADDRINFO_COPY
@@ -574,6 +575,8 @@ void Curl_freeaddrinfo(Curl_addrinfo *ai)
  /* walk over the list and free all entries */
  while(ai) {
    next = ai->ai_next;
+    if(ai->ai_canonname)
+      free(ai->ai_canonname);
    free(ai);
    ai = next;
  }
--- a/lib/hostip.h
+++ b/lib/hostip.h
@@ -26,9 +26,9 @@
 #include "setup.h"
 #include "hash.h"

-#if (defined(NETWARE) && defined(__NOVELL_LIBC__))
+#ifdef NETWARE
 #undef in_addr_t
-#define in_addr_t uint32_t
+#define in_addr_t unsigned long
 #endif

 /*
--- a/lib/hostip4.c
+++ b/lib/hostip4.c
@@ -284,7 +284,12 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
     * which the gethostbyname() is the preferred() function.
     */
  else {
+#if (defined(NETWARE) && !defined(__NOVELL_LIBC__))
+    NETDB_DEFINE_CONTEXT
+    h = gethostbyname((char*)hostname);
+#else
    h = gethostbyname(hostname);
+#endif
    if (!h)
      infof(conn->data, "gethostbyname(2) failed for %s\n", hostname);
 #endif /*HAVE_GETHOSTBYNAME_R */
@@ -375,6 +380,9 @@ Curl_addrinfo *Curl_he2ai(const struct hostent *he, int port)
       and use that area to store the address */
    ai->ai_addr = (struct sockaddr *) ((char*)ai + sizeof(Curl_addrinfo));

+    /* FIXME: need to free this eventually */
+    ai->ai_canonname = strdup(he->h_name);
+
    /* leave the rest of the struct filled with zero */

    addr = (struct sockaddr_in *)ai->ai_addr; /* storage area for this info */
--- a/lib/hostip6.c
+++ b/lib/hostip6.c
@@ -279,9 +279,10 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
    /* the given address is numerical only, prevent a reverse lookup */
    hints.ai_flags = AI_NUMERICHOST;
  }
-#if 0 /* removed nov 8 2005 before 7.15.1 */
-  else
-    hints.ai_flags = AI_CANONNAME;
+#ifdef HAVE_GSSAPI
+  if(conn->data->set.krb)
+    /* if krb is used, we (might) need the canonical host name */
+    hints.ai_flags |= AI_CANONNAME;
 #endif

  if(port) {
--- a/lib/hostthre.c
+++ b/lib/hostthre.c
@@ -179,28 +179,21 @@ struct thread_sync_data {
 static
 void destroy_thread_sync_data(struct thread_sync_data * tsd)
 {
-  if (tsd->hostname) {
+  if (tsd->hostname)
    free(tsd->hostname);
-    tsd->hostname = NULL;
-  }
-  if (tsd->event_terminate) {
+  if (tsd->event_terminate)
    CloseHandle(tsd->event_terminate);
-    tsd->event_terminate = NULL;
-  }
-  if (tsd->mutex_terminate) {
+  if (tsd->mutex_terminate)
    CloseHandle(tsd->mutex_terminate);
-    tsd->mutex_terminate = NULL;
-  }
-  if (tsd->mutex_waiting) {
+  if (tsd->mutex_waiting)
    CloseHandle(tsd->mutex_waiting);
-    tsd->mutex_waiting = NULL;
-  }
+  memset(tsd,0,sizeof(*tsd));
 }

 /* Initialize resolver thread synchronization data */
 static
 BOOL init_thread_sync_data(struct thread_data * td,
-                           char * hostname,
+                           const char * hostname,
                           struct thread_sync_data * tsd)
 {
  HANDLE curr_proc = GetCurrentProcess();
@@ -293,6 +286,7 @@ static unsigned __stdcall gethostbyname_thread (void *arg)
   * due to a resolver timeout.
   */
  struct thread_sync_data tsd = { 0,0,0,NULL };
+
  if (!init_thread_sync_data(td, conn->async.hostname, &tsd)) {
    /* thread synchronization data initialization failed */
    return (unsigned)-1;
@@ -353,6 +347,7 @@ static unsigned __stdcall getaddrinfo_thread (void *arg)
   * due to a resolver timeout.
   */
  struct thread_sync_data tsd = { 0,0,0,NULL };
+
  if (!init_thread_sync_data(td, conn->async.hostname, &tsd)) {
    /* thread synchronization data initialization failed */
    return -1;
--- a/lib/inet_ntop.c
+++ b/lib/inet_ntop.c
@@ -42,6 +42,10 @@

 #include "inet_ntop.h"

+#if (defined(NETWARE) && !defined(__NOVELL_LIBC__))
+NETINET_DEFINE_CONTEXT
+#endif
+
 #if defined(HAVE_INET_NTOA_R) && !defined(HAVE_INET_NTOA_R_DECL)
 /* this platform has a inet_ntoa_r() function, but no proto declared anywhere
   so we include our own proto to make compilers happy */
--- a/lib/krb4.h
+++ b/lib/krb4.h
@@ -40,7 +40,12 @@ struct Curl_sec_client_mech {
 #define AUTH_CONTINUE   1
 #define AUTH_ERROR      2

+#ifdef HAVE_KRB4
 extern struct Curl_sec_client_mech Curl_krb4_client_mech;
+#endif
+#ifdef HAVE_GSSAPI
+extern struct Curl_sec_client_mech Curl_krb5_client_mech;
+#endif

 CURLcode Curl_krb_kauth(struct connectdata *conn);
 int Curl_sec_fflush_fd(struct connectdata *conn, int fd);
--- a/lib/krb5.c
+++ b/lib/krb5.c
@@ -0,0 +1,301 @@
+/* GSSAPI/krb5 support for FTP - loosely based on old krb4.c
+ *
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska H<>gskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.  */
+
+#include "setup.h"
+
+#ifndef CURL_DISABLE_FTP
+#ifdef HAVE_GSSAPI
+
+#include <stdlib.h>
+#ifdef HAVE_NETDB_H
+#include <netdb.h>
+#endif
+#include <string.h>
+#include <gssapi/gssapi.h>
+#include <gssapi/gssapi_generic.h>
+#include <gssapi/gssapi_krb5.h>
+
+#include "urldata.h"
+#include "base64.h"
+#include "ftp.h"
+#include "sendf.h"
+#include "krb4.h"
+#include "memory.h"
+
+/* The last #include file should be: */
+#include "memdebug.h"
+
+#define LOCAL_ADDR (&conn->local_addr)
+#define REMOTE_ADDR conn->ip_addr->ai_addr
+
+static int
+krb5_check_prot(void *app_data, int level)
+{
+  app_data = NULL; /* prevent compiler warning */
+  if(level == prot_confidential)
+    return -1;
+  return 0;
+}
+
+static int
+krb5_decode(void *app_data, void *buf, int len, int level,
+            struct connectdata *conn)
+{
+  gss_ctx_id_t *context = app_data;
+  OM_uint32 maj, min;
+  gss_buffer_desc enc, dec;
+
+  /* shut gcc up */
+  level = 0;
+  conn = NULL;
+
+  enc.value = buf;
+  enc.length = len;
+  maj = gss_unseal(&min, *context, &enc, &dec, NULL, NULL);
+  if(maj != GSS_S_COMPLETE) {
+    if(len >= 4)
+      strcpy(buf, "599 ");
+    return -1;
+  }
+
+  memcpy(buf, dec.value, dec.length);
+  len = dec.length;
+  gss_release_buffer(&min, &dec);
+
+  return len;
+}
+
+static int
+krb5_overhead(void *app_data, int level, int len)
+{
+  /* no arguments are used, just init them to prevent compiler warnings */
+  app_data = NULL;
+  level = 0;
+  len = 0;
+  return 0;
+}
+
+static int
+krb5_encode(void *app_data, void *from, int length, int level, void **to,
+            struct connectdata *conn)
+{
+  gss_ctx_id_t *context = app_data;
+  gss_buffer_desc dec, enc;
+  OM_uint32 maj, min;
+  int state;
+  int len;
+
+  /* shut gcc up */
+  conn = NULL;
+
+  dec.value = from;
+  dec.length = length;
+  maj = gss_seal(&min, *context,
+		 level == prot_private,
+		 GSS_C_QOP_DEFAULT,
+		 &dec, &state, &enc);
+
+  if(maj != GSS_S_COMPLETE)
+    return -1;
+
+  /* malloc a new buffer, in case gss_release_buffer doesn't work as expected */
+  *to = malloc(enc.length);
+  if(!*to)
+    return -1;
+  memcpy(*to, enc.value, enc.length);
+  len = enc.length;
+  gss_release_buffer(&min, &enc);
+  return len;
+}
+
+static int
+krb5_auth(void *app_data, struct connectdata *conn)
+{
+  int ret;
+  char *p;
+  const char *host = conn->dns_entry->addr->ai_canonname;
+  ssize_t nread;
+  unsigned int l = sizeof(conn->local_addr);
+  struct SessionHandle *data = conn->data;
+  CURLcode result;
+  const char *service = "ftp", *srv_host = "host";
+  gss_buffer_desc gssbuf, _gssresp, *gssresp;
+  OM_uint32 maj, min;
+  gss_name_t gssname;
+  gss_ctx_id_t *context = app_data;
+  struct gss_channel_bindings_struct chan;
+
+  if(getsockname(conn->sock[FIRSTSOCKET],
+                 (struct sockaddr *)LOCAL_ADDR, &l) < 0)
+    perror("getsockname()");
+
+  chan.initiator_addrtype = GSS_C_AF_INET;
+  chan.initiator_address.length = l - 4;
+  chan.initiator_address.value = &((struct sockaddr_in *)LOCAL_ADDR)->sin_addr.s_addr;
+  chan.acceptor_addrtype = GSS_C_AF_INET;
+  chan.acceptor_address.length = l - 4;
+  chan.acceptor_address.value = &((struct sockaddr_in *)REMOTE_ADDR)->sin_addr.s_addr;
+  chan.application_data.length = 0;
+  chan.application_data.value = NULL;
+
+  /* this loop will execute twice (once for service, once for host) */
+  while(1) {
+    /* this really shouldn't be repeated here, but can't help it */
+    if(service == srv_host) {
+      result = Curl_ftpsendf(conn, "AUTH GSSAPI");
+
+      if(result)
+	return -2;
+      if(Curl_GetFTPResponse(&nread, conn, NULL))
+	return -1;
+
+      if(data->state.buffer[0] != '3')
+	return -1;
+    }
+
+    gssbuf.value = data->state.buffer;
+    gssbuf.length = snprintf(gssbuf.value, BUFSIZE, "%s@%s", service, host);
+    maj = gss_import_name(&min, &gssbuf, gss_nt_service_name, &gssname);
+    if(maj != GSS_S_COMPLETE) {
+      gss_release_name(&min, &gssname);
+      if(service == srv_host) {
+	Curl_failf(data, "Error importing service name %s", gssbuf.value);
+	return AUTH_ERROR;
+      }
+      service = srv_host;
+      continue;
+    }
+    {
+      gss_OID t;
+      gss_display_name(&min, gssname, &gssbuf, &t);
+      Curl_infof(data, "Trying against %s\n", gssbuf.value);
+      gss_release_buffer(&min, &gssbuf);
+    }
+    gssresp = GSS_C_NO_BUFFER;
+    *context = GSS_C_NO_CONTEXT;
+
+    do {
+      ret = AUTH_OK;
+      maj = gss_init_sec_context(&min,
+				 GSS_C_NO_CREDENTIAL,
+				 context,
+				 gssname,
+				 GSS_C_NO_OID,
+				 GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG,
+				 0,
+				 &chan,
+				 gssresp,
+				 NULL,
+				 &gssbuf,
+				 NULL,
+				 NULL);
+
+      if(gssresp) {
+	free(_gssresp.value);
+	gssresp = NULL;
+      }
+
+      if(maj != GSS_S_COMPLETE && maj != GSS_S_CONTINUE_NEEDED) {
+	Curl_infof(data, "Error creating security context");
+	ret = AUTH_ERROR;
+	break;
+      }
+
+      if(gssbuf.length != 0) {
+	if(Curl_base64_encode(data, (char *)gssbuf.value, gssbuf.length, &p) < 1) {
+	  Curl_infof(data, "Out of memory base64-encoding");
+	  ret = AUTH_CONTINUE;
+	  break;
+	}
+
+	result = Curl_ftpsendf(conn, "ADAT %s", p);
+
+	free(p);
+
+	if(result) {
+	  ret = -2;
+	  break;
+	}
+
+	if(Curl_GetFTPResponse(&nread, conn, NULL)) {
+	  ret = -1;
+	  break;
+	}
+
+	if(data->state.buffer[0] != '2' && data->state.buffer[0] != '3'){
+	  Curl_infof(data, "Server didn't accept auth data\n");
+	  ret = AUTH_ERROR;
+	  break;
+	}
+
+	p = data->state.buffer + 4;
+	p = strstr(p, "ADAT=");
+	if(p) {
+	  _gssresp.length = Curl_base64_decode(p + 5, (unsigned char **)&_gssresp.value);
+	  if(_gssresp.length < 1) {
+	    Curl_failf(data, "Out of memory base64-encoding");
+	    ret = AUTH_CONTINUE;
+	    break;
+	  }
+	}
+
+	gssresp = &_gssresp;
+      }
+    } while(maj == GSS_S_CONTINUE_NEEDED);
+
+    gss_release_name(&min, &gssname);
+
+    if(gssresp)
+      free(_gssresp.value);
+
+    if(ret == AUTH_OK || service == srv_host)
+      return ret;
+
+    service = srv_host;
+  }
+}
+
+struct Curl_sec_client_mech Curl_krb5_client_mech = {
+    "GSSAPI",
+    sizeof(gss_ctx_id_t),
+    NULL, /* init */
+    krb5_auth,
+    NULL, /* end */
+    krb5_check_prot,
+    krb5_overhead,
+    krb5_encode,
+    krb5_decode
+};
+
+#endif /* HAVE_GSSAPI */
+#endif /* CURL_DISABLE_FTP */
--- a/lib/memdebug.c
+++ b/lib/memdebug.c
@@ -280,6 +280,16 @@ FILE *curl_fopen(const char *file, const char *mode,
  return res;
 }

