Version 7.17.0 (13 September 2007)

added some further stuff from the feature-requests tracker, and a bunch of URLs
to the specific tracker entries
2007-09-13 20:22:14 +00:00 · 2007-09-13 09:02:15 +00:00 · 2007-09-12 18:20:52 +00:00 · 2007-09-12 10:46:14 +00:00 · 2007-09-11 22:37:47 +00:00 · 2007-09-11 22:36:39 +00:00
224 changed files with 13424 additions and 4568 deletions
--- a/386
+++ b/386
@@ -6,6 +6,392 @@
                                  Changelog
 Version 7.17.0 (13 September 2007)
 Daniel S (12 September 2007)
 - Bug report #1792649 (http://curl.haxx.se/bug/view.cgi?id=1792649) pointed
  out a problem with doing an empty upload over FTP on a re-used connection.
  I added test case 541 to reproduce it and to verify the fix.
 - I noticed while writing test 541 that the FTP code wrongly did a CWD on the
  second transfer as it didn't store and remember the "" path from the
  previous transfer so it would instead CWD to the entry path as stored. This
  worked, but did a superfluous command. Thus, test case 541 now also verifies
  this fix.
 Dan F (5 September 2007)
 - Added test case 1007 to test permission problem when uploading with TFTP
  (to validate bug #1790403).
 - TFTP now reports the "not defined" TFTP error code 0 as an error,
  not success.
 Daniel S (5 September 2007)
 - Continued the work on a fix for #1779054
  (http://curl.haxx.se/bug/view.cgi?id=1779054). My previous fix from August
  24 was not complete (either) but could accidentally "forget" parts of a
  server response which led to faulty server response time-out errors.
 Dan F (5 September 2007)
 - Minix doesn't support getsockopt on UDP sockets or send/recv on TCP
  sockets.
 Dan F (31 August 2007)
 - Made some of the error strings returned by the *strerror functions more
  generic, and more consistent with each other.
 - Renamed the curl_ftpssl enum to curl_usessl and its enumerated constants,
  creating macros for backward compatibility:
    CURLFTPSSL_NONE => CURLUSESSL_NONE
    CURLFTPSSL_TRY => CURLUSESSL_TRY
    CURLFTPSSL_CONTROL => CURLUSESSL_CONTROL
    CURLFTPSSL_ALL => CURLUSESSL_ALL
    CURLFTPSSL_LAST => CURLUSESSL_LAST
 Dan F (30 August 2007)
 - Renamed several libcurl error codes and options to make them more general
  and allow reuse by multiple protocols. Several unused error codes were
  removed.  In all cases, macros were added to preserve source (and binary)
  compatibility with the old names.  These macros are subject to removal at
  a future date, but probably not before 2009.  An application can be
  tested to see if it is using any obsolete code by compiling it with the
  CURL_NO_OLDIES macro defined.
  The following unused error codes were removed:
    CURLE_BAD_CALLING_ORDER
    CURLE_BAD_PASSWORD_ENTERED
    CURLE_FTP_CANT_RECONNECT
    CURLE_FTP_COULDNT_GET_SIZE
    CURLE_FTP_COULDNT_SET_ASCII
    CURLE_FTP_USER_PASSWORD_INCORRECT
    CURLE_FTP_WEIRD_USER_REPLY
    CURLE_FTP_WRITE_ERROR
    CURLE_LIBRARY_NOT_FOUND
    CURLE_MALFORMAT_USER
    CURLE_OBSOLETE
    CURLE_SHARE_IN_USE
    CURLE_URL_MALFORMAT_USER
  The following error codes were renamed:
    CURLE_FTP_ACCESS_DENIED =>      CURLE_REMOTE_ACCESS_DENIED
    CURLE_FTP_COULDNT_SET_BINARY => CURLE_FTP_COULDNT_SET_TYPE
    CURLE_FTP_SSL_FAILED =>         CURLE_USE_SSL_FAILED
    CURLE_FTP_QUOTE_ERROR =>        CURLE_QUOTE_ERROR
    CURLE_TFTP_DISKFULL =>          CURLE_REMOTE_DISK_FULL
    CURLE_TFTP_EXISTS =>            CURLE_REMOTE_FILE_EXISTS
    CURLE_HTTP_RANGE_ERROR =>       CURLE_RANGE_ERROR 
  The following options were renamed:
    CURLOPT_SSLKEYPASSWD => CURLOPT_KEYPASSWD 
    CURLOPT_FTPAPPEND =>    CURLOPT_APPEND
    CURLOPT_FTPLISTONLY =>  CURLOPT_DIRLISTONLY
    CURLOPT_FTP_SSL =>      CURLOPT_USE_SSL
  A few more changes will take place with the next SONAME bump of the
  library.  These are documented in docs/TODO
 - Documented some newer error codes in libcurl-error(3)
 - Added more accurate error code returns from SFTP operations.  Added test
  case 615 to test an SFTP upload failure.
 Dan F (28 August 2007)
 - Some minor internal type and const changes based on a splint scan.
 Daniel S (24 August 2007)
 - Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed
  out that libcurl didn't deal with large responses from server commands, when
  the single response was consisting of multiple lines but of a total size of
  16KB or more. Dan Fandrich improved the ftp test script and provided test
  case 1006 to repeat the problem, and I fixed the code to make sure this new
  test case runs fine.
 Patrick M (23 August 2007)
 - OS/400 port: new files lib/config-os400.h lib/setup-os400.h packages/OS400/*.
  See packages/OS400/README.OS400.
 Daniel S (23 August 2007)
 - Bug report #1779751 (http://curl.haxx.se/bug/view.cgi?id=1779751) pointed
  out that doing first a file:// upload and then an FTP upload crashed libcurl
  or at best caused furious valgrind complaints. Fixed now!
 Daniel S (22 August 2007)
 - Bug report #1779054 (http://curl.haxx.se/bug/view.cgi?id=1779054) pointed
  out that libcurl didn't deal with very long (>16K) FTP server response lines
  properly. Starting now, libcurl will chop them off (thus the client app will
  not get the full line) but survive and deal with them fine otherwise. Test
  case 1003 was added to verify this.
 Daniel S (20 August 2007)
 - Based on a patch by Christian Vogt, the FTP code now sets the upcoming
  download transfer size much earlier to be possible to get read with
  CURLINFO_CONTENT_LENGTH_DOWNLOAD as soon as possible. This is very much in a
  similar spirit to the HTTP size change from August 11 2007.
 Daniel S (18 August 2007)
 - Robson Braga Araujo filed bug report #1776232
  (http://curl.haxx.se/bug/view.cgi?id=1776232) about libcurl calling
  Curl_client_write(), passing on a const string that the caller may not
  modify and yet it does (on some platforms).
 - Robson Braga Araujo filed bug report #1776235
  (http://curl.haxx.se/bug/view.cgi?id=1776235) about ftp requests with NOBODY
  on a directory would do a "SIZE (null)" request. This is now fixed and test
  case 1000 was added to verify.
 Daniel S (17 August 2007)
 - Song Ma provided a patch that cures a problem libcurl has when doing resume
  HTTP PUT using Digest authentication. Test case 5320 and 5322 were also
  added to verify the functionality.
 Daniel S (14 August 2007)
 - Andrew Wansink provided an NTLM bugfix: in the case the server sets the flag
  NTLMFLAG_NEGOTIATE_UNICODE, we need to filter it off because libcurl doesn't
  UNICODE encode the strings it packs into the NTLM authenticate packet.
 Daniel S (11 August 2007)
 - Allen Pulsifer provided a patch that makes libcurl set the expected download
  size earlier when doing HTTP downloads, so that applications and the
  progress meter etc know get the info earlier in the flow than before.
 - Patrick Monnerat modified the LDAP code and approach in curl. Starting now,
  the configure script checks for openldap and friends and we link with those
  libs just like we link all other third party libraries, and we no longer
  dlopen() those libraries. Our private header file lib/ldap.h was renamed to
  lib/curl_ldap.h due to this. I set a tag in CVS (curl-7_17_0-preldapfix)
  just before this commit, just in case.
 Dan F (8 August 2007)
 - Song Ma noted a zlib memory leak in the illegal compressed header
  countermeasures code path.
 Daniel S (4 August 2007)
 - Patrick Monnerat fixed curl_easy_escape() and curlx_strtoll() to work on
  non-ASCII systems.
 Daniel S (3 August 2007)
 - I cut out support for libssh2 versions older than 0.16 to make our code a
  lot simpler, and to avoid getting trouble with the LIBSSH2_APINO define
  that 1) didn't work properly since it was >32 bits and 2) is removed in
  libssh2 0.16...
 Daniel S (2 August 2007)
 - Scott Cantor filed bug report #1766320
  (http://curl.haxx.se/bug/view.cgi?id=1766320) pointing out that the libcurl
  code accessed two curl_easy_setopt() options (CURLOPT_DNS_CACHE_TIMEOUT and
  CURLOPT_DNS_USE_GLOBAL_CACHE) as ints even though they're documented to be
  passed in as longs, and that makes a difference on 64 bit architectures.
 - Dmitriy Sergeyev reported a regression: resumed file:// transfers broke
  after 7.16.2. This is much due to the different treatment file:// gets
  internally, but now I added test 231 to make it less likely to happen again
  without us noticing!
 Daniel S (1 August 2007)
 - Patrick Monnerat and I modified libcurl so that now it *copies* all strings
  passed to it with curl_easy_setopt()! Previously it has always just refered
  to the data, forcing the user to keep the data around until libcurl is done
  with it. That is now history and libcurl will instead clone the given
  strings and keep private copies. This is also part of Patrick Monnerat's
  OS/400 port.
  Due to this being a somewhat interesting change API wise, I've decided to
  bump the version of the upcoming release to 7.17.0. Older applications will
  of course not notice this change nor do they have to care, but new
  applications can be written to take advantage of this.
 - Greg Morse reported a problem with POSTing using ANYAUTH to a server
  requiring NTLM, and he provided test code and a test server and we worked
  out a bug fix. We failed to count sent body data at times, which then caused
  internal confusions when libcurl tried to send the rest of the data in order
  to maintain the same connection alive.
 Daniel S (31 July 2007)
 - Peter O'Gorman pointed out (and fixed) that the non-blocking check in
  configure made libcurl use blocking sockets on AIX 4 and 5, while that
  wasn't the intention.
 Daniel S (29 July 2007)
 - Jayesh A Shah filed bug report #1759542
  (http://curl.haxx.se/bug/view.cgi?id=1759542) identifying a rather serious
  problem with FTPS: libcurl closed the data connection socket and then later
  in the flow it would call the SSL layer to do SSL shutdown which then would
  use a socket that had already been closed - so if the application had opened
  a new one in the mean time, libcurl could send gibberish that way! I worked
  with Greg Zavertnik to properly diagnose and fix this. The fix affects code
  for all SSL libraries we support, but it has only been truly verified to
  work fine for the OpenSSL version. The others have only been code reviewed.
 Daniel S (23 July 2007)
 - Implemented the parts of Patrick Monnerat's OS/400 patch that introduces
  support for the OS/400 Secure Sockets Layer library.
 Dan F (23 July 2007)
 - Implemented only the parts of Patrick Monnerat's OS/400 patch that renamed
  some few internal identifiers to avoid conflicts, which could be useful on
  other platforms.
 Daniel S (22 July 2007)
 - HTTP Digest bug fix by Chris Flerackers:
  Scenario
  - Perfoming a POST request with body
  - With authentication (only Digest)
  - Re-using a connection
  libcurl would send a HTTP POST with an Authorization header but without
  body. Our server would return 400 Bad Request in that case (because
  authentication passed, but the body was empty).
  Cause
  1) http_digest.c -> Curl_output_digest
  - Updates allocptr.userpwd/allocptr.proxyuserpwd *only* if d->nonce is
  filled in (and no errors)
  - authp->done = TRUE if d->nonce is filled in
  2) http.c -> Curl_http
  - *Always* uses allocptr.userpwd/allocptr.proxyuserpwd if not NULL
  3) http.c -> Curl_http, Curl_http_output_auth
  So what happens is that Curl_output_digest cannot yet update the
  Authorization header (allocptr.userpwd) which results in authhost->done=0 ->
  authhost->multi=1 -> conn->bits.authneg = TRUE.  The body is not
  added. *However*, allocptr.userpwd is still used when building the request
 - Added test case 354 that makes a simple FTP retrieval without password, which
  verifies the bug fix in #1757328.
 Daniel S (21 July 2007)
 - To allow more flexibility in FTP test cases, I've removed the enforced states
  from the test server code as they served no real purpose. The test server
  is here to serve for the test cases, not to attempt to function as a real
  server! While at it, I modified test case 141 to better test and verify
  curl -I on a single FTP file.
 Daniel S (20 July 2007)
 - James Housley fixed the SFTP PWD command to work.
 - Ralf S. Engelschall filed bug report #1757328
  (http://curl.haxx.se/bug/view.cgi?id=1757328) and submitted a patch. It
  turns out we broke login to FTP servers that don't require (nor understand)
  PASS after the USER command. The breakage was done as part of the krb5
  commit so a krb-using person needs to verify that the current version now
  works or if we need to fix it (in a different way of course).
 Dan F (17 July 2007)
 - Fixed test cases 613 and 614 by improving the log postprocessor to handle
  a new directory listing format that newer libssh2's can provide.  This
  is probably NOT sufficient to handle all directory listing formats that
  server's can provide, and should be revisited.
 Daniel S (17 July 2007)
 - Daniel Johnson fixed a bug in how libssh2_session_last_error() was used, in
  two places.
 - Jofell Gallardo posted a libcurl log using FTP that exposed a bug which made
  a control connection that was deemed "dead" to yet be re-used in a following
  request.
 Daniel S (13 July 2007)
 - Colin Hogben filed bug report #1750274
  (http://curl.haxx.se/bug/view.cgi?id=1750274) and submitted a patch for the
  case where libcurl did a connect attempt to a non-listening port and didn't
  provide a human readable error string back.
 - Daniel Cater fixes:
  1 - made 'make vc8' work on windows.
  2 - made libcurl itself built with CURL_NO_OLDIES defined (which doesn't
      define the symbols for backwards source compatibility)
  3 - updated libcurl-errors.3
  4 - added CURL_DISABLE_TFTP to docs/INSTALL
 Daniel S (12 July 2007)
 - Made the krb5 code build with Heimdal's GSSAPI lib.
 Dan F (12 July 2007)
 - Compile most of the example apps in docs/examples when doing a 'make check'.
  Fixed some compile warnings and errors in those examples.
 - Removed the example program ftp3rdparty.c since libcurl doesn't support
  3rd party FTP transfers any longer.
 Daniel S (12 July 2007)
 - Shmulik Regev found an (albeit rare) case where the proxy CONNECT operation
  could in fact get stuck in an endless loop.
 - Made CURLOPT_SSL_VERIFYHOST set to 1 acts as described in the documentation:
  fail to connect if there is no Common Name field found in the remote cert.
  We should deprecate the support for this set to 1 anyway soon, since the
  feature is pointless and most likely never really used by anyone.
 Daniel S (11 July 2007)
 - Shmulik Regev fixed a bug with transfer-encoding skipping during the 407
  error pages for proxy authentication.
 - Giancarlo Formicuccia reported and fixed a problem with a closed connection
  to a proxy during CONNECT auth negotiation.
 Dan F (10 July 2007)
 - Fixed a curl memory leak reported by Song Ma with a modified version
  of the patch he suggested.  Added his test case as test289 to verify.
 - Force the time zone to GMT in the cookie tests in case the user is
  using one of the so-called 'right' time zones that take into account
  leap seconds, which causes the tests to fail (as reported by
  Daniel Black in bug report #1745964).
 Version 7.16.4 (10 July 2007)
 Daniel S (10 July 2007)
 - Kees Cook notified us about a security flaw
  (http://curl.haxx.se/docs/adv_20070710.html) in which libcurl failed to
  properly reject some outdated or not yet valid server certificates when
  built with GnuTLS. Kees also provided the patch.
 James H (5 July 2007)
 - Gavrie Philipson provided a patch that will use a more specific error
  message for an scp:// upload failure.  If libssh2 has his matching
  patch, then the error message return by the server will be used instead
  of a more generic error.
 Daniel S (1 July 2007)
 - Thomas J. Moore provided a patch that introduces Kerberos5 support in
  libcurl. This also makes the options change name to --krb (from --krb4) and
  CURLOPT_KRBLEVEL (from CURLOPT_KRB4LEVEL) but the old names are still 
 - Song Ma helped me verify and extend a fix for doing FTP over a SOCKS4/5
  proxy.
 Daniel S (27 June 2007)
 - James Housley: Add two new options for the SFTP/SCP/FILE protocols:
  CURLOPT_NEW_FILE_PERMS and CURLOPT_NEW_DIRECTORY_PERMS. These control the
  premissions for files and directories created on the remote
  server. CURLOPT_NEW_FILE_PERMS defaults to 0644 and
  CURLOPT_NEW_DIRECTORY_PERMS defaults to 0755
 - I corrected the 10-at-a-time.c example and applied a patch for it by James
  Bursa.
 Daniel S (26 June 2007)
 - Robert Iakobashvili re-arranged the internal hash code to work with a custom
  hash function for different hashes, and also expanded the default size for
  the socket hash table used in multi handles to greatly enhance speed when
  very many connections are added and the socket API is used.
 - James Housley made the CURLOPT_FTPLISTONLY mode work for SFTP directory
  listings as well
 Daniel S (25 June 2007)
 - Adjusted how libcurl treats HTTP 1.1 responses without content-lenth or
  chunked encoding (that also lacks "Connection: close"). It now simply
  assumes that the connection WILL be closed to signal the end, as that is how
  RFC2616 section 4.4 point #5 says we should behave.
 Version 7.16.3 (25 June 2007)
 Daniel S (23 June 2007)
--- a/Makefile.am
+++ b/Makefile.am
@@ -49,7 +49,7 @@ html:
 pdf:
 	cd docs; make pdf
-check: test
+check: test examples
 if CROSSCOMPILING
 test-full: test
@@ -71,6 +71,9 @@ test-torture:
 endif
 examples:
 	@(cd docs/examples; $(MAKE) all)
 #
 # Build source and binary rpms. For rpm-3.0 and above, the ~/.rpmmacros
 # must contain the following line:
--- a/Makefile.dist
+++ b/Makefile.dist
@@ -68,18 +68,22 @@ watcom-clean:
 	wmake -f Makefile.Watcom clean
 mingw32:
 	$(MAKE) -C lib -f Makefile.m32
 	$(MAKE) -C src -f Makefile.m32
 mingw32-zlib:
 	$(MAKE) -C lib -f Makefile.m32 ZLIB=1
 	$(MAKE) -C src -f Makefile.m32 ZLIB=1
-mingw32-ssl:
+mingw32-ssl-zlib:
 	$(MAKE) -C lib -f Makefile.m32 SSL=1 ZLIB=1
 	$(MAKE) -C src -f Makefile.m32 SSL=1 ZLIB=1
-mingw32-ssh2-ssl:
+mingw32-ssh2-ssl-zlib:
 	$(MAKE) -C lib -f Makefile.m32 SSH2=1 SSL=1 ZLIB=1
 	$(MAKE) -C src -f Makefile.m32 SSH2=1 SSL=1 ZLIB=1
-mingw32-ssh2-ssl-sspi:
+mingw32-ssh2-ssl-sspi-zlib:
 	$(MAKE) -C lib -f Makefile.m32 SSH2=1 SSL=1 SSPI=1 ZLIB=1
 	$(MAKE) -C src -f Makefile.m32 SSH2=1 SSL=1 SSPI=1 ZLIB=1
@@ -248,5 +252,5 @@ linux-ssl: ssl
 vc8:
 	echo "generate VC8 makefiles"
-	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e 's#/GZ#/RTC1#' -e 's/wsock32.lib/wsock32.lib bufferoverflowu.lib/g' -e 's/VC6/VC8/g' lib/Makefile.vc6 > lib/Makefile.vc8
+	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" lib/Makefile.vc6 > lib/Makefile.vc8
-	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e 's#/GZ#/RTC1#' -e 's/wsock32.lib/wsock32.lib bufferoverflowu.lib/g' -e 's/VC6/VC8/g' src/Makefile.vc6 > src/Makefile.vc8
+	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" src/Makefile.vc6 > src/Makefile.vc8
--- a/132
+++ b/132
@@ -1,67 +1,58 @@
-Curl and libcurl 7.16.3
+Curl and libcurl 7.17.0
- Public curl release number:               99
+ Public curl release number:               101
- Releases counted from the very beginning: 126
+ Releases counted from the very beginning: 127
 Available command line options:           118
- Available curl_easy_setopt() options:     141
+ Available curl_easy_setopt() options:     143
- Number of public functions in libcurl:    54
+ Number of public functions in libcurl:    55
- Amount of public web site mirrors:        38
+ Amount of public web site mirrors:        42
- Number of known libcurl bindings:         35
+ Number of known libcurl bindings:         36
- Number of contributors:                   554
+ Number of contributors:                   572
 This release includes the following changes:
- o added curl_multi_socket_action()
+ o support for OS/400 Secure Sockets Layer library
- o deprecated curl_multi_socket()
+ o curl_easy_setopt() now allocates strings passed to it
- o uses less memory in non-pipelined use cases
+ o SCP and SFTP support now requires libssh2 0.16 or later
- o CURLOPT_HTTP200ALIASES matched transfers assume HTTP 1.0 compliance
+ o LDAP libraries are now linked "regularly" and not with dlopen
- o more than one test harness can run at the same time without conflict
+ o HTTP transfers have the download size info "available" earlier
- o SFTP now supports quote commands before a transfer
+ o FTP transfers have the download size info "available" earlier
- o CURLMOPT_MAXCONNECTS added to curl_multi_setopt()
+ o builds and runs on OS/400
- o upload resume works for file:// URLs
+ o several error codes and options were marked as obsolete and subject to
- o asynchronous name resolves now require c-ares 1.4.0 or later
+   future removal (set CURL_NO_OLDIES to see if your application is using them)
- o added SOCKS test cases
+ o SFTP errors can return more specific error codes 
 o CURLOPT_FTP_CREATE_MISSING_DIRS and --ftp-create-dirs now work for SFTP
   operations as well
 This release includes the following bugfixes:
- o if2up too long interface name memory leak
+ o test cases 31, 46, 61, 506, 517 now work in time zones that use leap seconds
- o test case 534 started to fail 2007-04-13 due to the existance of a
+ o problem with closed proxy connection during HTTP CONNECT auth negotiation
-   new host on the net with the same silly domain the test was using
+ o transfer-encoding skipping didn't ignore the 407 response bodies properly
-   for a host which was supposed not to exist.
+ o CURLOPT_SSL_VERIFYHOST set to 1
- o test suite SSL certificate works better with newer stunnel
+ o CONNECT endless loop
- o internal progress meter update frequency back to once per second
+ o krb5 support builds with Heimdal
- o avoid some unnecessary calls to function gettimeofday
+ o added returned error string for connection refused case
- o a double-free in the SSL-layer
+ o re-use of dead FTP control connections
- o GnuTLS free of NULL credentials
+ o login to FTP servers that don't require (nor understand) PASS after the
- o NSS-fix for closing down SSL
+   USER command
- o bad warning from configure when gnutls was selected
+ o bad free of memory from libssh2
- o compilation on VMS 64-bit mode
+ o the SFTP PWD command works
- o SCP/SFTP downloads could hang on the last bytes of a transfer
+ o HTTP Digest auth on a re-used connection
- o curl_easy_duphandle() crash
+ o FTPS data connection close
- o curl -V / curl_version*() works even when GnuTLS is used on a system without
+ o AIX 4 and 5 get to use non-blocking sockets
-   a good random source
+ o small POST with NTLM
- o curl_multi_socket() not "noticing" newly added handles
+ o resumed file:// transfers
- o lack of Content-Length and chunked encoding now requires HTTP 1.1 as well
+ o CURLOPT_DNS_CACHE_TIMEOUT and CURLOPT_DNS_USE_GLOBAL_CACHE are 64 bit
-   to be treated as without response body
+   "clean"
- o connection cache growth in multi handles
+ o memory leak when handling compressed data streams from broken servers
- o better handling of out of memory conditions
+ o no NTLM unicode response
- o overwriting an uploaded file with sftp now truncates it first
+ o resume HTTP PUT using Digest authentication
- o SFTP quote commands chmod, chown, chgrp can now set a value of 0
+ o FTP NOBODY requests on directories sent "SIZE (null)"
- o TFTP connect timouts less than 5 seconds
+ o FTP NOBODY request on file crash
- o improved curl -w for TFTP transfers
+ o excessively long FTP server responses and response lines
- o memory leak when failed OpenSSL certificate CN field checking
+ o file:// upload then FTP:// upload crash
- o memory leak when OpenSSL failed PKCS #12 parsing
+ o TFTP error 0 is no longer treated as success
- o FPL-SSL when built with NSS
+ o uploading empty file over FTP on re-used connection
- o out-of-boundary write in Curl_select()
+ o superfluous CWD command on re-used FTP connections without subdirs used
 o -s/--silent can now be used to toggle off the silence again
 o builds fine on 64bit HP-UX
 o multi interface HTTP CONNECT glitch
 o list FTP root directories when login dir is not root
 o no longer slows down when getting very many URLs on the same command line
 o lock share before decreasing dirty counter
 o no-body FTP requests on re-used connections
 This release includes the following known bugs:
@@ -69,26 +60,29 @@ This release includes the following known bugs:
 Other curl-related news:
- o PycURL 7.16.2.1 was released: http://pycurl.sf.net/
+ o pycurl 7.16.4 was released http://pycurl.sf.net
- o TclCurl 7.16.2 was released:
+ o TclCurl 7.16.4 was released
   http://personal1.iddeo.es/andresgarci/tclcurl/english/
 o curlpp 0.7.1 was released
   http://rrette.com/textpattern/index.php?s=cURLpp
 o A brand new binding for SP-Forth was written by ygrek:
   http://www.forth.org.ru/~ac/lib/lin/curl/
 New curl mirrors:
- o http://curl.spegulo.be is a new mirror in Belgium
+ o http://curl.freeby.pctools.cl is a new mirror in Santiago, Chile
- o http://curl.piotrkosoft.net is a new mirror in Poland
+ o http://curl.site2nd.org is a new mirror in Dallas, Texas, USA
- o http://curl.smudge-it.net is a new mirror in St Louis, MO, USA
+ o http://curl.cheap.co.il is a new mirror in Tel-Aviv, Israel
- o http://curl.askapache.com is a new mirror in Indiana, USA
+ o http://curl.digimirror.nl is a new mirror in Amsterdam, the Netherlands
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
- Song Ma, Dan Fandrich, Yang Tse, Jay Austin, Robert Iakobashvil,
+ Dan Fandrich, Song Ma, Daniel Black, Giancarlo Formicuccia, Shmulik Regev,
- James Housley, Daniel Black, Steve Little, Sonia Subramanian, Peter O'Gorman,
+ Daniel Cater, Colin Hogben, Jofell Gallardo, Daniel Johnson,
- Frank Hempel, Michael Wallner, Jeff Pohlmeyer, Tobias Rundstr<74>m,
+ Ralf S. Engelschall, James Housley, Chris Flerackers, Patrick Monnerat,
- Anders Gustafsson, James Bursa, Kristian Gunstone, Feng Tu,
+ Jayesh A Shah, Greg Zavertnik, Peter O'Gorman, Greg Morse, Dmitriy Sergeyev,
- Andre Guibert de Bruet, Rob Crittenden, Rich Rauenzahn, Tom Regner,
+ Scott Cantor, Allen Pulsifer, Andrew Wansink, Robson Braga Araujo,
- Dave Vasilevsky, Shmulik Regev, Robson Braga Araujo, Adam Piggott,
+ Christian Vogt
 Gerrit Bruchh<68>user
        Thanks! (and sorry if I forgot to mention someone)
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -1107,7 +1107,7 @@ AC_DEFUN([CURL_CHECK_NONBLOCKING_SOCKET],
 #  define PLATFORM_SUNOS4
 # endif
 #endif
-#if (defined(_AIX) || defined(__xlC__)) && !defined(_AIX4)
+#if (defined(_AIX) || defined(__xlC__)) && !defined(_AIX41)
 # define PLATFORM_AIX_V3
 #endif
@@ -1830,81 +1830,6 @@ AC_DEFUN([CURL_CC_DEBUG_OPTS],
 ]) dnl end of AC_DEFUN()
 dnl Determine the name of the library to pass to dlopen() based on the name
 dnl that would normally be given to AC_CHECK_LIB.  The preprocessor symbol
 dnl given is set to the quoted library file name. 
 dnl The standard dynamic library file name is first generated, based on the
 dnl current system type, then a search is performed for that file on the
 dnl standard dynamic library path.  If it is a symbolic link, the destination
 dnl of the link is used as the file name, after stripping off any minor
 dnl version numbers. If a library file can't be found, a guess is made.
 dnl This macro assumes AC_PROG_LIBTOOL has been called and requires perl
 dnl to be available in the PATH, or $PERL to be set to its location.
 dnl
 dnl CURL_DLLIB_NAME(VARIABLE, library_name)
 dnl e.g. CURL_DLLIB_NAME(LDAP_NAME, ldap) on a Linux system might result
 dnl in LDAP_NAME holding the string "libldap.so.2".
 AC_DEFUN([CURL_DLLIB_NAME],
 [
 AC_MSG_CHECKING([name of dynamic library $2])
 dnl The shared library extension variable name changes from version to
 dnl version of libtool.  Try a few names then just set one statically.
 test -z "$shared_ext" && eval shared_ext=\"$shrext_cmds\"
 test -z "$shared_ext" && shared_ext="$std_shrext"
 test -z "$shared_ext" && shared_ext="$shrext"
 test -z "$shared_ext" && shared_ext=".so"
 dnl Create the library link name of the correct form for this platform
 LIBNAME_LINK_SPEC=`echo "$library_names_spec" | $SED 's/^.* //'`
 DLGUESSLIB=`name=$2 eval echo "$libname_spec"`
 DLGUESSFILE=`libname="$DLGUESSLIB" release="" major="" versuffix="" eval echo "$LIBNAME_LINK_SPEC"`
 dnl Last resort in case libtool knows nothing about shared libs on this platform
 test -z "$DLGUESSFILE" && DLGUESSFILE="$DLGUESSLIB$shared_ext"
 dnl Synthesize a likely dynamic library name in case we can't find an actual one
 SO_NAME_SPEC="$soname_spec"
 dnl soname_spec undefined when identical to the 1st entry in library_names_spec
 test -z "$SO_NAME_SPEC" && SO_NAME_SPEC=`echo "$library_names_spec" | $SED 's/ .*$//'`
 DLGUESSSOFILE=`libname="$DLGUESSLIB" release="" major="" versuffix="" eval echo "$SO_NAME_SPEC"`
 dnl Last resort in case libtool knows nothing about shared libs on this platform
 test -z "$DLGUESSSOFILE" && DLGUESSSOFILE="$DLGUESSFILE"
 if test "$cross_compiling" = yes; then
  dnl Can't look at filesystem when cross-compiling
  AC_DEFINE_UNQUOTED($1, "$DLGUESSSOFILE", [$2 dynamic library file])
  AC_MSG_RESULT([$DLGUESSSOFILE (guess while cross-compiling)])
 else
  DLFOUNDFILE=""
  if test "$sys_lib_dlsearch_path_spec" ; then
    dnl Search for the link library name and see what it points to.
    for direc in $sys_lib_dlsearch_path_spec ; do
      DLTRYFILE="$direc/$DLGUESSFILE"
      dnl Find where the symbolic link for this name points
      changequote(<<, >>)dnl
      <<
      DLFOUNDFILE=`${PERL:-perl} -e 'use File::Basename; (basename(readlink($ARGV[0])) =~ /^(.*[^\d]\.\d+)[\d\.]*$/ && print ${1}) || exit 1;' "$DLTRYFILE" 2>&5`
      >>
      changequote([, ])dnl
      if test "$?" -eq "0"; then
        dnl Found the file link
        break
      fi
    done
  fi
  if test -z "$DLFOUNDFILE" ; then
    dnl Couldn't find a link library, so guess at a name.
    DLFOUNDFILE="$DLGUESSSOFILE"
  fi
  AC_DEFINE_UNQUOTED($1, "$DLFOUNDFILE", [$2 dynamic library file])
  AC_MSG_RESULT($DLFOUNDFILE)
 fi
 ])
 # This is only a temporary fix. This macro is here to replace the broken one
 # delivered by the automake project (including the 1.9.6 release). As soon as
 # they ship a working version we SHOULD remove this work-around.
--- a/ares/CHANGES
+++ b/ares/CHANGES
@@ -1,5 +1,38 @@
  Changelog for the c-ares project
 * July 14 2007 (Daniel Stenberg)
 - Vlad Dinulescu fixed two outstanding valgrind reports:
  1. In ares_query.c , in find_query_by_id we compare q->qid (which is a short
  int variable) with qid, which is declared as an int variable.  Moreover,
  DNS_HEADER_SET_QID is used to set the value of qid, but DNS_HEADER_SET_QID
  sets only the first two bytes of qid. I think that qid should be declared as
  "unsigned short" in this function.
  2. The same problem occurs in ares_process.c, process_answer() .  query->qid
  (an unsigned short integer variable) is compared with id, which is an
  integer variable. Moreover, id is initialized from DNS_HEADER_QID which sets
  only the first two bytes of id. I think that the id variable should be
  declared as "unsigned short" in this function.
  Even after declaring these variables as "unsigned short", the valgrind
  errors are still there. Which brings us to the third problem.
  3. The third problem is that Valgrind assumes that query->qid is not
  initialised correctly. And it does that because query->qid is set from
  DNS_HEADER_QID(qbuf); Valgrind says that qbuf has unitialised bytes. And
  qbuf has uninitialised bytes because of channel->next_id . And next_id is
  set by ares_init.c:ares__generate_new_id() . I found that putting short r=0
  in this function (instead of short r) makes all Valgrind warnings go away.
  I have studied ares__rc4() too, and this is the offending line:
        buffer_ptr[counter] ^= state[xorIndex];   (ares_query.c:62)
  This is what triggers Valgrind.. buffer_ptr is unitialised in this function,
  and by applying ^= on it, it remains unitialised.
 Version 1.4.0 (June 8, 2007)
 * June 4 2007 (Daniel Stenberg)
--- a/ares/Makefile.am
+++ b/ares/Makefile.am
@@ -11,7 +11,7 @@ MSVCFILES = vc/adig/adig.dep vc/adig/adig.dsp vc/vc.dsw vc/ahost/ahost.dep \
 # adig and ahost are just sample programs and thus not mentioned with the
 # regular sources and headers
 EXTRA_DIST = CHANGES README.cares Makefile.inc adig.c ahost.c $(man_MANS) \
- $(MSVCFILES) AUTHORS config-win32.h RELEASE-NOTES
+ $(MSVCFILES) AUTHORS config-win32.h RELEASE-NOTES libcares.pc.in
 VER=-version-info 1:0:0
--- a/ares/Makefile.netware
+++ b/ares/Makefile.netware
@@ -35,10 +35,10 @@ ifndef LIBARCH
 LIBARCH = LIBC
 endif
-# must be equal to DEBUG or NDEBUG
+# must be equal to NDEBUG or DEBUG, CURLDEBUG
 ifndef DB
 DB	= NDEBUG
-# DB	= DEBUG
+endif
 # DB	= CURLDEBUG
 # Optimization: -O<n> or debugging: -g
 ifeq ($(DB),NDEBUG)
 	OPT	= -O2
@@ -51,12 +51,20 @@ endif
 # Include the version info retrieved from curlver.h
 -include $(OBJDIR)/version.inc
-# The following line defines your compiler.
+# The following lines defines your compiler.
 ifdef CWFolder
 	METROWERKS = $(CWFolder)
 endif
 ifdef METROWERKS
 	# MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support
 	MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support/Metrowerks Support
 	CC = mwccnlm
 else
 	CC = gcc
 endif
 # a native win32 awk can be downloaded from here:
 # http://www.gknw.net/development/prgtools/awk-20050424.zip
 AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
 # RM	= rm -f
@@ -82,8 +90,10 @@ ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.o
 	CFLAGS += -align 4
 else
-	PRELUDE = "$(METROWERKS)/Novell Support/libraries/runtime/prelude.obj"
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.o
-#	CFLAGS += -include "$(METROWERKS)/Novell Support/headers/nlm_prefix.h"
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
 	PRELUDE = "$(MWCW_PATH)/libraries/runtime/prelude.obj"
 	# CFLAGS += -include "$(MWCW_PATH)/headers/nlm_clib_prefix.h"
 	CFLAGS += -align 1
 endif
 else
@@ -98,7 +108,10 @@ CFLAGS	+= -Wall -Wno-format -Wno-uninitialized # -pedantic
 ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
 else
-	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
 	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
 	# http://www.gknw.net/development/mk_nlm/gcc_pre.zip
 	PRELUDE = $(NDK_ROOT)/pre/prelude.o
 	CFLAGS += -include $(NDKBASE)/nlmconv/genlm.h
 endif
 endif
@@ -108,14 +121,17 @@ SDK_CLIB = $(NDK_ROOT)/nwsdk
 SDK_LIBC = $(NDK_ROOT)/libc
 ifeq ($(LIBARCH),LIBC)
-	INCLUDES += -I$(SDK_LIBC)/include -I$(SDK_LIBC)/include/nks
+	INCLUDES += -I$(SDK_LIBC)/include
 	# INCLUDES += -I$(SDK_LIBC)/include/nks
 	# INCLUDES += -I$(SDK_LIBC)/include/winsock
 	CFLAGS += -D_POSIX_SOURCE
 #	CFLAGS += -D__ANSIC__
 else
-	INCLUDES += -I$(SDK_CLIB)/include/nlm -I$(SDK_CLIB)/include
+	INCLUDES += -I$(SDK_CLIB)/include/nlm
 	# INCLUDES += -I$(SDK_CLIB)/include/nlm/obsolete
-	CFLAGS += -DNETDB_USE_INTERNET
+	# INCLUDES += -I$(SDK_CLIB)/include
 endif
 ifeq ($(DB),CURLDEBUG)
 INCLUDES += -I../include
 endif
 CFLAGS	+= -I. $(INCLUDES)
@@ -186,7 +202,7 @@ $(OBJDIR)/%.o: %.c
 $(OBJDIR)/version.inc: ares_version.h $(OBJDIR)
 	@echo Creating $@
-	@awk -f ../packages/NetWare/get_ver.awk $< > $@
+	@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
 $(OBJDIR)/%.xdc: Makefile.netware
 	@echo Creating $@
@@ -267,25 +283,77 @@ config.h: Makefile.netware
 	@echo $(DL)#ifndef NETWARE$(DL) >> $@
 	@echo $(DL)#error This $(notdir $@) is created for NetWare platform!$(DL) >> $@
 	@echo $(DL)#endif$(DL) >> $@
 	@echo $(DL)#define OS "i586-pc-NetWare"$(DL) >> $@
 	@echo $(DL)#define VERSION "$(LIBCARES_VERSION_STR)"$(DL) >> $@
 	@echo $(DL)#define PACKAGE_BUGREPORT "a suitable curl mailing list => http://curl.haxx.se/mail/"$(DL) >> $@
-	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
+ifeq ($(LIBARCH),CLIB)
-	@echo $(DL)#define HAVE_ARPA_NAMESER_H 1$(DL) >> $@
+	@echo $(DL)#define OS "i586-pc-clib-NetWare"$(DL) >> $@
-	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
+	@echo $(DL)#define MAXHOSTNAMELEN 256$(DL) >> $@
 	@echo $(DL)#define NETDB_USE_INTERNET 1$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG2 char *$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG2 char *$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
 	@echo $(DL)#define socklen_t int$(DL) >> $@
 	@echo $(DL)#define strncasecmp strnicmp$(DL) >> $@
 	@echo $(DL)#define strcasecmp stricmp$(DL) >> $@
 else
 	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
 	@echo $(DL)#define HAVE_DLFCN_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_DLOPEN 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FTRUNCATE 1$(DL) >> $@
 	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETTIMEOFDAY 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_PTON 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INTTYPES_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LIMITS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LONGLONG 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRTOLL 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG2 void *$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG3 size_t$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG2 void *$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG3 size_t$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
 	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
 endif
 	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_ARPA_NAMESER_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETHOSTBYNAME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETPROTOBYNAME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GMTIME_R 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LL 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LOCALTIME_R 1$(DL) >> $@
 	@echo $(DL)#define HAVE_MALLOC_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_NETINET_IN_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_RECV 1$(DL) >> $@
@@ -296,46 +364,26 @@ config.h: Makefile.netware
 	@echo $(DL)#define HAVE_SIGNAL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SIG_ATOMIC_T 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SOCKET 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STDLIB_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRDUP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRFTIME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRING_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRSTR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_IOCTL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_STAT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_TIME_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TIME_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_UNAME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_UNISTD_H 1$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME 1$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG2 char *$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME_H 1$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define RETSIGTYPE void$(DL) >> $@
 	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG2 char *$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define SIZEOF_CURL_OFF_T 4$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN_ADDR 4$(DL) >> $@
 	@echo $(DL)#define STDC_HEADERS 1$(DL) >> $@
 	@echo $(DL)#define TIME_WITH_SYS_TIME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN_ADDR 4$(DL) >> $@
 ifdef NW_WINSOCK
 	@echo $(DL)#define HAVE_CLOSESOCKET 1$(DL) >> $@
 else
--- a/ares/ares.h
+++ b/ares/ares.h
@@ -20,12 +20,15 @@
 #include <sys/types.h>
-#if defined(_AIX) || defined(NETWARE)
+#if defined(_AIX) || (defined(NETWARE) && defined(__NOVELL_LIBC__))
 /* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
   libc5-based Linux systems. Only include it on system that are known to
   require it! */
 #include <sys/select.h>
 #endif
 #if (defined(NETWARE) && !defined(__NOVELL_LIBC__))
 #include <sys/bsdskt.h>
 #endif
 #if defined(WATT32)
  #include <netinet/in.h>
--- a/ares/ares_free_hostent.3
+++ b/ares/ares_free_hostent.3
@@ -33,12 +33,13 @@ allocated by one of the functions \fIares_parse_a_reply(3)\fP,
 .SH NOTES
 It is not necessary (and is not correct) to free the host structure passed to
 the callback functions for \fIares_gethostbyname(3)\fP or
-\fIares_gethostbyaddr(3)\fP. The ares library will automatically free such
+\fIares_gethostbyaddr(3)\fP. c-ares will automatically free such host
-host structures when the callback returns.
+structures when the callback returns.
 .SH SEE ALSO
 .BR ares_parse_a_reply (3),
 .BR ares_parse_aaaa_reply (3),
-.BR ares_parse_ptr_reply (3)
+.BR ares_parse_ptr_reply (3),
 .BR ares_parse_ns_reply (3)
 .SH AUTHOR
 Greg Hudson, MIT Information Systems
 .br
--- a/ares/ares_getnameinfo.c
+++ b/ares/ares_getnameinfo.c
@@ -295,7 +295,11 @@ static char *lookup_service(unsigned short port, int flags,
 #endif
 #else
          /* Lets just hope the OS uses TLS! */
 #if (defined(NETWARE) && !defined(__NOVELL_LIBC__))
          sep = getservbyport(port, (char*)proto);
 #else
          sep = getservbyport(port, proto);
 #endif
 #endif
        }
      if (sep && sep->s_name)
--- a/ares/ares_init.c
+++ b/ares/ares_init.c
@@ -23,7 +23,10 @@
 #include <malloc.h>
 #else
 #ifdef HAVE_SYS_PARAM_H
 #include <sys/param.h>
 #endif
 #ifdef HAVE_SYS_TIME_H
 #include <sys/time.h>
 #endif
@@ -1319,7 +1322,8 @@ static void init_id_key(rc4_key* key,int key_data_len)
  randomize_key(key->state,key_data_len);
  state = &key->state[0];
  for(counter = 0; counter < 256; counter++)
-        state[counter] = counter;
+    /* unnecessary AND but it keeps some compilers happier */
    state[counter] = counter & 0xff;
  key->x = 0;
  key->y = 0;
  index1 = 0;
@@ -1338,7 +1342,7 @@ static void init_id_key(rc4_key* key,int key_data_len)
 short ares__generate_new_id(rc4_key* key)
 {
-  short r;
+  short r=0;
  ares__rc4(key, (unsigned char *)&r, sizeof(r));
  return r;
 }
--- a/ares/ares_process.c
+++ b/ares/ares_process.c
@@ -400,7 +400,8 @@ static void process_timeouts(ares_channel channel, time_t now)
 static void process_answer(ares_channel channel, unsigned char *abuf,
                           int alen, int whichserver, int tcp, time_t now)
 {
-  int id, tc, rcode;
+  int tc, rcode;
  unsigned short id;
  struct query *query;
  /* If there's no room in the answer for a header, we can't do much
--- a/ares/ares_query.c
+++ b/ares/ares_query.c
@@ -67,7 +67,7 @@ void ares__rc4(rc4_key* key, unsigned char *buffer_ptr, int buffer_len)
 static struct query* find_query_by_id(ares_channel channel, int id)
 {
-  int qid;
+  unsigned short qid;
  struct query* q;
  DNS_HEADER_SET_QID(((unsigned char*)&qid), id);
--- a/ares/configure.ac
+++ b/ares/configure.ac
@@ -337,6 +337,7 @@ AC_CHECK_HEADERS(
       sys/select.h \
       sys/socket.h \
       sys/ioctl.h \
       sys/param.h \
       netdb.h \
       netinet/in.h \
       net/if.h \
@@ -600,6 +601,7 @@ AC_CHECK_MEMBER(struct addrinfo.ai_flags,
 AC_CHECK_FUNCS( bitncmp \
                gettimeofday \
                if_indextoname,
 dnl if found
 [],
@@ -801,4 +803,4 @@ if test -n "$RANDOM_FILE" && test X"$RANDOM_FILE" != Xno ; then
        [a suitable file/device to read random data from])
 fi
-AC_OUTPUT(Makefile)
+AC_OUTPUT(Makefile libcares.pc)
--- a/ares/libcares.pc.in
+++ b/ares/libcares.pc.in
@@ -0,0 +1,20 @@
 #***************************************************************************
 # Project        ___       __ _ _ __ ___  ___ 
 #               / __|____ / _` | '__/ _ \/ __|
 #              | (_|_____| (_| | | |  __/\__ \
 #               \___|     \__,_|_|  \___||___/
 # $id: $
 #
 prefix=@prefix@
 exec_prefix=@exec_prefix@
 libdir=@libdir@
 includedir=@includedir@
 Name: c-ares
 URL: http://daniel.haxx.se/projects/c-ares/
 Description: asyncronous DNS lookup library
 Version: @VERSION@
 Requires: 
 Requires.private: 
 Cflags: -I${includedir}
 Libs: -L${libdir} -lcares
--- a/ares/nameser.h
+++ b/ares/nameser.h
@@ -32,7 +32,9 @@ struct iovec
 int ares_writev (SOCKET s, const struct iovec *vector, size_t count);
 #define writev(s,vect,count)  ares_writev(s,vect,count)
 #ifndef HAVE_GETTIMEOFDAY
 struct timezone { int dummy; };
 #endif
 int ares_gettimeofday(struct timeval *tv, struct timezone *tz);
 #define gettimeofday(tv,tz) ares_gettimeofday(tv,tz)
--- a/configure.ac
+++ b/configure.ac
@@ -89,6 +89,8 @@ dnl initialize all the info variables
 curl_manual_msg="no      (--enable-manual)"
 curl_verbose_msg="enabled (--disable-verbose)"
   curl_sspi_msg="no      (--enable-sspi)"
   curl_ldap_msg="no      (--enable-ldap / --with-ldap-lib / --with-lber-lib)"
  curl_ldaps_msg="no      (--enable-ldaps)"
 dnl
 dnl Save anything in $LIBS for later
@@ -284,6 +286,32 @@ AC_HELP_STRING([--disable-ldap],[Disable LDAP support]),
  esac ],
       AC_MSG_RESULT(yes)
 )
 AC_MSG_CHECKING([whether to support ldaps])
 AC_ARG_ENABLE(ldaps,
 AC_HELP_STRING([--enable-ldaps],[Enable LDAPS support])
 AC_HELP_STRING([--disable-ldaps],[Disable LDAPS support]),
 [ case "$enableval" in
  no)
       AC_MSG_RESULT(no)
       AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
       AC_SUBST(CURL_DISABLE_LDAPS, [1])
       ;;
  *)   if test x$CURL_DISABLE_LDAP = x1 ; then
               AC_MSG_RESULT(LDAP support needs to be enabled in order to enable LDAPS support!)
               AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
               AC_SUBST(CURL_DISABLE_LDAPS, [1])
       else
               AC_MSG_RESULT(yes)
               AC_DEFINE(HAVE_LDAP_SSL, 1, [Use LDAPS implementation])
               curl_ldaps_msg="enabled"
       fi
       ;;
  esac ],
       AC_MSG_RESULT(no)
       AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
       AC_SUBST(CURL_DISABLE_LDAPS, [1])
 )
 AC_MSG_CHECKING([whether to support dict])
 AC_ARG_ENABLE(dict,
 AC_HELP_STRING([--enable-dict],[Enable DICT support])
@@ -500,55 +528,79 @@ AC_HELP_STRING([--enable-libgcc],[use libgcc when linking]),
       AC_MSG_RESULT(no)
 )
 dnl dl lib?
 AC_CHECK_FUNC(dlclose, , [ AC_CHECK_LIB(dl, dlopen) ])
 dnl **********************************************************************
-dnl Check for the name of dynamic OpenLDAP libraries
+dnl Check for LDAP
 dnl **********************************************************************
 LDAPLIBNAME=""
 AC_ARG_WITH(ldap-lib,
-AC_HELP_STRING([--with-ldap-lib=libname],[Specify name of dynamic ldap lib file]),
+AC_HELP_STRING([--with-ldap-lib=libname],[Specify name of ldap lib file]),
 [LDAPLIBNAME="$withval"])
 LBERLIBNAME=""
 AC_ARG_WITH(lber-lib,
-AC_HELP_STRING([--with-lber-lib=libname],[Specify name of dynamic lber lib file]),
+AC_HELP_STRING([--with-lber-lib=libname],[Specify name of lber lib file]),
 [LBERLIBNAME="$withval"])
 if test x$CURL_DISABLE_LDAP != x1 ; then
  if test -z "$LDAPLIBNAME" ; then
    case $host in
-      *-*-cygwin | *-*-mingw* | *-*-pw32*)
+      *-*-cygwin* | *-*-mingw* | *-*-pw32*)
        dnl Windows uses a single and unique OpenLDAP DLL name
-        LDAPLIBNAME="wldap32.dll"
+        LDAPLIBNAME="wldap32"
        LBERLIBNAME="no"
        ;;
    esac
  fi
  if test "$LDAPLIBNAME" ; then
-    AC_DEFINE_UNQUOTED(DL_LDAP_FILE, "$LDAPLIBNAME")
+    AC_CHECK_LIB("$LDAPLIBNAME", ldap_init,, [
-    AC_MSG_CHECKING([name of dynamic library ldap])
+      AC_MSG_WARN(["$LDAPLIBNAME" is not an LDAP library: LDAP disabled])
-    AC_MSG_RESULT($LDAPLIBNAME)
+      AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
      AC_SUBST(CURL_DISABLE_LDAP, [1])])
  else
    dnl Try to find the right ldap library name for this system
-    CURL_DLLIB_NAME(DL_LDAP_FILE, ldap)
+    AC_SEARCH_LIBS(ldap_init, [ldap],, [
      AC_MSG_WARN([Cannot find LDAP library: LDAP disabled])
      AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
      AC_SUBST(CURL_DISABLE_LDAP, [1])])
  fi
 fi
 if test x$CURL_DISABLE_LDAP != x1 ; then
  if test "$LBERLIBNAME" ; then
-    dnl If name is "no" then don't define this variable at all
+    dnl If name is "no" then don't define this library at all
    dnl (it's only needed if libldap.so's dependencies are broken).
    if test "$LBERLIBNAME" != "no" ; then
-      AC_DEFINE_UNQUOTED(DL_LBER_FILE, "$LBERLIBNAME")
+      AC_CHECK_LIB("$LBERLIBNAME", ber_free,, [
        AC_MSG_WARN(["$LBERLIBNAME" is not an LBER library: LDAP disabled])
        AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
        AC_SUBST(CURL_DISABLE_LDAP, [1])])
    fi
    AC_MSG_CHECKING([name of dynamic library lber])
    AC_MSG_RESULT($LBERLIBNAME)
  else
    dnl Try to find the right lber library name for this system
-    CURL_DLLIB_NAME(DL_LBER_FILE, lber)
+    AC_SEARCH_LIBS(ber_free, [lber],, [
      AC_MSG_WARN([Cannot find a library defining ber_free(): LDAP disabled])
      AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
      AC_SUBST(CURL_DISABLE_LDAP, [1])])
  fi
 fi
 if test x$CURL_DISABLE_LDAP != x1 ; then
  AC_CHECK_FUNCS([ldap_url_parse])
  if test "$LDAPLIBNAME" = "wldap32"; then
    curl_ldap_msg="enabled (winldap)"
    AC_DEFINE(CURL_LDAP_WIN, 1, [Use W$ LDAP implementation])
    case $host in
      *-*-cygwin* | *-*-pw32*)
        AC_DEFINE(CURL_LDAP_HYBRID, 1, [W$ LDAP with non-W$ compiler])
        ;;
    esac
  else
    curl_ldap_msg="enabled (OpenLDAP)"
  fi
 fi
@@ -650,26 +702,26 @@ AC_MSG_CHECKING([if argv can be written to])
 AC_CACHE_VAL(curl_cv_writable_argv, [
 AC_RUN_IFELSE([[
 int main(int argc, char ** argv) {
-	argv[0][0] = ' ';
+        argv[0][0] = ' ';
-	return (argv[0][0] == ' ')?0:1;
+        return (argv[0][0] == ' ')?0:1;
 }
-	]],
+        ]],
-	curl_cv_writable_argv=yes,
+        curl_cv_writable_argv=yes,
-	curl_cv_writable_argv=no,
+        curl_cv_writable_argv=no,
-	curl_cv_writable_argv=cross)
+        curl_cv_writable_argv=cross)
 ])
 case $curl_cv_writable_argv in
 yes)
-	AC_DEFINE(HAVE_WRITABLE_ARGV, 1, [Define this symbol if your OS supports changing the contents of argv])
+        AC_DEFINE(HAVE_WRITABLE_ARGV, 1, [Define this symbol if your OS supports changing the contents of argv])
-	AC_MSG_RESULT(yes)
+        AC_MSG_RESULT(yes)
-	;;
+        ;;
 no)
-	AC_MSG_RESULT(no)
+        AC_MSG_RESULT(no)
-	;;
+        ;;
 *)
        AC_MSG_RESULT(no)
        AC_MSG_WARN([the previous check could not be made default was used])
-	;;
+        ;;
 esac
 dnl **********************************************************************
@@ -815,7 +867,7 @@ AC_ARG_WITH(gssapi-includes,
 AC_ARG_WITH(gssapi-libs,
  AC_HELP_STRING([--with-gssapi-libs=DIR],
-  		 [Specify location of GSSAPI libs]),
+                 [Specify location of GSSAPI libs]),
  [ GSSAPI_LIB_DIR="-L$withval"
    want_gss="yes" ]
 )
@@ -887,7 +939,7 @@ if test x"$want_gss" = xyes; then
  elif test -z "$GSSAPI_LIB_DIR"; then
     if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
        gss_ldflags=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
-	LDFLAGS="$LDFLAGS $gss_ldflags"
+        LDFLAGS="$LDFLAGS $gss_ldflags"
     elif test "$GSSAPI_ROOT" != "yes"; then
        LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff -lgssapi"
     else
@@ -965,7 +1017,7 @@ if test X"$OPT_SSL" != Xno; then
        SSL_LDFLAGS=`$PKGCONFIG --libs-only-L openssl 2>/dev/null`
        SSL_CPPFLAGS=`$PKGCONFIG --cflags-only-I openssl 2>/dev/null`
-	LIB_OPENSSL=`echo $SSL_LDFLAGS | sed -e 's/-L//g'`
+        LIB_OPENSSL=`echo $SSL_LDFLAGS | sed -e 's/-L//g'`
        dnl use the values pkg-config reported
        LIBS="$LIBS $SSL_LIBS"
@@ -1703,6 +1755,7 @@ AC_CHECK_HEADERS(
        assert.h \
        unistd.h \
        stdlib.h \
        ldap_ssl.h \
        limits.h \
        arpa/inet.h \
        net/if.h \
@@ -1716,7 +1769,6 @@ AC_CHECK_HEADERS(
        termio.h \
        sgtty.h \
        fcntl.h \
        dlfcn.h \
        alloca.h \
        time.h \
        io.h \
@@ -1858,7 +1910,6 @@ AC_CHECK_FUNCS( strtoll \
                strlcat \
                getpwuid \
                geteuid \
                dlopen \
                utime \
                sigsetjmp \
                basename \
@@ -2255,25 +2306,25 @@ AC_HELP_STRING([--disable-hidden-symbols],[Leave all symbols with default visibi
       AC_MSG_CHECKING([whether $CC supports it])
       if test "$GCC" = yes ; then
         if $CC --help --verbose 2>&1 | grep fvisibility= > /dev/null ; then
-	   AC_MSG_RESULT(yes)
+           AC_MSG_RESULT(yes)
-	   AC_DEFINE(CURL_HIDDEN_SYMBOLS, 1, [to enable hidden symbols])
+           AC_DEFINE(CURL_HIDDEN_SYMBOLS, 1, [to enable hidden symbols])
-	   AC_SUBST(CURL_HIDDEN_SYMBOLS)
+           AC_SUBST(CURL_HIDDEN_SYMBOLS)
-	   AC_DEFINE(CURL_EXTERN_SYMBOL, [__attribute__ ((visibility ("default")))], [to make a symbol visible])
+           AC_DEFINE(CURL_EXTERN_SYMBOL, [__attribute__ ((visibility ("default")))], [to make a symbol visible])
-	   AC_SUBST(CURL_EXTERN_SYMBOL)
+           AC_SUBST(CURL_EXTERN_SYMBOL)
-	   CFLAGS="$CFLAGS -fvisibility=hidden"
+           CFLAGS="$CFLAGS -fvisibility=hidden"
         else
            AC_MSG_RESULT(no)
          fi
       else
-       	 dnl Test for SunPro cc
+         dnl Test for SunPro cc
-       	 if $CC 2>&1 | grep flags >/dev/null && $CC -flags | grep xldscope= >/dev/null ; then
+         if $CC 2>&1 | grep flags >/dev/null && $CC -flags | grep xldscope= >/dev/null ; then
           AC_MSG_RESULT(yes)
-	   AC_DEFINE(CURL_HIDDEN_SYMBOLS, 1, [to enable hidden symbols])
+           AC_DEFINE(CURL_HIDDEN_SYMBOLS, 1, [to enable hidden symbols])
-	   AC_SUBST(CURL_HIDDEN_SYMBOLS)
+           AC_SUBST(CURL_HIDDEN_SYMBOLS)
-	   AC_DEFINE(CURL_EXTERN_SYMBOL, [__global], [to make a symbol visible])
+           AC_DEFINE(CURL_EXTERN_SYMBOL, [__global], [to make a symbol visible])
-	   AC_SUBST(CURL_EXTERN_SYMBOL)
+           AC_SUBST(CURL_EXTERN_SYMBOL)
-	   CFLAGS="$CFLAGS -xldscope=hidden"
+           CFLAGS="$CFLAGS -xldscope=hidden"
         else
           AC_MSG_RESULT(no)
         fi
@@ -2312,24 +2363,24 @@ LIBS=$ALL_LIBS  dnl LIBS is a magic variable that's used for every link
 AM_CONDITIONAL(CROSSCOMPILING, test x$cross_compiling = xyes)
 AC_CONFIG_FILES([Makefile \
-	   docs/Makefile \
+           docs/Makefile \
           docs/examples/Makefile \
           docs/libcurl/Makefile \
-	   include/Makefile \
+           include/Makefile \
-	   include/curl/Makefile \
+           include/curl/Makefile \
-	   src/Makefile \
+           src/Makefile \
           lib/Makefile \
           tests/Makefile \
           tests/data/Makefile \
           tests/server/Makefile \
           tests/libtest/Makefile \
-	   packages/Makefile \
+           packages/Makefile \
-	   packages/Win32/Makefile \
+           packages/Win32/Makefile \
-	   packages/Win32/cygwin/Makefile \
+           packages/Win32/cygwin/Makefile \
-	   packages/Linux/Makefile \
+           packages/Linux/Makefile \
-	   packages/Linux/RPM/Makefile \
+           packages/Linux/RPM/Makefile \
-	   packages/Linux/RPM/curl.spec \
+           packages/Linux/RPM/curl.spec \
-	   packages/Linux/RPM/curl-ssl.spec \
+           packages/Linux/RPM/curl-ssl.spec \
           packages/Solaris/Makefile \
           packages/DOS/Makefile \
           packages/EPM/curl.list \
@@ -2363,4 +2414,6 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
  Verbose errors:  ${curl_verbose_msg}
  SSPI support:    ${curl_sspi_msg}
  ca cert path:    ${ca}
  LDAP support:    ${curl_ldap_msg}
  LDAPS support:   ${curl_ldaps_msg}
 ])
--- a/docs/BINDINGS
+++ b/docs/BINDINGS
@@ -160,6 +160,10 @@ Smalltalk
  Smalltalk binding written by Danil Osipchuk
  http://www.squeaksource.com/CurlPlugin/
 SP-Forth
  SP-Forth binding by ygrek
  http://www.forth.org.ru/~ac/lib/lin/curl/
 SPL
  SPL binding written by Clifford Wolf
--- a/docs/BUGS
+++ b/docs/BUGS
@@ -8,7 +8,7 @@ $Id$
 BUGS
  Curl and libcurl have grown substantially since the beginning. At the time
-  of writing (August 2003), there are about 40000 lines of source code, and by
+  of writing (July 2007), there are about 47000 lines of source code, and by
  the time you read this it has probably grown even more.
  Of course there are lots of bugs left. And lots of misfeatures.
@@ -39,6 +39,7 @@ WHAT TO REPORT
   - your operating system's name and version number (uname -a under a unix
     is fine)
   - what version of curl you're using (curl -V is fine)
   - versions of the used libraries that libcurl is built to use
   - what URL you were working with (if possible), at least which protocol
  and anything and everything else you think matters. Tell us what you
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -1,4 +1,4 @@
-Updated: February 11, 2007 (http://curl.haxx.se/docs/faq.html)
+Updated: July 30, 2007 (http://curl.haxx.se/docs/faq.html)
                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
@@ -68,6 +68,7 @@ FAQ
  4.12 Why do I get "certificate verify failed" ?
  4.13 Why is curl -R on Windows one hour off?
  4.14 Redirects work in browser but not with curl!
  4.15 FTPS doesn't work
 5. libcurl Issues
  5.1 Is libcurl thread-safe?
@@ -289,13 +290,13 @@ FAQ
  Some facts to use as input to the math:
-  curl packages are downloaded from the curl.haxx.se and mirrors almost one
+  curl packages are downloaded from the curl.haxx.se and mirrors over a
  million times per year. curl is installed by default with most Linux
  distributions. curl is installed by default with Mac OS X. curl and libcurl
  as used by numerous applications that include libcurl binaries in their
  distribution packages (like Adobe Acrobat Reader and Google Earth).
-  More than 60 known named companies use curl in commercial environments and
+  More than 70 known named companies use curl in commercial environments and
  products. More than 100 known named open source projects depend on
  (lib)curl.
@@ -374,7 +375,7 @@ FAQ
  2.4 Does curl support Socks (RFC 1928) ?
-  Yes, SOCKS5 is supported.
+  Yes, SOCKS 4 and 5 are supported.
 3. Usage problems
@@ -446,6 +447,10 @@ FAQ
     curl -O ftp://download.com/coolfile -Q '-DELE coolfile'
  or rename a file after upload:
     curl -T infile ftp://upload.com/dir/ -Q "-RNFR infile" -Q "-RNTO newname"
  3.8 How do I tell curl to follow HTTP redirects?
  Curl does not follow so-called redirects by default. The Location: header
@@ -824,6 +829,20 @@ FAQ
  manually figure out what the page is set to do, or you write a script that
  parses the results and fetches the new URL.
  4.15 FTPS doesn't work
  curl supports FTPS (sometimes known as FTP-SSL) both implicit and explicit
  mode.
  When a URL is used that starts with FTPS://, curl assumes implicit SSL on
  the control connection and will therefore immediately connect and try to
  speak SSL. FTPS:// connections default to port 990.
  To use explicit FTPS, you use a FTP:// URL and the --ftp-ssl option (or one
  of its related flavours). This is the most common method, and the one
  mandated by RFC4217. This kind of connection then of course uses the
  standard FTP port 21 by default.
 5. libcurl Issues
@@ -1099,14 +1118,14 @@ FAQ
  In the cURL project we call this module PHP/CURL to differentiate it from
  curl the command line tool and libcurl the library. The PHP team however
  does not refer to it like this (for unknown reasons). They call it plain
-  CURL (often using all caps) which causes much confusion to users which in
+  CURL (often using all caps) or sometimes ext/curl, but both cause much
-  turn gives us a higher question load.
+  confusion to users which in turn gives us a higher question load.
  7.2 Who write PHP/CURL?
  PHP/CURL is a module that comes with the regular PHP package. It depends and
  uses libcurl, so you need to have libcurl installed properly first before
-  PHP/CURL can be used. PHP/CURL is written by Sterling Hughes.
+  PHP/CURL can be used. PHP/CURL was initially written by Sterling Hughes.
  7.3 Can I perform multiple requests using the same handle?
--- a/docs/FEATURES
+++ b/docs/FEATURES
@@ -73,7 +73,7 @@ HTTPS (*1)
 FTP
 - download
 - authentication
- - kerberos4 (*5)
+ - kerberos4 (*5), kerberos5 (*3)
 - active/passive using PORT, EPRT, PASV or EPSV
 - single file size information (compare to HTTP HEAD)
 - 'type=' URL support
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -85,15 +85,6 @@ UNIX
        LDFLAGS=-R/usr/local/ssl/lib ./configure --with-ssl
   Another option to the previous trick, is to set LD_LIBRARY_PATH or edit the
   /etc/ld.so.conf file.
   If your SSL library was compiled with rsaref (this was common in the past
   when used in the United States), you may also need to set:
     LIBS=-lRSAglue -lrsaref
     (as suggested by Doug Kaufman)
   MORE OPTIONS
     To force configure to use the standard cc compiler if both cc and gcc are
@@ -143,6 +134,12 @@ UNIX
     To build with NSS support instead of OpenSSL for SSL/TLS, note that
     you need to use both --without-ssl and --with-nss.
     To get GSSAPI support, build with --with-gssapi and have the MIT or
     Heimdal Kerberos 5 packages installed.
     To get support for SCP and SFTP, build with --with-libssh2 and have
     libssh2 0.16 or later installed.
 Win32
 =====
@@ -173,9 +170,17 @@ Win32
   MingW32
   -------
-   Run the 'mingw32.bat' file to get the proper environment variables set,
+   Make sure that MinGW32's bin dir is in the search path, for example:
-   then run 'make mingw32' in the root dir. Use 'make mingw32-ssl' to build
+
-   curl SSL enabled.
+     set PATH=c:\mingw32\bin;%PATH%
   then run 'mingw32-make mingw32' in the root dir. There are other
   make targets available to build libcurl with more features, use:
   'mingw32-make mingw32-zlib' to build with Zlib support;
   'mingw32-make mingw32-ssl-zlib' to build with SSL and Zlib enabled;
   'mingw32-make mingw32-ssh2-ssl-zlib' to build with SSH2, SSL, Zlib;
   'mingw32-make mingw32-ssh2-ssl-sspi-zlib' to build with SSH2, SSL, Zlib
   and SSPI support.
   If you have any problems linking libraries or finding header files, be sure
   to verify that the provided "Makefile.m32" files use the proper paths, and
@@ -183,19 +188,38 @@ Win32
   environment variables, for example:
     set ZLIB_PATH=c:\zlib-1.2.3
-     set OPENSSL_PATH=c:\openssl-0.9.8d
+     set OPENSSL_PATH=c:\openssl-0.9.8e
-     set LIBSSH2_PATH=c:\libssh2-0.15
+     set LIBSSH2_PATH=c:\libssh2-0.17
   ATTENTION: if you want to build with libssh2 support you have to use latest
-   sources fetched from CVS - the current 0.14 release will NOT work!
+   version 0.17 - previous versions will NOT work with 7.17.0 and later!
-   Use 'make mingw32-ssh2-ssl' to build curl with SSH2 and SSL enabled.
+   Use 'mingw32-make mingw32-ssh2-ssl-zlib' to build with SSH2 and SSL enabled.
   It is now also possible to build with other LDAP SDKs than MS LDAP;
   currently it is possible to build with native Win32 OpenLDAP, or with the
   Novell CLDAP SDK. If you want to use these you need to set these vars:
     set LDAP_SDK=c:\openldap
     set USE_LDAP_OPENLDAP=1
   or for using the Novell SDK:
     set USE_LDAP_NOVELL=1
   If you want to enable LDAPS support then set LDAPS=1.
   - optional MingW32-built OpenlDAP SDK available from:
     http://www.gknw.net/mirror/openldap/
   - optional recent Novell CLDAP SDK available from:
     http://developer.novell.com/ndk/cldap.htm
   Cygwin
   ------
   Almost identical to the unix installation. Run the configure script in the
   curl root with 'sh configure'. Make sure you have the sh executable in
-   /bin/ or you'll see the configure fail towards the end.
+   /bin/ or you'll see the configure fail toward the end.
   Run 'make'
@@ -233,7 +257,7 @@ Win32
   Before running nmake define the OPENSSL_PATH environment variable with
   the root/base directory of OpenSSL, for example:
-     set OPENSSL_PATH=c:\openssl-0.9.8d
+     set OPENSSL_PATH=c:\openssl-0.9.8e
   Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root
   directory.  'nmake vc-ssl' will create a libcurl static and dynamic
@@ -307,6 +331,7 @@ Win32
   CURL_DISABLE_TELNET   disables TELNET
   CURL_DISABLE_DICT     disables DICT
   CURL_DISABLE_FILE     disables FILE
   CURL_DISABLE_TFTP     disables TFTP
   If you want to set any of these defines you have the following
   possibilities:
@@ -399,7 +424,7 @@ VMS
   Facility - basically the program ID. A code assigned to the program
   the name can be fetched from external or internal message libraries
-   Errorcode - the errodes assigned by the application
+   Error code - the err codes assigned by the application
   Sev. - severity: Even = error, off = non error
      0 = Warning
      1 = Success
@@ -409,7 +434,7 @@ VMS
      <5-7> reserved.
   This all presents itself with:
-   %<FACILITY>-<SeV>-<Errorname>, <Error message>
+   %<FACILITY>-<Sev>-<Errorname>, <Error message>
   See also the src/curlmsg.msg file, it has the source for the messages In
   src/main.c a section is devoted to message status values, the globalvalues
@@ -484,18 +509,33 @@ NetWare
     http://www.gknw.net/development/prgtools/
   - recent Novell LibC SDK available from:
     http://developer.novell.com/ndk/libc.htm
-   - optional zlib sources (at the moment only dynamic linking with zlib.imp);
+   - or recent Novell CLib SDK available from:
     http://developer.novell.com/ndk/clib.htm
   - optional recent Novell CLDAP SDK available from:
     http://developer.novell.com/ndk/cldap.htm
   - optional zlib sources (static or dynamic linking with zlib.imp);
     sources with NetWare Makefile can be obtained from:
     http://www.gknw.net/mirror/zlib/
-   - optional OpenSSL sources (version 0.9.8 or later which builds with BSD);
+   - optional OpenSSL sources (version 0.9.8 or later build with BSD sockets);
     you can find precompiled packages at:
     http://www.gknw.net/development/ossl/netware/
     for CLIB-based builds OpenSSL needs to be patched to build with BSD
     sockets (currently only a winsock-based CLIB build is supported):
     http://www.gknw.net/development/ossl/netware/patches/v_0.9.8e/openssl-0.9.8e.diff
   - optional SSH2 sources (version 0.17 or later);
   Set a search path to your compiler, linker and tools; on Linux make
-   sure that the var OSTYPE contains the string 'linux'; and then type
+   sure that the var OSTYPE contains the string 'linux'; set the var
-   'make netware' from the top source directory; other tagets available
+   NDKBASE to point to the base of your Novell NDK; and then type
   'make netware' from the top source directory; other targets available
   are 'netware-ssl', 'netware-ssl-zlib', 'netware-zlib' and 'netware-ares';
   if you need other combinations you can control the build with the
-   environment variables WITH_SSL, WITH_ZLIB, WITH_ARES and ENABLE_IPV6.
+   environment variables WITH_SSL, WITH_ZLIB, WITH_ARES, WITH_SSH2, and
-   I found on some Linux systems (RH9) that OS detection didnt work although
+   ENABLE_IPV6; you can set LINK_STATIC=1 to link curl.nlm statically.
   By default LDAP support is enabled, however currently you will need a patch
   in order to use the CLDAP NDK with BSD sockets (Novell Bug 300237):
   http://www.gknw.net/test/curl/cldap_ndk/ldap_ndk.diff
   I found on some Linux systems (RH9) that OS detection didn't work although
   a 'set | grep OSTYPE' shows the var present and set; I simply overwrote it
   with 'OSTYPE=linux-rh9-gnu' and the detection in the Makefile worked...
   Any help in testing appreciated!
@@ -578,29 +618,40 @@ eCos
 Minix
 =====
   curl can be compiled on Minix 3 using gcc or ACK (starting with
-   ver. 3.1.3).  The gcc and bash packages must be installed first.
+   ver. 3.1.3).  The default heap size allocated to several required
-   The default heap size allocated to bash is inadequate for running
+   programs is inadequate for configuring and compiling curl and will
-   configure and will result in out of memory errors.  Increase it with
+   result in strange errors unless fixed (which only needs to be done
-   the command:
+   once).