+FILE *curl_fdopen(int filedes, const char *mode,
+                  int line, const char *source)
+{
+  FILE *res=(fdopen)(filedes, mode);
+  if(logfile)
+    fprintf(logfile, "FILE %s:%d fdopen(\"%d\",\"%s\") = %p\n",
+            source, line, filedes, mode, res);
+  return res;
+}
+
 int curl_fclose(FILE *file, int line, const char *source)
 {
  int res;
--- a/lib/memdebug.h
+++ b/lib/memdebug.h
@@ -67,6 +67,8 @@ CURL_EXTERN int curl_accept(int s, void *addr, void *addrlen,
 /* FILE functions */
 CURL_EXTERN FILE *curl_fopen(const char *file, const char *mode, int line,
                             const char *source);
+CURL_EXTERN FILE *curl_fdopen(int filedes, const char *mode, int line,
+                              const char *source);
 CURL_EXTERN int curl_fclose(FILE *file, int line, const char *source);

 #ifndef MEMDEBUG_NODEFINES
@@ -117,6 +119,8 @@ CURL_EXTERN int curl_fclose(FILE *file, int line, const char *source);

 #undef fopen
 #define fopen(file,mode) curl_fopen(file,mode,__LINE__,__FILE__)
+#undef fdopen
+#define fdopen(file,mode) curl_fdopen(file,mode,__LINE__,__FILE__)
 #define fclose(file) curl_fclose(file,__LINE__,__FILE__)

 #endif /* MEMDEBUG_NODEFINES */
--- a/lib/multi.c
+++ b/lib/multi.c
@@ -50,6 +50,15 @@
 /* The last #include file should be: */
 #include "memdebug.h"

+/*
+  CURL_SOCKET_HASH_TABLE_SIZE should be a prime number. Increasing it from 97
+  to 911 takes on a 32-bit machine 4 x 804 = 3211 more bytes.  Still, every
+  CURL handle takes 45-50 K memory, therefore this 3K are not significant.
+*/
+#ifndef CURL_SOCKET_HASH_TABLE_SIZE
+#define CURL_SOCKET_HASH_TABLE_SIZE 911
+#endif
+
 struct Curl_message {
  /* the 'CURLMsg' is the part that is visible to the external user */
  struct CURLMsg extmsg;
@@ -305,6 +314,21 @@ static void sh_freeentry(void *freethis)
  free(p);
 }

+static size_t fd_key_compare(void*k1, size_t k1_len, void*k2, size_t k2_len)
+{
+  (void) k1_len; (void) k2_len;
+
+  return ((*((int* ) k1)) == (*((int* ) k2))) ? 1 : 0;
+}
+
+static size_t hash_fd(void* key, size_t key_length, size_t slots_num)
+{
+  int fd = * ((int* ) key);
+  (void) key_length;
+
+  return (fd % (int)slots_num);
+}
+
 /*
 * sh_init() creates a new socket hash and returns the handle for it.
 *
@@ -325,7 +349,8 @@ static void sh_freeentry(void *freethis)
 */
 static struct curl_hash *sh_init(void)
 {
-  return Curl_hash_alloc(97, sh_freeentry);
+  return Curl_hash_alloc(CURL_SOCKET_HASH_TABLE_SIZE, hash_fd, fd_key_compare,
+                         sh_freeentry);
 }

 CURLM *curl_multi_init(void)
@@ -1007,8 +1032,15 @@ static CURLMcode multi_runsingle(struct Curl_multi *multi,
        if(!protocol_connect) {
          /* We have a TCP connection, but 'protocol_connect' may be false
             and then we continue to 'STATE_PROTOCONNECT'. If protocol
-             connect is TRUE, we move on to STATE_DO. */
-          multistate(easy, CURLM_STATE_PROTOCONNECT);
+             connect is TRUE, we move on to STATE_DO.
+             BUT if we are using a proxy we must change to WAITPROXYCONNECT
+             */
+#ifndef CURL_DISABLE_HTTP
+          if (easy->easy_conn->bits.tunnel_connecting)
+            multistate(easy, CURLM_STATE_WAITPROXYCONNECT);
+          else
+#endif
+            multistate(easy, CURLM_STATE_PROTOCONNECT);
        }
        else {
          /* after the connect has completed, go WAITDO */
--- a/lib/nwlib.c
+++ b/lib/nwlib.c
@@ -23,9 +23,12 @@

 #ifdef NETWARE /* Novell NetWare */

+#include <stdlib.h>
+
+#ifdef __NOVELL_LIBC__
+/* For native LibC-based NLM we need to register as a real lib. */
 #include <errno.h>
 #include <string.h>
-#include <stdlib.h>
 #include <library.h>
 #include <netware.h>
 #include <screen.h>
@@ -148,7 +151,7 @@ void _NonAppStop( void )
 ** we return a non-zero value. Right now, there isn't any reason not to allow
 ** it.
 */
-int  _NonAppCheckUnload( void )
+int _NonAppCheckUnload( void )
 {
    return 0;
 }
@@ -275,10 +278,10 @@ int GetOrSetUpData(int id, libdata_t **appData,
  return err;
 }

-int DisposeLibraryData( void    *data)
+int DisposeLibraryData( void *data )
 {
  if (data) {
-    void    *tenbytes = ((libdata_t *) data)->tenbytes;
+    void *tenbytes = ((libdata_t *) data)->tenbytes;
    
    if (tenbytes)
      free(tenbytes);
@@ -289,10 +292,10 @@ int DisposeLibraryData( void    *data)
  return 0;
 }

-void DisposeThreadData(void    *data)
+void DisposeThreadData( void *data )
 {
  if (data) {
-    void    *twentybytes = ((libthreaddata_t *) data)->twentybytes;
+    void *twentybytes = ((libthreaddata_t *) data)->twentybytes;
    
    if (twentybytes)
      free(twentybytes);
@@ -301,4 +304,28 @@ void DisposeThreadData(void    *data)
  }
 }

+#else /* __NOVELL_LIBC__ */
+/* For native CLib-based NLM seems we can do a bit more simple. */
+#include <nwthread.h>
+
+/* Make the CLIB Ctx stuff link */
+/*
+#include <stdio.h>
+#include <netdb.h>
+NETDB_DEFINE_CONTEXT
+*/
+
+int main ( void )
+{
+    /* initialize any globals here... */
+
+    /* do this if any global initializing was done 
+    SynchronizeStart();
+    */
+    ExitThread (TSR_THREAD, 0);
+    return 0;
+}
+
+#endif /* __NOVELL_LIBC__ */
+
 #endif /* NETWARE */
--- a/lib/security.c
+++ b/lib/security.c
@@ -41,7 +41,7 @@
 #include "setup.h"

 #ifndef CURL_DISABLE_FTP
-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)

 #define _MPRINTF_REPLACE /* we want curl-functions instead of native ones */
 #include <curl/mprintf.h>
@@ -87,8 +87,8 @@ name_to_level(const char *name)
 }

 static const struct Curl_sec_client_mech * const mechs[] = {
-#ifdef KRB5
-  /* not supported */
+#ifdef HAVE_GSSAPI
+    &Curl_krb5_client_mech,
 #endif
 #ifdef HAVE_KRB4
    &Curl_krb4_client_mech,
@@ -118,6 +118,8 @@ block_read(int fd, void *buf, size_t len)
    b = read(fd, p, len);
    if (b == 0)
      return 0;
+    else if (b < 0 && (errno == EINTR || errno == EAGAIN))
+      continue;
    else if (b < 0)
      return -1;
    len -= b;
@@ -127,13 +129,15 @@ block_read(int fd, void *buf, size_t len)
 }

 static int
-block_write(int fd, void *buf, size_t len)
+block_write(int fd, const void *buf, size_t len)
 {
-  unsigned char *p = buf;
+  const unsigned char *p = buf;
  int b;
  while(len) {
    b = write(fd, p, len);
-    if(b < 0)
+    if (b < 0 && (errno == EINTR || errno == EAGAIN))
+      continue;
+    else if(b < 0)
      return -1;
    len -= b;
    p += b;
@@ -155,7 +159,7 @@ sec_get_data(struct connectdata *conn,
    return -1;
  len = ntohl(len);
  buf->data = realloc(buf->data, len);
-  b = block_read(fd, buf->data, len);
+  b = buf->data ? block_read(fd, buf->data, len) : -1;
  if (b == 0)
    return 0;
  else if (b < 0)
@@ -234,11 +238,36 @@ sec_send(struct connectdata *conn, int fd, char *from, int length)
 {
  int bytes;
  void *buf;
-  bytes = (conn->mech->encode)(conn->app_data, from, length, conn->data_prot,
+  enum protection_level protlevel = conn->data_prot;
+  int iscmd = protlevel == prot_cmd;
+
+  if(iscmd) {
+    if(!strncmp(from, "PASS ", 5) || !strncmp(from, "ACCT ", 5))
+      protlevel = prot_private;
+    else
+      protlevel = conn->command_prot;
+  }
+  bytes = (conn->mech->encode)(conn->app_data, from, length, protlevel,
                               &buf, conn);
-  bytes = htonl(bytes);
-  block_write(fd, &bytes, sizeof(bytes));
-  block_write(fd, buf, ntohl(bytes));
+  if(iscmd) {
+    char *cmdbuf;
+
+    bytes = Curl_base64_encode(conn->data, (char *)buf, bytes, &cmdbuf);
+    if(bytes > 0) {
+      if(protlevel == prot_private)
+	block_write(fd, "ENC ", 4);
+      else
+	block_write(fd, "MIC ", 4);
+      block_write(fd, cmdbuf, bytes);
+      block_write(fd, "\r\n", 2);
+      Curl_infof(conn->data, "%s %s\n", protlevel == prot_private ? "ENC" : "MIC", cmdbuf);
+      free(cmdbuf);
+    }
+  } else {
+    bytes = htonl(bytes);
+    block_write(fd, &bytes, sizeof(bytes));
+    block_write(fd, buf, ntohl(bytes));
+  }
  free(buf);
  return length;
 }
@@ -267,6 +296,8 @@ Curl_sec_write(struct connectdata *conn, int fd, char *buffer, int length)
    return write(fd, buffer, length);

  len -= (conn->mech->overhead)(conn->app_data, conn->data_prot, len);
+  if(len <= 0)
+    len = length;
  while(length){
    if(length < len)
      len = length;
@@ -319,6 +350,11 @@ Curl_sec_read_msg(struct connectdata *conn, char *s, int level)
    return -1;
  }

+  if(conn->data->set.verbose) {
+    buf[len] = '\n';
+    Curl_debug(conn->data, CURLINFO_HEADER_IN, (char *)buf, len + 1, conn);
+  }
+
  buf[len] = '\0';

  if(buf[3] == '-')
@@ -360,7 +396,7 @@ sec_prot_internal(struct connectdata *conn, int level)
    if(Curl_GetFTPResponse(&nread, conn, &code))
      return -1;

-    if(code/100 != '2'){
+    if(code/100 != 2){
      failf(conn->data, "Failed to set protection buffer size.");
      return -1;
    }
@@ -385,6 +421,8 @@ sec_prot_internal(struct connectdata *conn, int level)
  }

  conn->data_prot = (enum protection_level)level;
+  if(level == prot_private)
+    conn->command_prot = (enum protection_level)level;
  return 0;
 }

@@ -468,6 +506,9 @@ Curl_sec_login(struct connectdata *conn)
    conn->mech = *m;
    conn->sec_complete = 1;
    conn->command_prot = prot_safe;
+    /* Set the requested protection level */
+    /* BLOCKING */
+    Curl_sec_set_protection_level(conn);
    break;
  }

--- a/lib/select.h
+++ b/lib/select.h
@@ -46,7 +46,7 @@
 * Definition of pollfd struct and constants for platforms lacking them.
 */

-#ifndef HAVE_POLL
+#ifndef HAVE_SYS_POLL_H

 #define POLLIN      0x01
 #define POLLPRI     0x02
--- a/lib/sendf.c
+++ b/lib/sendf.c
@@ -47,7 +47,7 @@
 #define _MPRINTF_REPLACE /* use the internal *printf() functions */
 #include <curl/mprintf.h>

-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
 #include "krb4.h"
 #else
 #define Curl_sec_send(a,b,c,d) -1
@@ -365,7 +365,7 @@ CURLcode Curl_write(struct connectdata *conn,
    bytes_written = Curl_sftp_send(conn, num, mem, len);
 #endif /* !USE_LIBSSH2 */
  else if(conn->sec_complete)
-    /* only TRUE if krb4 enabled */
+    /* only TRUE if krb enabled */
    bytes_written = Curl_sec_send(conn, num, mem, len);
  else
    bytes_written = Curl_plain_send(conn, num, mem, len);
--- a/lib/setup.h
+++ b/lib/setup.h
@@ -315,6 +315,10 @@ int fileno( FILE *stream);
 #endif

 #ifdef NETWARE
+#ifndef __NOVELL_LIBC__
+#include <sys/bsdskt.h>
+#include <sys/timeval.h>
+#endif
 #undef HAVE_ALARM
 #endif

--- a/lib/setup_once.h
+++ b/lib/setup_once.h
@@ -365,5 +365,87 @@ typedef int sig_atomic_t;
 #endif


+#if defined (__LP64__) && defined(__hpux) && !defined(_XOPEN_SOURCE_EXTENDED)
+#include <sys/socket.h>
+/* HP-UX has this oddity where it features a few functions that don't work
+   with socklen_t so we need to convert to ints
+
+   This is due to socklen_t being a 64bit int under 64bit ABI, but the
+   pre-xopen (default) interfaces require an int, which is 32bits.
+
+   Therefore, Anytime socklen_t is passed by pointer, the libc function
+   truncates the 64bit socklen_t value by treating it as a 32bit value.
+
+
+   Note that some socket calls are allowed to have a NULL pointer for
+   the socklen arg.
+*/
+
+inline static int Curl_hp_getsockname(int s, struct sockaddr *name,
+                                      socklen_t *namelen)
+{
+  int rc;
+  if(namelen) {
+     int len = *namelen;
+     rc = getsockname(s, name, &len);
+     *namelen = len;
+   }
+  else
+     rc = getsockname(s, name, 0);
+  return rc;
+}
+
+inline static int Curl_hp_getsockopt(int  s, int level, int optname,
+                                     void *optval, socklen_t *optlen)
+{
+  int rc;
+  if(optlen) {
+    int len = *optlen;
+    rc = getsockopt(s, level, optname, optval, &len);
+    *optlen = len;
+  }
+  else
+    rc = getsockopt(s, level, optname, optval, 0);
+  return rc;
+}
+
+inline static int Curl_hp_accept(int sockfd, struct sockaddr *addr,
+                                 socklen_t *addrlen)
+{
+  int rc;
+  if(addrlen) {
+     int len = *addrlen;
+     rc = accept(sockfd, addr, &len);
+     *addrlen = len;
+  }
+  else
+     rc = accept(sockfd, addr, 0);
+  return rc;
+}
+
+
+inline static ssize_t Curl_hp_recvfrom(int s, void *buf, size_t len, int flags,
+                                       struct sockaddr *from,
+                                       socklen_t *fromlen)
+{
+  ssize_t rc;
+  if(fromlen) {
+    int fromlen32 = *fromlen;
+    rc = recvfrom(s, buf, len, flags, from, &fromlen32);
+    *fromlen = fromlen32;
+  }
+  else {
+    rc = recvfrom(s, buf, len, flags, from, 0);
+  }
+  return rc;
+}
+
+#define getsockname(a,b,c) Curl_hp_getsockname((a),(b),(c))
+#define getsockopt(a,b,c,d,e) Curl_hp_getsockopt((a),(b),(c),(d),(e))
+#define accept(a,b,c) Curl_hp_accept((a),(b),(c))
+#define recvfrom(a,b,c,d,e,f) Curl_hp_recvfrom((a),(b),(c),(d),(e),(f))
+
+#endif /* HPUX work-around */
+
 #endif /* __SETUP_ONCE_H */

--- a/lib/ssh.c
+++ b/lib/ssh.c
--- a/lib/ssh.h
+++ b/lib/ssh.h
@@ -27,6 +27,7 @@
 #ifdef USE_LIBSSH2

 CURLcode Curl_ssh_connect(struct connectdata *conn, bool *done);
+CURLcode Curl_ssh_multi_statemach(struct connectdata *conn, bool *done);

 CURLcode Curl_scp_do(struct connectdata *conn, bool *done);
 CURLcode Curl_scp_done(struct connectdata *conn, CURLcode, bool premature);
--- a/lib/tftp.c
+++ b/lib/tftp.c
@@ -136,7 +136,6 @@ typedef struct tftp_state_data {
  time_t          max_time;
  unsigned short  block;
  struct Curl_sockaddr_storage   local_addr;
-  socklen_t       local_addrlen;
  struct Curl_sockaddr_storage   remote_addr;
  socklen_t       remote_addrlen;
  int             rbytes;
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -379,7 +379,6 @@ CURLcode Curl_readwrite(struct connectdata *conn,
        /* receive data from the network! */
        readrc = Curl_read(conn, conn->sockfd, k->buf, bytestoread, &nread);

-        DEBUGF(infof(data, "Read %ld bytes from stream (readrc = %d)\n", nread, readrc));
        /* subzero, this would've blocked */
        if(0 > readrc)
          break; /* get out of loop */
@@ -575,14 +574,16 @@ CURLcode Curl_readwrite(struct connectdata *conn,
                k->header = FALSE; /* no more header to parse! */

                if((k->size == -1) && !conn->bits.chunk && !conn->bits.close &&
-                   (k->httpversion >= 11) )
+                   (k->httpversion >= 11) ) {
                  /* On HTTP 1.1, when connection is not to get closed, but no
                     Content-Length nor Content-Encoding chunked have been
-                     received, there is no body in this response. We don't set
-                     stop_reading TRUE since that would also prevent necessary
-                     authentication actions to take place. */
-                  conn->bits.no_body = TRUE;
-
+                     received, according to RFC2616 section 4.4 point 5, we
+                     assume that the server will close the connection to
+                     signal the end of the document. */
+                  infof(data, "no chunk, no close, no size. Assume close to "
+                        "signal end\n");
+                  conn->bits.close = TRUE;
+                }
              }

              if (417 == k->httpcode) {
@@ -801,11 +802,13 @@ CURLcode Curl_readwrite(struct connectdata *conn,
                  }
                }

-                if(k->httpversion == 10)
+                if(k->httpversion == 10) {
                  /* Default action for HTTP/1.0 must be to close, unless
                     we get one of those fancy headers that tell us the
                     server keeps it open for us! */
+                  infof(data, "HTTP 1.0, assume close after body\n");
                  conn->bits.close = TRUE;
+                }

                switch(k->httpcode) {
                case 204:
@@ -1721,8 +1724,6 @@ CURLcode Curl_readwrite_init(struct connectdata *conn)
 */
 void Curl_pre_readwrite(struct connectdata *conn)
 {
-  DEBUGF(infof(conn->data, "Pre readwrite setting chunky header "
-               "values to default\n"));
  conn->bits.chunk=FALSE;
  conn->bits.trailerHdrPresent=FALSE;
 }
--- a/lib/url.c
+++ b/lib/url.c
@@ -146,9 +146,6 @@ void idn_free (void *ptr); /* prototype from idn-free.h, not provided by
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>

-#ifdef HAVE_KRB4
-#include "krb4.h"
-#endif
 #include "memory.h"

 /* The last #include file should be: */
@@ -378,8 +375,11 @@ CURLcode Curl_close(struct SessionHandle *data)
 #endif /* CURL_DOES_CONVERSIONS && HAVE_ICONV */

  /* No longer a dirty share, if it exists */
-  if (data->share)
+  if (data->share) {
+    Curl_share_lock(data, CURL_LOCK_DATA_SHARE, CURL_LOCK_ACCESS_SINGLE);
    data->share->dirty--;
+    Curl_share_unlock(data, CURL_LOCK_DATA_SHARE);
+  }

  free(data);
  return CURLE_OK;
@@ -592,6 +592,8 @@ CURLcode Curl_open(struct SessionHandle **curl)

    data->set.ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
                                                        type */
+    data->set.new_file_perms = 0644;    /* Default permissions */
+    data->set.new_directory_perms = 0755; /* Default permissions */

    /* most recent connection is not yet defined */
    data->state.lastconnect = -1;
@@ -1493,12 +1495,12 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
     */
    data->set.localportrange = (int) va_arg(param, long);
    break;
-  case CURLOPT_KRB4LEVEL:
+  case CURLOPT_KRBLEVEL:
    /*
-     * A string that defines the krb4 security level.
+     * A string that defines the kerberos security level.
     */
-    data->set.krb4_level = va_arg(param, char *);
-    data->set.krb4 = (bool)(NULL != data->set.krb4_level);
+    data->set.krb_level = va_arg(param, char *);
+    data->set.krb = (bool)(NULL != data->set.krb_level);
    break;
  case CURLOPT_SSL_VERIFYPEER:
    /*
@@ -1756,6 +1758,21 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
     */
    data->set.http_ce_skip = (bool)(0 == va_arg(param, long));
    break;
+
+  case CURLOPT_NEW_FILE_PERMS:
+    /*
+     * Uses these permissions instead of 0644
+     */
+    data->set.new_file_perms = va_arg(param, long);
+    break;
+
+  case CURLOPT_NEW_DIRECTORY_PERMS:
+    /*
+     * Uses these permissions instead of 0755
+     */
+    data->set.new_directory_perms = va_arg(param, long);
+    break;
+
  default:
    /* unknown tag and its companion, just ignore: */
    result = CURLE_FAILED_INIT; /* correct this */
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -133,8 +133,8 @@
   We prefix with CURL to prevent name collisions. */
 #define CURLMAX(x,y) ((x)>(y)?(x):(y))

-#ifdef HAVE_KRB4
-/* Types needed for krb4-ftp connections */
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+/* Types needed for krb4/5-ftp connections */
 struct krb4buffer {
  void *data;
  size_t size;
@@ -145,7 +145,8 @@ enum protection_level {
  prot_clear,
  prot_safe,
  prot_confidential,
-  prot_private
+  prot_private,
+  prot_cmd
 };
 #endif

@@ -406,6 +407,31 @@ struct ftp_conn {
  ftpstate state; /* always use ftp.c:state() to change state! */
 };

+/****************************************************************************
+ * SSH unique setup
+ ***************************************************************************/
+typedef enum {
+  SSH_STOP,    /* do nothing state, stops the state machine */
+  SSH_S_STARTUP,  /* Session startup */
+  SSH_AUTHLIST,
+  SSH_AUTH_PKEY_INIT,
+  SSH_AUTH_PKEY,
+  SSH_AUTH_PASS_INIT,
+  SSH_AUTH_PASS,
+  SSH_AUTH_HOST_INIT,
+  SSH_AUTH_HOST,
+  SSH_AUTH_KEY_INIT,
+  SSH_AUTH_KEY,
+  SSH_AUTH_DONE,
+  SSH_SFTP_INIT,
+  SSH_SFTP_REALPATH,
+  SSH_GET_WORKINGPATH,
+  SSH_SFTP_SHUTDOWN,
+  SSH_SESSION_FREE,
+  SSH_QUIT,
+  SSH_LAST  /* never used */
+} sshstate;
+
 struct SSHPROTO {
  curl_off_t *bytecountp;
  char *user;
@@ -421,6 +447,18 @@ struct SSHPROTO {
 #endif /* USE_LIBSSH2 */
 };

+/* ssh_conn is used for struct connection-oriented data in the connectdata
+   struct */
+struct ssh_conn {
+  const char *authlist; /* List of auth. methods, managed by libssh2 */
+  const char *passphrase;
+  char *rsa_pub;
+  char *rsa;
+  bool authed;
+  sshstate state; /* always use ssh.c:state() to change state! */
+  CURLcode actualCode;  /* the actual error code */
+};
+

 /****************************************************************************
 * FILE unique setup
@@ -845,8 +883,8 @@ struct connectdata {
    char *cookiehost; /* free later if not NULL */
  } allocptr;

-  int sec_complete; /* if krb4 is enabled for this connection */
-#ifdef HAVE_KRB4
+  int sec_complete; /* if kerberos is enabled for this connection */
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  enum protection_level command_prot;
  enum protection_level data_prot;
  enum protection_level request_data_prot;
@@ -900,6 +938,7 @@ struct connectdata {

  union {
    struct ftp_conn ftpc;
+    struct ssh_conn sshc;
  } proto;

  int cselect_bits; /* bitmask of socket events */
@@ -1239,7 +1278,7 @@ struct UserDefined {
                    * to which to send the authorization data to, and no other
                    * host (which location-following otherwise could lead to)
                    */
-  char *krb4_level; /* what security level */
+  char *krb_level;  /* what security level */
  struct ssl_config_data ssl;  /* user defined SSL stuff */

  curl_proxytype proxytype; /* what kind of proxy that is in use */
@@ -1293,7 +1332,7 @@ struct UserDefined {
  char *netrc_file;      /* if not NULL, use this instead of trying to find
                            $HOME/.netrc */
  bool verbose;
-  bool krb4;             /* kerberos4 connection requested */
+  bool krb;              /* kerberos connection requested */
  bool reuse_forbid;     /* forbidden to be reused, close after use */
  bool reuse_fresh;      /* do not re-use an existing connection  */
  bool ftp_use_epsv;     /* if EPSV is to be attempted or not */
@@ -1318,6 +1357,8 @@ struct UserDefined {
                            transfer-encoded (chunked, compressed) */
  bool http_ce_skip;     /* pass the raw body data to the user, even when
                            content-encoded (chunked, compressed) */
+  long new_file_perms;    /* Permissions to use when creating remote files */
+  long new_directory_perms; /* Permissions to use when creating remote dirs */
 };

 struct Names {
--- a/src/Makefile.m32
+++ b/src/Makefile.m32
@@ -19,6 +19,8 @@ ifndef ZLIB_PATH
 ZLIB_PATH = ../../zlib-1.2.3
 endif

+ARES_LIB = ../ares
+
 CC = gcc
 CFLAGS = -g -O2
 LDFLAGS =
@@ -47,6 +49,10 @@ else
  curl_LDADD = -L../lib -lcurl
  COMPILE += -DCURL_STATICLIB
 endif
+ifdef ARES
+  CFLAGS += -DUSE_ARES
+  curl_LDADD += -L$(ARES_LIB) -lcares
+endif
 ifdef SSH2
  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
  curl_LDADD += -L$(LIBSSH2_PATH)/win32 -lssh2
--- a/src/Makefile.netware
+++ b/src/Makefile.netware
@@ -25,7 +25,7 @@ endif