-     chmem =2048000 /usr/local/bin/bash
+   ACK
-
+   ---
-   Make sure gcc and bash are in the PATH with the command:
+   Increase heap sizes with the commands:
     export PATH=/usr/gnu/bin:$PATH
   then configure curl with a command like this:
     ./configure CC=gcc GREP=grep AR=/usr/gnu/bin/gar --disable-ldap
   Then simply run 'make'.
   To compile with the ACK C compiler:
     chmem =1024000 /usr/lib/em_cemcom.ansi
     chmem =512000 /usr/lib/i386/as
-     ./configure CC=cc LD=cc GREP=grep CPPFLAGS=-D_POSIX_SOURCE=1 \
+
-                 --disable-ldap
+   If you have bash installed:
     chmem =2048000 /usr/local/bin/bash
   Configure and compile with:
     ./configure CC=cc LD=cc GREP=grep CPPFLAGS=-D_POSIX_SOURCE=1
     make
   GCC
   ---
   If you have bash installed:
     chmem =2048000 /usr/local/bin/bash
   Make sure gcc is in your PATH with the command:
     export PATH=/usr/gnu/bin:$PATH
   then configure and compile curl with:
     ./configure CC=gcc GREP=grep AR=/usr/gnu/bin/gar
     make
@@ -716,6 +767,7 @@ PORTS
        - HP3000 MPE/iX
        - MIPS IRIX 6.2, 6.5
        - MIPS Linux
        - OS/400
        - Pocket PC/Win CE 3.0
        - Power AIX 3.2.5, 4.2, 4.3.1, 4.3.2, 5.1, 5.2
        - PowerPC Darwin 1.0
@@ -730,6 +782,7 @@ PORTS
        - StrongARM (and other ARM) RISC OS 3.1, 4.02
        - StrongARM/ARM7/ARM9 Linux 2.4, 2.6
        - StrongARM NetBSD 1.4.1
        - TPF
        - Ultrix 4.3a
        - UNICOS 9.0
        - i386 BeOS
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,6 +3,20 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!
 47. If a CONNECT response is larger than BUFSIZE when the connection is meant
  to be kept alive, the function will return prematurely and will confuse the
  rest of the HTTP protocol code.
 46. If a CONNECT response is chunked-encoded, the function may return
  prematurely and will confuse the rest of the HTTP protocol code.
 45. libcurl built to support ipv6 uses getaddrinfo() to resolve host names.
  getaddrinfo() sorts the response list which effectively kills how libcurl
  deals with round-robin DNS entries. All details:
    http://curl.haxx.se/mail/lib-2007-07/0168.html
  initial suggested function to use for randomizing the response:
    http://curl.haxx.se/mail/lib-2007-07/0178.html
 44. --ftp-method nocwd does not handle URLs ending with a slash properly (it
  should list the contents of that directory). See test case 351.
@@ -56,7 +70,7 @@ may have been fixed since this was written!
  IPv6 numerical addresses in URLs.
 29. IPv6 URLs with zone ID is not supported.
-  http://www.ietf.org/internet-drafts/draft-fenner-literal-zone-02.txt
+  http://www.ietf.org/internet-drafts/draft-fenner-literal-zone-02.txt (expired)
  specifies the use of a plus sign instead of a percent when specifying zone
  IDs in URLs to get around the problem of percent signs being
  special. According to the reporter, Firefox deals with the URL _with_ a
@@ -71,7 +85,6 @@ may have been fixed since this was written!
 23. SOCKS-related problems:
  A) libcurl doesn't support SOCKS for IPv6.
  B) libcurl doesn't support FTPS over a SOCKS proxy.
  C) We don't have any test cases for SOCKS proxy.
  E) libcurl doesn't support active FTP over a SOCKS proxy
  We probably have even more bugs and lack of features when a SOCKS proxy is
--- a/docs/MANUAL
+++ b/docs/MANUAL
@@ -809,18 +809,19 @@ CUSTOM OUTPUT
        curl -w 'We downloaded %{size_download} bytes\n' www.download.com
-KERBEROS4 FTP TRANSFER
+KERBEROS FTP TRANSFER
-  Curl supports kerberos4 for FTP transfers. You need the kerberos package
+  Curl supports kerberos4 and kerberos5/GSSAPI for FTP transfers. You need
-  installed and used at curl build time for it to be used.
+  the kerberos package installed and used at curl build time for it to be
  used.
-  First, get the krb-ticket the normal way, like with the kauth tool. Then use
+  First, get the krb-ticket the normal way, like with the kinit/kauth tool.
-  curl in way similar to:
+  Then use curl in way similar to:
-        curl --krb4 private ftp://krb4site.com -u username:fakepwd
+        curl --krb private ftp://krb4site.com -u username:fakepwd
  There's no use for a password on the -u switch, but a blank one will make
-  curl ask for one and you already entered the real password to kauth.
+  curl ask for one and you already entered the real password to kinit/kauth.
 TELNET
--- a/docs/README.win32
+++ b/docs/README.win32
@@ -20,3 +20,7 @@ README.win32
  command line similar to this in order to extract a separate text file:
        curl -M >manual.txt
  Read the INSTALL file for instructions how to compile curl self.
--- a/docs/THANKS
+++ b/docs/THANKS
@@ -5,6 +5,7 @@
 If you have contributed but are missing here, please let us know!
 Adam D. Moss
 Adam Piggott
 Adrian Schuur
 Alan Pinstein
 Albert Chin-A-Young
@@ -21,7 +22,9 @@ Alexander Zhuravlev
 Alexey Simak
 Alexis Carvalho
 Amol Pattekar
 Anders Gustafsson
 Andi Jahja
 Andre Guibert de Bruet
 Andreas Damm
 Andreas Ntaflos
 Andreas Olsson
@@ -93,6 +96,7 @@ Dan Fandrich
 Dan Nelson
 Dan Torop
 Dan Zitter
 Daniel Black
 Daniel Johnson
 Daniel Stenberg
 Daniel at touchtunes
@@ -101,6 +105,7 @@ Dave Dribin
 Dave Halbakken
 Dave Hamilton
 Dave May
 Dave Vasilevsky
 David Byron
 David Cohen
 David Eriksson
@@ -163,20 +168,24 @@ Eygene Ryabinkin
 Fabrizio Ammollo
 Fedor Karpelevitch
 Felix von Leitner
 Feng Tu
 Florian Schoppmann
 Forrest Cahoon
 Frank Hempel
 Frank Keeney
 Frank Ticheler
 Fred New
 Fred Noz
 Frederic Lepied
 Gautam Mani
 Gavrie Philipson
 Gaz Iqbal
 Georg Horn
 Georg Huettenegger
 Georg Wicherski
 Gerd v. Egidy
 Gerhard Herre
 Gerrit Bruchh<68>user
 Giaslas Georgios
 Gilad
 Gilbert Ramirez Jr.
@@ -230,6 +239,7 @@ Jan Kunder
 Jared Lundell
 Jari Sundell
 Jason S. Priebe
 Jay Austin
 Jaz Fresh
 Jean Jacques Drouin
 Jean-Claude Chauve
@@ -278,6 +288,7 @@ Kang-Jin Lee
 Karl Moerder
 Karol Pietrzak
 Katie Wang
 Kees Cook
 Keith MacDonald
 Keith McGuigan
 Ken Hirsch
@@ -292,6 +303,7 @@ Kjetil Jacobsen
 Klevtsov Vadim
 Kris Kennaway
 Krishnendu Majumdar
 Kristian Gunstone
 Kristian K<>hntopp
 Kyle Sallee
 Lachlan O'Dea
@@ -405,6 +417,7 @@ Pete Su
 Peter Bray
 Peter Forret
 Peter Heuchert
 Peter O'Gorman
 Peter Pentchev
 Peter Silva
 Peter Su
@@ -434,6 +447,7 @@ Rene Bernhardt
 Rene Rebe
 Ricardo Cadime
 Rich Gray
 Rich Rauenzahn
 Richard Archer
 Richard Atterer
 Richard Bramante
@@ -484,6 +498,8 @@ Siddhartha Prakash Jain
 Simon Dick
 Simon Josefsson
 Simon Liu
 Song Ma
 Sonia Subramanian
 Spiridonoff A.V
 Stadler Stephan
 Stefan Esser
@@ -495,6 +511,7 @@ Stephen More
 Sterling Hughes
 Steve Green
 Steve Lhomme
 Steve Little
 Steve Marx
 Steve Oliphant
 Steven Bazyl
@@ -505,6 +522,7 @@ S
 T. Bharath
 T. Yamada
 Temprimus
 Thomas J. Moore
 Thomas Klausner
 Thomas Schwinge
 Thomas Tonino
@@ -512,6 +530,7 @@ Tim Baker
 Tim Bartley
 Tim Costello
 Tim Sneddon
 Tobias Rundstr<74>m
 Toby Peterson
 Todd Kulesza
 Todd Vierling
@@ -519,6 +538,7 @@ Tom Benoist
 Tom Lee
 Tom Mattison
 Tom Moers
 Tom Regner
 Tom Zerucha
 Tomas Pospisek
 Tomas Szepe
--- a/docs/TODO
+++ b/docs/TODO
@@ -52,6 +52,10 @@ TODO
   that would risk collide with other apps that use libcurl and that runs
   configure).
   Work on this has been started but hasn't been finished, and the initial
   patch and some details are found here:
   http://curl.haxx.se/mail/lib-2006-12/0084.html
 LIBCURL - multi interface
 * Make sure we don't ever loop because of non-blocking sockets return
@@ -72,19 +76,35 @@ TODO
   internally use and assume the multi interface. The select()-loop should use
   curl_multi_socket().
 * curl_multi_handle_control() - this can control the easy handle (while)
   added to a multi handle in various ways:
   o RESTART, unconditionally restart this easy handle's transfer from the
     start, re-init the state
   o RESTART_COMPLETED, restart this easy handle's transfer but only if the
     existing transfer has already completed and it is in a "finished state".
   o STOP, just stop this transfer and consider it completed
   o PAUSE?
   o RESUME?
 DOCUMENTATION
 * More and better
 FTP
 * PRET is a command that primarily "drftpd" supports, which could be useful
   when using libcurl against such a server. It is a non-standard and a rather
   oddly designed command, but...
   http://curl.haxx.se/bug/feature.cgi?id=1729967
 * When trying to connect passively to a server which only supports active
   connections, libcurl returns CURLE_FTP_WEIRD_PASV_REPLY and closes the
   connection. There could be a way to fallback to an active connection (and
   vice versa). http://curl.haxx.se/bug/feature.cgi?id=1754793
 * Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in
   the process to avoid doing a resolve and connect in vain.
 * Support GSS/Kerberos 5 for ftp file transfer. This will allow user
   authentication and file encryption.  Possible libraries and example clients
   are available from MIT or Heimdal. Requested by Markus Moeller.
 * REST fix for servers not behaving well on >2GB requests. This should fail
   if the server doesn't set the pointer to the requested index. The tricky
   (impossible?) part is to figure out if the server did the right thing or
@@ -96,6 +116,7 @@ TODO
 * Make CURLOPT_FTPPORT support an additional port number on the IP/if/name,
   like "blabla:[port]" or possibly even "blabla:[portfirst]-[portsecond]".
   http://curl.haxx.se/bug/feature.cgi?id=1505166
 * FTP ASCII transfers do not follow RFC959. They don't convert the data
   accordingly.
@@ -115,6 +136,9 @@ TODO
   never been reported as causing trouble to anyone, but should be considered
   to use the HTTP version the user has chosen.
 * "Better" support for persistent connections over HTTP 1.0
   http://curl.haxx.se/bug/feature.cgi?id=1089001
 TELNET
 * Reading input (to send to the remote server) on stdin is a crappy solution
@@ -127,6 +151,9 @@ TODO
 SSL
 * Provide an option that allows for disabling specific SSL versions, such as
   SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276
 * Provide a libcurl API for setting mutex callbacks in the underlying SSL
   library, so that the same application code can use mutex-locking
   independently of OpenSSL or GnutTLS being used.
@@ -198,6 +225,11 @@ TODO
 CLIENT
 * Add option that is similar to -O but that takes the output file name from
   the Content-Disposition: header, and/or uses the local file name used in
   redirections for the cases the server bounces the request further to a
   different file (name): http://curl.haxx.se/bug/feature.cgi?id=1364676 
 * "curl --sync http://example.com/feed[1-100].rss" or
   "curl --sync http://example.net/{index,calendar,history}.html"
@@ -217,10 +249,10 @@ TODO
 * "curl ftp://site.com/*.txt"
- * The client could be told to use maximum N simultaneous transfers and then
+ * The client could be told to use maximum N simultaneous parallel transfers
-   just make sure that happens. It should of course not make more than one
+   and then just make sure that happens. It should of course not make more
-   connection to the same remote host. This would require the client to use
+   than one connection to the same remote host. This would require the client
-   the multi interface.
+   to use the multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
 * Extending the capabilities of the multipart formposting. How about leaving
   the ';type=foo' syntax as it is and adding an extra tag (headers) which
@@ -265,9 +297,6 @@ TODO
   and FTP-SSL tests without the stunnel dependency, and it could allow us to
   provide test tools built with either OpenSSL or GnuTLS
 * Make the test servers able to serve multiple running test suites. Like if
   two users run 'make test' at once.
 * If perl wasn't found by the configure script, don't attempt to run the
   tests but explain something nice why it doesn't.
@@ -277,6 +306,27 @@ TODO
 * Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
   fork()s and it should become even more portable.
 NEXT soname bump
 * #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
   from being output in NOBODY requests over ftp
 * Combine some of the error codes to remove duplicates.  The original
   numbering should not be changed, and the old identifiers would be
   macroed to the new ones in an CURL_NO_OLDIES section to help with
   backward compatibility.
   Candidates for removal and their replacements:
      CURLE_FILE_COULDNT_READ_FILE => CURLE_REMOTE_FILE_NOT_FOUND
      CURLE_FTP_COULDNT_RETR_FILE => CURLE_REMOTE_FILE_NOT_FOUND
      CURLE_FTP_COULDNT_USE_REST => CURLE_RANGE_ERROR
      CURLE_FUNCTION_NOT_FOUND => CURLE_FAILED_INIT
      CURLE_LDAP_INVALID_URL => CURLE_URL_MALFORMAT
      CURLE_TFTP_NOSUCHUSER => CURLE_TFTP_ILLEGAL
      CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND
      CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED
 NEXT MAJOR RELEASE
 * curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -593,13 +593,14 @@ private key is. DER, PEM and ENG are supported. If not specified, PEM is
 assumed.
 If this option is used several times, the last one will be used.
-.IP "--krb4 <level>"
+.IP "--krb <level>"
-(FTP) Enable Kerberos4 authentication and use. The level must be entered and
+(FTP) Enable Kerberos authentication and use. The level must be entered and
 should be one of 'clear', 'safe', 'confidential' or 'private'. Should you use
 a level that is not one of these, 'private' will instead be used.
-This option requires that the library was built with Kerberos4 support. This
+This option requires that the library was built with kerberos4 or GSSAPI
-is not very common. Use \fI-V/--version\fP to see if your curl supports it.
+(GSS-Negotiate) support. This is not very common. Use \fI-V/--version\fP to
 see if your curl supports it.
 If this option is used several times, the last one will be used.
 .IP "-K/--config <config file>"
@@ -658,6 +659,10 @@ Append this option to any ordinary curl command line, and you will get a
 libcurl-using source code written to the file that does the equivalent
 operation of what your command line operation does!
 NOTE: this does not properly support -F and the sending of multipart
 formposts, so in those cases the output program will be missing necessary
 calls to \fIcurl_formadd(3)\fP, and possibly more.
 If this option is used several times, the last given file name will be used.
 .IP "--limit-rate <speed>"
 Specify the maximum transfer rate you want curl to use. This feature is useful
@@ -908,7 +913,7 @@ the server returns failure for one of the commands, the entire operation
 will be aborted. You must send syntactically correct FTP commands as
 RFC959 defines to FTP servers, or one of the following commands (with
 appropriate arguments) to SFTP servers: chgrp, chmod, chown, ln, mkdir,
-rename, rm, rmdir, symlink.
+pwd, rename, rm, rmdir, symlink.
 This option can be used multiple times.
 .IP "--random-file <file>"
@@ -1153,7 +1158,7 @@ Automatic decompression of compressed files over HTTP is supported.
 .IP "NTLM"
 NTLM authentication is supported.
 .IP "GSS-Negotiate"
-Negotiate authentication is supported.
+Negotiate authentication and krb5 for ftp is supported.
 .IP "Debug"
 This curl uses a libcurl built with Debug. This enables more error-tracking
 and memory debugging etc. For curl-developers only!
--- a/docs/examples/.cvsignore
+++ b/docs/examples/.cvsignore
@@ -1,2 +1,30 @@
 Makefile
 Makefile.in
 .deps
 .libs
 10-at-a-time
 anyauthput
 cookie_interface
 debug
 fileupload
 fopen
 ftpget
 ftpgetresp
 ftpupload
 getinfo
 getinmemory
 http-post
 httpput
 https
 multi-app
 multi-debugcallback
 multi-double
 multi-post
 multi-single
 persistant
 post-callback
 postit2
 sepheaders
 simple
 simplepost
 simplessl
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -13,7 +13,10 @@
 * Written by Michael Wallner
 */
 #include <errno.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 #include <curl/multi.h>
 static const char *urls[] = {
@@ -106,6 +109,10 @@ int main(void)
  cm = curl_multi_init();
  /* we can optionally limit the total amount of connections this multi handle
     uses */
  curl_multi_setopt(cm, CURLMOPT_MAXCONNECTS, MAX);
  for (C = 0; C < MAX; ++C) {
    init(cm, C);
  }
@@ -123,20 +130,24 @@ int main(void)
        return EXIT_FAILURE;
      }
      /* In a real-world program you OF COURSE check the return that maxfd is
         bigger than -1 so that the call to select() below makes sense! */
      if (curl_multi_timeout(cm, &L)) {
        fprintf(stderr, "E: curl_multi_timeout\n");
        return EXIT_FAILURE;
      }
      if (L == -1)
        L = 100;
-      T.tv_sec = L/1000;
+      if (M == -1) {
-      T.tv_usec = (L%1000)*1000;
+        sleep(L / 1000);
      } else {
        T.tv_sec = L/1000;
        T.tv_usec = (L%1000)*1000;
-      if (0 > select(M+1, &R, &W, &E, &T)) {
+        if (0 > select(M+1, &R, &W, &E, &T)) {
-        fprintf(stderr, "E: select\n");
+          fprintf(stderr, "E: select(%i,,,,%li): %i: %s\n",
-        return EXIT_FAILURE;
+              M+1, L, errno, strerror(errno));
          return EXIT_FAILURE;
        }
      }
    }
@@ -155,6 +166,8 @@ int main(void)
      }
      if (C < CNT) {
        init(cm, C++);
        U++; /* just to prevent it from remaining at 0 if there are more
                URLs to get */
      }
    }
  }
--- a/docs/examples/Makefile.am
+++ b/docs/examples/Makefile.am
@@ -2,17 +2,29 @@
 # $Id$
 #
-AUTOMAKE_OPTIONS = foreign no-dependencies
+AUTOMAKE_OPTIONS = foreign nostdinc
-EXTRA_DIST = README curlgtk.c sepheaders.c simple.c postit2.c		\
+EXTRA_DIST = README Makefile.example makefile.dj $(COMPLICATED_EXAMPLES)
- persistant.c ftpget.c Makefile.example multithread.c getinmemory.c	\
+
- ftpupload.c httpput.c simplessl.c ftpgetresp.c http-post.c		\
+INCLUDES = -I$(top_srcdir)/include
- post-callback.c multi-app.c multi-double.c multi-single.c		\
+
- multi-post.c fopen.c simplepost.c makefile.dj curlx.c https.c		\
+LIBDIR = $(top_builddir)/lib
- multi-debugcallback.c fileupload.c getinfo.c ftp3rdparty.c debug.c	\
+
- anyauthput.c htmltitle.cc htmltidy.c opensslthreadlock.c		\
+# Dependencies
- cookie_interface.c cacertinmem.c synctime.c sampleconv.c ftpuploadresume.c \
+LDADD = $(LIBDIR)/libcurl.la
- 10-at-a-time.c hiperfifo.c ghiper.c
+
 # These are all libcurl example programs to be test compiled
 noinst_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
  debug fileupload fopen ftpget ftpgetresp ftpupload \
  getinfo getinmemory http-post httpput \
  https multi-app multi-debugcallback multi-double \
  multi-post multi-single persistant post-callback \
  postit2 sepheaders simple simplepost simplessl
 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
 COMPLICATED_EXAMPLES = \
 curlgtk.c curlx.c htmltitle.cc cacertinmem.c ftpuploadresume.c \
 ghiper.c hiperfifo.c htmltidy.c multithread.c \
 opensslthreadlock.c sampleconv.c synctime.c
 all:
 	@echo "done"
--- a/docs/examples/Makefile.example
+++ b/docs/examples/Makefile.example
@@ -29,9 +29,8 @@ LDFLAGS = -L/home/dast/lib -L/usr/local/ssl/lib
 # We need -lcurl for the curl stuff
 # We need -lsocket and -lnsl when on Solaris
 # We need -lssl and -lcrypto when using libcurl with SSL support
 # We need -ldl for dlopen() if that is in libdl
 # We need -lpthread for the pthread example
-LIBS = -lcurl -lsocket -lnsl -lssl -lcrypto -dl
+LIBS = -lcurl -lsocket -lnsl -lssl -lcrypto
 # Link the target with all objects and libraries
 $(TARGET) : $(OBJS)
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -11,6 +11,7 @@
 #include <stdio.h>
 #include <fcntl.h>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <curl/curl.h>
@@ -18,6 +19,10 @@
 #error "upgrade your libcurl to no less than 7.12.3"
 #endif
 #ifndef TRUE
 #define TRUE 1
 #endif
 /*
 * This example shows a HTTP PUT operation with authentiction using "any"
 * type. It PUTs a file given as a command line argument to the URL also given
@@ -52,7 +57,7 @@ static curlioerr my_ioctl(CURL *handle, curliocmd cmd, void *userp)
 }
 /* read callback function, fread() look alike */
-size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
+static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
 {
  size_t retcode;
--- a/docs/examples/cacertinmem.c
+++ b/docs/examples/cacertinmem.c
@@ -135,4 +135,5 @@ int main(void)
  curl_easy_cleanup(ch);
  curl_global_cleanup();
  return rv;
 }
--- a/docs/examples/cookie_interface.c
+++ b/docs/examples/cookie_interface.c
@@ -10,6 +10,7 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdlib.h>
 #include <errno.h>
 #include <time.h>
@@ -74,7 +75,7 @@ main(void)
 #define snprintf _snprintf
 #endif
    /* Netscape format cookie */
-    snprintf(nline, 256, "%s\t%s\t%s\t%s\t%u\t%s\t%s",
+    snprintf(nline, sizeof(nline), "%s\t%s\t%s\t%s\t%lu\t%s\t%s",
      ".google.com", "TRUE", "/", "FALSE", time(NULL) + 31337, "PREF", "hello google, i like you very much!");
    res = curl_easy_setopt(curl, CURLOPT_COOKIELIST, nline);
    if (res != CURLE_OK) {
@@ -83,7 +84,7 @@ main(void)
    }
    /* HTTP-header style cookie */
-    snprintf(nline, 256,
+    snprintf(nline, sizeof(nline),
      "Set-Cookie: OLD_PREF=3d141414bf4209321; "
      "expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com");
    res = curl_easy_setopt(curl, CURLOPT_COOKIELIST, nline);
--- a/docs/examples/curlx.c
+++ b/docs/examples/curlx.c
@@ -81,6 +81,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <curl/curl.h>
 #include <openssl/x509v3.h>
 #include <openssl/x509_vfy.h>
@@ -94,13 +95,13 @@
 #include <openssl/bio.h>
 #include <openssl/ssl.h>
-static char *curlx_usage[]={
+static const char *curlx_usage[]={
  "usage: curlx args\n",
  " -p12 arg         - tia  file ",
  " -envpass arg     - environement variable which content the tia private key password",
  " -out arg         - output file (response)- default stdout",
  " -in arg          - input file (request)- default stdin",
-  " -connect arg     - URL of the server for the connection ex: www.openevidenve.org",
+  " -connect arg     - URL of the server for the connection ex: www.openevidence.org",
  " -mimetype arg    - MIME type for data in ex : application/timestamp-query or application/dvcs -default application/timestamp-query",
  " -acceptmime arg  - MIME type acceptable for the response ex : application/timestamp-response or application/dvcs -default none",
  " -accesstype arg  - an Object identifier in an AIA/SIA method, e.g. AD_DVCS or ad_timestamping",
@@ -268,19 +269,21 @@ int main(int argc, char **argv) {
  char* mimetype;
  char* mimetypeaccept=NULL;
  char* contenttype;
-  char** pp;
+  const char** pp;
  unsigned char* hostporturl = NULL;
  binaryptr=(char*)malloc(tabLength);
  BIO * p12bio ;
  char **args = argv + 1;
  unsigned char * serverurl;
  sslctxparm p;
  char *response;
  p.verbose = 0;
  CURLcode res;
  struct curl_slist * headers=NULL;
  int badarg=0;
  binaryptr=(char*)malloc(tabLength);
  p.verbose = 0;
  p.errorbio = BIO_new_fp (stderr, BIO_NOCLOSE);
  curl_global_init(CURL_GLOBAL_DEFAULT);
@@ -292,7 +295,6 @@ int main(int argc, char **argv) {
  ERR_load_crypto_strings();
  int badarg=0;
  while (*args && *args[0] == '-') {
    if (!strcmp (*args, "-in")) {
@@ -407,10 +409,9 @@ int main(int argc, char **argv) {
  }
  else if (p.accesstype != 0) { /* see whether we can find an AIA or SIA for a given access type */
    if (!(serverurl = my_get_ext(p.usercert,p.accesstype,NID_info_access))) {
      int j=0;
      BIO_printf(p.errorbio,"no service URL in user cert "
                 "cherching in others certificats\n");
      int j=0;
      int find=0;
      for (j=0;j<sk_X509_num(p.ca);j++) {
        if ((serverurl = my_get_ext(sk_X509_value(p.ca,j),p.accesstype,
                                    NID_info_access)))
--- a/docs/examples/fileupload.c
+++ b/docs/examples/fileupload.c
@@ -17,7 +17,6 @@ int main(void)
 {
  CURL *curl;
  CURLcode res;
  curl_off_t size;
  struct stat file_info;
  double speed_upload, total_time;
  FILE *fd;
--- a/docs/examples/fopen.c
+++ b/docs/examples/fopen.c
@@ -70,7 +70,7 @@ struct fcurl_data
 typedef struct fcurl_data URL_FILE;
 /* exported functions */
-URL_FILE *url_fopen(char *url,const char *operation);
+URL_FILE *url_fopen(const char *url,const char *operation);
 int url_fclose(URL_FILE *file);
 int url_feof(URL_FILE *file);
 size_t url_fread(void *ptr, size_t size, size_t nmemb, URL_FILE *file);
@@ -93,11 +93,11 @@ write_callback(char *buffer,
    URL_FILE *url = (URL_FILE *)userp;
    size *= nitems;
-    rembuff=url->buffer_len - url->buffer_pos;//remaining space in buffer
+    rembuff=url->buffer_len - url->buffer_pos; /* remaining space in buffer */
    if(size > rembuff)
    {
-        //not enuf space in buffer
+        /* not enough space in buffer */
        newbuff=realloc(url->buffer,url->buffer_len + (size - rembuff));
        if(newbuff==NULL)
        {
@@ -211,7 +211,7 @@ use_buffer(URL_FILE *file,int want)
 URL_FILE *
-url_fopen(char *url,const char *operation)
+url_fopen(const char *url,const char *operation)
 {
    /* this code could check for URLs or types in the 'url' and
       basicly use the real fopen() for standard files */
@@ -236,7 +236,7 @@ url_fopen(char *url,const char *operation)
        curl_easy_setopt(file->handle.curl, CURLOPT_URL, url);
        curl_easy_setopt(file->handle.curl, CURLOPT_WRITEDATA, file);
-        curl_easy_setopt(file->handle.curl, CURLOPT_VERBOSE, FALSE);
+        curl_easy_setopt(file->handle.curl, CURLOPT_VERBOSE, 0);
        curl_easy_setopt(file->handle.curl, CURLOPT_WRITEFUNCTION, write_callback);
        if(!multi_handle)
@@ -466,7 +466,7 @@ main(int argc, char *argv[])
    int nread;
    char buffer[256];
-    char *url;
+    const char *url;
    if(argc < 2)
    {
@@ -481,7 +481,7 @@ main(int argc, char *argv[])
    outf=fopen("fgets.test","w+");
    if(!outf)
    {
-        perror("couldnt open fgets output file\n");
+        perror("couldn't open fgets output file\n");
        return 1;
    }
@@ -508,7 +508,7 @@ main(int argc, char *argv[])
    outf=fopen("fread.test","w+");
    if(!outf)
    {
-        perror("couldnt open fread output file\n");
+        perror("couldn't open fread output file\n");
        return 1;
    }
@@ -533,7 +533,7 @@ main(int argc, char *argv[])
    outf=fopen("rewind.test","w+");
    if(!outf)
    {
-        perror("couldnt open fread output file\n");
+        perror("couldn't open fread output file\n");
        return 1;
    }
--- a/docs/examples/ftp3rdparty.c
+++ b/docs/examples/ftp3rdparty.c
@@ -1,103 +0,0 @@
 /*****************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * $Id$
 */
 #include <stdio.h>
 #include <curl/curl.h>
 #include <curl/types.h>
 #include <curl/easy.h>
 /*
 * This is an example showing how to transfer a file between two remote hosts.
 * 7.13.0 or later required.
 */
 int main(void)
 {
  CURL *curl;
  CURLcode res;
  char source_url[] = "ftp://remotehost.com/path/to/source";
  char target_url[] = "ftp://aotherserver.com/path/to/dest";
  char sourceUserPass[] = "user:pass";
  char targetUserPass[] = "user:pass";
  char url[100];
  struct curl_slist *source_pre_cmd = NULL;
  struct curl_slist *target_pre_cmd = NULL;
  struct curl_slist *source_post_cmd = NULL;
  struct curl_slist *target_post_cmd = NULL;
  char cmd[] = "PWD";   /* just to test */
  curl_global_init(CURL_GLOBAL_DEFAULT);
  curl = curl_easy_init();
  if (curl) {
    /* The ordinary URL is the target when speaking 3rd party transfers */
    curl_easy_setopt(curl, CURLOPT_URL, target_url);
    /* Set a source URL */
    curl_easy_setopt(curl, CURLOPT_SOURCE_URL, source_url);
    /* Set target user and password */
    curl_easy_setopt(curl, CURLOPT_USERPWD, targetUserPass);
    /* Set source user and password */
    curl_easy_setopt(curl, CURLOPT_SOURCE_USERPWD, sourceUserPass);
 #if 0
    /* FTPPORT enables PORT on the target side, instead of PASV. */
    curl_easy_setopt(curl, CURLOPT_FTPPORT, "");   /* optional */
 #endif
    /* build a list of commands to pass to libcurl */
    source_pre_cmd = curl_slist_append(source_pre_cmd, cmd);
    /* Set a proxy pre-quote command */
    curl_easy_setopt(curl, CURLOPT_SOURCE_PREQUOTE, source_pre_cmd);
    /* build a list of commands to pass to libcurl */
    target_pre_cmd = curl_slist_append(target_pre_cmd, cmd);
    /* Set a pre-quote command */
    curl_easy_setopt(curl, CURLOPT_PREQUOTE, target_pre_cmd);
    /* build a list of commands to pass to libcurl */
    source_post_cmd = curl_slist_append(source_post_cmd, cmd);
    /* Set a proxy post-quote command */
    curl_easy_setopt(curl, CURLOPT_SOURCE_POSTQUOTE, source_post_cmd);
    /* build a list of commands to pass to libcurl */
    target_post_cmd = curl_slist_append(target_post_cmd, cmd);
    /* Set a post-quote command */
    curl_easy_setopt(curl, CURLOPT_POSTQUOTE, target_post_cmd);
    /* Switch on full protocol/debug output */
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
    res = curl_easy_perform(curl);
    /* clean up the FTP commands list */
    curl_slist_free_all(source_pre_cmd);
    curl_slist_free_all(target_pre_cmd);
    curl_slist_free_all(source_post_cmd);
    curl_slist_free_all(target_post_cmd);
    /* always cleanup */
    curl_easy_cleanup(curl);
    if(CURLE_OK != res) {
      /* we failed */
      fprintf(stderr, "curl told us %d\n", res);
    }
  }
  curl_global_cleanup();
  return 0;
 }
--- a/docs/examples/ftpget.c
+++ b/docs/examples/ftpget.c
@@ -22,11 +22,11 @@
 */
 struct FtpFile {
-  char *filename;
+  const char *filename;
  FILE *stream;
 };
-int my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream)
+static int my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream)
 {
  struct FtpFile *out=(struct FtpFile *)stream;
  if(out && !out->stream) {
@@ -65,7 +65,7 @@ int main(void)
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, &ftpfile);
    /* Switch on full protocol/debug output */
-    curl_easy_setopt(curl, CURLOPT_VERBOSE, TRUE);
+    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1);
    res = curl_easy_perform(curl);
--- a/docs/examples/ftpgetresp.c
+++ b/docs/examples/ftpgetresp.c
@@ -21,7 +21,7 @@
 * This functionality was introduced in libcurl 7.9.3.
 */
-size_t
+static size_t
 write_response(void *ptr, size_t size, size_t nmemb, void *data)
 {
  FILE *writehere = (FILE *)data;
@@ -46,6 +46,8 @@ int main(int argc, char **argv)
    /* Get a file listing from sunet */
    curl_easy_setopt(curl, CURLOPT_URL, "ftp://ftp.sunet.se/");
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, ftpfile);
    /* If you intend to use this on windows with a libcurl DLL, you must use
       CURLOPT_WRITEFUNCTION as well */
    curl_easy_setopt(curl, CURLOPT_HEADERFUNCTION, write_response);
    curl_easy_setopt(curl, CURLOPT_WRITEHEADER, respfile);
    res = curl_easy_perform(curl);
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -14,6 +14,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <unistd.h>
 /*
 * This example shows an FTP upload, with a rename of the file just after
@@ -31,14 +32,13 @@ int main(int argc, char **argv)
 {
  CURL *curl;
  CURLcode res;
  FILE *ftpfile;
  FILE * hd_src ;
  int hd ;
  struct stat file_info;
  struct curl_slist *headerlist=NULL;
-  char buf_1 [] = "RNFR " UPLOAD_FILE_AS;
+  static const char buf_1 [] = "RNFR " UPLOAD_FILE_AS;
-  char buf_2 [] = "RNTO " RENAME_FILE_TO;
+  static const char buf_2 [] = "RNTO " RENAME_FILE_TO;
  /* get the file size of the local file */
  hd = open(LOCAL_FILE, O_RDONLY) ;
@@ -61,7 +61,7 @@ int main(int argc, char **argv)
    headerlist = curl_slist_append(headerlist, buf_2);
    /* enable uploading */
-    curl_easy_setopt(curl, CURLOPT_UPLOAD, TRUE) ;
+    curl_easy_setopt(curl, CURLOPT_UPLOAD, 1) ;
    /* specify target */
    curl_easy_setopt(curl,CURLOPT_URL, REMOTE_URL);
--- a/docs/examples/ftpuploadresume.c
+++ b/docs/examples/ftpuploadresume.c
@@ -24,7 +24,9 @@
 /* The MinGW headers are missing a few Win32 function definitions,
   you shouldn't need this if you use VC++ */
 #ifdef __MINGW32__
 int __cdecl _snscanf(const char * input, size_t length, const char * format, ...);
 #endif
 /* parse headers for Content-Length */
@@ -75,7 +77,7 @@ int upload(CURL *curlhandle, const char * remotepath, const char * localpath,
 		return 0;
 	}
-	curl_easy_setopt(curlhandle, CURLOPT_UPLOAD, TRUE);
+	curl_easy_setopt(curlhandle, CURLOPT_UPLOAD, 1);
 	curl_easy_setopt(curlhandle, CURLOPT_URL, remotepath);
@@ -91,9 +93,9 @@ int upload(CURL *curlhandle, const char * remotepath, const char * localpath,
 	curl_easy_setopt(curlhandle, CURLOPT_READDATA, f);
 	curl_easy_setopt(curlhandle, CURLOPT_FTPPORT, "-"); /* disable passive mode */
-	curl_easy_setopt(curlhandle, CURLOPT_FTP_CREATE_MISSING_DIRS, TRUE);
+	curl_easy_setopt(curlhandle, CURLOPT_FTP_CREATE_MISSING_DIRS, 1);
-	curl_easy_setopt(curlhandle, CURLOPT_VERBOSE, TRUE);
+	curl_easy_setopt(curlhandle, CURLOPT_VERBOSE, 1);
 	for (c = 0; (r != CURLE_OK) && (c < tries); c++) {
 		/* are we resuming? */
@@ -108,22 +110,22 @@ int upload(CURL *curlhandle, const char * remotepath, const char * localpath,
 			 * because HEADER will dump the headers to stdout
 			 * without it.
 			 */
-			curl_easy_setopt(curlhandle, CURLOPT_NOBODY, TRUE);
+			curl_easy_setopt(curlhandle, CURLOPT_NOBODY, 1);
-			curl_easy_setopt(curlhandle, CURLOPT_HEADER, TRUE);
+			curl_easy_setopt(curlhandle, CURLOPT_HEADER, 1);
 			r = curl_easy_perform(curlhandle);
 			if (r != CURLE_OK)
 				continue;
-			curl_easy_setopt(curlhandle, CURLOPT_NOBODY, FALSE);
+			curl_easy_setopt(curlhandle, CURLOPT_NOBODY, 0);
-			curl_easy_setopt(curlhandle, CURLOPT_HEADER, FALSE);
+			curl_easy_setopt(curlhandle, CURLOPT_HEADER, 0);
 			fseek(f, uploaded_len, SEEK_SET);
-			curl_easy_setopt(curlhandle, CURLOPT_FTPAPPEND, TRUE);
+			curl_easy_setopt(curlhandle, CURLOPT_APPEND, 1);
 		}
 		else { /* no */
-			curl_easy_setopt(curlhandle, CURLOPT_FTPAPPEND, FALSE);
+			curl_easy_setopt(curlhandle, CURLOPT_APPEND, 0);
 		}
 		r = curl_easy_perform(curlhandle);
--- a/docs/examples/getinmemory.c
+++ b/docs/examples/getinmemory.c
@@ -26,7 +26,7 @@ struct MemoryStruct {
  size_t size;
 };
-void *myrealloc(void *ptr, size_t size)
+static void *myrealloc(void *ptr, size_t size)
 {
  /* There might be a realloc() out there that doesn't like reallocing
     NULL pointers, so we take care of it here */
@@ -36,7 +36,7 @@ void *myrealloc(void *ptr, size_t size)
    return malloc(size);
 }
-size_t
+static size_t
 WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data)
 {
  size_t realsize = size * nmemb;
--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -91,9 +91,9 @@ typedef struct _SockInfo {
 /* Die if we get a bad CURLMcode somewhere */
-static void mcode_or_die(char *where, CURLMcode code) {
+static void mcode_or_die(const char *where, CURLMcode code) {
  if ( CURLM_OK != code ) {
-    char *s;
+    const char *s;
    switch (code) {
      case     CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
      case     CURLM_OK:                 s="CURLM_OK";                 break;
@@ -259,7 +259,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
  GlobalInfo *g = (GlobalInfo*) cbp;
  SockInfo *fdp = (SockInfo*) sockp;
-  char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE" };
+  static const char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE" };
  MSG_OUT("socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
  if (what == CURL_POLL_REMOVE) {
@@ -402,7 +402,7 @@ static gboolean fifo_cb (GIOChannel *ch, GIOCondition condition, gpointer data)
 int init_fifo(void)
 {
 struct stat st;
- char *fifo = "hiper.fifo";
+ const char *fifo = "hiper.fifo";
 int socket;
 if (lstat (fifo, &st) == 0) {
--- a/docs/examples/hiperfifo.c
+++ b/docs/examples/hiperfifo.c
@@ -252,7 +252,7 @@ static int sock_cb(CURL *e, curl_socket_t s, int what, void *cbp, void *sockp)
 {
  GlobalInfo *g = (GlobalInfo*) cbp;
  SockInfo *fdp = (SockInfo*) sockp;
-  char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE" };
+  const char *whatstr[]={ "none", "IN", "OUT", "INOUT", "REMOVE" };
  fprintf(MSG_OUT,
          "socket callback: s=%d e=%p what=%s ", s, e, whatstr[what]);
@@ -357,7 +357,7 @@ void fifo_cb(int fd, short event, void *arg) {
 /* Create a named pipe and tell libevent to monitor it */
 int init_fifo (GlobalInfo *g) {
  struct stat st;
-  char *fifo = "hiper.fifo";
+  static const char *fifo = "hiper.fifo";
  int socket;
  fprintf(MSG_OUT, "Creating named pipe \"%s\"\n", fifo);
--- a/docs/examples/httpput.c
+++ b/docs/examples/httpput.c
@@ -11,6 +11,7 @@
 #include <stdio.h>
 #include <fcntl.h>
 #include <sys/stat.h>
 #include <unistd.h>
 #include <curl/curl.h>
@@ -24,7 +25,7 @@
 * http://www.apacheweek.com/features/put
 */
-size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
+static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
 {
  size_t retcode;
@@ -75,10 +76,10 @@ int main(int argc, char **argv)
    curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
    /* enable uploading */
-    curl_easy_setopt(curl, CURLOPT_UPLOAD, TRUE) ;
+    curl_easy_setopt(curl, CURLOPT_UPLOAD, 1) ;
    /* HTTP PUT please */
-    curl_easy_setopt(curl, CURLOPT_PUT, TRUE);
+    curl_easy_setopt(curl, CURLOPT_PUT, 1);
    /* specify target URL, and note that this URL should include a file
       name, not only a directory */
--- a/docs/examples/https.c
+++ b/docs/examples/https.c
@@ -31,7 +31,7 @@ int main(void)
     * default bundle, then the CURLOPT_CAPATH option might come handy for
     * you.
     */
-    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
 #endif
 #ifdef SKIP_HOSTNAME_VERFICATION
--- a/docs/examples/multi-app.c
+++ b/docs/examples/multi-app.c
@@ -47,7 +47,7 @@ int main(int argc, char **argv)
  curl_easy_setopt(handles[HTTP_HANDLE], CURLOPT_URL, "http://website.com");
  curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_URL, "ftp://ftpsite.com");
-  curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_UPLOAD, TRUE);
+  curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_UPLOAD, 1);
  /* init a multi stack */
  multi_handle = curl_multi_init();
--- a/docs/examples/multi-post.c
+++ b/docs/examples/multi-post.c
@@ -19,7 +19,6 @@
 int main(int argc, char *argv[])
 {
  CURL *curl;
  CURLcode res;
  CURLM *multi_handle;
  int still_running;
@@ -27,7 +26,7 @@ int main(int argc, char *argv[])
  struct curl_httppost *formpost=NULL;
  struct curl_httppost *lastptr=NULL;
  struct curl_slist *headerlist=NULL;
-  char buf[] = "Expect:";
+  static const char buf[] = "Expect:";
  /* Fill in the file upload field. This makes libcurl load data from  
     the given file name when curl_easy_perform() is called. */
@@ -58,7 +57,6 @@ int main(int argc, char *argv[])
     wanted */
  headerlist = curl_slist_append(headerlist, buf);
  if(curl && multi_handle) {
    int perform=0;
    /* what URL that receives this POST */
    curl_easy_setopt(curl, CURLOPT_URL,
--- a/docs/examples/multithread.c
+++ b/docs/examples/multithread.c
@@ -24,7 +24,7 @@
  http://www.openssl.org/docs/crypto/threads.html#DESCRIPTION
 */
-char *urls[]= {
+const char *urls[]= {
  "http://curl.haxx.se/",
  "ftp://cool.haxx.se/",
  "http://www.contactor.se/",
@@ -59,7 +59,7 @@ int main(int argc, char **argv)
    error = pthread_create(&tid[i],
                           NULL, /* default attributes please */
                           pull_one_url,
-                           urls[i]);
+                           (void *)urls[i]);
    if(0 != error)
      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
    else
--- a/docs/examples/opensslthreadlock.c
+++ b/docs/examples/opensslthreadlock.c
@@ -16,6 +16,11 @@
 * Author: Jeremy Brown
 */
 #include <stdio.h>
 #include <pthread.h>
 #include <openssl/err.h>
 #define MUTEX_TYPE       pthread_mutex_t
 #define MUTEX_SETUP(x)   pthread_mutex_init(&(x), NULL)
 #define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x))
@@ -25,7 +30,7 @@
 void handle_error(const char *file, int lineno, const char *msg){
-     fprintf(stderr, ** %s:%i %s\n, file, lineno, msg);
+     fprintf(stderr, "** %s:%d %s\n", file, lineno, msg);
     ERR_print_errors_fp(stderr);
     /* exit(-1); */
 }
--- a/docs/examples/post-callback.c
+++ b/docs/examples/post-callback.c
@@ -15,14 +15,14 @@
 #include <string.h>
 #include <curl/curl.h>
-char data[]="this is what we post to the silly web server";
+const char data[]="this is what we post to the silly web server";
 struct WriteThis {
-  char *readptr;
+  const char *readptr;
  int sizeleft;
 };
-size_t read_callback(void *ptr, size_t size, size_t nmemb, void *userp)
+static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *userp)
 {
  struct WriteThis *pooh = (struct WriteThis *)userp;
@@ -55,7 +55,7 @@ int main(void)
    curl_easy_setopt(curl, CURLOPT_URL,
                     "http://receivingsite.com.pooh/index.cgi");
    /* Now specify we want to POST data */
-    curl_easy_setopt(curl, CURLOPT_POST, TRUE);
+    curl_easy_setopt(curl, CURLOPT_POST, 1);
    /* we want to use our own read function */
    curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
--- a/docs/examples/postit2.c
+++ b/docs/examples/postit2.c
@@ -36,7 +36,7 @@ int main(int argc, char *argv[])
  struct curl_httppost *formpost=NULL;
  struct curl_httppost *lastptr=NULL;
  struct curl_slist *headerlist=NULL;
-  char buf[] = "Expect:";
+  static const char buf[] = "Expect:";
  curl_global_init(CURL_GLOBAL_ALL);
--- a/docs/examples/sepheaders.c
+++ b/docs/examples/sepheaders.c
@@ -16,7 +16,7 @@
 #include <curl/types.h>
 #include <curl/easy.h>
-size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream)
+static size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream)
 {
  int written = fwrite(ptr, size, nmemb, (FILE *)stream);
  return written;
@@ -25,9 +25,9 @@ size_t write_data(void *ptr, size_t size, size_t nmemb, void *stream)
 int main(int argc, char **argv)
 {
  CURL *curl_handle;
-  char *headerfilename = "head.out";
+  static const char *headerfilename = "head.out";
  FILE *headerfile;
-  char *bodyfilename = "body.out";
+  static const char *bodyfilename = "body.out";
  FILE *bodyfile;
  curl_global_init(CURL_GLOBAL_ALL);
--- a/docs/examples/simplepost.c
+++ b/docs/examples/simplepost.c
@@ -9,6 +9,7 @@
 */
 #include <stdio.h>
 #include <string.h>
 #include <curl/curl.h>
 int main(void)
@@ -16,7 +17,7 @@ int main(void)
  CURL *curl;
  CURLcode res;
-  char *postthis="moo mooo moo moo";
+  static const char *postthis="moo mooo moo moo";
  curl = curl_easy_init();
  if(curl) {
--- a/docs/examples/simplessl.c
+++ b/docs/examples/simplessl.c
@@ -38,9 +38,10 @@ int main(int argc, char **argv)
  CURL *curl;
  CURLcode res;
  FILE *headerfile;
  const char *pPassphrase = NULL;
-  const char *pCertFile = "testcert.pem";
+  static const char *pCertFile = "testcert.pem";
-  const char *pCACertFile="cacert.pem";
+  static const char *pCACertFile="cacert.pem";
  const char *pKeyName;
  const char *pKeyType;
@@ -57,8 +58,6 @@ int main(int argc, char **argv)
  pEngine   = NULL;
 #endif
  const char *pPassphrase = NULL;
  headerfile = fopen("dumpit", "w");
  curl_global_init(CURL_GLOBAL_DEFAULT);
@@ -96,7 +95,7 @@ int main(int argc, char **argv)
      /* sorry, for engine we must set the passphrase
         (if the key has one...) */
      if (pPassphrase)
-        curl_easy_setopt(curl,CURLOPT_SSLKEYPASSWD,pPassphrase);
+        curl_easy_setopt(curl,CURLOPT_KEYPASSWD,pPassphrase);
      /* if we use a key stored in a crypto engine,
         we must set the key type to "ENG" */
--- a/docs/examples/synctime.c
+++ b/docs/examples/synctime.c
@@ -87,7 +87,7 @@ typedef struct
  char timeserver[MAX_STRING1];
 } conf_t;
-char DefaultTimeServer[4][MAX_STRING1] =
+const char DefaultTimeServer[4][MAX_STRING1] =
 {
  "http://nist.time.gov/timezone.cgi?UTC/s/0",
  "http://www.google.com/",
@@ -95,9 +95,9 @@ char DefaultTimeServer[4][MAX_STRING1] =
  "http://www.worldtime.com/cgi-bin/wt.cgi"
 };
-char *DayStr[] = {"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"};
+const char *DayStr[] = {"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"};
-char *MthStr[] = {"Jan", "Feb", "Mar", "Apr", "May", "Jun",
+const char *MthStr[] = {"Jan", "Feb", "Mar", "Apr", "May", "Jun",
-                  "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"};
+                        "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"};
 int  ShowAllHeader;
 int  AutoSyncTime;
--- a/docs/libcurl/curl_easy_cleanup.3
+++ b/docs/libcurl/curl_easy_cleanup.3
@@ -1,8 +1,27 @@
-.\" You can view this file with:
+.\" **************************************************************************
-.\" nroff -man [file]
+.\" *                                  _   _ ____  _
-.\" $Id$
+.\" *  Project                     ___| | | |  _ \| |
 .\" *                             / __| | | | |_) | |
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
 .\" * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
 .\" * are also available at http://curl.haxx.se/docs/copyright.html.
 .\" *
 .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 .\" * copies of the Software, and permit persons to whom the Software is
 .\" * furnished to do so, under the terms of the COPYING file.
 .\" *
 .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 .\" * KIND, either express or implied.
 .\" *
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH curl_easy_cleanup 3 "12 Oct 2006" "libcurl 7.7" "libcurl Manual"
+.TH curl_easy_cleanup 3 "22 aug 2007" "libcurl 7.17.0" "libcurl Manual"
 .SH NAME
 curl_easy_cleanup - End a libcurl easy session
 .SH SYNOPSIS
@@ -19,11 +38,12 @@ This will effectively close all connections this handle has used and possibly
 has kept open until now. Don't call this function if you intend to transfer
 more files.
 When you've called this, you can safely remove all the strings you've
 previously told libcurl to use, as it won't use them anymore now.
 Any uses of the \fBhandle\fP after this function has been called are
 illegal. This kills the handle and all memory associated with it!
 With libcurl versions prior to 7.17.: when you've called this, you can safely
 remove all the strings you've previously told libcurl to use, as it won't use
 them anymore now.
 .SH RETURN VALUE
 None
 .SH "SEE ALSO"
--- a/docs/libcurl/curl_easy_getinfo.3
+++ b/docs/libcurl/curl_easy_getinfo.3
@@ -133,7 +133,9 @@ protocol used doesn't support this.
 .IP CURLINFO_PRIVATE
 Pass a pointer to a 'char *' to receive the pointer to the private data
 associated with the curl handle (set with the CURLOPT_PRIVATE option to
-\fIcurl_easy_setopt(3)\fP). (Added in 7.10.3)
+\fIcurl_easy_setopt(3)\fP). Please note that for internal reasons, the
 value is returned as a 'char *', although effectively being a 'void *'.
 (Added in 7.10.3)
 .IP CURLINFO_HTTPAUTH_AVAIL
 Pass a pointer to a long to receive a bitmask indicating the authentication
 method(s) available. The meaning of the bits is explained in the
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -21,7 +21,7 @@
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH curl_easy_setopt 3 "22 Feb 2007" "libcurl 7.16.2" "libcurl Manual"
+.TH curl_easy_setopt 3 "30 Aug 2007" "libcurl 7.17.0" "libcurl Manual"
 .SH NAME
 curl_easy_setopt \- set options for a curl easy handle
 .SH SYNOPSIS
@@ -44,11 +44,13 @@ between transfers, so if you want subsequent transfers with different options,
 you must change them between the transfers. You can optionally reset all
 options back to internal default with \fIcurl_easy_reset(3)\fP.
-Strings passed to libcurl as 'char *' arguments, will not be copied by the
+Strings passed to libcurl as 'char *' arguments, are copied by the library;
-library. Instead you should keep them available until libcurl no longer needs
+thus the string storage associated to the pointer argument may be overwritten
-them. Failing to do so will cause very odd behavior or even crashes. libcurl
+after curl_easy_setopt() returns. Exceptions to this rule are described in
-will need them until you call \fIcurl_easy_cleanup(3)\fP or you set the same
+the option details below.
-option again to use a different pointer.
+
 NOTE: before 7.17.0 strings were not copied. Instead the user was forced keep
 them available until libcurl no longer needed them.
 The \fIhandle\fP is the return code from a \fIcurl_easy_init(3)\fP or
 \fIcurl_easy_duphandle(3)\fP call.
@@ -194,8 +196,7 @@ this callback will cause libcurl to abort the transfer and return
 If you transfer data with the multi interface, this function will not be
 called during periods of idleness unless you call the appropriate libcurl
-function that performs transfers. Usage of the \fBCURLOPT_PROGRESSFUNCTION\fP
+function that performs transfers.
 callback is not recommended when using the multi interface.
 \fICURLOPT_NOPROGRESS\fP must be set to FALSE to make this function actually
 get called.
@@ -330,6 +331,12 @@ system.
 Pass a char * to a buffer that the libcurl may store human readable error
 messages in. This may be more helpful than just the return code from
 \fIcurl_easy_perform\fP. The buffer must be at least CURL_ERROR_SIZE big.
 Although this argument is a 'char *', it does not describe an input string.
 Therefore the (probably undefined) contents of the buffer is NOT copied
 by the library. You should keep the associated storage available until
 libcurl no longer needs it. Failing to do so will cause very odd behavior
 or even crashes. libcurl will need it until you call \fIcurl_easy_cleanup(3)\fP
 or you set the same option again to use a different pointer. 
 Use \fICURLOPT_VERBOSE\fP and \fICURLOPT_DEBUGFUNCTION\fP to better
 debug/trace why errors happen.
@@ -662,6 +669,12 @@ set that Content-Type by default when this option is used), which is the most
 commonly used one by HTML forms. See also the \fICURLOPT_POST\fP. Using
 \fICURLOPT_POSTFIELDS\fP implies \fICURLOPT_POST\fP.
 If you want to do a zero-byte POST, you need to set
 \fICURLOPT_POSTFIELDSIZE\fP explicitly to zero, as simply setting
 \fICURLOPT_POSTFIELDS\fP to NULL or "" just effectively disables the sending
 of the specified string. libcurl will instead assume that you'll send the POST
 data using the read callback!
 Using POST with HTTP 1.1 implies the use of a "Expect: 100-continue" header.
 You can disable this header with \fICURLOPT_HTTPHEADER\fP as usual.
@@ -751,7 +764,7 @@ multiple cookies in one string like this: "name1=content1; name2=content2;"
 etc.
 Using this option multiple times will only make the latest string override the
-previously ones.
+previous ones.
 .IP CURLOPT_COOKIEFILE
 Pass a pointer to a zero terminated string as parameter. It should contain the
 name of your file holding cookie data to read. The cookie data may be in
@@ -810,6 +823,7 @@ it thinks fit.
 Enforce HTTP 1.0 requests.
 .IP CURL_HTTP_VERSION_1_1
 Enforce HTTP 1.1 requests.
 .RE
 .IP CURLOPT_IGNORE_CONTENT_LENGTH
 Ignore the Content-Length header. This is useful for Apache 1.x (and similar
 servers) which will report incorrect content length for files over 2
@@ -826,7 +840,6 @@ Pass a long to tell libcurl how to act on transfer decoding. If set to zero,
 transfer decoding will be disabled, if set to 1 it is enabled
 (default). libcurl does chunked transfer decoding by default unless this
 option is set to zero. (added in 7.16.2)
 .RE
 .SH FTP OPTIONS
 .IP CURLOPT_FTPPORT
 Pass a pointer to a zero terminated string as parameter. It will be used to
@@ -847,6 +860,8 @@ properly filled in with text strings. Use \fIcurl_slist_append(3)\fP
 to append strings (commands) to the list, and clear the entire list
 afterwards with \fIcurl_slist_free_all(3)\fP. Disable this operation
 again by setting a NULL to this option.
 The valid SFTP commands are: chgrp, chmod, chown, ln, mkdir, pwd,
 rename, rm, rmdir, symlink. (SFTP support added in 7.16.3)
 .IP CURLOPT_POSTQUOTE
 Pass a pointer to a linked list of FTP or SFTP commands to pass to the
 server after your ftp transfer request. The linked list should be a
@@ -860,17 +875,21 @@ struct curl_slist structs properly filled in as described for
 \fICURLOPT_QUOTE\fP. Disable this operation again by setting a NULL to this
 option. Before version 7.15.6, if you also set \fICURLOPT_NOBODY\fP non-zero,
 this option didn't work.
-.IP CURLOPT_FTPLISTONLY
+.IP CURLOPT_DIRLISTONLY
-A non-zero parameter tells the library to just list the names of an ftp
+A non-zero parameter tells the library to just list the names of files in a
 directory, instead of doing a full directory listing that would include file
-sizes, dates etc.
+sizes, dates etc. This works for FTP and SFTP URLs.
-This causes an FTP NLST command to be sent.  Beware that some FTP servers list
+This causes an FTP NLST command to be sent on an FTP server.  Beware
-only files in their response to NLST; they might not include subdirectories
+that some FTP servers list only files in their response to NLST; they
-and symbolic links.
+might not include subdirectories and symbolic links.
-.IP CURLOPT_FTPAPPEND
+
 (This option was known as CURLOPT_FTPLISTONLY up to 7.16.4)
 .IP CURLOPT_APPEND
 A non-zero parameter tells the library to append to the remote file instead of
 overwrite it. This is only useful when uploading to an ftp site.
 (This option was known as CURLOPT_FTPAPPEND up to 7.16.4)
 .IP CURLOPT_FTP_USE_EPRT
 Pass a long. If the value is non-zero, it tells curl to use the EPRT (and
 LPRT) command when doing active FTP downloads (which is enabled by
@@ -917,18 +936,21 @@ same IP address it already uses for the control connection. But it will use
 the port number from the 227-response. (Added in 7.14.2)
 This option has no effect if PORT, EPRT or EPSV is used instead of PASV.
-.IP CURLOPT_FTP_SSL
+.IP CURLOPT_USE_SSL
 Pass a long using one of the values from below, to make libcurl use your
 desired level of SSL for the ftp transfer. (Added in 7.11.0)
 (This option was known as CURLOPT_FTP_SSL up to 7.16.4, and the constants
 were known as CURLFTPSSL_*)
 .RS
-.IP CURLFTPSSL_NONE
+.IP CURLUSESSL_NONE
 Don't attempt to use SSL.
-.IP CURLFTPSSL_TRY
+.IP CURLUSESSL_TRY
 Try using SSL, proceed as normal otherwise.
-.IP CURLFTPSSL_CONTROL
+.IP CURLUSESSL_CONTROL
-Require SSL for the control connection or fail with \fICURLE_FTP_SSL_FAILED\fP.
+Require SSL for the control connection or fail with \fICURLE_USE_SSL_FAILED\fP.
-.IP CURLFTPSSL_ALL
+.IP CURLUSESSL_ALL
-Require SSL for all communication or fail with \fICURLE_FTP_SSL_FAILED\fP.
+Require SSL for all communication or fail with \fICURLE_USE_SSL_FAILED\fP.
 .RE
 .IP CURLOPT_FTPSSLAUTH
 Pass a long using one of the values from below, to alter how libcurl issues
@@ -1210,13 +1232,6 @@ with.
 Pass a pointer to a zero terminated string as parameter. The string should be
 the format of your certificate. Supported formats are "PEM" and "DER".  (Added
 in 7.9.3)
 .IP CURLOPT_SSLCERTPASSWD
 Pass a pointer to a zero terminated string as parameter. It will be used as
 the password required to use the \fICURLOPT_SSLCERT\fP certificate.
 This option is replaced by \fICURLOPT_SSLKEYPASSWD\fP and should only be used
 for backward compatibility. You never needed a pass phrase to load a
 certificate but you need one to load your private key.
 .IP CURLOPT_SSLKEY
 Pass a pointer to a zero terminated string as parameter. The string should be
 the file name of your private key. The default format is "PEM" and can be
@@ -1229,10 +1244,15 @@ The format "ENG" enables you to load the private key from a crypto engine. In
 this case \fICURLOPT_SSLKEY\fP is used as an identifier passed to the
 engine. You have to set the crypto engine with \fICURLOPT_SSLENGINE\fP.
 \&"DER" format key file currently does not work because of a bug in OpenSSL.
-.IP CURLOPT_SSLKEYPASSWD
+.IP CURLOPT_KEYPASSWD
 Pass a pointer to a zero terminated string as parameter. It will be used as
 the password required to use the \fICURLOPT_SSLKEY\fP or
 \fICURLOPT_SSH_PRIVATE_KEYFILE\fP private key.
 You never needed a pass phrase to load a certificate but you need one to
 load your private key.
 (This option was known as CURLOPT_SSLKEYPASSWD up to 7.16.4 and
 CURLOPT_SSLCERTPASSWD up to 7.9.2)
 .IP CURLOPT_SSLENGINE
 Pass a pointer to a zero terminated string as parameter. It will be used as
 the identifier for the crypto engine you want to use for your private
@@ -1370,27 +1390,32 @@ this to 1 to enable it. By default all transfers are done using the
 cache. Note that while nothing ever should get hurt by attempting to reuse SSL
 session-IDs, there seem to be broken SSL implementations in the wild that may
 require you to disable this in order for you to succeed. (Added in 7.16.0)
-.IP CURLOPT_KRB4LEVEL
+.IP CURLOPT_KRBLEVEL
-Pass a char * as parameter. Set the krb4 security level, this also enables
+Pass a char * as parameter. Set the kerberos security level for FTP; this
-krb4 awareness.  This is a string, 'clear', 'safe', 'confidential' or
+also enables kerberos awareness.  This is a string, 'clear', 'safe',
-\&'private'.  If the string is set but doesn't match one of these, 'private'
+'confidential' or \&'private'.  If the string is set but doesn't match one
-will be used. Set the string to NULL to disable Kerberos4. The Kerberos
+of these, 'private' will be used. Set the string to NULL to disable kerberos
-support only works for FTP.
+support for FTP.
 (This option was known as CURLOPT_KRB4LEVEL up to 7.16.3)
 .SH SSH OPTIONS
 .IP CURLOPT_SSH_AUTH_TYPES
 Pass a long set to a bitmask consisting of one or more of
 CURLSSH_AUTH_PUBLICKEY, CURLSSH_AUTH_PASSWORD, CURLSSH_AUTH_HOST,
 CURLSSH_AUTH_KEYBOARD. Set CURLSSH_AUTH_ANY to let libcurl pick one.
 (Added in 7.16.1)
 .IP CURLOPT_SSH_PUBLIC_KEYFILE
 Pass a char * pointing to a file name for your public key. If not used,
 libcurl defaults to using \fB~/.ssh/id_dsa.pub\fP.
 (Added in 7.16.1)
 .IP CURLOPT_SSH_PRIVATE_KEYFILE
 Pass a char * pointing to a file name for your private key. If not used,
 libcurl defaults to using \fB~/.ssh/id_dsa\fP.
-If the file is password-protected, set the password with \fICURLOPT_SSLKEYPASSWD\fP.
+If the file is password-protected, set the password with \fICURLOPT_KEYPASSWD\fP.
 (Added in 7.16.1)
 .SH OTHER OPTIONS
 .IP CURLOPT_PRIVATE
-Pass a char * as parameter, pointing to data that should be associated with
+Pass a void * as parameter, pointing to data that should be associated with
 this curl handle.  The pointer can subsequently be retrieved using
 \fIcurl_easy_getinfo(3)\fP with the CURLINFO_PRIVATE option. libcurl itself
 does nothing with this data. (Added in 7.10.3)
@@ -1401,6 +1426,17 @@ this curl handle use the data from the shared handle instead of keeping the
 data to itself. This enables several curl handles to share data. If the curl
 handles are used simultaneously, you \fBMUST\fP use the locking methods in the
 share handle. See \fIcurl_share_setopt(3)\fP for details.
 .IP CURLOPT_NEW_FILE_PERMS
 Pass a long as a parameter, containing the value of the permissions that will
 be assigned to newly created files on the remote server.  The default value is
 \fI0644\fP, but any valid value can be used.  The only protocols that can use
 this are \fIsftp://\fP, \fIscp://\fP and \fIfile://\fP. (Added in 7.16.4)
 .IP CURLOPT_NEW_DIRECTORY_PERMS
 Pass a long as a parameter, containing the value of the permissions that will
 be assigned to newly created directories on the remote server.  The default
 value is \fI0755\fP, but any valid value can be used.  The only protocols that
 can use this are \fIsftp://\fP, \fIscp://\fP and \fIfile://\fP.
 (Added in 7.16.4)
 .SH TELNET OPTIONS
 .IP CURLOPT_TELNETOPTIONS
 Provide a pointer to a curl_slist with variables to pass to the telnet
--- a/docs/libcurl/curl_multi_socket.3
+++ b/docs/libcurl/curl_multi_socket.3
@@ -106,7 +106,7 @@ The \fIuserp\fP argument is a private pointer you have previously set with
 CURLMcode type, general libcurl multi interface error code.
 If you receive \fICURLM_CALL_MULTI_PERFORM\fP, this basically means that you
-should call \fIcurl_multi_perform\fP again, before you wait for more actions
+should call \fIcurl_multi_socket(3)\fP again, before you wait for more actions
 on libcurl's sockets. You don't have to do it immediately, but the return code
 means that libcurl may have more data available to return or that there may be
 more data to send off before it is "satisfied".
@@ -119,26 +119,32 @@ function returns OK.
 2. Set the socket callback with CURLMOPT_SOCKETFUNCTION
-3. Add easy handles
+3. Set the timeout callback with CURLMOPT_TIMERFUNCTION, to get to know what
 timeout value to use when waiting for socket activities.
-4. Call curl_multi_socket_all() first once
+4. Add easy handles
-5. Setup a "collection" of sockets to supervise when your socket
+5. Call curl_multi_socket_all() first once
 callback is called.
-6. Use curl_multi_timeout() to figure out how long to wait for action
+6. Provide some means to manage the sockets libcurl is using, so you can check
 them for activity. This can be done through your application code, or by way
 of an external library such as libevent or glib.
-7. Wait for action on any of libcurl's sockets
+7. Wait for activity on any of libcurl's sockets, use the timeout value your
 calback has been told
-8, When action happens, call curl_multi_socket_action() for the socket(s) that got
+8, When activity is detected, call curl_multi_socket_action() for the
-action.
+socket(s) that got action. If no activity is detected and the timeout expires,
 call \fIcurl_multi_socket(3)\fP with \fICURL_SOCKET_TIMEOUT\fP
-9. Go back to step 6.
+9. Go back to step 7.
 .SH AVAILABILITY
-This function was added in libcurl 7.15.4, although deemed stablesince 7.16.0.
+This function was added in libcurl 7.15.4, although deemed stable since
 7.16.0.
 \fIcurl_multi_socket(3)\fP is deprecated, use
 \fIcurl_multi_socket_action(3)\fP instead!
 .SH "SEE ALSO"
 .BR curl_multi_cleanup "(3), " curl_multi_init "(3), "
-.BR curl_multi_fdset "(3), " curl_multi_info_read "(3)"
+.BR curl_multi_fdset "(3), " curl_multi_info_read "(3), "
 .BR "the hiperfifo.c example"
--- a/docs/libcurl/libcurl-errors.3
+++ b/docs/libcurl/libcurl-errors.3
@@ -21,7 +21,7 @@
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH libcurl-errors 3 "8 May 2007" "libcurl 7.16.3" "libcurl errors"
+.TH libcurl-errors 3 "30 Aug 2007" "libcurl 7.17.0" "libcurl errors"
 .SH NAME
 libcurl-errors \- error codes in libcurl
 .SH DESCRIPTION
@@ -48,8 +48,6 @@ Very early initialization code failed. This is likely to be an internal error
 or problem.
 .IP "CURLE_URL_MALFORMAT (3)"
 The URL was not properly formatted.
 .IP "CURLE_URL_MALFORMAT_USER (4)"
 This is never returned by current libcurl.
 .IP "CURLE_COULDNT_RESOLVE_PROXY (5)"
 Couldn't resolve proxy. The given proxy host could not be resolved.
 .IP "CURLE_COULDNT_RESOLVE_HOST (6)"
@@ -60,17 +58,12 @@ Failed to connect() to host or proxy.
 After connecting to an FTP server, libcurl expects to get a certain reply
 back. This error code implies that it got a strange or bad reply. The given
 remote server is probably not an OK FTP server.
-.IP "CURLE_FTP_ACCESS_DENIED (9)"
+.IP "CURLE_REMOTE_ACCESS_DENIED (9)"
-We were denied access when trying to login to an FTP server or when trying to
+We were denied access to the resource given in the URL.  For FTP, this occurs
-change working directory to the one given in the URL.
+while trying to change to the remote directory.
 .IP "CURLE_FTP_USER_PASSWORD_INCORRECT (10)"
 This is never returned by current libcurl.
 .IP "CURLE_FTP_WEIRD_PASS_REPLY (11)"
 After having sent the FTP password to the server, libcurl expects a proper
 reply. This error code indicates that an unexpected code was returned.
 .IP "CURLE_FTP_WEIRD_USER_REPLY (12)"
 After having sent user name to the FTP server, libcurl expects a proper
 reply. This error code indicates that an unexpected code was returned.
 .IP "CURLE_FTP_WEIRD_PASV_REPLY (13)"
 libcurl failed to get a sensible result back from the server as a response to
 either a PASV or a EPSV command. The server is flawed.
@@ -79,11 +72,8 @@ FTP servers return a 227-line as a response to a PASV command. If libcurl
 fails to parse that line, this return code is passed back.
 .IP "CURLE_FTP_CANT_GET_HOST (15)"
 An internal failure to lookup the host used for the new connection.
-.IP "CURLE_FTP_CANT_RECONNECT (16)"
+.IP "CURLE_FTP_COULDNT_SET_TYPE (17)"
-A bad return code on either PASV or EPSV was sent by the FTP server,
+Received an error when trying to set the transfer mode to binary or ascii.
 preventing libcurl from being able to continue.
 .IP "CURLE_FTP_COULDNT_SET_BINARY (17)"
 Received an error when trying to set the transfer mode to binary.
 .IP "CURLE_PARTIAL_FILE (18)"
 A file transfer was shorter or larger than expected. This happens when the
 server first reports an expected transfer size, and then delivers data that
@@ -91,46 +81,38 @@ doesn't match the previously given size.
 .IP "CURLE_FTP_COULDNT_RETR_FILE (19)"
 This was either a weird reply to a 'RETR' command or a zero byte transfer
 complete.
-.IP "CURLE_FTP_WRITE_ERROR (20)"
+.IP "CURLE_QUOTE_ERROR (21)"
 After a completed file transfer, the FTP server did not respond a proper
 \"transfer successful\" code.
 .IP "CURLE_FTP_QUOTE_ERROR (21)"
 When sending custom "QUOTE" commands to the remote server, one of the commands
-returned an error code that was 400 or higher.
+returned an error code that was 400 or higher (for FTP) or otherwise
 indicated unsuccessful completion of the command.
 .IP "CURLE_HTTP_RETURNED_ERROR (22)"
 This is returned if CURLOPT_FAILONERROR is set TRUE and the HTTP server
-returns an error code that is >= 400.
+returns an error code that is >= 400. (This error code was formerly known as
 CURLE_HTTP_NOT_FOUND.)
 .IP "CURLE_WRITE_ERROR (23)"
 An error occurred when writing received data to a local file, or an error was
 returned to libcurl from a write callback.
 .IP "CURLE_MALFORMAT_USER (24)"
 This is never returned by current libcurl.
 .IP "CURLE_UPLOAD_FAILED (25)"
-Failed starting the upload. For FTP, the server typcially denied the STOR
+Failed starting the upload. For FTP, the server typically denied the STOR
 command. The error buffer usually contains the server's explanation to this.
 (This error code was formerly known as CURLE_FTP_COULDNT_STOR_FILE.)
 .IP "CURLE_READ_ERROR (26)"
 There was a problem reading a local file or an error returned by the read
 callback.
 .IP "CURLE_OUT_OF_MEMORY (27)"
-Out of memory. A memory allocation request failed. This is serious badness and
+A memory allocation request failed. This is serious badness and
 things are severely screwed up if this ever occur.
-.IP "CURLE_OPERATION_TIMEOUTED (28)"
+.IP "CURLE_OPERATION_TIMEDOUT (28)"
 Operation timeout. The specified time-out period was reached according to the
 conditions.
 .IP "CURLE_FTP_COULDNT_SET_ASCII (29)"
 libcurl failed to set ASCII transfer type (TYPE A).
 .IP "CURLE_FTP_PORT_FAILED (30)"
 The FTP PORT command returned error. This mostly happen when you haven't
 specified a good enough address for libcurl to use. See \fICURLOPT_FTPPORT\fP.
 .IP "CURLE_FTP_COULDNT_USE_REST (31)"
 The FTP REST command returned error. This should never happen if the server is
 sane.
-.IP "CURLE_FTP_COULDNT_GET_SIZE (32)"
+.IP "CURLE_RANGE_ERROR (33)"
-The FTP SIZE command returned error. SIZE is not a kosher FTP command, it is
+The server does not support or accept range requests.
 an extension and not all servers support it. This is not a surprising error.
 .IP "CURLE_HTTP_RANGE_ERROR (33)"
 The HTTP server does not support or accept range requests.