 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-0.14
+LIBSSH2_PATH = ../../libssh2-0.15
 endif

 ifndef INSTDIR
@@ -36,21 +36,22 @@ endif
 TARGET  = curl
 VERSION	= $(LIBCURL_VERSION)
 COPYR	= Copyright (C) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>
-DESCR	= cURL $(LIBCURL_VERSION_STR) - http://curl.haxx.se
+DESCR	= cURL $(LIBCURL_VERSION_STR) ($(LIBARCH)) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
 SCREEN	= $(TARGET) commandline utility
 # Comment the line below if you dont want to load protected automatically.
-LDRING	= 3
+#LDRING	= 3

 # Edit the var below to point to your lib architecture.
 ifndef LIBARCH
 LIBARCH = LIBC
 endif

-# must be equal to DEBUG or NDEBUG
+# must be equal to NDEBUG or DEBUG, CURLDEBUG
+ifndef DB
 DB	= NDEBUG
-# DB	= DEBUG
+endif
 # Optimization: -O<n> or debugging: -g
 ifeq ($(DB),NDEBUG)
 	OPT	= -O2
@@ -60,15 +61,19 @@ else
 	OBJDIR	= debug
 endif

-# Include the version info retrieved from curlver.h
-include $(OBJDIR)/version.inc
-
-# The following line defines your compiler.
+# The following lines defines your compiler.
+ifdef CWFolder
+	METROWERKS = $(CWFolder)
+endif
 ifdef METROWERKS
+	# MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support
+	MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support/Metrowerks Support
 	CC = mwccnlm
 else
 	CC = gcc
 endif
+# a native win32 awk can be downloaded from here:
+# http://www.gknw.net/development/prgtools/awk-20050424.zip
 AWK	= awk
 CP	= cp -afv
 # RM	= rm -f
@@ -77,6 +82,12 @@ CP	= cp -afv
 # http://www.gknw.net/development/prgtools/mkxdc.zip
 MPKXDC	= mkxdc

+# LIBARCH_U = $(shell $(AWK) 'BEGIN {print toupper(ARGV[1])}' $(LIBARCH))
+LIBARCH_L = $(shell $(AWK) 'BEGIN {print tolower(ARGV[1])}' $(LIBARCH))
+
+# Include the version info retrieved from curlver.h
+-include $(OBJDIR)/version.inc
+
 # Global flags for all compilers
 CFLAGS	= $(OPT) -D$(DB) -DNETWARE -DHAVE_CONFIG_H -nostdinc

@@ -91,8 +102,10 @@ ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.o
 	CFLAGS += -align 4
 else
-	PRELUDE = "$(METROWERKS)/Novell Support/libraries/runtime/prelude.obj"
-#	CFLAGS += -include "$(METROWERKS)/Novell Support/headers/nlm_prefix.h"
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.o
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+	PRELUDE = "$(MWCW_PATH)/libraries/runtime/prelude.obj"
+	# CFLAGS += -include "$(MWCW_PATH)/headers/nlm_clib_prefix.h"
 	CFLAGS += -align 1
 endif
 else
@@ -104,7 +117,10 @@ CFLAGS	+= -Wall # -pedantic
 ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
 else
-	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
+	# http://www.gknw.net/development/mk_nlm/gcc_pre.zip
+	PRELUDE = $(NDK_ROOT)/pre/prelude.o
 	CFLAGS += -include $(NDKBASE)/nlmconv/genlm.h
 endif
 endif
@@ -121,6 +137,9 @@ INCLUDES = -I$(CURL_INC) -I$(CURL_LIB)

 ifdef LINK_STATIC
 	LDLIBS	= $(CURL_LIB)/libcurl.$(LIBEXT)
+ifdef WITH_ARES
+	LDLIBS += $(ARES_LIB)/libcares.$(LIBEXT)
+endif
 else
 	MODULES	= libcurl.nlm
 	IMPORTS	= @$(CURL_LIB)/libcurl.imp
@@ -128,10 +147,10 @@ endif
 ifdef WITH_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
 ifdef LINK_STATIC
-	LDLIBS += $(ZLIB_PATH)/nw/libz.$(LIBEXT)
+	LDLIBS += $(ZLIB_PATH)/nw/$(LIBARCH)/libz.$(LIBEXT)
 else
 	MODULES += libz.nlm
-	IMPORTS += @$(ZLIB_PATH)/nw/libz.imp
+	IMPORTS += @$(ZLIB_PATH)/nw/$(LIBARCH)/libz.imp
 endif
 endif
 ifdef WITH_SSH2
@@ -144,21 +163,21 @@ else
 endif
 endif
 ifdef WITH_SSL
-	LDLIBS += $(OPENSSL_PATH)/out_nw_libc/ssl.$(LIBEXT)
-	LDLIBS += $(OPENSSL_PATH)/out_nw_libc/crypto.$(LIBEXT)
+	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
+	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
 	IMPORTS += GetProcessSwitchCount RunningProcess
 endif

 ifeq ($(LIBARCH),LIBC)
-	INCLUDES += -I$(SDK_LIBC)/include -I$(SDK_LIBC)/include/nks
+	INCLUDES += -I$(SDK_LIBC)/include
+	# INCLUDES += -I$(SDK_LIBC)/include/nks
 	# INCLUDES += -I$(SDK_LIBC)/include/winsock
 	# INCLUDES += -I$(SDK_LDAP)/libc/inc
 	CFLAGS += -D_POSIX_SOURCE
-	# CFLAGS += -D__ANSIC__
 else
-	INCLUDES += -I$(SDK_CLIB)/include/nlm -I$(SDK_CLIB)/include
+	INCLUDES += -I$(SDK_CLIB)/include/nlm
+	# INCLUDES += -I$(SDK_CLIB)/include
 	# INCLUDES += -I$(SDK_LDAP)/clib/inc
-	CFLAGS += -DNETDB_USE_INTERNET
 endif
 CFLAGS	+= $(INCLUDES)

@@ -188,7 +207,7 @@ OBJS	:= $(patsubst %.c,$(OBJDIR)/%.o,$(strip $(CURL_SOURCES))) $(OBJX)

 vpath %.c $(CURL_LIB)

-all: prebuild $(TARGET).nlm 
+all: prebuild $(TARGET).nlm

 prebuild: $(OBJDIR) $(OBJDIR)/version.inc config.h

@@ -205,7 +224,7 @@ dist: all
 	-$(RM) $(OBJDIR)/$(TARGET).def $(OBJDIR)/version.inc $(XDCDATA)

 install: $(INSTDIR) all
-	@$(CP) ../docs/$(TARGET).pdf $(INSTDIR)
+	@-$(CP) ../docs/$(TARGET).pdf $(INSTDIR)
 	@$(CP) $(TARGET).nlm $(INSTDIR)

 clean:
@@ -252,7 +271,7 @@ ifdef SCREEN
 else
 	@echo $(DL)screenname "DEFAULT"$(DL) >> $@
 endif
-ifeq ($(DB),DEBUG)
+ifneq ($(DB),NDEBUG)
 	@echo $(DL)debug$(DL) >> $@
 endif
 	@echo $(DL)threadname "$(TARGET)"$(DL) >> $@
@@ -316,72 +335,96 @@ config.h: Makefile.netware
 	@echo $(DL)#ifndef NETWARE$(DL) >> $@
 	@echo $(DL)#error This $(notdir $@) is created for NetWare platform!$(DL) >> $@
 	@echo $(DL)#endif$(DL) >> $@
-	@echo $(DL)#define OS "i586-pc-NetWare"$(DL) >> $@
 	@echo $(DL)#define VERSION "$(LIBCURL_VERSION_STR)"$(DL) >> $@
 	@echo $(DL)#define PACKAGE_BUGREPORT "a suitable curl mailing list => http://curl.haxx.se/mail/"$(DL) >> $@
-	@echo $(DL)#define USE_MANUAL 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_DLFCN_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_DLOPEN 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
-	@echo $(DL)#define HAVE_FTRUNCATE 1$(DL) >> $@
-	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_GETTIMEOFDAY 1$(DL) >> $@
-	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
-	@echo $(DL)#define HAVE_INET_PTON 1$(DL) >> $@
-	@echo $(DL)#define HAVE_INTTYPES_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_LIMITS_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_LONGLONG 1$(DL) >> $@
-	@echo $(DL)#define HAVE_MALLOC_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_NETINET_IN_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_RECV 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SELECT 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SEND 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SETJMP_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SIGNAL 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SIGNAL_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SIG_ATOMIC_T 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SOCKET 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STDLIB_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRDUP 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRFTIME 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRING_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRSTR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_STAT_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_TIME_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_TIME_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_UNAME 1$(DL) >> $@
-	@echo $(DL)#define HAVE_UNISTD_H 1$(DL) >> $@
+ifeq ($(LIBARCH),CLIB)
+	@echo $(DL)#define OS "i586-pc-clib-NetWare"$(DL) >> $@
+	@echo $(DL)#define NETDB_USE_INTERNET 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRICMP 1$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG2 char *$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_RETV int$(DL) >> $@
-	@echo $(DL)#define RETSIGTYPE void$(DL) >> $@
 	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG2 char *$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
-	@echo $(DL)#define SIZEOF_CURL_OFF_T 4$(DL) >> $@
-	@echo $(DL)#define STDC_HEADERS 1$(DL) >> $@
-	@echo $(DL)#define TIME_WITH_SYS_TIME 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
+	@echo $(DL)#define socklen_t int$(DL) >> $@
+	@echo $(DL)#define pressanykey PressAnyKeyToContinue$(DL) >> $@
+else
+	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
+	@echo $(DL)#define HAVE_DLFCN_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_DLOPEN 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FTRUNCATE 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GETTIMEOFDAY 1$(DL) >> $@
+	@echo $(DL)#define HAVE_INET_PTON 1$(DL) >> $@
+	@echo $(DL)#define HAVE_INTTYPES_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_LIMITS_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_LONGLONG 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG2 void *$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG3 size_t$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_RETV ssize_t$(DL) >> $@
+	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG2 void *$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG3 size_t$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
+	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 ifdef ENABLE_IPV6
 	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
 endif
+endif
+	@echo $(DL)#define USE_MANUAL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
+	@echo $(DL)#define HAVE_LL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_LOCALE_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_MALLOC_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_NETINET_IN_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_RECV 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SELECT 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SEND 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SETJMP_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SETLOCALE 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SIGNAL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SIGNAL_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SIG_ATOMIC_T 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SOCKET 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STDLIB_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRDUP 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRFTIME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRING_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRSTR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_STAT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SYS_TIME_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_TIME_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_UNAME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_UNISTD_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME 1$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME_H 1$(DL) >> $@
+	@echo $(DL)#define RETSIGTYPE void$(DL) >> $@
+	@echo $(DL)#define SIZEOF_CURL_OFF_T 4$(DL) >> $@
+	@echo $(DL)#define STDC_HEADERS 1$(DL) >> $@
+	@echo $(DL)#define TIME_WITH_SYS_TIME 1$(DL) >> $@
 ifdef NW_WINSOCK
 	@echo $(DL)#define HAVE_CLOSESOCKET 1$(DL) >> $@
 else
@@ -427,4 +470,7 @@ hugehelp.c:
 	@echo Creating $@
 	@$(CP) hugehelp.c.cvs $@

- 
+$(ARES_LIB)/libcares.$(LIBEXT):
+	$(MAKE) -C $(ARES_LIB) -f Makefile.netware lib
+
+
--- a/src/getpass.c
+++ b/src/getpass.c
@@ -126,11 +126,40 @@ char *getpass_r(const char *prompt, char *buffer, size_t buflen)

 #ifdef NETWARE
 /* NetWare implementation */
+#ifdef __NOVELL_LIBC__
 #include <screen.h>
 char *getpass_r(const char *prompt, char *buffer, size_t buflen)
 {
  return getpassword(prompt, buffer, buflen);
 }
+#else
+#include <nwconio.h>
+char *getpass_r(const char *prompt, char *buffer, size_t buflen)
+{
+  size_t i = 0;
+
+  printf("%s", prompt);
+  do {
+    buffer[i++] = getch();
+    if (buffer[i-1] == '\b') {
+      /* remove this letter and if this is not the first key,
+         remove the previous one as well */
+      if (i > 1) {   
+        printf("\b \b");
+        i = i - 2;
+      } else {
+        RingTheBell();
+        i = i - 1;
+      }
+    } else if (buffer[i-1] != 13) {
+      putchar('*');
+    }
+  } while ((buffer[i-1] != 13) && (i < buflen));
+  buffer[i-1] = 0;
+  printf("\r\n");
+  return buffer;
+}
+#endif /* __NOVELL_LIBC__ */
 #define DONE
 #endif /* NETWARE */

--- a/src/main.c
+++ b/src/main.c
@@ -47,8 +47,13 @@

 #define CURLseparator   "--_curl_--"

+#ifdef NETWARE
 #ifdef __NOVELL_LIBC__
 #include <screen.h>
+#else
+#include <nwconio.h>
+#define mkdir mkdir_510
+#endif
 #endif

 #include "version.h"
@@ -406,7 +411,7 @@ struct Configurable {
  bool list_engines;
  bool crlf;
  char *customrequest;
-  char *krb4level;
+  char *krblevel;
  char *trace_dump; /* file to dump the network trace to, or NULL */
  FILE *trace_stream;
  bool trace_fopened;
@@ -660,7 +665,7 @@ static void help(void)
    " -I/--head          Show document info only",
    " -j/--junk-session-cookies Ignore session cookies read from file (H)",
    "    --interface <interface> Specify network interface/address to use",
-    "    --krb4 <level>  Enable krb4 with specified security level (F)",
+    "    --krb <level>   Enable kerberos with specified security level (F)",
    " -k/--insecure      Allow connections to SSL sites without certs (H)",
    " -K/--config        Specify which config file to read",
    "    --libcurl <file> Dump libcurl equivalent code of this command line",
@@ -731,7 +736,7 @@ static void help(void)
  };
  for(i=0; helptext[i]; i++) {
    puts(helptext[i]);
-#ifdef __NOVELL_LIBC__
+#ifdef NETWARE
    if (i && ((i % 23) == 0))
      pressanykey();
 #endif
@@ -1471,7 +1476,8 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
    {"*u", "crlf",        FALSE},
    {"*v", "stderr",      TRUE},
    {"*w", "interface",   TRUE},
-    {"*x", "krb4",        TRUE},
+    {"*x", "krb" ,        TRUE},
+    {"*x", "krb4" ,       TRUE}, /* this is the previous name */
    {"*y", "max-filesize", TRUE},
    {"*z", "disable-eprt", FALSE},
    {"$a", "ftp-ssl",    FALSE},
@@ -1804,10 +1810,10 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
        /* interface */
        GetStr(&config->iface, nextarg);
        break;
-      case 'x': /* --krb4 */
-        /* krb4 level string */
-        if(curlinfo->features & CURL_VERSION_KERBEROS4)
-          GetStr(&config->krb4level, nextarg);
+      case 'x': /* --krb */
+        /* kerberos level string */
+        if(curlinfo->features & (CURL_VERSION_KERBEROS4 | CURL_VERSION_GSSNEGOTIATE))
+          GetStr(&config->krblevel, nextarg);
        else
          return PARAM_LIBCURL_DOESNT_SUPPORT;
        break;
@@ -3255,8 +3261,8 @@ static void free_config_fields(struct Configurable *config)
    free(config->cookie);
  if(config->cookiefile)
    free(config->cookiefile);
-  if(config->krb4level)
-    free(config->krb4level);
+  if(config->krblevel)
+    free(config->krblevel);
  if(config->headerfile)
    free(config->headerfile);
  if(config->ftpport)
@@ -3354,13 +3360,15 @@ output_expected(const char* url, const char* uploadfile)
  return FALSE; /* non-HTTP upload, probably no output should be expected */
 }

-#define my_setopt(x,y,z) _my_setopt(x, #y, y, z)
+#define my_setopt(x,y,z) _my_setopt(x, config, #y, y, z)

 static struct curl_slist *easycode;

-CURLcode _my_setopt(CURL *curl, const char *name, CURLoption tag, ...);
+CURLcode _my_setopt(CURL *curl, struct Configurable *config, const char *name,
+                    CURLoption tag, ...);

-CURLcode _my_setopt(CURL *curl, const char *name, CURLoption tag, ...)
+CURLcode _my_setopt(CURL *curl, struct Configurable *config, const char *name,
+                    CURLoption tag, ...)
 {
  va_list arg;
  CURLcode ret;
@@ -3409,14 +3417,18 @@ CURLcode _my_setopt(CURL *curl, const char *name, CURLoption tag, ...)
    ret = curl_easy_setopt(curl, tag, oval);
  }

-  bufp = curl_maprintf("%scurl_easy_setopt(hnd, %s, %s);%s",
-                       remark?"/* ":"", name, value,
-                       remark?" [REMARK] */":"");
+  if(config->libcurl) {
+    /* we only use this for real if --libcurl was used */

-  if (!bufp || !curl_slist_append(easycode, bufp))
-    ret = CURLE_OUT_OF_MEMORY;
-  if (bufp)
-    curl_free(bufp);
+    bufp = curl_maprintf("%scurl_easy_setopt(hnd, %s, %s);%s",
+                         remark?"/* ":"", name, value,
+                         remark?" [REMARK] */":"");
+
+    if (!bufp || !curl_slist_append(easycode, bufp))
+      ret = CURLE_OUT_OF_MEMORY;
+    if (bufp)
+      curl_free(bufp);
+  }
  va_end(arg);

  return ret;
@@ -4210,7 +4222,7 @@ operate(struct Configurable *config, int argc, argv_item_t argv[])
        /* three new ones in libcurl 7.3: */
        my_setopt(curl, CURLOPT_HTTPPROXYTUNNEL, config->proxytunnel);
        my_setopt(curl, CURLOPT_INTERFACE, config->iface);
-        my_setopt(curl, CURLOPT_KRB4LEVEL, config->krb4level);
+        my_setopt(curl, CURLOPT_KRBLEVEL, config->krblevel);

        progressbarinit(&progressbar, config);
        if((config->progressmode == CURL_PROGRESS_BAR) &&
--- a/src/setup.h
+++ b/src/setup.h
@@ -176,6 +176,10 @@ int fileno( FILE *stream);
 #define typedef_bool
 #endif

+#if (defined(NETWARE) && !defined(__NOVELL_LIBC__))
+#include <sys/timeval.h>
+#endif
+
 #ifndef SIZEOF_CURL_OFF_T
 #define SIZEOF_CURL_OFF_T sizeof(curl_off_t)
 #endif
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -46,9 +46,9 @@ TEST_F =
 TEST_T =
 else # if not cross-compiling:
 TEST = srcdir=$(srcdir) $(PERL) $(PERLFLAGS) $(srcdir)/runtests.pl
-TEST_Q = -s -a
+TEST_Q = -a -s
 TEST_F = -a -p
-TEST_T = -t
+TEST_T = -a -t
 endif

 test: all
--- a/tests/data/DISABLED
+++ b/tests/data/DISABLED
@@ -4,3 +4,4 @@
 # per line.
 # Lines starting with '#' letters are treated as comments.
 #230
+351
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -41,4 +41,5 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46	   \
 test603 test401 test402 test290 test291 test292 test293 test403 test404   \
 test405 test604 test605 test606 test607 test608 test609 test294 test295   \
 test296 test297 test298 test610 test611 test612 test406 test407 test408   \
- test409 test613 test614 test700 test701 test702 test704 test705 test703
+ test409 test613 test614 test700 test701 test702 test704 test705 test703   \
+ test706 test707 test350 test351 test352 test353
--- a/tests/data/test282
+++ b/tests/data/test282
@@ -10,7 +10,7 @@ HTTP GET
 # Server-side
 <reply>
 <data>
-HTTP/1.1 200 OK
+HTTP/1.1 200 OK swsclose

 </data>
 </reply>
--- a/tests/data/test350
+++ b/tests/data/test350
@@ -0,0 +1,57 @@
+<testcase>
+<info>
+<keywords>
+FTP
+PASV
+LIST
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+# When doing LIST, we get the default list output hard-coded in the test
+# FTP server
+<datacheck>
+total 20
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 .
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 ..
+drwxr-xr-x   2 98       98           512 May  2  1996 .NeXT
+-r--r--r--   1 0        1             35 Jul 16  1996 README
+lrwxrwxrwx   1 0        1              7 Dec  9  1999 bin -> usr/bin
+dr-xr-xr-x   2 0        1            512 Oct  1  1997 dev
+drwxrwxrwx   2 98       98           512 May 29 16:04 download.html
+dr-xr-xr-x   2 0        1            512 Nov 30  1995 etc
+drwxrwxrwx   2 98       1            512 Oct 30 14:33 pub
+dr-xr-xr-x   5 0        1            512 Oct  1  1997 usr
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+</server>
+ <name>
+FTP root dir list multicwd
+ </name>
+ <command>
+ftp://%HOSTIP:%FTPPORT// --ftp-method multicwd
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS ftp@example.com
+PWD
+CWD /
+EPSV
+TYPE A
+LIST
+QUIT
+</protocol>
+</verify>
+</testcase>
--- a/tests/data/test351
+++ b/tests/data/test351
@@ -0,0 +1,56 @@
+<testcase>
+<info>
+<keywords>
+FTP
+PASV
+LIST
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+# When doing LIST, we get the default list output hard-coded in the test
+# FTP server
+<datacheck>
+total 20
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 .
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 ..
+drwxr-xr-x   2 98       98           512 May  2  1996 .NeXT
+-r--r--r--   1 0        1             35 Jul 16  1996 README
+lrwxrwxrwx   1 0        1              7 Dec  9  1999 bin -> usr/bin
+dr-xr-xr-x   2 0        1            512 Oct  1  1997 dev
+drwxrwxrwx   2 98       98           512 May 29 16:04 download.html
+dr-xr-xr-x   2 0        1            512 Nov 30  1995 etc
+drwxrwxrwx   2 98       1            512 Oct 30 14:33 pub
+dr-xr-xr-x   5 0        1            512 Oct  1  1997 usr
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+</server>
+ <name>
+FTP root dir list nocwd
+ </name>
+ <command>
+ftp://%HOSTIP:%FTPPORT// --ftp-method nocwd
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS ftp@example.com
+PWD
+EPSV
+TYPE A
+LIST /
+QUIT
+</protocol>
+</verify>
+</testcase>
--- a/tests/data/test352
+++ b/tests/data/test352
@@ -0,0 +1,57 @@
+<testcase>
+<info>
+<keywords>
+FTP
+PASV
+LIST
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+# When doing LIST, we get the default list output hard-coded in the test
+# FTP server
+<datacheck>
+total 20
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 .
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 ..
+drwxr-xr-x   2 98       98           512 May  2  1996 .NeXT
+-r--r--r--   1 0        1             35 Jul 16  1996 README
+lrwxrwxrwx   1 0        1              7 Dec  9  1999 bin -> usr/bin
+dr-xr-xr-x   2 0        1            512 Oct  1  1997 dev
+drwxrwxrwx   2 98       98           512 May 29 16:04 download.html
+dr-xr-xr-x   2 0        1            512 Nov 30  1995 etc
+drwxrwxrwx   2 98       1            512 Oct 30 14:33 pub
+dr-xr-xr-x   5 0        1            512 Oct  1  1997 usr
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+</server>
+ <name>
+FTP root dir list singlecwd
+ </name>
+ <command>
+ftp://%HOSTIP:%FTPPORT// --ftp-method singlecwd
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS ftp@example.com
+PWD
+CWD /
+EPSV
+TYPE A
+LIST
+QUIT
+</protocol>
+</verify>
+</testcase>
--- a/tests/data/test353
+++ b/tests/data/test353
@@ -0,0 +1,56 @@
+<testcase>
+<info>
+<keywords>
+FTP
+PASV
+LIST
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+# When doing LIST, we get the default list output hard-coded in the test
+# FTP server
+<datacheck>
+total 20
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 .
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 ..
+drwxr-xr-x   2 98       98           512 May  2  1996 .NeXT
+-r--r--r--   1 0        1             35 Jul 16  1996 README
+lrwxrwxrwx   1 0        1              7 Dec  9  1999 bin -> usr/bin
+dr-xr-xr-x   2 0        1            512 Oct  1  1997 dev
+drwxrwxrwx   2 98       98           512 May 29 16:04 download.html
+dr-xr-xr-x   2 0        1            512 Nov 30  1995 etc
+drwxrwxrwx   2 98       1            512 Oct 30 14:33 pub
+dr-xr-xr-x   5 0        1            512 Oct  1  1997 usr
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+</server>
+ <name>
+FTP home dir list singlecwd
+ </name>
+ <command>
+ftp://%HOSTIP:%FTPPORT/ --ftp-method singlecwd
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS ftp@example.com
+PWD
+EPSV
+TYPE A
+LIST
+QUIT
+</protocol>
+</verify>
+</testcase>
--- a/tests/data/test506
+++ b/tests/data/test506
@@ -90,60 +90,66 @@ lock:   dns    <Pigs in space>: 16
 unlock: dns    <Pigs in space>: 17
 lock:   cookie <Pigs in space>: 18
 unlock: cookie <Pigs in space>: 19
-*** run 2
-CURLOPT_SHARE
 lock:   share  <Pigs in space>: 20
 unlock: share  <Pigs in space>: 21
+*** run 2
+CURLOPT_SHARE
+lock:   share  <Pigs in space>: 22
+unlock: share  <Pigs in space>: 23
 PERFORM
-lock:   dns    <Pigs in space>: 22
-unlock: dns    <Pigs in space>: 23
 lock:   dns    <Pigs in space>: 24
 unlock: dns    <Pigs in space>: 25
-lock:   cookie <Pigs in space>: 26
-unlock: cookie <Pigs in space>: 27
+lock:   dns    <Pigs in space>: 26
+unlock: dns    <Pigs in space>: 27
 lock:   cookie <Pigs in space>: 28
 unlock: cookie <Pigs in space>: 29
 lock:   cookie <Pigs in space>: 30
 unlock: cookie <Pigs in space>: 31
+lock:   cookie <Pigs in space>: 32
+unlock: cookie <Pigs in space>: 33
 run 2: set cookie 4 and 5
-lock:   dns    <Pigs in space>: 32
-unlock: dns    <Pigs in space>: 33
-CLEANUP
 lock:   dns    <Pigs in space>: 34
 unlock: dns    <Pigs in space>: 35
-lock:   cookie <Pigs in space>: 36
-unlock: cookie <Pigs in space>: 37
+CLEANUP
+lock:   dns    <Pigs in space>: 36
+unlock: dns    <Pigs in space>: 37
+lock:   cookie <Pigs in space>: 38
+unlock: cookie <Pigs in space>: 39
+lock:   share  <Pigs in space>: 40
+unlock: share  <Pigs in space>: 41
 *** run 3
 CURLOPT_SHARE
-lock:   share  <Pigs in space>: 38
-unlock: share  <Pigs in space>: 39
+lock:   share  <Pigs in space>: 42
+unlock: share  <Pigs in space>: 43
 CURLOPT_COOKIEJAR
 PERFORM
-lock:   dns    <Pigs in space>: 40
-unlock: dns    <Pigs in space>: 41
-lock:   dns    <Pigs in space>: 42
-unlock: dns    <Pigs in space>: 43
-lock:   cookie <Pigs in space>: 44
-unlock: cookie <Pigs in space>: 45
-lock:   cookie <Pigs in space>: 46
-unlock: cookie <Pigs in space>: 47
+lock:   dns    <Pigs in space>: 44
+unlock: dns    <Pigs in space>: 45
+lock:   dns    <Pigs in space>: 46
+unlock: dns    <Pigs in space>: 47
 lock:   cookie <Pigs in space>: 48
 unlock: cookie <Pigs in space>: 49
+lock:   cookie <Pigs in space>: 50
+unlock: cookie <Pigs in space>: 51
+lock:   cookie <Pigs in space>: 52
+unlock: cookie <Pigs in space>: 53
 run 3: overwrite cookie 1 and 4
-lock:   dns    <Pigs in space>: 50
-unlock: dns    <Pigs in space>: 51
-try SHARE_CLEANUP...
-lock:   share  <Pigs in space>: 52
-unlock: share  <Pigs in space>: 53
-SHARE_CLEANUP failed, correct
-CLEANUP
 lock:   dns    <Pigs in space>: 54
 unlock: dns    <Pigs in space>: 55
-lock:   cookie <Pigs in space>: 56
-unlock: cookie <Pigs in space>: 57
+try SHARE_CLEANUP...
+lock:   share  <Pigs in space>: 56
+unlock: share  <Pigs in space>: 57
+SHARE_CLEANUP failed, correct
+CLEANUP
+lock:   dns    <Pigs in space>: 58
+unlock: dns    <Pigs in space>: 59
+lock:   cookie <Pigs in space>: 60
+unlock: cookie <Pigs in space>: 61
+lock:   share  <Pigs in space>: 62
+unlock: share  <Pigs in space>: 63
 SHARE_CLEANUP
-lock:   share  <Pigs in space>: 58
-unlock: share  <Pigs in space>: 59
+lock:   share  <Pigs in space>: 64
+unlock: share  <Pigs in space>: 65
 GLOBAL_CLEANUP
 </stdout>
 <stderr>
--- a/tests/data/test706
+++ b/tests/data/test706
@@ -0,0 +1,59 @@
+<testcase>
+#based off test 100
+<info>
+<keywords>
+FTP
+PASV
+LIST
+SOCKS4
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+# When doing LIST, we get the default list output hard-coded in the test
+# FTP server
+<datacheck>
+total 20
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 .
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 ..
+drwxr-xr-x   2 98       98           512 May  2  1996 .NeXT
+-r--r--r--   1 0        1             35 Jul 16  1996 README
+lrwxrwxrwx   1 0        1              7 Dec  9  1999 bin -> usr/bin
+dr-xr-xr-x   2 0        1            512 Oct  1  1997 dev
+drwxrwxrwx   2 98       98           512 May 29 16:04 download.html
+dr-xr-xr-x   2 0        1            512 Nov 30  1995 etc
+drwxrwxrwx   2 98       1            512 Oct 30 14:33 pub
+dr-xr-xr-x   5 0        1            512 Oct  1  1997 usr
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+socks4
+</server>
+ <name>
+FTP dir list PASV via SOCKS4
+ </name>
+ <command>
+--socks4 %HOSTIP:%SOCKSPORT ftp://%HOSTIP:%FTPPORT/
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS ftp@example.com
+PWD
+EPSV
+TYPE A
+LIST
+QUIT
+</protocol>
+</verify>
+</testcase>
--- a/tests/data/test707
+++ b/tests/data/test707
@@ -0,0 +1,59 @@
+<testcase>
+#based off test 100
+<info>
+<keywords>
+FTP
+PASV
+LIST
+SOCKS5
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+# When doing LIST, we get the default list output hard-coded in the test
+# FTP server
+<datacheck>
+total 20
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 .
+drwxr-xr-x   8 98       98           512 Oct 22 13:06 ..
+drwxr-xr-x   2 98       98           512 May  2  1996 .NeXT
+-r--r--r--   1 0        1             35 Jul 16  1996 README
+lrwxrwxrwx   1 0        1              7 Dec  9  1999 bin -> usr/bin
+dr-xr-xr-x   2 0        1            512 Oct  1  1997 dev
+drwxrwxrwx   2 98       98           512 May 29 16:04 download.html
+dr-xr-xr-x   2 0        1            512 Nov 30  1995 etc
+drwxrwxrwx   2 98       1            512 Oct 30 14:33 pub
+dr-xr-xr-x   5 0        1            512 Oct  1  1997 usr
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftp
+socks5
+</server>
+ <name>
+FTP dir list PASV via SOCKS5
+ </name>
+ <command>
+--socks5 %HOSTIP:%SOCKSPORT ftp://%HOSTIP:%FTPPORT/
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<protocol>
+USER anonymous
+PASS ftp@example.com
+PWD
+EPSV
+TYPE A
+LIST
+QUIT
+</protocol>
+</verify>
+</testcase>
--- a/tests/memanalyze.pl
+++ b/tests/memanalyze.pl
@@ -237,7 +237,7 @@ while(<FILE>) {
        $linenum = $2;
        $function = $3;