 .IP "CURLE_HTTP_POST_ERROR (34)"
 This is an odd error that mainly occurs due to internal confusion.
 .IP "CURLE_SSL_CONNECT_ERROR (35)"
@@ -147,22 +129,17 @@ path doesn't identify an existing file. Did you check file permissions?
 LDAP cannot bind. LDAP bind operation failed.
 .IP "CURLE_LDAP_SEARCH_FAILED (39)"
 LDAP search failed.
 .IP "CURLE_LIBRARY_NOT_FOUND (40)"
 Library not found. The LDAP library was not found.
 .IP "CURLE_FUNCTION_NOT_FOUND (41)"
-Function not found. A required LDAP function was not found.
+Function not found. A required zlib function was not found.
 .IP "CURLE_ABORTED_BY_CALLBACK (42)"
 Aborted by callback. A callback returned "abort" to libcurl.
 .IP "CURLE_BAD_FUNCTION_ARGUMENT (43)"
 Internal error. A function was called with a bad parameter.
-.IP "CURLE_BAD_CALLING_ORDER (44)"
+.IP "CURLE_INTERFACE_FAILED (45)"
 This is never returned by current libcurl.
 .IP "CURLE_HTTP_PORT_FAILED (45)"
 Interface error. A specified outgoing interface could not be used. Set which
 interface to use for outgoing connections' source IP address with
-CURLOPT_INTERFACE.
+CURLOPT_INTERFACE. (This error code was formerly known as
-.IP "CURLE_BAD_PASSWORD_ENTERED (46)"
+CURLE_HTTP_PORT_FAILED.)
 This is never returned by current libcurl.
 .IP "CURLE_TOO_MANY_REDIRECTS (47)"
 Too many redirects. When following redirects, libcurl hit the maximum amount.
 Set your limit with CURLOPT_MAXREDIRS.
@@ -171,9 +148,6 @@ An option set with CURLOPT_TELNETOPTIONS was not recognized/known. Refer to
 the appropriate documentation.
 .IP "CURLE_TELNET_OPTION_SYNTAX (49)"
 A telnet option string was Illegally formatted.
 .IP "CURLE_OBSOLETE (50)"
 This is not an error. This used to be another error code in an old libcurl
 version and is currently unused.
 .IP "CURLE_SSL_PEER_CERTIFICATE (51)"
 The remote server's SSL certificate was deemed not OK.
 .IP "CURLE_GOT_NOTHING (52)"
@@ -187,21 +161,19 @@ Failed setting the selected SSL crypto engine as default!
 Failed sending network data.
 .IP "CURLE_RECV_ERROR (56)"
 Failure with receiving network data.
 .IP "CURLE_SHARE_IN_USE (57)"
 Share is in use
 .IP "CURLE_SSL_CERTPROBLEM (58)"
 problem with the local client certificate
 .IP "CURLE_SSL_CIPHER (59)"
-couldn't use specified cipher
+Couldn't use specified cipher
 .IP "CURLE_SSL_CACERT (60)"
-peer certificate cannot be authenticated with known CA certificates
+Peer certificate cannot be authenticated with known CA certificates
 .IP "CURLE_BAD_CONTENT_ENCODING (61)"
 Unrecognized transfer encoding
 .IP "CURLE_LDAP_INVALID_URL (62)"
 Invalid LDAP URL
 .IP "CURLE_FILESIZE_EXCEEDED (63)"
 Maximum file size exceeded
-.IP "CURLE_FTP_SSL_FAILED (64)"
+.IP "CURLE_USE_SSL_FAILED (64)"
 Requested FTP SSL level failed
 .IP "CURLE_SEND_FAIL_REWIND (65)"
 When doing a send operation curl had to rewind the data to retransmit, but the
@@ -212,24 +184,33 @@ Initiating the SSL Engine failed
 The remote server denied curl to login (Added in 7.13.1)
 .IP "CURLE_TFTP_NOTFOUND (68)"
 File not found on TFTP server
-.IP "CURLE_TFTP_PERM (69"
+.IP "CURLE_TFTP_PERM (69)"
 Permission problem on TFTP server
-.IP "CURLE_TFTP_DISKFULL (70)"
+.IP "CURLE_REMOTE_DISK_FULL (70)"
-Out of disk space on TFTP server
+Out of disk space on the server
 .IP "CURLE_TFTP_ILLEGAL (71)"
 Illegal TFTP operation
 .IP "CURLE_TFTP_UNKNOWNID (72)"
 Unknown TFTP transfer ID
-.IP "CURLE_TFTP_EXISTS (73)"
+.IP "CURLE_REMOTE_FILE_EXISTS (73)"
-TFTP File already exists
+File already exists and will not be overwritten
 .IP "CURLE_TFTP_NOSUCHUSER (74)"
-No such TFTP user
+This error should never be returned by a properly functioning TFTP server
 .IP "CURLE_CONV_FAILED (75)"
 Character conversion failed
 .IP "CURLE_CONV_REQD (76)"
 Caller must register conversion callbacks
 .IP "CURLE_SSL_CACERT_BADFILE (77)"
 Problem with reading the SSL CA cert (path? access rights?)
 .IP "CURLE_REMOTE_FILE_NOT_FOUND (78)"
 The resource referenced in the URL does not exist
 .IP "CURLE_SSH (79)"
 An unspecified error occurred during the SSH session
 .IP "CURLE_SSL_SHUTDOWN_FAILED (80)"
 Failed to shut down the SSL connection
 .IP "CURLE_OBSOLETE*"
 These error codes will never be returned. They used to be used in an old libcurl
 version and are currently unused.
 .SH "CURLMcode"
 This is the generic return code used by functions in the libcurl multi
 interface. Also consider \fIcurl_multi_strerror(3)\fP.
@@ -251,6 +232,9 @@ This can only be returned if libcurl bugs. Please report it to us!
 .IP "CURLM_BAD_SOCKET (5)"
 The passed-in socket is not a valid one that libcurl already knows about.
 (Added in 7.15.4)
 .IP "CURLM_UNKNOWN_OPTION (6)"
 curl_multi_setopt() with unsupported option
 (Added in 7.15.4)
 .SH "CURLSHcode"
 The "share" interface will return a CURLSHcode to indicate when an error has
 occurred.  Also consider \fIcurl_share_strerror(3)\fP.
@@ -262,4 +246,6 @@ An invalid option was passed to the function.
 The share object is currently in use.
 .IP "CURLSHE_INVALID (3)"
 An invalid share object was passed to the function.
-
+.IP "CURLSHE_NOMEM (4)"
 Not enough memory was available.
 (Added in 7.12.0)
--- a/docs/libcurl/libcurl-multi.3
+++ b/docs/libcurl/libcurl-multi.3
@@ -136,8 +136,6 @@ the future, you should be aware of the following current restrictions:
 - GnuTLS SSL connections
 - Active FTP connections
 - HTTP proxy CONNECT operations
 - SCP and SFTP connections
 - SFTP transfers
 - TFTP transfers
 - file:// transfers
 .fi
--- a/docs/libcurl/libcurl-tutorial.3
+++ b/docs/libcurl/libcurl-tutorial.3
@@ -415,7 +415,7 @@ you're using an SSL private key for secure transfers.
 To pass the known private key password to libcurl:
- curl_easy_setopt(easyhandle, CURLOPT_SSLKEYPASSWD, "keypassword");
+ curl_easy_setopt(easyhandle, CURLOPT_KEYPASSWD, "keypassword");
 .SH "HTTP Authentication"
 The previous chapter showed how to set user name and password for getting
@@ -931,7 +931,7 @@ would instead be called CURLOPT_POSTQUOTE and used the exact same way.
 The custom FTP command will be issued to the server in the same order they are
 added to the list, and if a command gets an error code returned back from the
 server, no more commands will be issued and libcurl will bail out with an
-error code (CURLE_FTP_QUOTE_ERROR). Note that if you use CURLOPT_QUOTE to send
+error code (CURLE_QUOTE_ERROR). Note that if you use CURLOPT_QUOTE to send
 commands before a transfer, no transfer will actually take place when a quote
 command has failed.
--- a/hiper/Makefile
+++ b/hiper/Makefile
@@ -3,7 +3,7 @@
 # During dev at least, we use a static libcurl.
 #
-LDFLAGS = -lcrypt -lidn -lssl -lcrypto -ldl -lz -lresolv -L../ares/.libs \
+LDFLAGS = -lcrypt -lidn -lssl -lcrypto -lz -lresolv -L../ares/.libs \
 -lcares
 LIBCURL = -L../lib/.libs/ -lcurl
 CFLAGS = -I../include -g
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -95,6 +95,11 @@ extern "C" {
  typedef long long curl_off_t;
 #define CURL_FORMAT_OFF_T "%I64d"
 #else /* GCC or Watcom on Windows  */
 #if defined(__ILEC400__)
 /* OS400 C compiler. */
  typedef long long curl_off_t;
 #define CURL_FORMAT_OFF_T "%lld"
 #else /* OS400 C compiler. */
 /* "normal" POSIX approach, do note that this does not necessarily mean that
   the type is >32 bits, see the SIZEOF_CURL_OFF_T define for that! */
@@ -120,6 +125,7 @@ extern "C" {
 #else /* LARGE_FILE support */
 #define CURL_FORMAT_OFF_T "%ld"
 #endif
 #endif /* OS400 C compiler. */
 #endif /* GCC or Watcom on Windows */
 #endif /* (_MSC_VER && !__POCC__) || (__LCC__ && WIN32) */
@@ -151,7 +157,7 @@ extern "C" {
 /* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
   libc5-based Linux systems. Only include it on system that are known to
   require it! */
-#if defined(_AIX) || defined(NETWARE) || defined(__NetBSD__) || defined(__minix)
+#if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || defined(__minix)
 #include <sys/select.h>
 #endif
@@ -308,29 +314,29 @@ typedef enum {
  CURLE_UNSUPPORTED_PROTOCOL,    /* 1 */
  CURLE_FAILED_INIT,             /* 2 */
  CURLE_URL_MALFORMAT,           /* 3 */
-  CURLE_URL_MALFORMAT_USER,      /* 4 - NOT USED */
+  CURLE_OBSOLETE4,               /* 4 - NOT USED */
  CURLE_COULDNT_RESOLVE_PROXY,   /* 5 */
  CURLE_COULDNT_RESOLVE_HOST,    /* 6 */
  CURLE_COULDNT_CONNECT,         /* 7 */
  CURLE_FTP_WEIRD_SERVER_REPLY,  /* 8 */
-  CURLE_FTP_ACCESS_DENIED,       /* 9 a service was denied by the FTP server
+  CURLE_REMOTE_ACCESS_DENIED,    /* 9 a service was denied by the server
                                    due to lack of access - when login fails
                                    this is not returned. */
-  CURLE_FTP_USER_PASSWORD_INCORRECT, /* 10 - NOT USED */
+  CURLE_OBSOLETE10,              /* 10 - NOT USED */
  CURLE_FTP_WEIRD_PASS_REPLY,    /* 11 */
-  CURLE_FTP_WEIRD_USER_REPLY,    /* 12 */
+  CURLE_OBSOLETE12,              /* 12 - NOT USED */
  CURLE_FTP_WEIRD_PASV_REPLY,    /* 13 */
  CURLE_FTP_WEIRD_227_FORMAT,    /* 14 */
  CURLE_FTP_CANT_GET_HOST,       /* 15 */
-  CURLE_FTP_CANT_RECONNECT,      /* 16 */
+  CURLE_OBSOLETE16,              /* 16 - NOT USED */
-  CURLE_FTP_COULDNT_SET_BINARY,  /* 17 */
+  CURLE_FTP_COULDNT_SET_TYPE,    /* 17 */
  CURLE_PARTIAL_FILE,            /* 18 */
  CURLE_FTP_COULDNT_RETR_FILE,   /* 19 */
-  CURLE_FTP_WRITE_ERROR,         /* 20 */
+  CURLE_OBSOLETE20,              /* 20 - NOT USED */
-  CURLE_FTP_QUOTE_ERROR,         /* 21 */
+  CURLE_QUOTE_ERROR,             /* 21 - quote command failure */
  CURLE_HTTP_RETURNED_ERROR,     /* 22 */
  CURLE_WRITE_ERROR,             /* 23 */
-  CURLE_MALFORMAT_USER,          /* 24 - NOT USED */
+  CURLE_OBSOLETE24,              /* 24 - NOT USED */
  CURLE_UPLOAD_FAILED,           /* 25 - failed upload "command" */
  CURLE_READ_ERROR,              /* 26 - could open/read from file */
  CURLE_OUT_OF_MEMORY,           /* 27 */
@@ -338,29 +344,29 @@ typedef enum {
           instead of a memory allocation error if CURL_DOES_CONVERSIONS
           is defined
  */
-  CURLE_OPERATION_TIMEOUTED,     /* 28 - the timeout time was reached */
+  CURLE_OPERATION_TIMEDOUT,      /* 28 - the timeout time was reached */
-  CURLE_FTP_COULDNT_SET_ASCII,   /* 29 - TYPE A failed */
+  CURLE_OBSOLETE29,              /* 29 - NOT USED */
  CURLE_FTP_PORT_FAILED,         /* 30 - FTP PORT operation failed */
  CURLE_FTP_COULDNT_USE_REST,    /* 31 - the REST command failed */
-  CURLE_FTP_COULDNT_GET_SIZE,    /* 32 - the SIZE command failed */
+  CURLE_OBSOLETE32,              /* 32 - NOT USED */
-  CURLE_HTTP_RANGE_ERROR,        /* 33 - RANGE "command" didn't work */
+  CURLE_RANGE_ERROR,             /* 33 - RANGE "command" didn't work */
  CURLE_HTTP_POST_ERROR,         /* 34 */
  CURLE_SSL_CONNECT_ERROR,       /* 35 - wrong when connecting with SSL */
  CURLE_BAD_DOWNLOAD_RESUME,     /* 36 - couldn't resume download */
  CURLE_FILE_COULDNT_READ_FILE,  /* 37 */
  CURLE_LDAP_CANNOT_BIND,        /* 38 */
  CURLE_LDAP_SEARCH_FAILED,      /* 39 */
-  CURLE_LIBRARY_NOT_FOUND,       /* 40 */
+  CURLE_OBSOLETE40,              /* 40 - NOT USED */
  CURLE_FUNCTION_NOT_FOUND,      /* 41 */
  CURLE_ABORTED_BY_CALLBACK,     /* 42 */
  CURLE_BAD_FUNCTION_ARGUMENT,   /* 43 */
-  CURLE_BAD_CALLING_ORDER,       /* 44 - NOT USED */
+  CURLE_OBSOLETE44,              /* 44 - NOT USED */
  CURLE_INTERFACE_FAILED,        /* 45 - CURLOPT_INTERFACE failed */
-  CURLE_BAD_PASSWORD_ENTERED,    /* 46 - NOT USED */
+  CURLE_OBSOLETE46,              /* 46 - NOT USED */
  CURLE_TOO_MANY_REDIRECTS ,     /* 47 - catch endless re-direct loops */
  CURLE_UNKNOWN_TELNET_OPTION,   /* 48 - User specified an unknown option */
  CURLE_TELNET_OPTION_SYNTAX ,   /* 49 - Malformed telnet option */
-  CURLE_OBSOLETE,                /* 50 - NOT USED */
+  CURLE_OBSOLETE50,              /* 50 - NOT USED */
  CURLE_SSL_PEER_CERTIFICATE,    /* 51 - peer's certificate wasn't ok */
  CURLE_GOT_NOTHING,             /* 52 - when this is a specific error */
  CURLE_SSL_ENGINE_NOTFOUND,     /* 53 - SSL crypto engine not found */
@@ -368,14 +374,14 @@ typedef enum {
                                    default */
  CURLE_SEND_ERROR,              /* 55 - failed sending network data */
  CURLE_RECV_ERROR,              /* 56 - failure in receiving network data */
-  CURLE_SHARE_IN_USE,            /* 57 - share is in use */
+  CURLE_OBSOLETE57,              /* 57 - NOT IN USE */
  CURLE_SSL_CERTPROBLEM,         /* 58 - problem with the local certificate */
  CURLE_SSL_CIPHER,              /* 59 - couldn't use specified cipher */
  CURLE_SSL_CACERT,              /* 60 - problem with the CA cert (path?) */
  CURLE_BAD_CONTENT_ENCODING,    /* 61 - Unrecognized transfer encoding */
  CURLE_LDAP_INVALID_URL,        /* 62 - Invalid LDAP URL */
  CURLE_FILESIZE_EXCEEDED,       /* 63 - Maximum file size exceeded */
-  CURLE_FTP_SSL_FAILED,          /* 64 - Requested FTP SSL level failed */
+  CURLE_USE_SSL_FAILED,          /* 64 - Requested FTP SSL level failed */
  CURLE_SEND_FAIL_REWIND,        /* 65 - Sending the data requires a rewind
                                    that failed */
  CURLE_SSL_ENGINE_INITFAILED,   /* 66 - failed to initialise ENGINE */
@@ -383,10 +389,10 @@ typedef enum {
                                    accepted and we failed to login */
  CURLE_TFTP_NOTFOUND,           /* 68 - file not found on server */
  CURLE_TFTP_PERM,               /* 69 - permission problem on server */
-  CURLE_TFTP_DISKFULL,           /* 70 - out of disk space on server */
+  CURLE_REMOTE_DISK_FULL,        /* 70 - out of disk space on server */
  CURLE_TFTP_ILLEGAL,            /* 71 - Illegal TFTP operation */
  CURLE_TFTP_UNKNOWNID,          /* 72 - Unknown transfer ID */
-  CURLE_TFTP_EXISTS,             /* 73 - File already exists */
+  CURLE_REMOTE_FILE_EXISTS,      /* 73 - File already exists */
  CURLE_TFTP_NOSUCHUSER,         /* 74 - No such user */
  CURLE_CONV_FAILED,             /* 75 - conversion failed */
  CURLE_CONV_REQD,               /* 76 - caller must register conversion
@@ -406,6 +412,53 @@ typedef enum {
  CURL_LAST /* never use! */
 } CURLcode;
 #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
                          the obsolete stuff removed! */
 /* Backwards compatibility with older names */
 /* These are scheduled to disappear by 2009 */
 /* The following were added in 7.17.0 */
 #define CURLE_OBSOLETE CURLE_OBSOLETE50	/* noone should be using this! */
 #define CURLE_BAD_PASSWORD_ENTERED CURLE_OBSOLETE46
 #define CURLE_BAD_CALLING_ORDER CURLE_OBSOLETE44
 #define CURLE_FTP_USER_PASSWORD_INCORRECT CURLE_OBSOLETE10
 #define CURLE_FTP_CANT_RECONNECT CURLE_OBSOLETE16
 #define CURLE_FTP_COULDNT_GET_SIZE CURLE_OBSOLETE32
 #define CURLE_FTP_COULDNT_SET_ASCII CURLE_OBSOLETE29
 #define CURLE_FTP_WEIRD_USER_REPLY CURLE_OBSOLETE12
 #define CURLE_FTP_WRITE_ERROR CURLE_OBSOLETE20
 #define CURLE_LIBRARY_NOT_FOUND CURLE_OBSOLETE40
 #define CURLE_MALFORMAT_USER CURLE_OBSOLETE24
 #define CURLE_SHARE_IN_USE CURLE_OBSOLETE57
 #define CURLE_URL_MALFORMAT_USER CURLE_OBSOLETE4
 #define CURLE_FTP_ACCESS_DENIED CURLE_REMOTE_ACCESS_DENIED
 #define CURLE_FTP_COULDNT_SET_BINARY CURLE_FTP_COULDNT_SET_TYPE
 #define CURLE_FTP_QUOTE_ERROR CURLE_QUOTE_ERROR
 #define CURLE_TFTP_DISKFULL CURLE_REMOTE_DISK_FULL
 #define CURLE_TFTP_EXISTS CURLE_REMOTE_FILE_EXISTS
 #define CURLE_HTTP_RANGE_ERROR CURLE_RANGE_ERROR 
 #define CURLE_FTP_SSL_FAILED CURLE_USE_SSL_FAILED
 /* The following were added earlier */
 #define CURLE_OPERATION_TIMEOUTED CURLE_OPERATION_TIMEDOUT
 #define CURLE_HTTP_NOT_FOUND CURLE_HTTP_RETURNED_ERROR
 #define CURLE_HTTP_PORT_FAILED CURLE_INTERFACE_FAILED
 #define CURLE_FTP_COULDNT_STOR_FILE CURLE_UPLOAD_FAILED
 #define CURLE_FTP_PARTIAL_FILE CURLE_PARTIAL_FILE
 #define CURLE_FTP_BAD_DOWNLOAD_RESUME CURLE_BAD_DOWNLOAD_RESUME
 /* This was the error code 50 in 7.7.3 and a few earlier versions, this
   is no longer used by libcurl but is instead #defined here only to not
   make programs break */
 #define CURLE_ALREADY_COMPLETE 99999
 #endif /*!CURL_NO_OLDIES*/
 /* This prototype applies to all conversion callbacks */
 typedef CURLcode (*curl_conv_callback)(char *buffer, size_t length);
@@ -414,17 +467,6 @@ typedef CURLcode (*curl_ssl_ctx_callback)(CURL *curl,    /* easy handle */
                                                            OpenSSL SSL_CTX */
                                          void *userptr);
 /* Make a spelling correction for the operation timed-out define */
 #define CURLE_OPERATION_TIMEDOUT CURLE_OPERATION_TIMEOUTED
 #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
                          the obsolete stuff removed! */
 /* backwards compatibility with older names */
 #define CURLE_HTTP_NOT_FOUND CURLE_HTTP_RETURNED_ERROR
 #define CURLE_HTTP_PORT_FAILED CURLE_INTERFACE_FAILED
 #define CURLE_FTP_COULDNT_STOR_FILE CURLE_UPLOAD_FAILED
 #endif
 typedef enum {
  CURLPROXY_HTTP = 0,
  CURLPROXY_SOCKS4 = 4,
@@ -447,28 +489,30 @@ typedef enum {
 #define CURLSSH_AUTH_KEYBOARD  (1<<3) /* keyboard interactive */
 #define CURLSSH_AUTH_DEFAULT CURLSSH_AUTH_ANY
 #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
                          the obsolete stuff removed! */
 /* this was the error code 50 in 7.7.3 and a few earlier versions, this
   is no longer used by libcurl but is instead #defined here only to not
   make programs break */
 #define CURLE_ALREADY_COMPLETE 99999
 /* These are just to make older programs not break: */
 #define CURLE_FTP_PARTIAL_FILE CURLE_PARTIAL_FILE
 #define CURLE_FTP_BAD_DOWNLOAD_RESUME CURLE_BAD_DOWNLOAD_RESUME
 #endif
 #define CURL_ERROR_SIZE 256
-/* parameter for the CURLOPT_FTP_SSL option */
+/* parameter for the CURLOPT_USE_SSL option */
 typedef enum {
-  CURLFTPSSL_NONE,    /* do not attempt to use SSL */
+  CURLUSESSL_NONE,    /* do not attempt to use SSL */
-  CURLFTPSSL_TRY,     /* try using SSL, proceed anyway otherwise */
+  CURLUSESSL_TRY,     /* try using SSL, proceed anyway otherwise */
-  CURLFTPSSL_CONTROL, /* SSL for the control connection or fail */
+  CURLUSESSL_CONTROL, /* SSL for the control connection or fail */
-  CURLFTPSSL_ALL,     /* SSL for all communication or fail */
+  CURLUSESSL_ALL,     /* SSL for all communication or fail */
-  CURLFTPSSL_LAST     /* not an option, never use */
+  CURLUSESSL_LAST     /* not an option, never use */
-} curl_ftpssl;
+} curl_usessl;
 #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
                          the obsolete stuff removed! */
 /* Backwards compatibility with older names */
 /* These are scheduled to disappear by 2009 */
 #define CURLFTPSSL_NONE CURLUSESSL_NONE
 #define CURLFTPSSL_TRY CURLUSESSL_TRY
 #define CURLFTPSSL_CONTROL CURLUSESSL_CONTROL
 #define CURLFTPSSL_ALL CURLUSESSL_ALL
 #define CURLFTPSSL_LAST CURLUSESSL_LAST
 #define curl_ftpssl curl_usessl
 #endif /*!CURL_NO_OLDIES*/
 /* parameter for the CURLOPT_FTP_SSL_CCC option */
 typedef enum {
@@ -517,7 +561,8 @@ typedef enum {
 */
 #if defined(__STDC__) || defined(_MSC_VER) || defined(__cplusplus) || \
  defined(__HP_aCC) || defined(__BORLANDC__) || defined(__LCC__) || \
-  defined(__POCC__) || defined(__SALFORDC__) || defined(__HIGHC__)
+  defined(__POCC__) || defined(__SALFORDC__) || defined(__HIGHC__) || \
  defined(__ILEC400__)
  /* This compiler is believed to have an ISO compatible preprocessor */
 #define CURL_ISOCPP
 #else
@@ -615,7 +660,7 @@ typedef enum {
   */
  /* Set the "low speed limit" */
-  CINIT(LOW_SPEED_LIMIT, LONG , 19),
+  CINIT(LOW_SPEED_LIMIT, LONG, 19),
  /* Set the "low speed time" */
  CINIT(LOW_SPEED_TIME, LONG, 20),
@@ -640,10 +685,8 @@ typedef enum {
  /* name of the file keeping your private SSL-certificate */
  CINIT(SSLCERT, OBJECTPOINT, 25),
-  /* password for the SSL-private key, keep this for compatibility */
+  /* password for the SSL or SSH private key */
-  CINIT(SSLCERTPASSWD, OBJECTPOINT, 26),
+  CINIT(KEYPASSWD, OBJECTPOINT, 26),
  /* password for the SSL private key */
  CINIT(SSLKEYPASSWD, OBJECTPOINT, 26),
  /* send TYPE parameter? */
  CINIT(CRLF, LONG, 27),
@@ -697,9 +740,9 @@ typedef enum {
  CINIT(FAILONERROR, LONG, 45),  /* no output on http error codes >= 300 */
  CINIT(UPLOAD, LONG, 46),       /* this is an upload */
  CINIT(POST, LONG, 47),         /* HTTP POST method */
-  CINIT(FTPLISTONLY, LONG, 48),  /* Use NLST when listing ftp dir */
+  CINIT(DIRLISTONLY, LONG, 48),  /* return bare names when listing directories */
-  CINIT(FTPAPPEND, LONG, 50),    /* Append instead of overwrite on upload! */
+  CINIT(APPEND, LONG, 50),       /* Append instead of overwrite on upload! */
  /* Specify whether to read the user+password from the .netrc or the URL.
   * This must be one of the CURL_NETRC_* enums below. */
@@ -736,10 +779,10 @@ typedef enum {
  /* Set the interface string to use as outgoing network interface */
  CINIT(INTERFACE, OBJECTPOINT, 62),
-  /* Set the krb4 security level, this also enables krb4 awareness.  This is a
+  /* Set the krb4/5 security level, this also enables krb4/5 awareness.  This
-   * string, 'clear', 'safe', 'confidential' or 'private'.  If the string is
+   * is a string, 'clear', 'safe', 'confidential' or 'private'.  If the string
-   * set but doesn't match one of these, 'private' will be used.  */
+   * is set but doesn't match one of these, 'private' will be used.  */
-  CINIT(KRB4LEVEL, OBJECTPOINT, 63),
+  CINIT(KRBLEVEL, OBJECTPOINT, 63),
  /* Set if we should verify the peer in ssl handshake, set 1 to verify. */
  CINIT(SSL_VERIFYPEER, LONG, 64),
@@ -840,7 +883,7 @@ typedef enum {
  CINIT(SSLENGINE_DEFAULT, LONG, 90),
  /* Non-zero value means to use the global dns cache */
-  CINIT(DNS_USE_GLOBAL_CACHE, LONG, 91), /* To becomeO BSOLETE soon */
+  CINIT(DNS_USE_GLOBAL_CACHE, LONG, 91), /* To become OBSOLETE soon */
  /* DNS cache timeout */
  CINIT(DNS_CACHE_TIMEOUT, LONG, 92),
@@ -922,7 +965,7 @@ typedef enum {
     getting a response.  This is different from transfer timeout time and
     essentially places a demand on the FTP server to acknowledge commands
     in a timely manner. */
-  CINIT(FTP_RESPONSE_TIMEOUT, LONG , 112),
+  CINIT(FTP_RESPONSE_TIMEOUT, LONG, 112),
  /* Set this option to one of the CURL_IPRESOLVE_* defines (see below) to
     tell libcurl to resolve names to those IP versions only. This only has
@@ -962,7 +1005,7 @@ typedef enum {
     CURLFTPSSL_CONTROL - SSL for the control connection or fail
     CURLFTPSSL_ALL     - SSL for all communication or fail
  */
-  CINIT(FTP_SSL, LONG, 119),
+  CINIT(USE_SSL, LONG, 119),
  /* The _LARGE version of the standard POSTFIELDSIZE option */
  CINIT(POSTFIELDSIZE_LARGE, OFF_T, 120),
@@ -978,7 +1021,7 @@ typedef enum {
  /* 127 OBSOLETE. Gone in 7.16.0 */
  /* 128 OBSOLETE. Gone in 7.16.0 */
-  /* When FTP over SSL/TLS is selected (with CURLOPT_FTP_SSL), this option
+  /* When FTP over SSL/TLS is selected (with CURLOPT_USE_SSL), this option
     can be used to change libcurl's default action which is to first try
     "AUTH SSL" and then "AUTH TLS" in this order, and proceed when a OK
     response has been received.
@@ -1076,9 +1119,37 @@ typedef enum {
  CINIT(HTTP_TRANSFER_DECODING, LONG, 157),
  CINIT(HTTP_CONTENT_DECODING, LONG, 158),
  /* Permission used when creating new files and directories on the remote
     server for protocols that support it, SFTP/SCP/FILE */
  CINIT(NEW_FILE_PERMS, LONG, 159),
  CINIT(NEW_DIRECTORY_PERMS, LONG, 160),
  CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;
 #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
                          the obsolete stuff removed! */
 /* Backwards compatibility with older names */
 /* These are scheduled to disappear by 2009 */
 /* The following were added in 7.17.0 */
 #define CURLOPT_SSLKEYPASSWD CURLOPT_KEYPASSWD 
 #define CURLOPT_FTPAPPEND CURLOPT_APPEND
 #define CURLOPT_FTPLISTONLY CURLOPT_DIRLISTONLY
 #define CURLOPT_FTP_SSL CURLOPT_USE_SSL
 /* The following were added earlier */
 #define CURLOPT_SSLCERTPASSWD CURLOPT_KEYPASSWD
 #define CURLOPT_KRB4LEVEL CURLOPT_KRBLEVEL
 #else
 /* This is set if CURL_NO_OLDIES is defined at compile-time */
 #undef CURLOPT_DNS_USE_GLOBAL_CACHE /* soon obsolete */
 #endif
  /* Below here follows defines for the CURLOPT_IPRESOLVE option. If a host
     name resolves addresses using more than one IP protocol version, this
     option might be handy to force libcurl to use a specific IP version. */
@@ -1092,14 +1163,6 @@ typedef enum {
 #define CURLOPT_READDATA  CURLOPT_INFILE
 #define CURLOPT_HEADERDATA CURLOPT_WRITEHEADER
 #ifndef CURL_NO_OLDIES /* define this to test if your app builds with all
                          the obsolete stuff removed! */
 #else
 /* This is set if CURL_NO_OLDIES is defined at compile-time */
 #undef CURLOPT_DNS_USE_GLOBAL_CACHE /* soon obsolete */
 #endif
  /* These enums are for use with the CURLOPT_HTTP_VERSION option. */
 enum {
  CURL_HTTP_VERSION_NONE, /* setting this means we don't care, and that we'd
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -28,13 +28,13 @@
 /* This is the version number of the libcurl package from which this header
   file origins: */
-#define LIBCURL_VERSION "7.16.3-CVS"
+#define LIBCURL_VERSION "7.17.0-CVS"
 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBCURL_VERSION_MAJOR 7
-#define LIBCURL_VERSION_MINOR 16
+#define LIBCURL_VERSION_MINOR 17
-#define LIBCURL_VERSION_PATCH 3
+#define LIBCURL_VERSION_PATCH 0
 /* This is the numeric version of the libcurl version number, meant for easier
   parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -51,7 +51,7 @@
   and it is always a greater number in a more recent release. It makes
   comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071003
+#define LIBCURL_VERSION_NUM 0x071100
 /*
 * This is the date and time when the full source package was created. The
--- a/include/curl/mprintf.h
+++ b/include/curl/mprintf.h
@@ -44,6 +44,16 @@ CURL_EXTERN char *curl_maprintf(const char *format, ...);
 CURL_EXTERN char *curl_mvaprintf(const char *format, va_list args);
 #ifdef _MPRINTF_REPLACE
 # undef printf
 # undef fprintf
 # undef sprintf
 # undef vsprintf
 # undef snprintf
 # undef vprintf
 # undef vfprintf
 # undef vsnprintf
 # undef aprintf
 # undef vaprintf
 # define printf curl_mprintf
 # define fprintf curl_mfprintf
 #ifdef CURLDEBUG
--- a/lib/Makefile.Watcom
+++ b/lib/Makefile.Watcom
@@ -9,7 +9,7 @@ TARGETS = libcurl_wc.lib libcurl_wc.dll libcurl_wc_imp.lib
 CC = wcc386
 CFLAGS = -3r -mf -d3 -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm -bt=nt -bd &
-         -d+ -dWIN32 -dHAVE_LONGLONG -dCURL_CA_BUNDLE=getenv("CURL_CA_BUNDLE")     &
+         -d+ -dWIN32 -dCURL_CA_BUNDLE=getenv("CURL_CA_BUNDLE")                     &
         -dBUILDING_LIBCURL -dWITHOUT_MM_LIB -dHAVE_SPNEGO=1 -dENABLE_IPV6         &
         -dDEBUG_THREADING_GETADDRINFO -dDEBUG=1 -dCURLDEBUG -d_WIN32_WINNT=0x0501 &
         -I. -I..\include
@@ -154,7 +154,7 @@ $(OBJ_DIR)\url.obj: url.c setup.h config-win32.h setup_once.h urldata.h cookie.h
  http_chunks.h hostip.h hash.h llist.h splay.h netrc.h base64.h sslgen.h &
  transfer.h sendf.h progress.h strequal.h strerror.h escape.h strtok.h &
  share.h content_encoding.h http_digest.h http_negotiate.h select.h &
-  multiif.h ftp.h dict.h telnet.h tftp.h http.h file.h ldap.h url.h &
+  multiif.h ftp.h dict.h telnet.h tftp.h http.h file.h curl_ldap.h url.h &
  connect.h inet_ntop.h http_ntlm.h .\ca-bundle.h &
  ..\include\curl\mprintf.h memory.h memdebug.h .\memory.h
 $(OBJ_DIR)\dict.obj: dict.c setup.h config-win32.h setup_once.h urldata.h cookie.h &
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -32,8 +32,9 @@ EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 Makefile.riscos	\
 $(DSP) curllib.dsw config-win32.h config-win32ce.h config-riscos.h	\
 config-mac.h config.h.in ca-bundle.crt makefile.dj config.dos		\
 libcurl.framework.make libcurl.plist libcurl.rc config-amigaos.h	\
- amigaos.c amigaos.h makefile.amiga Makefile.netware nwlib.c		\
+ amigaos.c amigaos.h makefile.amiga Makefile.netware nwlib.c nwos.c	\
 libcurl.imp msvcproj.head msvcproj.foot config-win32ce.h		\
 config-os400.h setup-os400.h \
 Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ)
 CLEANFILES = $(DSP) $(VCPROJ)
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -4,19 +4,20 @@ CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
  cookie.c http.c sendf.c ftp.c url.c dict.c if2ip.c speedcheck.c	\
  ldap.c ssluse.c version.c getenv.c escape.c mprintf.c telnet.c	\
  netrc.c getinfo.c transfer.c strequal.c easy.c security.c krb4.c	\
-  memdebug.c http_chunks.c strtok.c connect.c llist.c hash.c multi.c	\
+  krb5.c memdebug.c http_chunks.c strtok.c connect.c llist.c hash.c	\
-  content_encoding.c share.c http_digest.c md5.c http_negotiate.c	\
+  multi.c content_encoding.c share.c http_digest.c md5.c		\
-  http_ntlm.c inet_pton.c strtoofft.c strerror.c hostares.c hostasyn.c	\
+  http_negotiate.c http_ntlm.c inet_pton.c strtoofft.c strerror.c	\
-  hostip4.c hostip6.c hostsyn.c hostthre.c inet_ntop.c parsedate.c	\
+  hostares.c hostasyn.c hostip4.c hostip6.c hostsyn.c hostthre.c	\
-  select.c gtls.c sslgen.c tftp.c splay.c strdup.c socks.c ssh.c nss.c
+  inet_ntop.c parsedate.c select.c gtls.c sslgen.c tftp.c splay.c	\
  strdup.c socks.c ssh.c nss.c qssl.c
 HHEADERS = arpa_telnet.h netrc.h file.h timeval.h base64.h hostip.h	\
  progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h	\
-  if2ip.h speedcheck.h urldata.h ldap.h ssluse.h escape.h telnet.h	\
+  if2ip.h speedcheck.h urldata.h curl_ldap.h ssluse.h escape.h telnet.h	\
-  getinfo.h strequal.h krb4.h memdebug.h inet_ntoa_r.h \
+  getinfo.h strequal.h krb4.h memdebug.h inet_ntoa_r.h http_chunks.h	\
-  http_chunks.h strtok.h connect.h llist.h hash.h content_encoding.h	\
+  strtok.h connect.h llist.h hash.h content_encoding.h share.h md5.h	\
-  share.h md5.h http_digest.h http_negotiate.h http_ntlm.h ca-bundle.h	\
+  http_digest.h http_negotiate.h http_ntlm.h ca-bundle.h inet_pton.h	\
-  inet_pton.h strtoofft.h strerror.h inet_ntop.h curlx.h memory.h	\
+  strtoofft.h strerror.h inet_ntop.h curlx.h memory.h setup.h		\
-  setup.h transfer.h select.h easyif.h multiif.h parsedate.h sslgen.h   \
+  transfer.h select.h easyif.h multiif.h parsedate.h sslgen.h gtls.h	\
-  gtls.h tftp.h sockaddr.h splay.h strdup.h setup_once.h socks.h ssh.h  \
+  tftp.h sockaddr.h splay.h strdup.h setup_once.h socks.h ssh.h nssg.h	\
-  nssg.h
+  qssl.h
--- a/lib/Makefile.m32
+++ b/lib/Makefile.m32
@@ -1,35 +1,60 @@
-#############################################################
+#########################################################################
 # $Id$
 #
 ## Makefile for building libcurl.a with MingW32 (GCC-3.2) and
-## optionally OpenSSL (0.9.8)
+## optionally OpenSSL (0.9.8), libssh2 (0.17), zlib (1.2.3)
 ##
-## Use: make -f Makefile.m32 [SSL=1] [SSH2=1] [DYN=1]
+## Usage:
 ## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
 ##
 ## Hint: you can also set environment vars to control the build, f.e.:
 ## set ZLIB_PATH=c:/zlib-1.2.3
 ## set ZLIB=1
 ##
 ## Comments to: Troy Engel <tengel@sonic.net> or
 ##              Joern Hartroth <hartroth@acm.org>
 #########################################################################
-ifndef OPENSSL_PATH
+# Edit the path below to point to the base of your Zlib sources.