-        if($function =~ /fopen\(\"([^\"]*)\",\"([^\"]*)\"\) = (\(nil\)|0x([0-9a-f]*))/) {
+        if($function =~ /f[d]*open\(\"([^\"]*)\",\"([^\"]*)\"\) = (\(nil\)|0x([0-9a-f]*))/) {
            if($3 eq "(nil)") {
                ;
            }
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -113,7 +113,7 @@ if($valgrind) {
    if (($? >> 8)==0) {
        $valgrind_tool="--tool=memcheck ";
    }
-    open(C, "<", $CURL);
+    open(C, "<$CURL");
    my $l = <C>;
    if($l =~ /^\#\!/) {
        # The first line starts with "#!" which implies a shell-script.
@@ -273,17 +273,12 @@ sub startnew {
    if(0 == $child) {
        # Here we are the child. Run the given command.

-        # Calling exec() within a pseudo-process actually spawns the requested
-        # executable in a separate process and waits for it to complete before
-        # exiting with the same exit status as that process.  This means that
-        # the process ID reported within the running executable will be
-        # different from what the earlier Perl fork() might have returned.
+        # Put an "exec" in front of the command so that the child process
+        # keeps this child's process ID.
+        exec("exec $cmd") || die "Can't exec() $cmd: $!";

        # exec() should never return back here to this process. We protect
-        # ourselfs calling die() just in case something goes really bad.
-
-        exec($cmd) || die "Can't exec() $cmd: $!";
-
+        # ourselves by calling die() just in case something goes really bad.
        die "error: exec() has returned";
    }

@@ -291,11 +286,11 @@ sub startnew {
    # Ugly hack but ssh doesn't support pid files
    if ($fake) {
        logmsg "$pidfile faked with pid=$child\n" if($verbose);
-        open(OUT, ">", $pidfile);
-        print OUT $child;
+        open(OUT, ">$pidfile");
+        print OUT $child . "\n";
        close(OUT);
 	# could/should do a while connect fails sleep a bit and loop
-	sleep 1;
+	sleep 5;
        if (checkdied($child)) {
            logmsg "startnew: Warning: child process has failed to start\n" if($verbose);
            return (-1,-1);
@@ -304,7 +299,7 @@ sub startnew {
    my $count=12;
    while($count--) {
        if(-f $pidfile) {
-            open(PID, "<", $pidfile);
+            open(PID, "<$pidfile");
            $pid2 = 0 + <PID>;
            close(PID);
            if($pid2 && kill(0, $pid2)) {
@@ -326,6 +321,9 @@ sub startnew {
        sleep(1);
    }

+    # Return two PIDs, the one for the child process we spawned and the one
+    # reported by the server itself (in case it forked again on its own).
+    # Both (potentially) need to be killed at the end of the test.
    return ($child, $pid2);
 }

@@ -521,7 +519,7 @@ sub verifyhttp {
            }
        }
    }
-    open(FILE, "<", "log/verifiedserver");
+    open(FILE, "<log/verifiedserver");
    my @file=<FILE>;
    close(FILE);
    $data=$file[0]; # first line
@@ -590,7 +588,7 @@ sub verifyftp {

 sub verifyssh {
    my ($proto, $ip, $port) = @_;
-    open(FILE, "<" . $SSHPIDFILE);
+    open(FILE, "<$SSHPIDFILE");
    my $pid=0+<FILE>;
    close(FILE);
    return $pid;
@@ -601,7 +599,7 @@ sub verifyssh {

 sub verifysocks {
    my ($proto, $ip, $port) = @_;
-    open(FILE, "<" . $SOCKSPIDFILE);
+    open(FILE, "<$SOCKSPIDFILE");
    my $pid=0+<FILE>;
    close(FILE);
    return $pid;
@@ -609,7 +607,9 @@ sub verifysocks {

 #######################################################################
 # Verify that the server that runs on $ip, $port is our server.
-# Retry during 5 seconds before giving up.
+# Retry over several seconds before giving up.  The ssh server in
+# particular can take a long time to start if it needs to generate
+# keys on a slow or loaded host.
 #

 my %protofunc = ('http' => \&verifyhttp,
@@ -623,7 +623,7 @@ my %protofunc = ('http' => \&verifyhttp,
 sub verifyserver {
    my ($proto, $ip, $port) = @_;

-    my $count = 5; # try for this many seconds
+    my $count = 30; # try for this many seconds
    my $pid;

    while($count--) {
@@ -678,7 +678,7 @@ sub runhttpserver {
    my ($httppid, $pid2) =
        startnew($cmd, $pidfile,0); # start the server in a new process

-    if(!kill(0, $httppid)) {
+    if($httppid <= 0 || !kill(0, $httppid)) {
        # it is NOT alive
        logmsg "RUN: failed to start the HTTP server\n";
        stopservers($verbose);
@@ -732,7 +732,7 @@ sub runhttpsserver {

    my ($httpspid, $pid2) = startnew($cmd, $HTTPSPIDFILE,0);

-    if(!kill(0, $httpspid)) {
+    if($httpspid <= 0 || !kill(0, $httpspid)) {
        # it is NOT alive
        logmsg "RUN: failed to start the HTTPS server\n";
        stopservers($verbose);
@@ -798,7 +798,7 @@ sub runftpserver {

    my ($ftppid, $pid2) = startnew($cmd, $pidfile,0);

-    if(!$ftppid || !kill(0, $ftppid)) {
+    if($ftppid <= 0 || !kill(0, $ftppid)) {
        # it is NOT alive
        logmsg "RUN: failed to start the FTP$id$nameext server\n";
        return -1;
@@ -851,7 +851,7 @@ sub runftpsserver {

    my ($ftpspid, $pid2) = startnew($cmd, $FTPSPIDFILE,0);

-    if(!kill(0, $ftpspid)) {
+    if($ftpspid <= 0 || !kill(0, $ftpspid)) {
        # it is NOT alive
        logmsg "RUN: failed to start the FTPS server\n";
        stopservers($verbose);
@@ -917,7 +917,7 @@ sub runtftpserver {

    my ($tftppid, $pid2) = startnew($cmd, $pidfile,0);

-    if(!$tftppid || !kill(0, $tftppid)) {
+    if($tftppid <= 0 || !kill(0, $tftppid)) {
        # it is NOT alive
        logmsg "RUN: failed to start the FTP$id$nameext server\n";
        return -1;
@@ -960,7 +960,7 @@ sub runsshserver {
    my ($sshpid, $pid2) =
        startnew($cmd, $pidfile,0); # start the server in a new process

-    if(!$sshpid || !kill(0, $sshpid)) {
+    if($sshpid <= 0 || !kill(0, $sshpid)) {
        # it is NOT alive
        logmsg "RUN: failed to start the SSH server\n";
        # failed to talk to it properly. Kill the server and return failure
@@ -989,7 +989,7 @@ sub runsocksserver {
    my $pidfile = $SOCKSPIDFILE;

    my $flag=$debugprotocol?"-v ":"";
-    my $cmd="ssh -D ${HOSTIP}:$SOCKSPORT -N -F curl_ssh_config ${USER}\@${HOSTIP} -p ${SSHPORT} >log/ssh.log 2>&1";
+    my $cmd="ssh -D ${HOSTIP}:$SOCKSPORT -N -F curl_ssh_config ${USER}\@${HOSTIP} -p ${SSHPORT} -vv >log/ssh.log 2>&1";
    my ($sshpid, $pid2) =
        startnew($cmd, $pidfile,1); # start the server in a new process

@@ -1043,10 +1043,10 @@ sub filteroff {
    my $filter=$_[1];
    my $ofile=$_[2];

-    open(IN, "<", $infile)
+    open(IN, "<$infile")
        || return 1;

-    open(OUT, ">", $ofile)
+    open(OUT, ">$ofile")
        || return 1;

    # logmsg "FILTER: off $filter from $infile to $ofile\n";
@@ -1107,7 +1107,7 @@ sub checksystem {
    $versretval = system($versioncmd);
    $versnoexec = $!;

-    open(VERSOUT, "<", $curlverout);
+    open(VERSOUT, "<$curlverout");
    @version = <VERSOUT>;
    close(VERSOUT);