 OPENSSL_PATH = ../../openssl-0.9.8d
 endif
 ifndef LIBSSH2_PATH
 LIBSSH2_PATH = ../../libssh2-0.14
 endif
 ifndef ZLIB_PATH
 ZLIB_PATH = ../../zlib-1.2.3
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
 OPENSSL_PATH = ../../openssl-0.9.8e
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
 LIBSSH2_PATH = ../../libssh2-0.17
 endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
 LDAP_SDK = c:/novell/ndk/cldapsdk/win32
 endif
 ARES_LIB = ../ares
 CC = gcc
 AR = ar
-RM = rm -f
+# comment LDFLAGS below to keep debug info
 LDFLAGS = -s
 RANLIB = ranlib
 RC = windres
 RCFLAGS = --include-dir=../include -DCURLDEBUG=0 -O COFF -i
 RM = del /q /f
 STRIP = strip -g
 ########################################################
 ## Nothing more to do below this line!
 INCLUDES = -I. -I../include
-CFLAGS = -g -O2 -DBUILDING_LIBCURL -DHAVE_LONGLONG
+CFLAGS = -g -O2 -DBUILDING_LIBCURL
 ifdef ARES
  INCLUDES += -I$(ARES_LIB)
  CFLAGS += -DUSE_ARES
  DLL_LIBS += -L$(ARES_LIB) -lcares
  libcurl_dll_DEPENDENCIES = $(ARES_LIB)/libcares.a
 endif
 ifdef SSH2
  INCLUDES += -I"$(LIBSSH2_PATH)/include" -I"$(LIBSSH2_PATH)/win32"
  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
@@ -53,44 +78,76 @@ endif
 ifdef IPV6
  CFLAGS += -DENABLE_IPV6
 endif
 ifdef LDAPS
  CFLAGS += -DHAVE_LDAP_SSL
 endif
 ifdef USE_LDAP_NOVELL
  INCLUDES += -I"$(LDAP_SDK)/inc"
  CFLAGS += -DCURL_HAS_NOVELL_LDAPSDK
  DLL_LIBS += -L"$(LDAP_SDK)/lib/mscvc" -lldapsdk -lldapssl -lldapx
 endif
 ifdef USE_LDAP_OPENLDAP
  INCLUDES += -I"$(LDAP_SDK)/include"
  CFLAGS += -DCURL_HAS_OPENLDAP_LDAPSDK
  DLL_LIBS += -L"$(LDAP_SDK)/lib" -lldap -llber
 endif
 ifndef USE_LDAP_NOVELL
 ifndef USE_LDAP_OPENLDAP
 DLL_LIBS += -lwldap32
 endif
 endif
 DLL_LIBS += -lws2_32 -lwinmm
 COMPILE = $(CC) $(INCLUDES) $(CFLAGS)
 # Makefile.inc provides the CSOURCES and HHEADERS defines
 include Makefile.inc
 libcurl_dll_LIBRARY = libcurl.dll
 libcurl_dll_a_LIBRARY = libcurldll.a
 libcurl_a_LIBRARY = libcurl.a
 libcurl_a_OBJECTS := $(patsubst %.c,%.o,$(strip $(CSOURCES)))
-
+libcurl_a_DEPENDENCIES := $(strip $(CSOURCES) $(HHEADERS))
 libcurl_a_LIBRARIES = libcurl.a
 libcurl_a_DEPENDENCIES = $(strip $(CSOURCES) $(HHEADERS))
 all: libcurl.a libcurl.dll libcurldll.a
 libcurl.a: $(libcurl_a_OBJECTS) $(libcurl_a_DEPENDENCIES)
 	$(RM) libcurl.a
 	$(AR) cru libcurl.a $(libcurl_a_OBJECTS)
 	$(RANLIB) libcurl.a
 	$(STRIP) $@
 RESOURCE = libcurl.res
 .SUFFIXES: .rc .res
 all: ca-bundle.h $(libcurl_a_LIBRARY) $(libcurl_dll_LIBRARY)
 $(libcurl_a_LIBRARY): $(libcurl_a_OBJECTS) $(libcurl_a_DEPENDENCIES)
 	-$(RM) $@
 	$(AR) cru $@ $(libcurl_a_OBJECTS)
 	$(RANLIB) $@
 	$(STRIP) $@
 # remove the last line above to keep debug info
-libcurl.dll libcurldll.a: $(libcurl_a_OBJECTS) $(RESOURCE)
+$(libcurl_dll_LIBRARY): $(libcurl_a_OBJECTS) $(RESOURCE) $(libcurl_dll_DEPENDENCIES)
-	$(RM) $@
+	-$(RM) $@
-	$(CC) -s -shared -Wl,--out-implib,libcurldll.a -o libcurl.dll \
+	$(CC) $(LDFLAGS) -shared -Wl,--out-implib,$(libcurl_dll_a_LIBRARY) \
-	  $(libcurl_a_OBJECTS) $(RESOURCE) $(DLL_LIBS) -lws2_32 -lwinmm
+	  -o $@ $(libcurl_a_OBJECTS) $(RESOURCE) $(DLL_LIBS)
 # remove the above '-s' to keep debug info
 .c.o:
 	$(COMPILE) -c $<
-libcurl.res: libcurl.rc
+.rc.res:
-	windres -DCURLDEBUG=0 -O COFF -o $@ -i $^
+	$(RC) $(RCFLAGS) $< -o $@
 clean:
-	$(RM) $(libcurl_a_OBJECTS) $(RESOURCE)
+	-$(RM) $(libcurl_a_OBJECTS) $(RESOURCE) ca-bundle.h
 distrib: clean
-	$(RM) $(libcurl_a_LIBRARIES)
+	-$(RM) $(libcurl_a_LIBRARY) $(libcurl_dll_LIBRARY) $(libcurl_dll_a_LIBRARY)
 FORCE: ;
 ca-bundle.h: FORCE Makefile.m32
 	@echo Creating $@
 	@echo $(DL)/* Do not edit this file - it is created by make!$(DL) > $@
 	@echo $(DL)*/$(DL) >> $@
 $(ARES_LIB)/libcares.a:
 	$(MAKE) -C $(ARES_LIB) -f Makefile.m32
--- a/lib/Makefile.netware
+++ b/lib/Makefile.netware
@@ -25,7 +25,7 @@ endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-0.15
+LIBSSH2_PATH = ../../libssh2-0.16
 endif
 ifndef INSTDIR
@@ -36,7 +36,7 @@ endif
 TARGET  = libcurl
 VERSION	= $(LIBCURL_VERSION)
 COPYR	= Copyright (C) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>
-DESCR	= cURL libcurl $(LIBCURL_VERSION_STR) - http://curl.haxx.se
+DESCR	= cURL libcurl $(LIBCURL_VERSION_STR) ($(LIBARCH)) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
 SCREEN	= none
@@ -60,15 +60,19 @@ else
 	OBJDIR	= debug
 endif
-# Include the version info retrieved from curlver.h
+# The following lines defines your compiler.
-include $(OBJDIR)/version.inc
+ifdef CWFolder
-
+	METROWERKS = $(CWFolder)
-# The following line defines your compiler.
+endif
 ifdef METROWERKS
 	# MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support
 	MWCW_PATH = $(subst \,/,$(METROWERKS))/Novell Support/Metrowerks Support
 	CC = mwccnlm
 else
 	CC = gcc
 endif
 # a native win32 awk can be downloaded from here:
 # http://www.gknw.net/development/prgtools/awk-20050424.zip
 AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
@@ -78,6 +82,12 @@ CP	= cp -afv
 # http://www.gknw.net/development/prgtools/mkxdc.zip
 MPKXDC	= mkxdc
 # LIBARCH_U = $(shell $(AWK) 'BEGIN {print toupper(ARGV[1])}' $(LIBARCH))
 LIBARCH_L = $(shell $(AWK) 'BEGIN {print tolower(ARGV[1])}' $(LIBARCH))
 # Include the version info retrieved from curlver.h
 -include $(OBJDIR)/version.inc
 # Global flags for all compilers
 CFLAGS	= $(OPT) -D$(DB) -DNETWARE -DHAVE_CONFIG_H -nostdinc
@@ -95,8 +105,10 @@ ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.o
 	CFLAGS += -align 4
 else
-	PRELUDE = "$(METROWERKS)/Novell Support/libraries/runtime/prelude.obj"
+	# PRELUDE = $(SDK_CLIB)/imports/clibpre.o
-#	CFLAGS += -include "$(METROWERKS)/Novell Support/headers/nlm_prefix.h"
+	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
 	PRELUDE = "$(MWCW_PATH)/libraries/runtime/prelude.obj"
 	# CFLAGS += -include "$(MWCW_PATH)/headers/nlm_clib_prefix.h"
 	CFLAGS += -align 1
 endif
 else
@@ -112,6 +124,9 @@ ifeq ($(LIBARCH),LIBC)
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
 else
 	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
 	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
 	# http://www.gknw.net/development/mk_nlm/gcc_pre.zip
 	# PRELUDE = $(NDK_ROOT)/pre/prelude.o
 	CFLAGS += -include $(NDKBASE)/nlmconv/genlm.h
 endif
 endif
@@ -128,16 +143,7 @@ INCLUDES = -I$(CURL_INC) -I$(CURL_LIB)
 ifdef WITH_ARES
 	INCLUDES += -I$(ARES_LIB)
-	LDLIBS = $(ARES_LIB)/libcares.$(LIBEXT)
+	LDLIBS += $(ARES_LIB)/libcares.$(LIBEXT)
 endif
 ifdef WITH_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
 ifdef LINK_STATIC
 	LDLIBS += $(ZLIB_PATH)/nw/libz.$(LIBEXT)
 else
 	MODULES += libz.nlm
 	IMPORTS += @$(ZLIB_PATH)/nw/libz.imp
 endif
 endif
 ifdef WITH_SSH2
 	INCLUDES += -I$(LIBSSH2_PATH)/include
@@ -149,23 +155,33 @@ else
 endif
 endif
 ifdef WITH_SSL
-	INCLUDES += -I$(OPENSSL_PATH)/outinc_nw_libc -I$(OPENSSL_PATH)/outinc_nw_libc/openssl
+	INCLUDES += -I$(OPENSSL_PATH)/outinc_nw_$(LIBARCH_L) -I$(OPENSSL_PATH)/outinc_nw_$(LIBARCH_L)/openssl
-	LDLIBS += $(OPENSSL_PATH)/out_nw_libc/ssl.$(LIBEXT)
+	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
-	LDLIBS += $(OPENSSL_PATH)/out_nw_libc/crypto.$(LIBEXT)
+	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
 	IMPORTS += GetProcessSwitchCount RunningProcess
 endif
 ifdef WITH_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
 ifdef LINK_STATIC
 	LDLIBS += $(ZLIB_PATH)/nw/$(LIBARCH)/libz.$(LIBEXT)
 else
 	MODULES += libz.nlm
 	IMPORTS += @$(ZLIB_PATH)/nw/$(LIBARCH)/libz.imp
 endif
 endif
 ifeq ($(LIBARCH),LIBC)
-	INCLUDES += -I$(SDK_LIBC)/include -I$(SDK_LIBC)/include/nks
+	INCLUDES += -I$(SDK_LIBC)/include
 	# INCLUDES += -I$(SDK_LIBC)/include/nks
 	# INCLUDES += -I$(SDK_LIBC)/include/winsock
 	# INCLUDES += -I$(SDK_LDAP)/libc/inc
 	CFLAGS += -D_POSIX_SOURCE
 	# CFLAGS += -D__ANSIC__
 else
-	INCLUDES += -I$(SDK_CLIB)/include/nlm -I$(SDK_CLIB)/include
+	INCLUDES += -I$(SDK_CLIB)/include/nlm
 	# INCLUDES += -I$(SDK_CLIB)/include/nlm/obsolete
-	# INCLUDES += -I$(SDK_LDAP)/clib/inc
+	# INCLUDES += -I$(SDK_CLIB)/include
-	CFLAGS += -DNETDB_USE_INTERNET
+endif
 ifndef DISABLE_LDAP
 	INCLUDES += -I$(SDK_LDAP)/$(LIBARCH_L)/inc
 endif
 CFLAGS	+= $(INCLUDES)
@@ -190,7 +206,7 @@ endif
 # Makefile.inc provides the CSOURCES and HHEADERS defines
 include Makefile.inc
-OBJS	:= $(patsubst %.c,$(OBJDIR)/%.o,$(strip $(CSOURCES)))
+OBJS	:= $(patsubst %.c,$(OBJDIR)/%.o,$(strip $(CSOURCES))) $(OBJDIR)/nwos.o
 OBJL	= $(OBJS) $(OBJDIR)/nwlib.o $(LDLIBS)
@@ -281,6 +297,7 @@ endif
 ifdef XDCDATA
 	@echo $(DL)xdcdata $(XDCDATA)$(DL) >> $@
 endif
 	@echo $(DL)flag_on 64$(DL) >> $@
 ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)start _Prelude$(DL) >> $@
 	@echo $(DL)exit _Stop$(DL) >> $@
@@ -288,21 +305,26 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)import @$(SDK_CLIB)/imports/threads.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_CLIB)/imports/nlmlib.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_CLIB)/imports/socklib.imp$(DL) >> $@
-#	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapsdk.imp$(DL) >> $@
+ifndef DISABLE_LDAP
-#	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapssl.imp$(DL) >> $@
+	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapsdk.imp$(DL) >> $@
-#	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
+	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapssl.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
 	@echo $(DL)module ldapsdk$(DL) >> $@
 endif
 	@echo $(DL)module clib$(DL) >> $@
 else
 	@echo $(DL)flag_on 64$(DL) >> $@
 	@echo $(DL)pseudopreemption$(DL) >> $@
 	@echo $(DL)start _LibCPrelude$(DL) >> $@
 	@echo $(DL)exit _LibCPostlude$(DL) >> $@
 	@echo $(DL)check _LibCCheckUnload$(DL) >> $@
 	@echo $(DL)import @$(SDK_LIBC)/imports/libc.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LIBC)/imports/netware.imp$(DL) >> $@
-#	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapsdk.imp$(DL) >> $@
+ifndef DISABLE_LDAP
-#	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapssl.imp$(DL) >> $@
+	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapsdk.imp$(DL) >> $@
-#	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
+	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapssl.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
 	@echo $(DL)module lldapsdk$(DL) >> $@
 endif
 	@echo $(DL)module libc$(DL) >> $@
 endif
 ifdef MODULES
@@ -332,24 +354,76 @@ config.h: Makefile.netware
 	@echo $(DL)#ifndef NETWARE$(DL) >> $@
 	@echo $(DL)#error This $(notdir $@) is created for NetWare platform!$(DL) >> $@
 	@echo $(DL)#endif$(DL) >> $@
 	@echo $(DL)#define OS "i586-pc-NetWare"$(DL) >> $@
 	@echo $(DL)#define VERSION "$(LIBCURL_VERSION_STR)"$(DL) >> $@
 	@echo $(DL)#define PACKAGE_BUGREPORT "a suitable curl mailing list => http://curl.haxx.se/mail/"$(DL) >> $@
-	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
+ifeq ($(LIBARCH),CLIB)
-	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
+	@echo $(DL)#define OS "i586-pc-clib-NetWare"$(DL) >> $@
-	@echo $(DL)#define HAVE_DLFCN_H 1$(DL) >> $@
+	@echo $(DL)#define NETDB_USE_INTERNET 1$(DL) >> $@
-	@echo $(DL)#define HAVE_DLOPEN 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRICMP 1$(DL) >> $@
-	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
-	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG2 char *$(DL) >> $@
-	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG3 int$(DL) >> $@
-	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
+	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG2 char *$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define socklen_t int$(DL) >> $@
 	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
 else
 	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
 	@echo $(DL)#define HAVE_FTRUNCATE 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETTIMEOFDAY 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_PTON 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INTTYPES_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LIMITS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LONGLONG 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRTOLL 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG2 void *$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG3 size_t$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG2 void *$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG3 size_t$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
 	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
 ifdef ENABLE_IPV6
 	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
 endif
 endif
 	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_ASSERT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_ERR_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_FCNTL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_FIONBIO 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETHOSTBYADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETHOSTBYNAME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GETPROTOBYNAME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_GMTIME_R 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_ADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_INET_NTOA 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LL 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LOCALTIME_R 1$(DL) >> $@
 	@echo $(DL)#define HAVE_MALLOC_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_NETINET_IN_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_RECV 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SELECT 1$(DL) >> $@
@@ -359,56 +433,40 @@ config.h: Makefile.netware
 	@echo $(DL)#define HAVE_SIGNAL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SIG_ATOMIC_T 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SOCKET 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STDINT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STDLIB_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRCASECMP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRDUP 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRFTIME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRING_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRLCAT 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRLCPY 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRSTR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_IOCTL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_STAT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_TIME_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TIME_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_UNAME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_UNISTD_H 1$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME 1$(DL) >> $@
-	@echo $(DL)#define RECV_TYPE_ARG2 char *$(DL) >> $@
+	@echo $(DL)#define HAVE_UTIME_H 1$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define RETSIGTYPE void$(DL) >> $@
 	@echo $(DL)#define SEND_QUAL_ARG2$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG2 char *$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define SIZEOF_CURL_OFF_T 4$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN_ADDR 4$(DL) >> $@
 	@echo $(DL)#define STDC_HEADERS 1$(DL) >> $@
 	@echo $(DL)#define TIME_WITH_SYS_TIME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN_ADDR 4$(DL) >> $@
 ifdef DISABLE_LDAP
 	@echo $(DL)#define CURL_DISABLE_LDAP 1$(DL) >> $@
 else
-	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
+	@echo $(DL)#define CURL_HAS_NOVELL_LDAPSDK 1$(DL) >> $@
 ifndef DISABLE_LDAPS
 	@echo $(DL)#define HAVE_LDAP_SSL 1$(DL) >> $@
 endif
-ifdef ENABLE_IPV6
+	@echo $(DL)#define HAVE_LDAP_SSL_H 1$(DL) >> $@
-	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
+	@echo $(DL)#define HAVE_LDAP_URL_PARSE 1$(DL) >> $@
 endif
 ifdef NW_WINSOCK
 	@echo $(DL)#define HAVE_CLOSESOCKET 1$(DL) >> $@
 else
 	@echo $(DL)#define USE_BSD_SOCKETS 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_TYPES_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_SOCKET_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_SOCKIO_H 1$(DL) >> $@
@@ -463,6 +521,7 @@ endif
 info: $(OBJDIR)/version.inc
 	@echo Configured to build $(TARGET) with these options:
 	@echo libarchitecture: $(LIBARCH)
 	@echo curl version:    $(LIBCURL_VERSION_STR)
 	@echo compiler/linker: $(CC) / $(LD)
 ifdef CABUNDLE
@@ -494,7 +553,7 @@ else
 	@echo ipv6 support:    no
 endif
-$(LIBCARES):
+$(ARES_LIB)/libcares.$(LIBEXT):
 	$(MAKE) -C $(ARES_LIB) -f Makefile.netware lib
--- a/lib/Makefile.vc6
+++ b/lib/Makefile.vc6
@@ -1,4 +1,5 @@
 #############################################################
 # $Id: Makefile.vc6,v 1.19 2004/11/14 13:48:15 giva Exp $
 #
 # Makefile for building libcurl with MSVC6
 #
@@ -34,11 +35,11 @@ IMPLIB_NAME       = libcurl_imp
 IMPLIB_NAME_DEBUG = libcurld_imp
 !IFNDEF OPENSSL_PATH
-OPENSSL_PATH   = ../../openssl-0.9.7e
+OPENSSL_PATH   = ../../openssl-0.9.8e
 !ENDIF
 !IFNDEF ZLIB_PATH
-ZLIB_PATH  = ../../zlib-1.2.1
+ZLIB_PATH  = ../../zlib-1.2.3
 !ENDIF
 !IFNDEF MACHINE
@@ -47,8 +48,10 @@ MACHINE  = X86
 # USE_WINDOWS_SSPI uses windows libraries to allow NTLM authentication
 # without an openssl installation and offers the ability to authenticate
-# using the "current logged in user".  It does however require that the
+# using the "current logged in user". Since at least with MSVC6 the sspi.h
-# Windows SDK be installed.
+# header is broken it is either required to install the Windows SDK,
 # or to fix sspi.h with adding this define at the beginning of sspi.h:
 # #define FreeCredentialHandle FreeCredentialsHandle
 #
 # If, for some reason the Windows SDK is installed but not installed
 # in the default location, you can specify WINDOWS_SDK_PATH.
--- a/lib/base64.c
+++ b/lib/base64.c
@@ -137,7 +137,7 @@ size_t Curl_base64_decode(const char *src, unsigned char **outptr)
 *
 * Returns the length of the newly created base64 string. The third argument
 * is a pointer to an allocated area holding the base64 data. If something
- * went wrong, -1 is returned.
+ * went wrong, 0 is returned.
 *
 */
 size_t Curl_base64_encode(struct SessionHandle *data,
@@ -265,7 +265,7 @@ int main(int argc, argv_item_t argv[], char **envp)
  handle = curl_easy_init();
  if(handle == NULL) {
    fprintf(stderr, "Error: curl_easy_init failed\n");
-    return 0;
+    return 1;
  }
 #endif
  data = (unsigned char *)suck(&dataLen);
@@ -305,7 +305,7 @@ int main(int argc, argv_item_t argv[], char **envp)
  struct SessionHandle *handle = curl_easy_init();
  if(handle == NULL) {
    fprintf(stderr, "Error: curl_easy_init failed\n");
-    return 0;
+    return 1;
  }
 #endif
--- a/lib/config-os400.h
+++ b/lib/config-os400.h
@@ -0,0 +1,475 @@
 /* ================================================================ */
 /*    lib/config-os400.h - Hand crafted config file for OS/400      */
 /* ================================================================ */
 #pragma enum(int)
 #undef PACKAGE
 /* Version number of this archive. */
 #undef VERSION
 /* Define if you have the getpass function.  */
 #undef HAVE_GETPASS
 /* Define cpu-machine-OS */
 #define OS "OS/400"
 /* Define if you have the gethostbyaddr_r() function with 5 arguments */
 #define HAVE_GETHOSTBYADDR_R_5
 /* Define if you have the gethostbyaddr_r() function with 7 arguments */
 #undef HAVE_GETHOSTBYADDR_R_7
 /* Define if you have the gethostbyaddr_r() function with 8 arguments */
 #undef HAVE_GETHOSTBYADDR_R_8
 /* Define if you have the gethostbyname_r() function with 3 arguments */
 #define HAVE_GETHOSTBYNAME_R_3
 /* Define if you have the gethostbyname_r() function with 5 arguments */
 #undef HAVE_GETHOSTBYNAME_R_5
 /* Define if you have the gethostbyname_r() function with 6 arguments */
 #undef HAVE_GETHOSTBYNAME_R_6
 /* Define if you have the inet_ntoa_r function declared. */
 #define HAVE_INET_NTOA_R_DECL
 /* Define if the inet_ntoa_r function returns an int. */
 #define HAVE_INT_INET_NTOA_R
 /* Define if you need the _REENTRANT define for some functions */
 #undef NEED_REENTRANT
 /* Define if you have the Kerberos4 libraries (including -ldes) */
 #undef HAVE_KRB4
 /* Define if you want to enable IPv6 support */
 #define ENABLE_IPV6
 /* Define this to 'int' if ssize_t is not an available typedefed type */
 #undef ssize_t
 /* Define this to 'int' if socklen_t is not an available typedefed type */
 #undef socklen_t
 /* Define this as a suitable file to read random data from */
 #undef RANDOM_FILE
 /* Define this to your Entropy Gathering Daemon socket pathname */
 #undef EGD_SOCKET
 /* Set to explicitly specify we don't want to use thread-safe functions */
 #undef DISABLED_THREADSAFE
 /* Define if you have the <alloca.h> header file. */
 #undef HAVE_ALLOCA_H
 /* Define if you have the <arpa/inet.h> header file. */
 #define HAVE_ARPA_INET_H
 /* Define if you have the `closesocket' function. */
 #undef HAVE_CLOSESOCKET
 /* Define if you have the <crypto.h> header file. */
 #undef HAVE_CRYPTO_H
 /* Define if you have the <des.h> header file. */
 #undef HAVE_DES_H
 /* Define if you have the <err.h> header file. */
 #undef HAVE_ERR_H
 /* Define if you have the <fcntl.h> header file. */
 #define HAVE_FCNTL_H
 /* Define if getaddrinfo exists and works */
 /* OS400 has no ASCII version of this procedure. */
 #undef HAVE_GETADDRINFO
 /* Define if you have the `geteuid' function. */
 #define HAVE_GETEUID
 /* Define if you have the `gethostbyaddr' function. */
 #define HAVE_GETHOSTBYADDR
 /* Define if you have the `gethostbyaddr_r' function. */
 #define HAVE_GETHOSTBYADDR_R
 /* Define if you have the `gethostbyname_r' function. */
 #define HAVE_GETHOSTBYNAME_R
 /* Define if you have the `gethostname' function. */
 #define HAVE_GETHOSTNAME
 /* Define if you have the <getopt.h> header file. */
 #undef HAVE_GETOPT_H
 /* Define if you have the `getpass_r' function. */
 #undef HAVE_GETPASS_R
 /* Define if you have the `getpwuid' function. */
 #define HAVE_GETPWUID
 /* Define if you have the `getservbyname' function. */
 #define HAVE_GETSERVBYNAME
 /* Define if you have the `gettimeofday' function. */
 #define HAVE_GETTIMEOFDAY
 /* Define if you have the `timeval' struct. */
 #define HAVE_STRUCT_TIMEVAL
 /* Define if you have the `inet_addr' function. */
 #define HAVE_INET_ADDR
 /* Define if you have the `inet_ntoa' function. */
 #define HAVE_INET_NTOA
 /* Define if you have the `inet_ntoa_r' function. */
 #define HAVE_INET_NTOA_R
 /* Define if you have the <inttypes.h> header file. */
 #define HAVE_INTTYPES_H
 /* Define if you have the <io.h> header file. */
 #undef HAVE_IO_H
 /* Define if you have the `krb_get_our_ip_for_realm' function. */
 #undef HAVE_KRB_GET_OUR_IP_FOR_REALM
 /* Define if you have the <krb.h> header file. */
 #undef HAVE_KRB_H
 /* Define if you have the `crypto' library (-lcrypto). */
 #undef HAVE_LIBCRYPTO
 /* Define if you have the `nsl' library (-lnsl). */
 #undef HAVE_LIBNSL
 /* Define if you have the `resolv' library (-lresolv). */
 #undef HAVE_LIBRESOLV
 /* Define if you have the `resolve' library (-lresolve). */
 #undef HAVE_LIBRESOLVE
 /* Define if you have the `socket' library (-lsocket). */
 #undef HAVE_LIBSOCKET
 /* Define if you have the `ssl' library (-lssl). */
 #undef HAVE_LIBSSL
 /* Define if you have GSS API. */
 #define HAVE_GSSAPI
 /* Define if you have the `ucb' library (-lucb). */
 #undef HAVE_LIBUCB
 /* Define if you have the `localtime_r' function. */
 #define HAVE_LOCALTIME_R
 /* Define if you have the <malloc.h> header file. */
 #define HAVE_MALLOC_H
 /* Define if you need the malloc.h header file even with stdlib.h  */
 /* #define NEED_MALLOC_H 1 */
 /* Define if you have the <memory.h> header file. */
 #undef HAVE_MEMORY_H
 /* Define if you have the <netdb.h> header file. */
 #define HAVE_NETDB_H
 /* Define if you have the <netinet/if_ether.h> header file. */
 #undef HAVE_NETINET_IF_ETHER_H
 /* Define if you have the <netinet/in.h> header file. */
 #define HAVE_NETINET_IN_H
 /* Define if you have the <net/if.h> header file. */
 #define HAVE_NET_IF_H
 /* Define if you have the <openssl/crypto.h> header file. */
 #undef HAVE_OPENSSL_CRYPTO_H
 /* Define if you have the <openssl/err.h> header file. */
 #undef HAVE_OPENSSL_ERR_H
 /* Define if you have the <openssl/pem.h> header file. */
 #undef HAVE_OPENSSL_PEM_H
 /* Define if you have the <openssl/rsa.h> header file. */
 #undef HAVE_OPENSSL_RSA_H
 /* Define if you have the <openssl/ssl.h> header file. */
 #undef HAVE_OPENSSL_SSL_H
 /* Define if you have the <openssl/x509.h> header file. */
 #undef HAVE_OPENSSL_X509_H
 /* Define if you have the <pem.h> header file. */
 #undef HAVE_PEM_H
 /* Define if you have the `perror' function. */
 #define HAVE_PERROR
 /* Define if you have the <pwd.h> header file. */
 #define HAVE_PWD_H
 /* Define if you have the `RAND_egd' function. */
 #undef HAVE_RAND_EGD
 /* Define if you have the `RAND_screen' function. */
 #undef HAVE_RAND_SCREEN
 /* Define if you have the `RAND_status' function. */
 #undef HAVE_RAND_STATUS
 /* Define if you have the <rsa.h> header file. */
 #undef HAVE_RSA_H
 /* Define if you have the `select' function. */
 #define HAVE_SELECT
 /* Define if you have the `setvbuf' function. */
 #define HAVE_SETVBUF
 /* Define if you have the <sgtty.h> header file. */
 #undef HAVE_SGTTY_H
 /* Define if you have the `sigaction' function. */
 #define HAVE_SIGACTION
 /* Define if you have the `signal' function. */
 #undef HAVE_SIGNAL
 /* Define if you have the <signal.h> header file. */
 #define HAVE_SIGNAL_H
 /* Define if sig_atomic_t is an available typedef. */
 #define HAVE_SIG_ATOMIC_T
 /* Define if sig_atomic_t is already defined as volatile. */
 #undef HAVE_SIG_ATOMIC_T_VOLATILE
 /* Define if you have the `socket' function. */
 #define HAVE_SOCKET
 /* Define if you have the <ssl.h> header file. */
 #undef HAVE_SSL_H
 /* Define if you have the <stdint.h> header file. */
 #undef HAVE_STDINT_H
 /* Define if you have the <stdlib.h> header file. */
 #define HAVE_STDLIB_H
 /* Define if you have the `strcasecmp' function. */
 #undef HAVE_STRCASECMP
 /* Define if you have the `strcmpi' function. */
 #undef HAVE_STRCMPI
 /* Define if you have the `strdup' function. */
 #undef HAVE_STRDUP
 /* Define if you have the `strftime' function. */
 #define HAVE_STRFTIME
 /* Define if you have the `stricmp' function. */
 #undef HAVE_STRICMP
 /* Define if you have the <strings.h> header file. */
 #define HAVE_STRINGS_H
 /* Define if you have the <string.h> header file. */
 #define HAVE_STRING_H
 /* Define if you have the `strlcat' function. */
 #undef HAVE_STRLCAT
 /* Define if you have the `strlcpy' function. */
 #undef HAVE_STRLCPY
 /* Define if you have the `strstr' function. */
 #define HAVE_STRSTR
 /* Define if you have the `strtok_r' function. */
 #define HAVE_STRTOK_R
 /* Define if you have the `strtoll' function. */
 #undef HAVE_STRTOLL             /* Allows ASCII compile on V5R1. */
 /* Define if you have the <sys/param.h> header file. */
 #define HAVE_SYS_PARAM_H
 /* Define if you have the <sys/select.h> header file. */
 #undef HAVE_SYS_SELECT_H
 /* Define if you have the <sys/socket.h> header file. */
 #define HAVE_SYS_SOCKET_H
 /* Define if you have the <sys/sockio.h> header file. */
 #undef HAVE_SYS_SOCKIO_H
 /* Define if you have the <sys/stat.h> header file. */
 #define HAVE_SYS_STAT_H
 /* Define if you have the <sys/time.h> header file. */
 #define HAVE_SYS_TIME_H
 /* Define if you have the <sys/types.h> header file. */
 #define HAVE_SYS_TYPES_H
 /* Define if you have the <sys/ioctl.h> header file. */
 #define HAVE_SYS_IOCTL_H
 /* Define if you have the `tcgetattr' function. */
 #undef HAVE_TCGETATTR
 /* Define if you have the `tcsetattr' function. */
 #undef HAVE_TCSETATTR
 /* Define if you have the <termios.h> header file. */
 #undef HAVE_TERMIOS_H
 /* Define if you have the <termio.h> header file. */
 #undef HAVE_TERMIO_H
 /* Define if you have the <time.h> header file. */
 #define HAVE_TIME_H
 /* Define if you have the `uname' function. */
 #undef HAVE_UNAME
 /* Define if you have the <unistd.h> header file. */
 #define HAVE_UNISTD_H
 /* Define if you have the <winsock.h> header file. */
 #undef HAVE_WINSOCK_H
 /* Define if you have the <x509.h> header file. */
 #undef HAVE_X509_H
 /* Name of package */
 #undef PACKAGE
 /* Define as the return type of signal handlers (`int' or `void'). */
 #define RETSIGTYPE void
 /* The size of a `long double', as computed by sizeof. */
 #define SIZEOF_LONG_DOUBLE      8
 /* The size of a `long long', as computed by sizeof. */
 #define SIZEOF_LONG_LONG        8
 /* Whether long long constants must be suffixed by LL. */
 #define HAVE_LL
 /* The size of `curl_off_t', as computed by sizeof. */
 #ifndef _LARGE_FILES
 #define _LARGE_FILES
 #endif
 #define SIZEOF_CURL_OFF_T 8
 /* Define if you have the ANSI C header files. */
 #define STDC_HEADERS
 /* Define if you can safely include both <sys/time.h> and <time.h>. */
 #define TIME_WITH_SYS_TIME
 /* Version number of package */
 #undef VERSION
 /* Number of bits in a file offset, on hosts where this is settable. */
 #undef _FILE_OFFSET_BITS
 /* Define for large files, on AIX-style hosts. */
 #undef _LARGE_FILES
 /* Define to empty if `const' does not conform to ANSI C. */
 #undef const
 /* type to use in place of in_addr_t if not defined */
 #define in_addr_t       unsigned long
 /* Define to `unsigned' if <sys/types.h> does not define. */
 #undef size_t
 #define IOCTL_3_ARGS
 #define HAVE_FIONBIO
 /* to disable LDAP */
 #undef CURL_DISABLE_LDAP
 /* Define if you have the ldap_url_parse procedure. */
 /* #define HAVE_LDAP_URL_PARSE */    /* Disabled because of an IBM bug. */
 /* Define if you have the getnameinfo function. */
 /* OS400 has no ASCII version of this procedure. */
 #undef HAVE_GETNAMEINFO
 /* Define to the type qualifier of arg 1 for getnameinfo. */
 #define GETNAMEINFO_QUAL_ARG1 const
 /* Define to the type of arg 1 for getnameinfo. */
 #define GETNAMEINFO_TYPE_ARG1 struct sockaddr *
 /* Define to the type of arg 2 for getnameinfo. */
 #define GETNAMEINFO_TYPE_ARG2 socklen_t
 /* Define to the type of args 4 and 6 for getnameinfo. */
 #define GETNAMEINFO_TYPE_ARG46 socklen_t
 /* Define to the type of arg 7 for getnameinfo. */
 #define GETNAMEINFO_TYPE_ARG7 int
 /* Define if you have the recv function. */
 #define HAVE_RECV
 /* Define to the type of arg 1 for recv. */
 #define RECV_TYPE_ARG1 int
 /* Define to the type of arg 2 for recv. */
 #define RECV_TYPE_ARG2 char *
 /* Define to the type of arg 3 for recv. */
 #define RECV_TYPE_ARG3 int
 /* Define to the type of arg 4 for recv. */
 #define RECV_TYPE_ARG4 int
 /* Define to the function return type for recv. */
 #define RECV_TYPE_RETV int
 /* Define if you have the send function. */
 #define HAVE_SEND
 /* Define to the type of arg 1 for send. */
 #define SEND_TYPE_ARG1 int
 /* Define to the type qualifier of arg 2 for send. */
 #define SEND_QUAL_ARG2
 /* Define to the type of arg 2 for send. */
 #define SEND_TYPE_ARG2 char *
 /* Define to the type of arg 3 for send. */
 #define SEND_TYPE_ARG3 int
 /* Define to the type of arg 4 for send. */
 #define SEND_TYPE_ARG4 int
 /* Define to the function return type for send. */
 #define SEND_TYPE_RETV int
 /* Define to use the QsoSSL package. */
 #define USE_QSOSSL
 /* Use the system keyring as the default CA bundle. */
 #define CURL_CA_BUNDLE  "/QIBM/UserData/ICSS/Cert/Server/DEFAULT.KDB"
--- a/lib/config-riscos.h
+++ b/lib/config-riscos.h
@@ -74,12 +74,6 @@
 /* Define if you have the <des.h> header file. */
 #undef HAVE_DES_H
 /* Define if you have the <dlfcn.h> header file. */
 #undef HAVE_DLFCN_H
 /* Define if you have the `dlopen' function. */
 #undef HAVE_DLOPEN
 /* Define if you have the <err.h> header file. */
 #undef HAVE_ERR_H
@@ -146,9 +140,6 @@
 /* Define if you have the `crypto' library (-lcrypto). */
 #undef HAVE_LIBCRYPTO
 /* Define if you have the `dl' library (-ldl). */
 #undef HAVE_LIBDL
 /* Define if you have the `nsl' library (-lnsl). */
 #undef HAVE_LIBNSL
--- a/lib/config-tpf.h
+++ b/lib/config-tpf.h
@@ -104,12 +104,6 @@
 /* disabled non-blocking sockets */
 /* #undef HAVE_DISABLED_NONBLOCKING */
 /* Define to 1 if you have the <dlfcn.h> header file. */
 #define HAVE_DLFCN_H 1
 /* Define to 1 if you have the `dlopen' function. */
 #define HAVE_DLOPEN 1
 /* Define to 1 if you have the `ENGINE_load_builtin_engines' function. */
 /* #undef HAVE_ENGINE_LOAD_BUILTIN_ENGINES */
 #define HAVE_ENGINE_LOAD_BUILTIN_ENGINES 1
@@ -244,9 +238,6 @@
 /* Define to 1 if you have the <krb.h> header file. */
 /* #undef HAVE_KRB_H */
 /* Define to 1 if you have the `dl' library (-ldl). */
 #define HAVE_LIBDL 1
 /* Define to 1 if you have the <libgen.h> header file. */
 /* #undef HAVE_LIBGEN_H 1 */
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -18,9 +18,6 @@
 /* Define if you have the <crypto.h> header file.  */
 /* #define HAVE_CRYPTO_H 1 */
 /* Define if you have the <dlfcn.h> header file.  */
 /* #define HAVE_DLFCN_H 1 */
 /* Define if you have the <err.h> header file.  */
 /* #define HAVE_ERR_H 1 */
@@ -282,7 +279,8 @@
 /* Define as the return type of signal handlers (int or void).  */
 #define RETSIGTYPE void
-#if (defined(__WATCOMC__) && (__WATCOMC__ >= 1240)) || defined(__POCC__)
+#if (defined(__WATCOMC__) && (__WATCOMC__ >= 1240)) || defined(__POCC__) || \
    defined(__MINGW32__)
 #elif defined(_WIN64)
 #define ssize_t __int64
 #else
@@ -346,15 +344,29 @@
 #define HAVE_VARIADIC_MACROS_C99 1
 #endif
 /* Define if the compiler supports LONGLONG. */
 #if defined(__MINGW32__) || defined(__WATCOMC__)
 #define HAVE_LONGLONG 1
 #endif
 /* ---------------------------------------------------------------- */
-/*                        LDAP LIBRARY FILES                        */
+/*                           LDAP SUPPORT                           */
 /* ---------------------------------------------------------------- */
-/* lber dynamic library file */
+#if defined(CURL_HAS_NOVELL_LDAPSDK) || defined(CURL_HAS_MOZILLA_LDAPSDK)
-/* #define DL_LBER_FILE */
+#undef CURL_LDAP_HYBRID
-
+#undef CURL_LDAP_WIN
-/* ldap dynamic library file */
+#define HAVE_LDAP_SSL_H 1
-#define DL_LDAP_FILE "wldap32.dll"
+#define HAVE_LDAP_URL_PARSE 1
 #elif defined(CURL_HAS_OPENLDAP_LDAPSDK)
 #undef CURL_LDAP_HYBRID
 #undef CURL_LDAP_WIN
 #define HAVE_LDAP_URL_PARSE 1
 #else
 #undef CURL_LDAP_HYBRID
 #undef HAVE_LDAP_URL_PARSE
 #define CURL_LDAP_WIN 1
 #endif
 /* ---------------------------------------------------------------- */
 /*                       ADDITIONAL DEFINITIONS                     */
--- a/lib/config-win32ce.h
+++ b/lib/config-win32ce.h
@@ -18,9 +18,6 @@
 /* Define if you have the <crypto.h> header file.  */
 /* #define HAVE_CRYPTO_H 1 */
 /* Define if you have the <dlfcn.h> header file.  */
 /* #define HAVE_DLFCN_H 1 */
 /* Define if you have the <err.h> header file.  */
 /* #define HAVE_ERR_H 1 */
@@ -317,14 +314,12 @@
 /* #undef const */
 /* ---------------------------------------------------------------- */
-/*                        LDAP LIBRARY FILES                        */
+/*                           LDAP SUPPORT                           */
 /* ---------------------------------------------------------------- */
-/* lber dynamic library file */
+#define CURL_LDAP_WIN 1
-/* #define DL_LBER_FILE */
+#undef CURL_LDAP_HYBRID
-
+#undef HAVE_LDAP_URL_PARSE
 /* ldap dynamic library file */
 /* #define DL_LDAP_FILE "wldap32.dll" */
 /* ---------------------------------------------------------------- */
 /*                       ADDITIONAL DEFINITIONS                     */
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -59,10 +59,10 @@
 #include <stdlib.h> /* required for free() prototype, without it, this crashes */
 #endif              /* on macos 68K */
-#if (defined(HAVE_FIONBIO) && defined(__NOVELL_LIBC__))
+#if (defined(HAVE_FIONBIO) && defined(NETWARE))
 #include <sys/filio.h>
 #endif
-#if (defined(NETWARE) && defined(__NOVELL_LIBC__))
+#ifdef NETWARE
 #undef in_addr_t
 #define in_addr_t unsigned long
 #endif
@@ -228,11 +228,12 @@ static CURLcode bindlocal(struct connectdata *conn,
                                                "random" */
  /* how many port numbers to try to bind to, increasing one at a time */
  int portnum = data->set.localportrange;
  const char *dev = data->set.str[STRING_DEVICE];
  /*************************************************************
   * Select device to bind socket to
   *************************************************************/
-  if (data->set.device && (strlen(data->set.device)<255) ) {
+  if (dev && (strlen(dev)<255) ) {
    struct Curl_dns_entry *h=NULL;
    char myhost[256] = "";
    in_addr_t in;
@@ -241,10 +242,10 @@ static CURLcode bindlocal(struct connectdata *conn,
    int in6 = -1;
    /* First check if the given name is an IP address */
-    in=inet_addr(data->set.device);
+    in=inet_addr((char *) dev);
    if((in == CURL_INADDR_NONE) &&
-       Curl_if2ip(data->set.device, myhost, sizeof(myhost))) {
+       Curl_if2ip(dev, myhost, sizeof(myhost))) {
      /*
       * We now have the numerical IPv4-style x.y.z.w in the 'myhost' buffer
       */
@@ -263,7 +264,7 @@ static CURLcode bindlocal(struct connectdata *conn,
       * This was not an interface, resolve the name as a host name
       * or IP number
       */
-      rc = Curl_resolv(conn, data->set.device, 0, &h);
+      rc = Curl_resolv(conn, dev, 0, &h);
      if(rc == CURLRESOLV_PENDING)
        (void)Curl_wait_for_resolv(conn, &h);
@@ -275,7 +276,7 @@ static CURLcode bindlocal(struct connectdata *conn,
                         myhost, sizeof myhost);
        else
          /* we know data->set.device is shorter than the myhost array */
-          strcpy(myhost, data->set.device);
+          strcpy(myhost, dev);
        Curl_resolv_unlock(data, h);
      }
    }
@@ -287,8 +288,8 @@ static CURLcode bindlocal(struct connectdata *conn,
         hostent_buf,
         sizeof(hostent_buf));
      */
-      failf(data, "Couldn't bind to '%s'", data->set.device);
+      failf(data, "Couldn't bind to '%s'", dev);
-      return CURLE_HTTP_PORT_FAILED;
+      return CURLE_INTERFACE_FAILED;
    }
    infof(data, "Bind local address to %s\n", myhost);
@@ -307,11 +308,10 @@ static CURLcode bindlocal(struct connectdata *conn,
       * hostname or ip address.