@@ -1259,7 +1259,7 @@ sub checksystem {
    }

    if(-r "../lib/config.h") {
-        open(CONF, "<", "../lib/config.h");
+        open(CONF, "<../lib/config.h");
        while(<CONF>) {
            if($_ =~ /^\#define HAVE_GETRLIMIT/) {
                $has_getrlimit = 1;
@@ -1634,7 +1634,7 @@ sub singletest {
        my $fileContent = join('', @inputfile);
        subVariables \$fileContent;
 #        logmsg "DEBUG: writing file " . $filename . "\n";
-        open(OUTFILE, ">", $filename);
+        open(OUTFILE, ">$filename");
        binmode OUTFILE; # for crapage systems, use binary
        print OUTFILE $fileContent;
        close(OUTFILE);
@@ -1715,7 +1715,7 @@ sub singletest {
    }

    if($gdbthis) {
-        open(GDBCMD, ">", "log/gdbcmd");
+        open(GDBCMD, ">log/gdbcmd");
        print GDBCMD "set args $cmdargs\n";
        print GDBCMD "show args\n";
        close(GDBCMD);
@@ -1752,7 +1752,7 @@ sub singletest {
        logmsg "core dumped\n";
        if(0 && $gdb) {
            logmsg "running gdb for post-mortem analysis:\n";
-            open(GDBCMD, ">", "log/gdbcmd2");
+            open(GDBCMD, ">log/gdbcmd2");
            print GDBCMD "bt\n";
            close(GDBCMD);
            system("$gdb --directory libtest -x log/gdbcmd2 -batch $DBGCURL core ");
@@ -2263,18 +2263,17 @@ sub startservers {
                if (!checkcmd("ssh")) {
                   return "failed to find SSH client for socks support";
 		}
-                if ($what eq "socks5") {
-		   my $sshversion=`ssh -V 2>&1`;
-                   if ($sshversion =~ /SSH_(\d+)\.(\d+)/i) {
+            	if(!$run{'socks'}) {
+		    my $sshversion=`ssh -V 2>&1`;
+                    if ($sshversion =~ /SSH_(\d+)\.(\d+)/i) {
                       if ($1*10+$2 < 37) {
 		       # need 3.7 for socks5 - http://www.openssh.com/txt/release-3.7
                           return "ssh version ($1.$2) insufficient; need at least 3.7";
 		       }
-                   } else {
+                    } else {
                       return "Unsupported ssh client\n";
-                   }
-		}
-            	if(!$run{'socks'}) {
+                    }
+
                    ($pid, $pid2) = runsocksserver("", $verbose);
                    if($pid <= 0) {
                        return "failed starting socks server";
@@ -2466,7 +2465,7 @@ if($valgrind) {
 }

 # open the executable curl and read the first 4 bytes of it
-open(CHECK, "<", $CURL);
+open(CHECK, "<$CURL");
 my $c;
 sysread CHECK, $c, 4;
 close(CHECK);
@@ -2514,7 +2513,7 @@ if ( $TESTCASES eq "all") {
    my @cmds = grep { /^test([0-9]+)$/ && -f "$TESTDIR/$_" } readdir(DIR);
    closedir(DIR);

-    open(D, "$TESTDIR/DISABLED");
+    open(D, "<$TESTDIR/DISABLED");
    while(<D>) {
        if(/^ *\#/) {
            # allow comments
@@ -2549,7 +2548,7 @@ if ( $TESTCASES eq "all") {
 #######################################################################
 # Start the command line log
 #
-open(CMDLOG, ">", $CURLLOG) ||
+open(CMDLOG, ">$CURLLOG") ||
    logmsg "can't log command lines to $CURLLOG\n";

 #######################################################################
--- a/tests/sshserver.pl
+++ b/tests/sshserver.pl
@@ -25,7 +25,7 @@ if ($^O eq 'MSWin32' || $^O eq 'cygwin' || $^O eq 'msys' || $^O eq 'dos' || $^O
 }

 # Where to look for sftp-server
-my @sftppath=qw(/usr/lib/openssh /usr/libexec/openssh /usr/libexec /usr/local/libexec /opt/local/libexec /usr/lib/ssh /usr/libexec/ssh /usr/sbin /usr/lib /usr/lib/ssh/openssh /usr/lib64/ssh /usr/lib64/misc);
+my @sftppath=qw(/usr/lib/openssh /usr/libexec/openssh /usr/libexec /usr/local/libexec /opt/local/libexec /usr/lib/ssh /usr/libexec/ssh /usr/sbin /usr/lib /usr/lib/ssh/openssh /usr/lib64/ssh /usr/lib64/misc /usr/lib/misc);

 my $username = $ENV{USER};

@@ -147,11 +147,11 @@ if (! -e "curl_client_key.pub") {
    }
    # Make sure all files are gone so ssh-keygen doesn't complain
    unlink("curl_host_dsa_key", "curl_client_key","curl_host_dsa_key.pub", "curl_client_key.pub"); 
-    system "ssh-keygen -q -t dsa -f curl_host_dsa_key -C 'curl test server' -N ''" and die "Could not generate key";
-    system "ssh-keygen -q -t dsa -f curl_client_key -C 'curl test client' -N ''" and die "Could not generate key";
+    system "ssh-keygen -q -t dsa -f curl_host_dsa_key -C 'curl test server' -N ''" and die "Could not generate host key";
+    system "ssh-keygen -q -t dsa -f curl_client_key -C 'curl test client' -N ''" and die "Could not generate client key";
 }

-open(FILE, ">>", $conffile) || die "Could not write $conffile";
+open(FILE, ">>$conffile") || die "Could not write $conffile";
 print FILE <<EOFSSHD
 AllowUsers $username
 DenyUsers
@@ -205,20 +205,15 @@ if ($supports_ChReAu) {


 # Now, set up some configuration files for the ssh client
-open(DSAKEYFILE, "<", "curl_host_dsa_key.pub") || die 'Could not read curl_host_dsa_key.pub';
+open(DSAKEYFILE, "<curl_host_dsa_key.pub") || die 'Could not read curl_host_dsa_key.pub';
 my @dsahostkey = do { local $/ = ' '; <DSAKEYFILE> };
-close DSAKEYFILE || die "Could not close RSAKEYFILE";
+close DSAKEYFILE || die "Could not close DSAKEYFILE";

-open(RSAKEYFILE, "<", "curl_host_dsa_key.pub") || die 'Could not read curl_host_dsa_key.pub';
-my @rsahostkey = do { local $/ = ' '; <RSAKEYFILE> };
-close RSAKEYFILE || die "Could not close RSAKEYFILE";
-
-open(KNOWNHOSTS, ">", $knownhostsfile) || die "Could not write $knownhostsfile";
+open(KNOWNHOSTS, ">$knownhostsfile") || die "Could not write $knownhostsfile";
 print KNOWNHOSTS "[127.0.0.1]:$port ssh-dss $dsahostkey[1]\n" || die 'Could not write to KNOWNHOSTS';
-print KNOWNHOSTS "[127.0.0.1]:$port ssh-rsa $rsahostkey[1]\n" || die 'Could not write to KNOWNHOSTS';
 close KNOWNHOSTS || die "Could not close KNOWNHOSTS";

-open(SSHFILE, ">", $conffile_ssh) || die "Could not write $conffile_ssh";
+open(SSHFILE, ">$conffile_ssh") || die "Could not write $conffile_ssh";
 print SSHFILE <<EOFSSH
 IdentityFile $path/curl_client_key
 UserKnownHostsFile $path/$knownhostsfile
--- a/tests/testcurl.pl
+++ b/tests/testcurl.pl
@@ -477,6 +477,7 @@ if ($configurebuild) {
    mydie "configure didn't work";
  }
 } else {
+  logit "copying files to build dir ...";
  if (($^O eq 'MSWin32') && ($targetos !~ /netware/)) {
    system("xcopy /s /q ..\\$CURLDIR .");
    system("buildconf.bat");
Author	SHA1	Message	Date
Daniel Stenberg	4b1782c371	7.16.4 preps	2007-07-10 21:36:30 +00:00
Gunter Knauf	f84642197f	added better CodeWarrior detection (forgot to add with previos version).	2007-07-09 02:00:39 +00:00
Gunter Knauf	ec1b7a0eea	added better CodeWarrior detection; added defines for setlocale().	2007-07-08 23:19:24 +00:00
Gunter Knauf	4b0e48cb4e	added better CodeWarrior detection; moved autounload flag so that its used for both lib architectures.	2007-07-08 23:18:47 +00:00
Gunter Knauf	41df67fc2c	added better CodeWarrior detection.	2007-07-08 23:17:56 +00:00
Gunter Knauf	932d38323f	removed some obsolete include paths and defines.	2007-07-07 16:26:02 +00:00
Daniel Stenberg	74ad8516d7	Thomas J. Moore made it build with less warnings	2007-07-06 22:14:29 +00:00
Daniel Stenberg	ed4a16dbd1	Gavrie Philipson's change, updated numbers	2007-07-06 21:56:42 +00:00
Daniel Stenberg	e2bac4fe6f	add note about windows and dlls with CURLOPT_WRITEDATA	2007-07-06 20:14:03 +00:00
Gunter Knauf	836ffbfc22	fixed NetWare CLIB implementation of getpass_r()	2007-07-06 14:58:59 +00:00
James Housley	7fd4f82a45	Gavrie Philipson provided a patch that will use a more specific error message for an scp:// upload failure. If libssh2 has his matching patch, then the error message return by the server will be used instead of a more generic error.	2007-07-05 12:48:34 +00:00
Dan Fandrich	598bc3968e	Add -a when running torture tests now that it's supported.	2007-07-05 01:38:00 +00:00
James Housley	29357151af	Fix spelling error in error message	2007-07-04 22:54:29 +00:00
Gunter Knauf	6606ae6fe0	add test for gettimeofday() so that HAVE_GETTIMEOFDAY gets defined.	2007-07-04 17:20:19 +00:00
Gunter Knauf	9f21f74fbd	enabled ares build.	2007-07-04 13:45:46 +00:00
Gunter Knauf	3760180320	although the check for HAVE_STRUCT_TIMEVAL solved the redefine it is incorrect; lets see if a check for HAVE_GETTIMEOFDAY also works; if gettimeofday() is present then we can assume we have the timezone struct too.	2007-07-04 10:54:15 +00:00
Gunter Knauf	056af4c9ac	added check for sys/param.h.	2007-07-04 09:01:40 +00:00
Gunter Knauf	07bf3c86b6	trial to catch problem with Daniels cross-mingw ares builds.	2007-07-03 18:18:40 +00:00
Gunter Knauf	4182803bc2	added NetWare CLIB-own header to solve gcc warnings.	2007-07-03 16:21:57 +00:00
Gunter Knauf	7509ef6b4e	few minor changes to make ares compile for NetWare CLIB architecture.	2007-07-03 16:00:36 +00:00
Gunter Knauf	70f8068d4d	fixed rule to build libcares when needed.	2007-07-03 00:50:40 +00:00
Gunter Knauf	a7513a8521	changed to build for CLIB / LIBC.	2007-07-03 00:42:11 +00:00
Gunter Knauf	3f7e541415	added libcares to static build if ares enabled.	2007-07-03 00:12:03 +00:00
Daniel Stenberg	f7e9a21c53	contributors from the 7.16.3 release notes	2007-07-02 22:04:36 +00:00
Gunter Knauf	f1537d45ca	sync'd with lib makefile changes: use var for awk; fixed RECV* / SEND* defines; debug var can be overwritten; added better compiler path handling.	2007-07-02 18:50:18 +00:00
Gunter Knauf	5a051617f3	some more makefile tweaks and hacks to deal with both lib architectures.	2007-07-02 18:42:14 +00:00
James Housley	55cd28283c	Fix problem with the indenting noticed by Pavel	2007-07-02 17:22:51 +00:00
Gunter Knauf	924665c84c	ignore make error when trying to copy curl.pdf which isnt in CVS.	2007-07-01 22:17:07 +00:00
Daniel Stenberg	fcfffbe2f2	mention the old name	2007-07-01 22:03:47 +00:00
Daniel Stenberg	54967d2a3a	Thomas J. Moore provided a patch that introduces Kerberos5 support in libcurl. This also makes the options change name to --krb (from --krb4) and CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still	2007-07-01 22:01:18 +00:00
Daniel Stenberg	667fd9a60b	Song Ma helped me verify and extend a fix for doing FTP over a SOCKS4/5 proxy	2007-07-01 21:28:14 +00:00
Gunter Knauf	892a24f4c4	changed RECV_* / SEND_* defines to correctly reflect NetWare APIs; some more minor Makefile tidyups.	2007-07-01 21:06:41 +00:00
Gunter Knauf	f7676e9667	disabled 64bit type for CLIB build which removes compiler runtime dependency.	2007-07-01 16:55:37 +00:00
Gunter Knauf	8727803cf8	updated NetWare docu.	2007-07-01 12:09:25 +00:00
Gunter Knauf	73e13ef19d	added lib architecture to NLM description.	2007-07-01 01:33:51 +00:00
Gunter Knauf	e983cd5cd3	added HAVE_SYS_IOCTL_H define; added gcc runtime.	2007-06-30 23:53:54 +00:00
Gunter Knauf	ca3e5a6322	moved includes to setup.h so that the project headers also pick them up (eleminate gcc warning).	2007-06-30 23:45:57 +00:00
Gunter Knauf	c4931601c6	fixed path to Metrowerks tools and runtime since they changed between compiler versions.	2007-06-30 21:20:24 +00:00
Gunter Knauf	857492ac9e	minor patches to enable building for NetWare CLIB. sent by Dmitry Mityugov.	2007-06-30 20:16:03 +00:00
Gunter Knauf	afdfa4bed2	minor patches to enable building for NetWare CLIB. sent by Dmitry Mityugov.	2007-06-30 20:08:13 +00:00
Gunter Knauf	3fc6faf1ae	enabled building for NetWare CLIB architecture.	2007-06-30 20:02:51 +00:00
Gunter Knauf	c8a47bf662	revert previous patch since it turned out that older cp dont know this switch, argh!	2007-06-28 22:31:18 +00:00
James Housley	aed0cc6f2a	Using fdopen() is a more correct way to implement the CURLOPT_NEW_FILE_PREMS file.c, but the debug interface was missing. This adds the routines needed to make the memory debuging work for fdopen().	2007-06-28 11:11:29 +00:00
Daniel Stenberg	d500c468fc	reality sync	2007-06-28 10:47:05 +00:00
Gunter Knauf	5df5a2aa54	fixed nasty cp warnings about not beeing able to preserve ownership.	2007-06-28 01:20:30 +00:00
Daniel Stenberg	9ca688c8e7	James Bursa's improvement	2007-06-27 21:35:17 +00:00
Daniel Stenberg	8edbe262d9	fix little flaw that could make the transfer loop end prematurely	2007-06-27 21:29:29 +00:00
James Housley	4cd7f85410	Add two new options for the SFTP/SCP/FILE protocols: CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS. These control the premissions for files and directories created on the remote server. CURLOPT_NEW_FILE_PERMS defaults to 0644 and CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755	2007-06-27 20:15:48 +00:00
Gunter Knauf	edd35cab5c	removed trailing spaces.	2007-06-27 10:14:00 +00:00
Gunter Knauf	a2060effed	fixed wrong var name	2007-06-27 10:12:48 +00:00
Daniel Stenberg	33b9daaa4c	add an FTP rename example to 3.7	2007-06-26 21:53:46 +00:00
Daniel Stenberg	62f0f5571d	Robert Iakobashvili re-arranged the internal hash code to work with a custom hash function for different hashes, and also expanded the default size for the socket hash table used in multi handles to greatly enhance speed when very many connections are added and the socket API is used.	2007-06-26 21:09:28 +00:00
James Housley	7a360de49d	The results for a list only directory should be sent to the callback	2007-06-26 20:23:10 +00:00
James Housley	1be4557694	ftp_list_only mode should list all file types, not just directories.	2007-06-26 19:12:58 +00:00
Daniel Stenberg	6a21738704	gah, adding missing braces, removed silly debug output, added new debug output	2007-06-25 14:17:52 +00:00
Daniel Stenberg	974fa1242a	Adjusted how libcurl treats HTTP 1.1 responses without content-lenth or chunked encoding (that also lacks "Connection: close"). It now simply assumes that the connection WILL be closed to signal the end, as that is how RFC2616 section 4.4 point #5 says we should behave.	2007-06-25 13:58:14 +00:00
Daniel Stenberg	3dff58b3aa	fix the version string as well	2007-06-25 13:52:16 +00:00
Daniel Stenberg	abf8589f0d	start working towards 7.16.4	2007-06-25 09:34:44 +00:00
Daniel Stenberg	b8d006b9d7	7.16.3	2007-06-25 09:18:16 +00:00
Daniel Stenberg	af4edf10f5	As reported by "Tro" in http://curl.haxx.se/mail/lib-2007-06/0161.html and http://curl.haxx.se/mail/lib-2007-06/0238.html, libcurl didn't properly do no-body requests on FTP files on re-used connections properly, or at least it didn't provide the info back in the header callback properly in the subsequent requests.	2007-06-24 19:32:33 +00:00
Gunter Knauf	0f9e209534	added netware install target	2007-06-22 21:10:41 +00:00
Gunter Knauf	2aed8946b0	made debug flag settable from outside; add allways debug stuff when DB != NDEBUG	2007-06-22 21:10:17 +00:00
Daniel Stenberg	03b03f7b60	remove annoying debug output	2007-06-22 20:24:11 +00:00
Daniel Stenberg	a1b650ad7b	Gerrit Bruchh�user pointed out a warning that the Intel(R) Thread Checker tool reports and it was indeed a legitimate one and it is one fixed. It was a use of a share without doing the proper locking first.	2007-06-21 14:23:38 +00:00
Daniel Stenberg	d978f85d55	Adam Piggott filed bug report #1740263 (http://curl.haxx.se/bug/view.cgi?id=1740263). Adam discovered that when getting a large amount of URLs with curl, they were fetched slower and slower... which turned out to be because the --libcurl data collecting which wrongly always was enabled, but no longer is...	2007-06-20 21:57:28 +00:00
James Housley	6e7f47da5b	If the creation of rsa and rsa_pub fail due to memory, don't try other authentication methods. Terminate with a memory error.	2007-06-20 11:30:35 +00:00
James Housley	277bab0c7b	Check both variables, not the same one twice. Pointed out by Colin Hogben	2007-06-19 13:23:21 +00:00
Daniel Stenberg	fc3c5dae87	and fix another flaw in the singlecwd case when we get ftp://site.com/, also from the #1739100 bug report	2007-06-19 12:33:28 +00:00
Daniel Stenberg	891dffb528	extra precaution to make PATH_MAX always be defined	2007-06-19 11:50:08 +00:00
James Housley	f0b361ecc1	Change rsa and rsa_pub from static arrays in ssh_conn to be dynamically allocated when needed	2007-06-19 11:31:33 +00:00
James Housley	df7eed16dd	If LIBSSH2DEBUG was defined "i" was undefined	2007-06-18 22:28:40 +00:00
Daniel Stenberg	61db4f3e2a	Robson Braga Araujo filed bug report #1739100 (http://curl.haxx.se/bug/view.cgi?id=1739100) that mentioned that libcurl could not actually list the contents of the root directory of a given FTP server if the login directory isn't root. I fixed the problem and added three test cases (one is disabled for now since I identified KNOWN_BUGS #44, we cannot use --ftp-method nocwd and list ftp directories).	2007-06-18 21:09:32 +00:00
Daniel Stenberg	fe85ae15f3	make the ftp-method multicwd case possible to LIST the root directory of a server!	2007-06-18 21:04:45 +00:00
Daniel Stenberg	cc26cc5dcd	Test listing of root dir with the three ftp-methods. KNOWN_BUGS #44 make me disable test 351 by default by I add the test case anyway to make it easier to work on this problem in the future.	2007-06-18 21:04:05 +00:00
Daniel Stenberg	eb965e2a13	44. --ftp-method nocwd does not handle URLs ending with a slash properly (it should list the contents of that directory). See test case 351.	2007-06-18 21:03:14 +00:00
Daniel Stenberg	4e35395d0e	Daniel Johnson reported the tests now run fine on OS X!	2007-06-18 08:57:13 +00:00
James Housley	b61b420cb8	Curl_ssh_connect() was using an uninitialized variable in one location. Caught by the auto-builds	2007-06-16 16:58:02 +00:00
Daniel Stenberg	b0aa11fde7	Tom Regner added /usr/lib/misc to the path to scan for sftp to make the sftp tests run fine on gentoo	2007-06-14 21:16:08 +00:00
Daniel Stenberg	b691102ec7	Shmulik Regev fixed a flaw in the multi interface that occurred when doing HTTP CONNECT over a proxy	2007-06-14 14:42:21 +00:00
Daniel Stenberg	2785fe7f61	s/HAVE_POLL/HAVE_SYS_POLL_H	2007-06-14 14:15:21 +00:00
James Housley	db5d4bd811	Remove duplicate code that was left in as part of 1.35. This code only affected sftp_sendquote() for the "chgrp/chmod/chown" commands. This also fixed failure of test 614 on a system that previously failed.	2007-06-14 13:22:00 +00:00
Daniel Stenberg	dc3b3c6916	Make our own definitions of the POLL* defiens and the pollfd struct only get done if the sys/poll.h file is missing, as we have seen machines with poll() present but without the header file and machines that don't get HAVE_POLL defined but that do have the sys/poll.h header file...	2007-06-14 11:21:48 +00:00
James Housley	82d3f97659	BUG FIX: When reading a directory listing that contains symlinks with the latest libssh2, the listing would be truncated at the symlink. Fix by looping on LIBSSH2_ERROR_EAGAIN, like the rest of the calls.	2007-06-14 10:36:53 +00:00
Daniel Stenberg	235632ed2c	Tom Regner provided a patch and worked together with James Housley, so now CURLOPT_FTP_CREATE_MISSING_DIRS works for SFTP connections as well as FTP ones.	2007-06-13 20:17:35 +00:00
Daniel Stenberg	68330c86e7	Rich Rauenzahn filed bug report #1733119 (http://curl.haxx.se/bug/view.cgi?id=1733119) and we collaborated on the fix. The problem is that for 64bit HPUX builds, several socket-related functions would still assume int (32 bit) arguments and not socklen_t (64 bit) ones.	2007-06-13 20:08:19 +00:00
James Housley	f37dc9168a	Restore functionality mistakenly removed in the previous commit	2007-06-13 17:13:44 +00:00
James Housley	17798ed740	Update documentation to reflect SFTP's ability to create directories on upload. Some text provieded by Tom Regner	2007-06-13 15:02:34 +00:00
Gisle Vanem	05ba9f9fcd	libssh2_session_free() returns void. Fix "#endif".	2007-06-13 14:01:48 +00:00
James Housley	96f4af4db9	Commit Tom Regner's code for SFTP create missing directories. This patch uses the --ftp-create-dirs flag to control if cURL will try and create directories that are specified in an upload path, but don't exist.	2007-06-13 12:15:23 +00:00
James Housley	3ec7f8a25a	Add a define to protect the state machine from older versions of libssh2, ie 0.14, that don't know about newer constants used in the state machine.	2007-06-13 11:27:41 +00:00
Daniel Stenberg	375cdf89ad	With lots of help from Rich Rauenza(?) in bug #1733119 , we introduce a fairly complicated work-around for 64bit HPUX compiles. We do the fix using inline static functions to make them follow the header file properly and thus get used fine in the test suite too etc.	2007-06-12 21:39:21 +00:00
James Housley	ab7e7144ef	* Updates for the latest version of libssh2, specifically libssh2_sftp_shutdown() and libssh2_session_free() can now return LIBSSH2_ERROR_EAGAIN. * Fix the _send() and _recv() return values so non-blocking works	2007-06-12 21:32:45 +00:00
James Housley	6f59e19b91	While connect and transfer works fine in non-blocking mode for the test suite, transfer fails in the real world. So after connect set to blocking as full non-blocking is migrated out.	2007-06-12 16:15:20 +00:00
Daniel Stenberg	7800b56dc8	mention James current work on ssh	2007-06-12 13:51:57 +00:00
James Housley	73c13220ee	Prevent the state machine from getting stuck in SSH_AUTH_HOST_INIT	2007-06-12 13:47:32 +00:00
James Housley	99e0597c7b	Convert Curl_ssh_connect() to run in a state machine for LIBSSH2_APINO >= 200706012030. More to come...	2007-06-12 12:31:10 +00:00
Daniel Stenberg	3247ac1918	remove unused field in the state struct	2007-06-12 08:15:02 +00:00
Dan Fandrich	c45d44fee9	Wait longer for servers to start up since the ssh server needs to generate keys the first time (which can take a while on a slow or loaded host). Enforce a longer startup wait time for the ssh client SOCKS server, too. Check for an error code from startnew() when starting any server.	2007-06-11 17:53:10 +00:00
Dan Fandrich	1e718a515a	We do not use RSA keys in the test suite.	2007-06-11 17:49:25 +00:00
Daniel Stenberg	d23d686de2	restore the correct timeout time that my previous commit broke	2007-06-11 13:35:33 +00:00
Daniel Stenberg	c8677e9d3f	Properly wait for the c-ares resolve to complete, hopefully the cure for bug #1733955	2007-06-11 13:32:49 +00:00
Daniel Stenberg	a32eaffa77	Daniel Black's clarfication about the NTLM support	2007-06-11 07:27:02 +00:00
Gisle Vanem	1dcb99f0f7	constify 'hostname' in init_thread_sync_data(). Simply clear the whole 'tsd' structure on exit in destroy_thread_sync_data().	2007-06-11 04:33:21 +00:00
Gisle Vanem	03bc2d34da	Squelsh some warnings for libssh older than 0.1.5.	2007-06-11 04:07:51 +00:00
Dan Fandrich	477e27f99d	Fixed the test harness so that it actually kills the ssh being used as the SOCKS server.	2007-06-08 18:56:05 +00:00
Dan Fandrich	6a84d492f1	Improved compatibility with perl 5.0 on the 'open' calls.	2007-06-08 17:32:24 +00:00
Dan Fandrich	873d95a34c	Incorporated Daniel Black's test706 and test707 SOCKS test cases.	2007-06-08 17:21:40 +00:00
Dan Fandrich	1500e95839	Improved compatibility with perl 5.0 on the 'open' calls.	2007-06-08 17:03:50 +00:00
James Housley	4f8ebd1673	Curl_scp_done() needs to call libssh2_channel_free() to prevent a memory leak, and it is the right thing to do.	2007-06-08 16:19:21 +00:00
James Housley	cd4e6fbcac	Fix to work with the latest CVS version of libssh2 * As of (LIBSSH2_APINO >= 200706012030) there are not nb() functions As of (LIBSSH2_APINO >= 200706012030) most libssh2_*() functions can return LIBSSH2_ERROR_EAGAIN to indicate that the call would block. To make the code work as previously, blocking, all the code has been updated so that when (LIBSSH2_APINO >= 200706012030) it loops simulating blocking. This allows the existing code to function and not hold up the upcoming release.	2007-06-08 16:02:57 +00:00
Daniel Stenberg	2fd2ca9dac	start working on 1.4.1	2007-06-08 09:01:33 +00:00