       */
      if (setsockopt(sockfd, SOL_SOCKET, SO_BINDTODEVICE,
-                     data->set.device, strlen(data->set.device)+1) != 0) {
+                     dev, strlen(dev)+1) != 0) {
        /* printf("Failed to BINDTODEVICE, socket: %d  device: %s error: %s\n",
-           sockfd, data->set.device, Curl_strerror(SOCKERRNO)); */
+           sockfd, dev, Curl_strerror(SOCKERRNO)); */
-        infof(data, "SO_BINDTODEVICE %s failed\n",
+        infof(data, "SO_BINDTODEVICE %s failed\n", dev);
              data->set.device);
        /* This is typically "errno 1, error: Operation not permitted" if
           you're not running as root or another suitable privileged user */
      }
@@ -325,7 +325,7 @@ static CURLcode bindlocal(struct connectdata *conn,
 #endif
    if (CURL_INADDR_NONE == in && -1 == in6) {
      failf(data,"couldn't find my own IP address (%s)", myhost);
-      return CURLE_HTTP_PORT_FAILED;
+      return CURLE_INTERFACE_FAILED;
    } /* end of inet_addr */
    if ( h ) {
@@ -334,7 +334,7 @@ static CURLcode bindlocal(struct connectdata *conn,
      socksize = addr->ai_addrlen;
    }
    else
-      return CURLE_HTTP_PORT_FAILED;
+      return CURLE_INTERFACE_FAILED;
  }
  else if(port) {
@@ -370,7 +370,7 @@ static CURLcode bindlocal(struct connectdata *conn,
      size = sizeof(add);
      if(getsockname(sockfd, (struct sockaddr *) &add, &size) < 0) {
        failf(data, "getsockname() failed");
-        return CURLE_HTTP_PORT_FAILED;
+        return CURLE_INTERFACE_FAILED;
      }
      /* We re-use/clobber the port variable here below */
      if(((struct sockaddr *)&add)->sa_family == AF_INET)
@@ -393,7 +393,7 @@ static CURLcode bindlocal(struct connectdata *conn,
  data->state.os_errno = SOCKERRNO;
  failf(data, "bind failure: %s",
        Curl_strerror(conn, data->state.os_errno));
-  return CURLE_HTTP_PORT_FAILED;
+  return CURLE_INTERFACE_FAILED;
 }
@@ -440,6 +440,13 @@ static bool verifyconnect(curl_socket_t sockfd, int *error)
    SET_SOCKERRNO(0);
    err = 0;
  }
 #endif
 #ifdef __minix
  /* Minix 3.1.x doesn't support getsockopt on UDP sockets */
  if (EBADIOCTL == err) {
    SET_SOCKERRNO(0);
    err = 0;
  }
 #endif
  if ((0 == err) || (EISCONN == err))
    /* we are connected, awesome! */
@@ -552,7 +559,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
  if(has_passed > allow ) {
    /* time-out, bail out, go home */
    failf(data, "Connection time-out after %ld ms", has_passed);
-    return CURLE_OPERATION_TIMEOUTED;
+    return CURLE_OPERATION_TIMEDOUT;
  }
  if(conn->bits.tcpconnect) {
    /* we are connected already! */
@@ -577,6 +584,8 @@ CURLcode Curl_is_connected(struct connectdata *conn,
    data->state.os_errno = error;
    infof(data, "Connection failed\n");
    if(trynextip(conn, sockindex, connected)) {
      failf(data, "Failed connect to %s:%d; %s",
            conn->host.name, conn->port, Curl_strerror(conn, error));
      code = CURLE_COULDNT_CONNECT;
    }
  }
@@ -596,7 +605,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
      error = SOCKERRNO;
      data->state.os_errno = error;
      failf(data, "Failed connect to %s:%d; %s",
-            conn->host.name, conn->port, Curl_strerror(conn,error));
+            conn->host.name, conn->port, Curl_strerror(conn, error));
      code = CURLE_COULDNT_CONNECT;
    }
  }
@@ -825,7 +834,7 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
    if(timeout_ms < 0) {
      /* a precaution, no need to continue if time already is up */
      failf(data, "Connection time-out");
-      return CURLE_OPERATION_TIMEOUTED;
+      return CURLE_OPERATION_TIMEDOUT;
    }
  }
  Curl_expire(data, timeout_ms);
@@ -861,7 +870,7 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
    timeout_ms -= Curl_tvdiff(after, before);
    if(timeout_ms < 0) {
      failf(data, "connect() timed out!");
-      return CURLE_OPERATION_TIMEOUTED;
+      return CURLE_OPERATION_TIMEDOUT;
    }
    before = after;
  }  /* end of connect-to-each-address loop */
--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@@ -133,7 +133,7 @@ inflate_stream(struct connectdata *conn,
      /* some servers seem to not generate zlib headers, so this is an attempt
         to fix and continue anyway */
-      inflateReset(z);
+      (void) inflateEnd(z);	/* don't care about the return code */
      if (inflateInit2(z, -MAX_WBITS) != Z_OK) {
        return process_zlib_error(conn, z);
      }
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -172,16 +172,13 @@ Curl_cookie_add(struct SessionHandle *data,
                struct CookieInfo *c,
                bool httpheader, /* TRUE if HTTP header-style line */
                char *lineptr,   /* first character of the line */
-                char *domain,    /* default domain */
+                const char *domain, /* default domain */
-                char *path)      /* full path used when this cookie is set,
+                const char *path)   /* full path used when this cookie is set,
                                    used to get default path for the cookie
                                    unless set */
 {
  struct Cookie *clist;
  char *what;
  char name[MAX_NAME];
  char *ptr;
  char *semiptr;
  struct Cookie *co;
  struct Cookie *lastc=NULL;
  time_t now = time(NULL);
@@ -199,7 +196,10 @@ Curl_cookie_add(struct SessionHandle *data,
  if(httpheader) {
    /* This line was read off a HTTP-header */
-    char *sep;
+    const char *ptr;
    const char *sep;
    const char *semiptr;
    char *what;
    what = malloc(MAX_COOKIE_LINE);
    if(!what) {
@@ -228,7 +228,7 @@ Curl_cookie_add(struct SessionHandle *data,
                       name, what)) {
          /* this is a <name>=<what> pair */
-          char *whatptr;
+          const char *whatptr;
          /* Strip off trailing whitespace from the 'what' */
          size_t len=strlen(what);
@@ -428,6 +428,7 @@ Curl_cookie_add(struct SessionHandle *data,
  else {
    /* This line is NOT a HTTP header style line, we do offer support for
       reading the odd netscape cookies-file format here */
    char *ptr;
    char *firstptr;
    char *tok_buf;
    int fields;
@@ -655,7 +656,7 @@ Curl_cookie_add(struct SessionHandle *data,
 *
 ****************************************************************************/
 struct CookieInfo *Curl_cookie_init(struct SessionHandle *data,
-                                    char *file,
+                                    const char *file,
                                    struct CookieInfo *inc,
                                    bool newsession)
 {
@@ -734,7 +735,8 @@ struct CookieInfo *Curl_cookie_init(struct SessionHandle *data,
 ****************************************************************************/
 struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
-                                   char *host, char *path, bool secure)
+                                   const char *host, const char *path,
 				   bool secure)
 {
  struct Cookie *newco;
  struct Cookie *co;
@@ -937,7 +939,7 @@ static char *get_netscape_format(const struct Cookie *co)
 *
 * The function returns non-zero on write failure.
 */
-int Curl_cookie_output(struct CookieInfo *c, char *dumphere)
+int Curl_cookie_output(struct CookieInfo *c, const char *dumphere)
 {
  struct Cookie *co;
  FILE *out;
--- a/lib/cookie.h
+++ b/lib/cookie.h
@@ -84,17 +84,18 @@ struct SessionHandle;
 */
 struct Cookie *Curl_cookie_add(struct SessionHandle *data,
-                               struct CookieInfo *, bool header, char *line,
+                               struct CookieInfo *, bool header, char *lineptr,
-                               char *domain, char *path);
+                               const char *domain, const char *path);
 struct CookieInfo *Curl_cookie_init(struct SessionHandle *data,
-                                    char *, struct CookieInfo *, bool);
+                                    const char *, struct CookieInfo *, bool);
-struct Cookie *Curl_cookie_getlist(struct CookieInfo *, char *, char *, bool);
+struct Cookie *Curl_cookie_getlist(struct CookieInfo *, const char *,
 		                   const char *, bool);
 void Curl_cookie_freelist(struct Cookie *);
 void Curl_cookie_clearall(struct CookieInfo *cookies);
 void Curl_cookie_clearsess(struct CookieInfo *cookies);
 void Curl_cookie_cleanup(struct CookieInfo *);
-int Curl_cookie_output(struct CookieInfo *, char *);
+int Curl_cookie_output(struct CookieInfo *, const char *);
 #if defined(CURL_DISABLE_HTTP) || defined(CURL_DISABLE_COOKIES)
 #define Curl_cookie_list(x) NULL
--- a/lib/curl_ldap.h
+++ b/lib/curl_ldap.h
@@ -1,5 +1,5 @@
-#ifndef __LDAP_H
+#ifndef __CURL_LDAP_H
-#define __LDAP_H
+#define __CURL_LDAP_H
 /***************************************************************************
 *                                  _   _ ____  _
@@ -8,7 +8,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -26,4 +26,4 @@
 #ifndef CURL_DISABLE_LDAP
 CURLcode Curl_ldap(struct connectdata *conn, bool *done);
 #endif
-#endif /* __LDAP_H */
+#endif /* __CURL_LDAP_H */
--- a/lib/dict.c
+++ b/lib/dict.c
@@ -82,13 +82,13 @@
 /* The last #include file should be: */
 #include "memdebug.h"
-static char *unescape_word(struct SessionHandle *data, char *inp)
+static char *unescape_word(struct SessionHandle *data, const char *inp)
 {
  char *newp;
  char *dictp;
  char *ptr;
  int len;
-  unsigned char byte;
+  char byte;
  int olen=0;
  newp = curl_easy_unescape(data, inp, 0, &len);
@@ -100,7 +100,7 @@ static char *unescape_word(struct SessionHandle *data, char *inp)
    /* According to RFC2229 section 2.2, these letters need to be escaped with
       \[letter] */
    for(ptr = newp;
-        (byte = (unsigned char)*ptr) != 0;
+        (byte = *ptr) != 0;
        ptr++) {
      if ((byte <= 32) || (byte == 127) ||
          (byte == '\'') || (byte == '\"') || (byte == '\\')) {
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -241,6 +241,12 @@ CURLcode curl_global_init(long flags)
  }
 #endif
 #ifdef NETWARE
  if(netware_init()) {
    DEBUGF(fprintf(stderr, "Warning: LONG namespace not available\n"));
  }
 #endif
 #ifdef USE_LIBIDN
  idna_init();
 #endif
@@ -573,7 +579,8 @@ CURL *curl_easy_duphandle(CURL *incurl)
    outcurl->state.headersize=HEADERSIZE;
    /* copy all userdefined values */
-    outcurl->set = data->set;
+    if (Curl_dupset(outcurl, data) != CURLE_OK)
      break;
    if(data->state.used_interface == Curl_if_multi)
      outcurl->state.connc = data->state.connc;
@@ -652,6 +659,7 @@ CURL *curl_easy_duphandle(CURL *incurl)
        free(outcurl->change.url);
      if(outcurl->change.referer)
        free(outcurl->change.referer);
      Curl_freeset(outcurl);
      free(outcurl); /* free the memory again */
      outcurl = NULL;
    }
@@ -675,6 +683,7 @@ void curl_easy_reset(CURL *curl)
  data->reqdata.proto.generic=NULL;
  /* zero out UserDefined data: */
  Curl_freeset(data);
  memset(&data->set, 0, sizeof(struct UserDefined));
  /* zero out Progress data: */
@@ -690,10 +699,10 @@ void curl_easy_reset(CURL *curl)
  data->set.err  = stderr;  /* default stderr to stderr */
  /* use fwrite as default function to store output */
-  data->set.fwrite = (curl_write_callback)fwrite;
+  data->set.fwrite_func = (curl_write_callback)fwrite;
  /* use fread as default function to read input */
-  data->set.fread = (curl_read_callback)fread;
+  data->set.fread_func = (curl_read_callback)fread;
  data->set.infilesize = -1; /* we don't know any size */
  data->set.postfieldsize = -1;
@@ -726,11 +735,13 @@ void curl_easy_reset(CURL *curl)
  data->set.ssl.verifyhost = 2;
 #ifdef CURL_CA_BUNDLE
  /* This is our prefered CA cert bundle since install time */
-  data->set.ssl.CAfile = (char *)CURL_CA_BUNDLE;
+  (void) curl_easy_setopt(curl, CURLOPT_CAINFO, (char *) CURL_CA_BUNDLE);
 #endif
  data->set.ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
                                                      type */
  data->set.new_file_perms = 0644;    /* Default permissions */
  data->set.new_directory_perms = 0755; /* Default permissions */
 }
 #ifdef CURL_DOES_CONVERSIONS
@@ -875,7 +886,8 @@ CURLcode Curl_convert_from_utf8(struct SessionHandle *data,
  } else {
 #ifdef HAVE_ICONV
    /* do the translation ourselves */
-    char *input_ptr, *output_ptr;
+    const char *input_ptr;
    char *output_ptr;
    size_t in_bytes, out_bytes, rc;
    int error;
@@ -896,7 +908,7 @@ CURLcode Curl_convert_from_utf8(struct SessionHandle *data,
    /* call iconv */
    input_ptr = output_ptr = buffer;
    in_bytes = out_bytes = length;
-    rc = iconv(data->utf8_cd, (const char**)&input_ptr, &in_bytes,
+    rc = iconv(data->utf8_cd, &input_ptr, &in_bytes,
               &output_ptr, &out_bytes);
    if ((rc == ICONV_ERROR) || (in_bytes != 0)) {
      error = ERRNO;
--- a/lib/escape.c
+++ b/lib/escape.c
@@ -59,7 +59,7 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength)
  size_t alloc = (inlength?(size_t)inlength:strlen(string))+1;
  char *ns;
  char *testing_ptr = NULL;
-  unsigned char in;
+  char in;
  size_t newlen = alloc;
  int strindex=0;
  size_t length;
@@ -75,9 +75,27 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength)
  length = alloc-1;
  while(length--) {
    in = *string;
-    if(!(in >= 'a' && in <= 'z') &&
+
-       !(in >= 'A' && in <= 'Z') &&
+    /* Portable character check (remember EBCDIC). Do not use isalnum() because
-       !(in >= '0' && in <= '9')) {
+       its behavior is altered by the current locale. */
    switch (in) {
    case '0': case '1': case '2': case '3': case '4':
    case '5': case '6': case '7': case '8': case '9':
    case 'a': case 'b': case 'c': case 'd': case 'e':
    case 'f': case 'g': case 'h': case 'i': case 'j':
    case 'k': case 'l': case 'm': case 'n': case 'o':
    case 'p': case 'q': case 'r': case 's': case 't':
    case 'u': case 'v': case 'w': case 'x': case 'y': case 'z':
    case 'A': case 'B': case 'C': case 'D': case 'E':
    case 'F': case 'G': case 'H': case 'I': case 'J':
    case 'K': case 'L': case 'M': case 'N': case 'O':
    case 'P': case 'Q': case 'R': case 'S': case 'T':
    case 'U': case 'V': case 'W': case 'X': case 'Y': case 'Z':
      /* just copy this */
      ns[strindex++]=in;
      break;
    default:
      /* encode it */
      newlen += 2; /* the size grows with two, since this'll become a %XX */
      if(newlen > alloc) {
@@ -105,10 +123,7 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength)
      snprintf(&ns[strindex], 4, "%%%02X", in);
      strindex+=3;
-    }
+      break;
    else {
      /* just copy this */
      ns[strindex++]=in;
    }
    string++;
  }
--- a/lib/file.c
+++ b/lib/file.c
@@ -96,7 +96,8 @@
 */
 CURLcode Curl_file_connect(struct connectdata *conn)
 {
-  char *real_path = curl_easy_unescape(conn->data, conn->data->reqdata.path, 0, NULL);
+  char *real_path = curl_easy_unescape(conn->data, conn->data->reqdata.path, 0,
                                       NULL);
  struct FILEPROTO *file;
  int fd;
 #if defined(WIN32) || defined(MSDOS) || defined(__EMX__)
@@ -113,9 +114,8 @@ CURLcode Curl_file_connect(struct connectdata *conn)
    return CURLE_OUT_OF_MEMORY;
  }
-  if (conn->data->reqdata.proto.file) {
+  if (conn->data->reqdata.proto.file)
    free(conn->data->reqdata.proto.file);
  }
  conn->data->reqdata.proto.file = file;
@@ -177,6 +177,9 @@ CURLcode Curl_file_done(struct connectdata *conn,
  if(file->fd != -1)
    close(file->fd);
  free(file);
  conn->data->reqdata.proto.file= NULL; /* clear it! */
  return CURLE_OK;
 }
@@ -189,7 +192,7 @@ CURLcode Curl_file_done(struct connectdata *conn,
 static CURLcode file_upload(struct connectdata *conn)
 {
  struct FILEPROTO *file = conn->data->reqdata.proto.file;
-  char *dir = strchr(file->path, DIRSEP);
+  const char *dir = strchr(file->path, DIRSEP);
  FILE *fp;
  CURLcode res=CURLE_OK;
  struct SessionHandle *data = conn->data;
@@ -199,13 +202,13 @@ static CURLcode file_upload(struct connectdata *conn)
  curl_off_t bytecount = 0;
  struct timeval now = Curl_tvnow();
  struct_stat file_stat;
-  char* buf2;
+  const char* buf2;
  /*
   * Since FILE: doesn't do the full init, we need to provide some extra
   * assignments here.
   */
-  conn->fread = data->set.fread;
+  conn->fread_func = data->set.fread_func;
  conn->fread_in = data->set.in;
  conn->data->reqdata.upload_fromhere = buf;
@@ -217,8 +220,22 @@ static CURLcode file_upload(struct connectdata *conn)
  if(data->reqdata.resume_from)
    fp = fopen( file->path, "ab" );
-  else
+  else {
-    fp = fopen(file->path, "wb");
+    int fd;
 #if defined(WIN32) || defined(MSDOS) || defined(__EMX__)
    fd = open(file->path, O_WRONLY|O_CREAT|O_TRUNC|O_BINARY,
              conn->data->set.new_file_perms);
 #else /* !(WIN32 || MSDOS || __EMX__) */
    fd = open(file->path, O_WRONLY|O_CREAT|O_TRUNC,
              conn->data->set.new_file_perms);
 #endif /* !(WIN32 || MSDOS || __EMX__) */
    if (fd < 0) {
      failf(data, "Can't open %s for writing", file->path);
      return CURLE_WRITE_ERROR;
    }
    fp = fdopen(fd, "wb");
  }
  if(!fp) {
    failf(data, "Can't open %s for writing", file->path);
@@ -355,11 +372,11 @@ CURLcode Curl_file(struct connectdata *conn, bool *done)
      return result;
    if(fstated) {
-      struct tm *tm;
+      const struct tm *tm;
      time_t clock = (time_t)statbuf.st_mtime;
 #ifdef HAVE_GMTIME_R
      struct tm buffer;
-      tm = (struct tm *)gmtime_r(&clock, &buffer);
+      tm = (const struct tm *)gmtime_r(&clock, &buffer);
 #else
      tm = gmtime(&clock);
 #endif
--- a/lib/formdata.c
+++ b/lib/formdata.c
@@ -24,7 +24,10 @@
 /*
  Debug the form generator stand-alone by compiling this source file with:
-  gcc -DHAVE_CONFIG_H -I../ -g -D_FORM_DEBUG -DCURLDEBUG -o formdata -I../include formdata.c strequal.c memdebug.c mprintf.c strerror.c
+  gcc -DHAVE_CONFIG_H -I../ -g -D_FORM_DEBUG -DCURLDEBUG -o formdata \
    -I../include formdata.c strequal.c memdebug.c mprintf.c strerror.c
  (depending on circumstances you may need further externals added)
  run the 'formdata' executable the output should end with:
  All Tests seem to have worked ...
@@ -49,8 +52,8 @@ vlue for PTRCONTENTS + CONTENTSLENGTH
 (or you might see v^@lue at the start)
 Content-Disposition: form-data; name="PTRCONTENTS_+_CONTENTSLENGTH_+_CONTENTTYPE"
-Content-Type: text/plain
+Content-Type: application/octet-stream
-vlue for PTRCOTNENTS + CONTENTSLENGTH + CONTENTTYPE
+vlue for PTRCONTENTS + CONTENTSLENGTH + CONTENTTYPE
 (or you might see v^@lue at the start)
 Content-Disposition: form-data; name="FILE1_+_CONTENTTYPE"; filename="inet_ntoa_r.h"
@@ -61,23 +64,23 @@ Content-Disposition: form-data; name="FILE1_+_FILE2"
 Content-Type: multipart/mixed, boundary=curlz1s0dkticx49MV1KGcYP5cvfSsz
 ...
 Content-Disposition: attachment; filename="inet_ntoa_r.h"
-Content-Type: text/plain
+Content-Type: application/octet-stream
 ...
 Content-Disposition: attachment; filename="Makefile.b32"
-Content-Type: text/plain
+Content-Type: application/octet-stream
 ...
 Content-Disposition: form-data; name="FILE1_+_FILE2_+_FILE3"
 Content-Type: multipart/mixed, boundary=curlirkYPmPwu6FrJ1vJ1u1BmtIufh1
 ...
 Content-Disposition: attachment; filename="inet_ntoa_r.h"
-Content-Type: text/plain
+Content-Type: application/octet-stream
 ...
 Content-Disposition: attachment; filename="Makefile.b32"
-Content-Type: text/plain
+Content-Type: application/octet-stream
 ...
 Content-Disposition: attachment; filename="inet_ntoa_r.h"
-Content-Type: text/plain
+Content-Type: application/octet-stream
 ...
@@ -85,13 +88,13 @@ Content-Disposition: form-data; name="ARRAY: FILE1_+_FILE2_+_FILE3"
 Content-Type: multipart/mixed, boundary=curlirkYPmPwu6FrJ1vJ1u1BmtIufh1
 ...
 Content-Disposition: attachment; filename="inet_ntoa_r.h"
-Content-Type: text/plain
+Content-Type: application/octet-stream
 ...
 Content-Disposition: attachment; filename="Makefile.b32"
-Content-Type: text/plain
+Content-Type: application/octet-stream
 ...
 Content-Disposition: attachment; filename="inet_ntoa_r.h"
-Content-Type: text/plain
+Content-Type: application/octet-stream
 ...
 Content-Disposition: form-data; name="FILECONTENT"
@@ -278,8 +281,6 @@ static const char * ContentTypeForFilename (const char *filename,
    /* default to the previously set/used! */
    contenttype = prevtype;
  else
    /* It seems RFC1867 defines no Content-Type to default to
       text/plain so we don't actually need to set this: */
    contenttype = HTTPPOST_CONTENTTYPE_DEFAULT;
  if(filename) { /* in case a NULL was passed in */
@@ -480,7 +481,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
        return_value = CURL_FORMADD_OPTION_TWICE;
      else
        current_form->namelength =
-          array_state?(long)array_value:(long)va_arg(params, long);
+          array_state?(size_t)array_value:(size_t)va_arg(params, long);
      break;
      /*
@@ -505,7 +506,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
        return_value = CURL_FORMADD_OPTION_TWICE;
      else
        current_form->contentslength =
-          array_state?(long)array_value:va_arg(params, long);
+          array_state?(size_t)array_value:(size_t)va_arg(params, long);
      break;
      /* Get contents from a given file name */
@@ -513,7 +514,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
      if (current_form->flags != 0)
        return_value = CURL_FORMADD_OPTION_TWICE;
      else {
-        char *filename = array_state?
+        const char *filename = array_state?
          array_value:va_arg(params, char *);
        if (filename) {
          current_form->value = strdup(filename);
@@ -532,7 +533,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
      /* We upload a file */
    case CURLFORM_FILE:
      {
-        char *filename = array_state?array_value:
+        const char *filename = array_state?array_value:
          va_arg(params, char *);
        if (current_form->value) {
@@ -566,7 +567,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
    case CURLFORM_BUFFER:
      {
-        char *filename = array_state?array_value:
+        const char *filename = array_state?array_value:
          va_arg(params, char *);
        if (current_form->value) {
@@ -614,12 +615,12 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
        return_value = CURL_FORMADD_OPTION_TWICE;
      else
        current_form->bufferlength =
-          array_state?(long)array_value:va_arg(params, long);
+          array_state?(size_t)array_value:(size_t)va_arg(params, long);
      break;
    case CURLFORM_CONTENTTYPE:
      {
-        char *contenttype =
+        const char *contenttype =
          array_state?array_value:va_arg(params, char *);
        if (current_form->contenttype) {
          if (current_form->flags & HTTPPOST_FILENAME) {
@@ -665,7 +666,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
      }
    case CURLFORM_FILENAME:
      {
-        char *filename = array_state?array_value:
+        const char *filename = array_state?array_value:
          va_arg(params, char *);
        if( current_form->showfilename )
          return_value = CURL_FORMADD_OPTION_TWICE;
@@ -1054,7 +1055,7 @@ static char *basename(char *path)
 }
 #endif
-static char *strippath(char *fullfile)
+static char *strippath(const char *fullfile)
 {
  char *filename;
  char *base;
@@ -1495,7 +1496,7 @@ int FormAddTest(const char * errormsg,
 }
-int main()
+int main(int argc, argv_item_t argv[])
 {
  char name1[] = "simple_COPYCONTENTS";
  char name2[] = "COPYCONTENTS_+_CONTENTTYPE";
@@ -1513,7 +1514,7 @@ int main()
  char value3[] = "value for PTRNAME + NAMELENGTH + COPYNAME + CONTENTSLENGTH";
  char value4[] = "value for simple PTRCONTENTS";
  char value5[] = "value for PTRCONTENTS + CONTENTSLENGTH";
-  char value6[] = "value for PTRCOTNENTS + CONTENTSLENGTH + CONTENTTYPE";
+  char value6[] = "value for PTRCONTENTS + CONTENTSLENGTH + CONTENTTYPE";
  char value7[] = "inet_ntoa_r.h";
  char value8[] = "Makefile.b32";
  char type2[] = "image/gif";
@@ -1521,11 +1522,11 @@ int main()
  char type7[] = "text/html";
  int name3length = strlen(name3);
  int value3length = strlen(value3);
-  int value5length = strlen(value4);
+  int value5length = strlen(value5);
-  int value6length = strlen(value5);
+  int value6length = strlen(value6);
  int errors = 0;
  CURLcode rc;
-  size_t size;
+  curl_off_t size;
  size_t nread;
  char buffer[4096];
  struct curl_httppost *httppost=NULL;
@@ -1535,6 +1536,9 @@ int main()
  struct FormData *form;
  struct Form formread;
  (void) argc;
  (void) argv;
  if (FormAddTest("simple COPYCONTENTS test", &httppost, &last_post,
                  CURLFORM_COPYNAME, name1, CURLFORM_COPYCONTENTS, value1,
                  CURLFORM_END))
@@ -1621,7 +1625,9 @@ int main()
    fwrite(buffer, nread, 1, stdout);
  } while(1);
-  fprintf(stdout, "size: %d\n", size);
+  fprintf(stdout, "size: ");
  fprintf(stdout, CURL_FORMAT_OFF_T, size);
  fprintf(stdout, "\n");
  if (errors)
    fprintf(stdout, "\n==> %d Test(s) failed!\n", errors);
  else
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -75,7 +75,7 @@
 #include "socks.h"
 #include "ftp.h"
-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
 #include "krb4.h"
 #endif
@@ -140,6 +140,19 @@ static int ftp_need_type(struct connectdata *conn,
 #define NBFTPSENDF(x,y,z)  if ((result = Curl_nbftpsendf(x,y,z)) != CURLE_OK) \
                              return result
 /*
 * NOTE: back in the old days, we added code in the FTP code that made NOBODY
 * requests on files respond with headers passed to the client/stdout that
 * looked like HTTP ones.
 *
 * This approach is not very elegant, it causes confusion and is error-prone.
 * It is subject for removal at the next (or at least a future) soname bump.
 * Until then you can test the effects of the removal by undefining the
 * following define named CURL_FTP_HTTPSTYLE_HEAD.
 */
 #define CURL_FTP_HTTPSTYLE_HEAD 1
 static void freedirs(struct connectdata *conn)
 {
  struct ftp_conn *ftpc = &conn->proto.ftpc;
@@ -274,9 +287,13 @@ static void ftp_respinit(struct connectdata *conn)
  ftpc->linestart_resp = conn->data->state.buffer;
 }
 /* macro to check for a three-digit ftp status code at the start of the
   given string */
 #define STATUSCODE(line) (ISDIGIT(line[0]) && ISDIGIT(line[1]) && \
                        ISDIGIT(line[2]))
 /* macro to check for the last line in an FTP server response */
-#define lastline(line) (ISDIGIT(line[0]) && ISDIGIT(line[1]) && \
+#define LASTLINE(line) (STATUSCODE(line) && (' ' == line[3]))
                        ISDIGIT(line[2]) && (' ' == line[3]))
 static CURLcode ftp_readresp(curl_socket_t sockfd,
                             struct connectdata *conn,
@@ -319,8 +336,17 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
      ftpc->cache_size = 0; /* zero the size just in case */
    }
    else {
-      int res = Curl_read(conn, sockfd, ptr, BUFSIZE-ftpc->nread_resp,
+      int res;
-                          &gotbytes);
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
      enum protection_level prot = conn->data_prot;
      conn->data_prot = 0;
 #endif
      res = Curl_read(conn, sockfd, ptr, BUFSIZE-ftpc->nread_resp,
                      &gotbytes);
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
      conn->data_prot = prot;
 #endif
      if(res < 0)
        /* EWOULDBLOCK */
        return CURLE_OK; /* return */
@@ -348,7 +374,9 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
      /* we got a whole chunk of data, which can be anything from one
       * byte to a set of lines and possible just a piece of the last
       * line */
-      int i;
+      ssize_t i;
      int clipamount = 0;
      bool restart = FALSE;
      data->reqdata.keep.headerbytecount += gotbytes;
@@ -360,6 +388,9 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
             the line isn't really terminated until the LF comes */
          /* output debug output if that is requested */
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
          if(!conn->sec_complete)
 #endif
          if(data->set.verbose)
            Curl_debug(data, CURLINFO_HEADER_IN,
                       ftpc->linestart_resp, (size_t)perline, conn);
@@ -374,7 +405,7 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
          if(result)
            return result;
-          if(perline>3 && lastline(ftpc->linestart_resp)) {
+          if(perline>3 && LASTLINE(ftpc->linestart_resp)) {
            /* This is the end of the last line, copy the last line to the
               start of the buffer and zero terminate, for old times sake (and
               krb4)! */
@@ -395,18 +426,56 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
          ftpc->linestart_resp = ptr+1;
        }
      }
      if(!keepon && (i != gotbytes)) {
        /* We found the end of the response lines, but we didn't parse the
           full chunk of data we have read from the server. We therefore need
           to store the rest of the data to be checked on the next invoke as
           it may actually contain another end of response already! */
-        ftpc->cache_size = gotbytes - i;
+        clipamount = gotbytes - i;
        restart = TRUE;
      }
      else if(keepon) {
        if((perline == gotbytes) && (gotbytes > BUFSIZE/2)) {
          /* We got an excessive line without newlines and we need to deal
             with it. First, check if it seems to start with a valid status
             code and then we keep just that in the line cache. Then throw
             away the rest. */
          infof(data, "Excessive FTP response line length received, %zd bytes."
                " Stripping\n", gotbytes);
          restart = TRUE;
          if(STATUSCODE(ftpc->linestart_resp))
            /* we copy 4 bytes since after the three-digit number there is a
               dash or a space and it is significant */
            clipamount = 4;
        }
        else if(perline && (ftpc->nread_resp > BUFSIZE/2)) {
          /* We got a large chunk of data and there's still trailing data to
             take care of, so we put that part in the "cache" and restart */
          clipamount = perline;
          restart = TRUE;
        }
      }
      else if(i == gotbytes)
        restart = TRUE;
      if(clipamount) {
        ftpc->cache_size = clipamount;
        ftpc->cache = (char *)malloc((int)ftpc->cache_size);
        if(ftpc->cache)
          memcpy(ftpc->cache, ftpc->linestart_resp, (int)ftpc->cache_size);
        else
-          return CURLE_OUT_OF_MEMORY; /**BANG**/
+          return CURLE_OUT_OF_MEMORY;
      }
      if(restart) {
        /* now reset a few variables to start over nicely from the start of
           the big buffer */
        ftpc->nread_resp = 0; /* start over from scratch in the buffer */
        ptr = ftpc->linestart_resp = buf;
        perline = 0;
      }
    } /* there was data */
  } /* while there's buffer left and loop is requested */
@@ -414,18 +483,18 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
  if(!result)
    code = atoi(buf);
-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  /* handle the security-oriented responses 6xx ***/
  /* FIXME: some errorchecking perhaps... ***/
  switch(code) {
  case 631:
-    Curl_sec_read_msg(conn, buf, prot_safe);
+    code = Curl_sec_read_msg(conn, buf, prot_safe);
    break;
  case 632:
-    Curl_sec_read_msg(conn, buf, prot_private);
+    code = Curl_sec_read_msg(conn, buf, prot_private);
    break;
  case 633:
-    Curl_sec_read_msg(conn, buf, prot_confidential);
+    code = Curl_sec_read_msg(conn, buf, prot_confidential);
    break;
  default:
    /* normal ftp stuff we pass through! */
@@ -444,9 +513,9 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
 /* --- parse FTP server responses --- */
 /*
- * Curl_GetFTPResponse() is supposed to be invoked after each command sent to
+ * Curl_GetFTPResponse() is a BLOCKING function to read the full response
- * a remote FTP server. This function will wait and read all lines of the
+ * from a server after a command.
- * response and extract the relevant return code for the invoking function.
+ *
 */
 CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return number of bytes read */
@@ -461,31 +530,21 @@ CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return number of bytes read */
   * line in a response or continue reading.  */
  curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
  int perline; /* count bytes per line */
  bool keepon=TRUE;
  ssize_t gotbytes;
  char *ptr;
  long timeout;              /* timeout in milliseconds */
  long interval_ms;
  struct SessionHandle *data = conn->data;
  char *line_start;
  int code=0; /* default ftp "error code" to return */
  char *buf = data->state.buffer;
  CURLcode result = CURLE_OK;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  struct timeval now = Curl_tvnow();
  size_t nread;
  int cache_skip=0;
  if (ftpcode)
    *ftpcode = 0; /* 0 for errors */
  ptr=buf;
  line_start = buf;
  *nreadp=0;
  perline=0;
  keepon=TRUE;
-  while((*nreadp<BUFSIZE) && (keepon && !result)) {
+  while(!*ftpcode && !result) {
    /* check and reset timeout value every lap */
    if(data->set.ftp_response_timeout )
      /* if CURLOPT_FTP_RESPONSE_TIMEOUT is set, use that to determine
@@ -510,167 +569,65 @@ CURLcode Curl_GetFTPResponse(ssize_t *nreadp, /* return number of bytes read */
      return CURLE_OPERATION_TIMEDOUT; /* already too little time */
    }
-    if(!ftpc->cache) {
+    interval_ms = 1 * 1000;  /* use 1 second timeout intervals */
-      interval_ms = 1 * 1000;  /* use 1 second timeout intervals */
+    if(timeout < interval_ms)
-      if(timeout < interval_ms)
+      interval_ms = timeout;
        interval_ms = timeout;
    /*
     * Since this function is blocking, we need to wait here for input on the
     * connection and only then we call the response reading function. We do
     * timeout at least every second to make the timeout check run.
     *
     * A caution here is that the ftp_readresp() function has a cache that may
     * contain pieces of a response from the previous invoke and we need to
     * make sure we don't just wait for input while there is unhandled data in
     * that cache. But also, if the cache is there, we call ftp_readresp() and
     * the cache wasn't good enough to continue we must not just busy-loop
     * around this function.
     *
     */
    if(ftpc->cache && (cache_skip < 2)) {
      /*
       * There's a cache left since before. We then skipping the wait for
       * socket action, unless this is the same cache like the previous round
       * as then the cache was deemed not enough to act on and we then need to
       * wait for more data anyway.
       */
    }
    else {
      switch (Curl_socket_ready(sockfd, CURL_SOCKET_BAD, (int)interval_ms)) {
      case -1: /* select() error, stop reading */
        result = CURLE_RECV_ERROR;
        failf(data, "FTP response aborted due to select/poll error: %d",
              SOCKERRNO);
-        break;
+        return CURLE_RECV_ERROR;
      case 0: /* timeout */
        if(Curl_pgrsUpdate(conn))
          return CURLE_ABORTED_BY_CALLBACK;
        continue; /* just continue in our loop for the timeout duration */
-      default:
+      default: /* for clarity */
        break;
      }
    }
-    if(CURLE_OK == result) {
+    result = ftp_readresp(sockfd, conn, ftpcode, &nread);
-      /*
+    if(result)
-       * This code previously didn't use the kerberos sec_read() code
+      break;
       * to read, but when we use Curl_read() it may do so. Do confirm
       * that this is still ok and then remove this comment!
       */
      if(ftpc->cache) {
        /* we had data in the "cache", copy that instead of doing an actual
         * read
         *
         * Dave Meyer, December 2003:
         * ftp->cache_size is cast to int here.  This should be safe,
         * because it would have been populated with something of size
         * int to begin with, even though its datatype may be larger
         * than an int.
         */
        memcpy(ptr, ftpc->cache, (int)ftpc->cache_size);
        gotbytes = (int)ftpc->cache_size;
        free(ftpc->cache);    /* free the cache */
        ftpc->cache = NULL;   /* clear the pointer */
        ftpc->cache_size = 0; /* zero the size just in case */
      }
      else {
        int res = Curl_read(conn, sockfd, ptr, BUFSIZE-*nreadp, &gotbytes);
        if(res < 0)
          /* EWOULDBLOCK */
          continue; /* go looping again */
-#ifdef CURL_DOES_CONVERSIONS
+    if(!nread && ftpc->cache)
-        if((res == CURLE_OK) && (gotbytes > 0)) {
+      /* bump cache skip counter as on repeated skips we must wait for more
-          /* convert from the network encoding */
+         data */
-          result = res = Curl_convert_from_network(data, ptr, gotbytes);
+      cache_skip++;
-          /* Curl_convert_from_network calls failf if unsuccessful */
+    else
-        }
+      /* when we got data or there is no cache left, we reset the cache skip
-#endif /* CURL_DOES_CONVERSIONS */
+         counter */
      cache_skip=0;
-        if(CURLE_OK != res)
+    *nreadp += nread;
          keepon = FALSE;
      }
      if(!keepon)
        ;
      else if(gotbytes <= 0) {
        keepon = FALSE;
        result = CURLE_RECV_ERROR;
        failf(data, "FTP response reading failed");
      }
      else {
        /* we got a whole chunk of data, which can be anything from one
         * byte to a set of lines and possible just a piece of the last
         * line */
        int i;
        data->reqdata.keep.headerbytecount += gotbytes;
        *nreadp += gotbytes;
        for(i = 0; i < gotbytes; ptr++, i++) {
          perline++;
          if(*ptr=='\n') {
            /* a newline is CRLF in ftp-talk, so the CR is ignored as
               the line isn't really terminated until the LF comes */
            /* output debug output if that is requested */
            if(data->set.verbose)
              Curl_debug(data, CURLINFO_HEADER_IN,
                         line_start, (size_t)perline, conn);
            /*
             * We pass all response-lines to the callback function registered
             * for "headers". The response lines can be seen as a kind of
             * headers.
             */
            result = Curl_client_write(conn, CLIENTWRITE_HEADER,
                                       line_start, perline);
            if(result)
              return result;
            if(perline>3 && lastline(line_start)) {
              /* This is the end of the last line, copy the last
               * line to the start of the buffer and zero terminate,
               * for old times sake (and krb4)! */
              char *meow;
              int n;
              for(meow=line_start, n=0; meow<ptr; meow++, n++)
                buf[n] = *meow;
              *meow=0; /* zero terminate */
              keepon=FALSE;
              line_start = ptr+1; /* advance pointer */
              i++; /* skip this before getting out */
              break;
            }
            perline=0; /* line starts over here */
            line_start = ptr+1;
          }
        }
        if(!keepon && (i != gotbytes)) {
          /* We found the end of the response lines, but we didn't parse the
             full chunk of data we have read from the server. We therefore
             need to store the rest of the data to be checked on the next
             invoke as it may actually contain another end of response
             already!  Cleverly figured out by Eric Lavigne in December
             2001. */
          ftpc->cache_size = gotbytes - i;
          ftpc->cache = (char *)malloc((int)ftpc->cache_size);
          if(ftpc->cache)
            memcpy(ftpc->cache, line_start, (int)ftpc->cache_size);
          else
            return CURLE_OUT_OF_MEMORY; /**BANG**/
        }
      } /* there was data */
    } /* if(no error) */
  } /* while there's buffer left and loop is requested */
  if(!result)
    code = atoi(buf);
 #ifdef HAVE_KRB4
  /* handle the security-oriented responses 6xx ***/
  /* FIXME: some errorchecking perhaps... ***/
  switch(code) {
  case 631:
    Curl_sec_read_msg(conn, buf, prot_safe);
    break;
  case 632:
    Curl_sec_read_msg(conn, buf, prot_private);
    break;
  case 633:
    Curl_sec_read_msg(conn, buf, prot_confidential);
    break;
  default:
    /* normal ftp stuff we pass through! */
    break;
  }
 #endif
  if(ftpcode)
    *ftpcode=code; /* return the initial number like this */
  /* store the latest code for later retrieval */
  conn->data->info.httpcode=code;
  return result;
 }
@@ -680,7 +637,7 @@ static void state(struct connectdata *conn,
 {
 #if defined(CURLDEBUG) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
  /* for debug purposes */
-  const char *names[]={
+  static const char * const names[]={
    "STOP",
    "WAIT220",
    "AUTH",
@@ -837,7 +794,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
  char hbuf[NI_MAXHOST];
  struct sockaddr *sa=(struct sockaddr *)&ss;
  char tmp[1024];
-  const char *mode[] = { "EPRT", "PORT", NULL };
+  static const char * const mode[] = { "EPRT", "PORT", NULL };
  int rc;
  int error;
  char *host=NULL;
@@ -846,11 +803,12 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
  /* Step 1, figure out what address that is requested */
-  if(data->set.ftpport && (strlen(data->set.ftpport) > 1)) {
+  if(data->set.str[STRING_FTPPORT] &&
     (strlen(data->set.str[STRING_FTPPORT]) > 1)) {
    /* attempt to get the address of the given interface name */
-    if(!Curl_if2ip(data->set.ftpport, hbuf, sizeof(hbuf)))
+    if(!Curl_if2ip(data->set.str[STRING_FTPPORT], hbuf, sizeof(hbuf)))
      /* not an interface, use the given string as host name instead */
-      host = data->set.ftpport;
+      host = data->set.str[STRING_FTPPORT];
    else
      host = hbuf; /* use the hbuf for host name */
  } /* data->set.ftpport */
@@ -1055,27 +1013,28 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
  unsigned short ip[4];
  bool freeaddr = TRUE;
  socklen_t sslen = sizeof(sa);
  const char *ftpport = data->set.str[STRING_FTPPORT];
  (void)fcmd; /* not used in the IPv4 code */
-  if(data->set.ftpport) {
+  if(ftpport) {
    in_addr_t in;
    /* First check if the given name is an IP address */
-    in=inet_addr(data->set.ftpport);
+    in=inet_addr(ftpport);
    if(in != CURL_INADDR_NONE)
      /* this is an IPv4 address */
-      addr = Curl_ip2addr(in, data->set.ftpport, 0);
+      addr = Curl_ip2addr(in, ftpport, 0);
    else {
-      if(Curl_if2ip(data->set.ftpport, myhost, sizeof(myhost))) {
+      if(Curl_if2ip(ftpport, myhost, sizeof(myhost))) {
        /* The interface to IP conversion provided a dotted address */
        in=inet_addr(myhost);
        addr = Curl_ip2addr(in, myhost, 0);
      }
-      else if(strlen(data->set.ftpport)> 1) {
+      else if(strlen(ftpport)> 1) {
        /* might be a host name! */
        struct Curl_dns_entry *h=NULL;
-        int rc = Curl_resolv(conn, data->set.ftpport, 0, &h);
+        int rc = Curl_resolv(conn, ftpport, 0, &h);
        if(rc == CURLRESOLV_PENDING)
          /* BLOCKING */
          rc = Curl_wait_for_resolv(conn, &h);
@@ -1089,11 +1048,11 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
                               since it points to a DNS cache entry! */
        } /* (h) */
        else {
-          infof(data, "Failed to resolve host name %s\n", data->set.ftpport);
+          infof(data, "Failed to resolve host name %s\n", ftpport);
        }
      } /* strlen */
    } /* CURL_INADDR_NONE */
-  } /* data->set.ftpport */
+  } /* ftpport */
  if(!addr) {
    /* pick a suitable default here */
@@ -1221,7 +1180,7 @@ static CURLcode ftp_state_use_pasv(struct connectdata *conn)
  */
-  const char *mode[] = { "EPSV", "PASV", NULL };
+  static const char * const mode[] = { "EPSV", "PASV", NULL };
  int modeoff;
 #ifdef PF_INET6
@@ -1276,8 +1235,8 @@ static CURLcode ftp_state_post_size(struct connectdata *conn)
  CURLcode result = CURLE_OK;
  struct FTP *ftp = conn->data->reqdata.proto.ftp;
-  if(ftp->no_transfer) {
+  if(ftp->no_transfer && ftp->file) {
-    /* if a "head"-like request is being made */
+    /* if a "head"-like request is being made (on a file) */
    /* Determine if server can respond to REST command and therefore
       whether it supports range */
@@ -1296,8 +1255,8 @@ static CURLcode ftp_state_post_type(struct connectdata *conn)
  CURLcode result = CURLE_OK;
  struct FTP *ftp = conn->data->reqdata.proto.ftp;
-  if(ftp->no_transfer) {
+  if(ftp->no_transfer && ftp->file) {
-    /* if a "head"-like request is being made */
+    /* if a "head"-like request is being made (on a file) */
    /* we know ftp->file is a valid pointer to a file name */
    NBFTPSENDF(conn, "SIZE %s", ftp->file);
@@ -1321,7 +1280,8 @@ static CURLcode ftp_state_post_listtype(struct connectdata *conn)
     servers either... */
  NBFTPSENDF(conn, "%s",
-             data->set.customrequest?data->set.customrequest:
+             data->set.str[STRING_CUSTOMREQUEST]?
             data->set.str[STRING_CUSTOMREQUEST]:
             (data->set.ftp_list_only?"NLST":"LIST"));
  state(conn, FTP_LIST);
@@ -1452,7 +1412,7 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
        readthisamountnow = BUFSIZE;
      actuallyread = (curl_off_t)
-        conn->fread(data->state.buffer, 1, (size_t)readthisamountnow,
+        conn->fread_func(data->state.buffer, 1, (size_t)readthisamountnow,
                    conn->fread_in);
      passed += actuallyread;
@@ -1610,7 +1570,9 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
        if(ptr) {
          newport = (unsigned short)(num & 0xffff);
-          if (conn->bits.tunnel_proxy)
+          if (conn->bits.tunnel_proxy ||
              data->set.proxytype == CURLPROXY_SOCKS5 ||
              data->set.proxytype == CURLPROXY_SOCKS4)
            /* proxy tunnel -> use other host info because ip_addr_str is the
               proxy address not the ftp host */
            snprintf(newhost, sizeof(newhost), "%s", conn->host.name);
@@ -1662,7 +1624,9 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
      infof(data, "Skips %d.%d.%d.%d for data connection, uses %s instead\n",
            ip[0], ip[1], ip[2], ip[3],
            conn->ip_addr_str);
-      if (conn->bits.tunnel_proxy)
+      if (conn->bits.tunnel_proxy ||
          data->set.proxytype == CURLPROXY_SOCKS5 ||
          data->set.proxytype == CURLPROXY_SOCKS4)
        /* proxy tunnel -> use other host info because ip_addr_str is the
           proxy address not the ftp host */
        snprintf(newhost, sizeof(newhost), "%s", conn->host.name);
@@ -1691,7 +1655,7 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
    return CURLE_FTP_WEIRD_PASV_REPLY;
  }
-  if(data->set.proxy && *data->set.proxy) {
+  if(data->set.str[STRING_PROXY] && *data->set.str[STRING_PROXY]) {
    /*
     * This is a tunnel through a http proxy and we need to connect to the
     * proxy again here.
@@ -1866,6 +1830,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata *conn,
        data->info.filetime = (long)curl_getdate(buf, &secs);
      }
 #ifdef CURL_FTP_HTTPSTYLE_HEAD
      /* If we asked for a time of the file and we actually got one as well,
         we "emulate" a HTTP-style header in our output. */
@@ -1896,6 +1861,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata *conn,
        if(result)
          return result;
      } /* end of a ridiculous amount of conditionals */
 #endif
    }
    break;
  default:
@@ -1952,7 +1918,7 @@ static CURLcode ftp_state_type_resp(struct connectdata *conn,
       successful 'TYPE I'. While that is not as RFC959 says, it is still a
       positive response code and we allow that. */
    failf(data, "Couldn't set desired mode");
-    return CURLE_FTP_COULDNT_SET_BINARY; /* FIX */
+    return CURLE_FTP_COULDNT_SET_TYPE;
  }
  if(ftpcode != 200)
    infof(data, "Got a %03d response code instead of the assumed 200\n",
@@ -2064,6 +2030,7 @@ static CURLcode ftp_state_size_resp(struct connectdata *conn,
  filesize = (ftpcode == 213)?curlx_strtoofft(buf+4, NULL, 0):-1;
  if(instate == FTP_SIZE) {
 #ifdef CURL_FTP_HTTPSTYLE_HEAD
    if(-1 != filesize) {
      snprintf(buf, sizeof(data->state.buffer),
               "Content-Length: %" FORMAT_OFF_T "\r\n", filesize);
@@ -2071,10 +2038,14 @@ static CURLcode ftp_state_size_resp(struct connectdata *conn,
      if(result)
        return result;
    }
 #endif
    Curl_pgrsSetDownloadSize(data, filesize);
    result = ftp_state_post_size(conn);
  }
-  else if(instate == FTP_RETR_SIZE)
+  else if(instate == FTP_RETR_SIZE) {
    Curl_pgrsSetDownloadSize(data, filesize);
    result = ftp_state_post_retr_size(conn, filesize);
  }
  else if(instate == FTP_STOR_SIZE) {
    data->reqdata.resume_from = filesize;
    result = ftp_state_ul_setup(conn, TRUE);
@@ -2093,13 +2064,14 @@ static CURLcode ftp_state_rest_resp(struct connectdata *conn,
  switch(instate) {
  case FTP_REST:
  default:
 #ifdef CURL_FTP_HTTPSTYLE_HEAD
    if (ftpcode == 350) {
-      result = Curl_client_write(conn, CLIENTWRITE_BOTH,
+      char buffer[24]= { "Accept-ranges: bytes\r\n" };
-                               (char *)"Accept-ranges: bytes\r\n", 0);
+      result = Curl_client_write(conn, CLIENTWRITE_BOTH, buffer, 0);
      if(result)
        return result;
    }
-
+#endif
    result = ftp_state_post_rest(conn);
    break;
@@ -2128,7 +2100,7 @@ static CURLcode ftp_state_stor_resp(struct connectdata *conn,
  if(ftpcode>=400) {
    failf(data, "Failed FTP upload: %0d", ftpcode);
    /* oops, we never close the sockets! */
-    return CURLE_FTP_COULDNT_STOR_FILE;
+    return CURLE_UPLOAD_FAILED;
  }
  if(data->set.ftp_use_port) {
@@ -2295,14 +2267,7 @@ static CURLcode ftp_state_loggedin(struct connectdata *conn)
  CURLcode result = CURLE_OK;
 #ifdef HAVE_KRB4
-  if(conn->data->set.krb4) {
+  if(conn->data->set.krb) {
    /* We are logged in, asked to use Kerberos. Set the requested
     * protection level
     */
    if(conn->sec_complete)
      /* BLOCKING */
      Curl_sec_set_protection_level(conn);
    /* We may need to issue a KAUTH here to have access to the files
     * do it if user supplied a password
     */
@@ -2349,6 +2314,7 @@ static CURLcode ftp_state_user_resp(struct connectdata *conn,
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  (void)instate; /* no use for this yet */
  /* some need password anyway, and others just return 2xx ignored */
  if((ftpcode == 331) && (ftpc->state == FTP_USER)) {
    /* 331 Password required for ...
       (the server requires to send the user's password too) */
@@ -2361,8 +2327,8 @@ static CURLcode ftp_state_user_resp(struct connectdata *conn,
    result = ftp_state_loggedin(conn);
  }
  else if(ftpcode == 332) {
-    if(data->set.ftp_account) {
+    if(data->set.str[STRING_FTP_ACCOUNT]) {
-      NBFTPSENDF(conn, "ACCT %s", data->set.ftp_account);
+      NBFTPSENDF(conn, "ACCT %s", data->set.str[STRING_FTP_ACCOUNT]);
      state(conn, FTP_ACCT);
    }
    else {
@@ -2376,10 +2342,11 @@ static CURLcode ftp_state_user_resp(struct connectdata *conn,
    530 User ... access denied
    (the server denies to log the specified user) */
-    if (conn->data->set.ftp_alternative_to_user &&
+    if (conn->data->set.str[STRING_FTP_ALTERNATIVE_TO_USER] &&
        !conn->data->state.ftp_trying_alternative) {
      /* Ok, USER failed.  Let's try the supplied command. */
-      NBFTPSENDF(conn, "%s", conn->data->set.ftp_alternative_to_user);
+      NBFTPSENDF(conn, "%s",
                 conn->data->set.str[STRING_FTP_ALTERNATIVE_TO_USER]);
      conn->data->state.ftp_trying_alternative = TRUE;
      state(conn, FTP_USER);
      result = CURLE_OK;
@@ -2457,15 +2424,15 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
      }
      /* We have received a 220 response fine, now we proceed. */
-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
-      if(data->set.krb4) {
+      if(data->set.krb) {
        /* If not anonymous login, try a secure login. Note that this
           procedure is still BLOCKING. */
        Curl_sec_request_prot(conn, "private");
        /* We set private first as default, in case the line below fails to
           set a valid level */
-        Curl_sec_request_prot(conn, data->set.krb4_level);
+        Curl_sec_request_prot(conn, data->set.str[STRING_KRB_LEVEL]);
        if(Curl_sec_login(conn) != 0)
          infof(data, "Logging in with password in cleartext!\n");
@@ -2531,9 +2498,9 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
        /* remain in this same state */
      }
      else {
-        if(data->set.ftp_ssl > CURLFTPSSL_TRY)
+        if(data->set.ftp_ssl > CURLUSESSL_TRY)
-          /* we failed and CURLFTPSSL_CONTROL or CURLFTPSSL_ALL is set */
+          /* we failed and CURLUSESSL_CONTROL or CURLUSESSL_ALL is set */
-          result = CURLE_FTP_SSL_FAILED;
+          result = CURLE_USE_SSL_FAILED;
        else
          /* ignore the failure and continue */
          result = ftp_state_user(conn);
@@ -2563,7 +2530,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
      */
      if(!conn->ssl[SECONDARYSOCKET].use) {
        NBFTPSENDF(conn, "PROT %c",
-                   data->set.ftp_ssl == CURLFTPSSL_CONTROL ? 'C' : 'P');
+                   data->set.ftp_ssl == CURLUSESSL_CONTROL ? 'C' : 'P');
        state(conn, FTP_PROT);
      }
      else {
@@ -2578,12 +2545,12 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
      if(ftpcode/100 == 2)
        /* We have enabled SSL for the data connection! */
        conn->ssl[SECONDARYSOCKET].use =
-          (bool)(data->set.ftp_ssl != CURLFTPSSL_CONTROL);
+          (bool)(data->set.ftp_ssl != CURLUSESSL_CONTROL);
      /* FTP servers typically responds with 500 if they decide to reject
         our 'P' request */
-      else if(data->set.ftp_ssl> CURLFTPSSL_CONTROL)
+      else if(data->set.ftp_ssl > CURLUSESSL_CONTROL)
        /* we failed and bails out */
-        return CURLE_FTP_SSL_FAILED;
+        return CURLE_USE_SSL_FAILED;
      if(data->set.ftp_ccc) {
        /* CCC - Clear Command Channel
@@ -2600,13 +2567,13 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
    case FTP_CCC:
      if (ftpcode < 500) {
-	/* First shut down the SSL layer (note: this call will block) */
+        /* First shut down the SSL layer (note: this call will block) */
-	result = Curl_ssl_shutdown(conn, FIRSTSOCKET);
+        result = Curl_ssl_shutdown(conn, FIRSTSOCKET);
-	if(result) {
+        if(result) {
-	  failf(conn->data, "Failed to clear the command channel (CCC)");
+          failf(conn->data, "Failed to clear the command channel (CCC)");
-	  return result;
+          return result;
-	}
+        }
      }
      /* Then continue as normal */
@@ -2674,7 +2641,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
    case FTP_STOR_PREQUOTE:
      if(ftpcode >= 400) {
        failf(conn->data, "QUOT command failed with %03d", ftpcode);
-        return CURLE_FTP_QUOTE_ERROR;
+        return CURLE_QUOTE_ERROR;
      }
      result = ftp_state_quote(conn, FALSE, ftpc->state);
      if(result)
@@ -2697,7 +2664,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
          failf(data, "Server denied you to change to the given directory");
          ftpc->cwdfail = TRUE; /* don't remember this path as we failed
                                   to enter it */
-          return CURLE_FTP_ACCESS_DENIED;
+          return CURLE_REMOTE_ACCESS_DENIED;
        }
      }
      else {
@@ -2719,7 +2686,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
      if(ftpcode/100 != 2) {
        /* failure to MKD the dir */
        failf(data, "Failed to MKD dir: %03d", ftpcode);
-        return CURLE_FTP_ACCESS_DENIED;
+        return CURLE_REMOTE_ACCESS_DENIED;
      }
      state(conn, FTP_CWD);
      /* send CWD */
@@ -3005,7 +2972,8 @@ CURLcode Curl_ftp_connect(struct connectdata *conn,
 *
 * Input argument is already checked for validity.
 */
-CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status, bool premature)
+CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status,
                       bool premature)
 {
  struct SessionHandle *data = conn->data;
  struct FTP *ftp = data->reqdata.proto.ftp;
@@ -3030,10 +2998,10 @@ CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status, bool premature
  case CURLE_BAD_DOWNLOAD_RESUME:
  case CURLE_FTP_WEIRD_PASV_REPLY:
  case CURLE_FTP_PORT_FAILED:
-  case CURLE_FTP_COULDNT_SET_BINARY:
+  case CURLE_FTP_COULDNT_SET_TYPE:
  case CURLE_FTP_COULDNT_RETR_FILE:
-  case CURLE_FTP_COULDNT_STOR_FILE:
+  case CURLE_UPLOAD_FAILED:
-  case CURLE_FTP_ACCESS_DENIED:
+  case CURLE_REMOTE_ACCESS_DENIED:
  case CURLE_FILESIZE_EXCEEDED:
    /* the connection stays alive fine even though this happened */
    /* fall-through */
@@ -3067,12 +3035,19 @@ CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status, bool premature
  } else {
    size_t flen = ftp->file?strlen(ftp->file):0; /* file is "raw" already */
    size_t dlen = strlen(path)-flen;
-    if(dlen && !ftpc->cwdfail) {
+    if(!ftpc->cwdfail) {
-      ftpc->prevpath = path;
+      if(dlen) {
-      if(flen)
+        ftpc->prevpath = path;
-	/* if 'path' is not the whole string */
+        if(flen)
-	ftpc->prevpath[dlen]=0; /* terminate */
+          /* if 'path' is not the whole string */
-      infof(data, "Remembering we are in dir %s\n", ftpc->prevpath);
+          ftpc->prevpath[dlen]=0; /* terminate */
      }
      else {
        /* we never changed dir */
        ftpc->prevpath=strdup("");
        free(path);
      }
      infof(data, "Remembering we are in dir \"%s\"\n", ftpc->prevpath);
    }
    else {
      ftpc->prevpath = NULL; /* no path */
@@ -3082,7 +3057,7 @@ CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status, bool premature
  /* free the dir tree and file parts */
  freedirs(conn);
-#ifdef HAVE_KRB4
+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  Curl_sec_fflush_fd(conn, conn->sock[SECONDARYSOCKET]);
 #endif
@@ -3092,6 +3067,14 @@ CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status, bool premature
  shutdown(conn->sock[SECONDARYSOCKET],2);  /* SD_BOTH */
 #endif
  if(conn->ssl[SECONDARYSOCKET].use) {
    /* The secondary socket is using SSL so we must close down that part first
       before we close the socket for real */
    Curl_ssl_close(conn, SECONDARYSOCKET);
    /* Note that we keep "use" set to TRUE since that (next) connection is
       still requested to use SSL */
  }
  sclose(conn->sock[SECONDARYSOCKET]);
  conn->sock[SECONDARYSOCKET] = CURL_SOCKET_BAD;
@@ -3114,7 +3097,7 @@ CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status, bool premature
    if(!nread && (CURLE_OPERATION_TIMEDOUT == result)) {
      failf(data, "control connection looks dead");
      ftpc->ctl_valid = FALSE; /* mark control connection as bad */
-      return result;
+      conn->bits.close = TRUE; /* mark for closure */
    }
    if(result)
@@ -3204,7 +3187,7 @@ CURLcode ftp_sendquote(struct connectdata *conn, struct curl_slist *quote)
      if (ftpcode >= 400) {
        failf(conn->data, "QUOT string not accepted: %s", item->data);
-        return CURLE_FTP_QUOTE_ERROR;
+        return CURLE_QUOTE_ERROR;
      }
    }
@@ -3239,7 +3222,7 @@ static CURLcode ftp_nb_type(struct connectdata *conn,
 {
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  CURLcode result;
-  int want = ascii?'A':'I';
+  char want = ascii?'A':'I';
  if (ftpc->transfertype == want) {
    state(conn, newstate);
@@ -3250,7 +3233,7 @@ static CURLcode ftp_nb_type(struct connectdata *conn,
  state(conn, newstate);
  /* keep track of our current transfer type */
-  ftpc->transfertype = (char)want;
+  ftpc->transfertype = want;
  return CURLE_OK;
 }
@@ -3492,16 +3475,21 @@ CURLcode Curl_nbftpsendf(struct connectdata *conn,
                       const char *fmt, ...)
 {
  ssize_t bytes_written;
-  char s[256];
+/* may still not be big enough for some krb5 tokens */
 #define SBUF_SIZE 1024
  char s[SBUF_SIZE];
  size_t write_len;
  char *sptr=s;
  CURLcode res = CURLE_OK;
  struct SessionHandle *data = conn->data;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  enum protection_level data_sec = conn->data_prot;
 #endif
  va_list ap;
  va_start(ap, fmt);
-  vsnprintf(s, 250, fmt, ap);
+  vsnprintf(s, SBUF_SIZE-3, fmt, ap);
  va_end(ap);
  strcat(s, "\r\n"); /* append a trailing CRLF */
@@ -3519,8 +3507,14 @@ CURLcode Curl_nbftpsendf(struct connectdata *conn,
  }
 #endif /* CURL_DOES_CONVERSIONS */
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  conn->data_prot = prot_cmd;
 #endif
  res = Curl_write(conn, conn->sock[FIRSTSOCKET], sptr, write_len,
                   &bytes_written);
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  conn->data_prot = data_sec;
 #endif
  if(CURLE_OK != res)
    return res;
@@ -3553,14 +3547,17 @@ CURLcode Curl_ftpsendf(struct connectdata *conn,
                       const char *fmt, ...)
 {
  ssize_t bytes_written;
-  char s[256];
+  char s[SBUF_SIZE];
  size_t write_len;
  char *sptr=s;
  CURLcode res = CURLE_OK;
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
  enum protection_level data_sec = conn->data_prot;
 #endif
  va_list ap;
  va_start(ap, fmt);
-  vsnprintf(s, 250, fmt, ap);
+  vsnprintf(s, SBUF_SIZE-3, fmt, ap);
  va_end(ap);
  strcat(s, "\r\n"); /* append a trailing CRLF */
@@ -3577,8 +3574,14 @@ CURLcode Curl_ftpsendf(struct connectdata *conn,
 #endif /* CURL_DOES_CONVERSIONS */
  while(1) {
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
    conn->data_prot = prot_cmd;
 #endif
    res = Curl_write(conn, conn->sock[FIRSTSOCKET], sptr, write_len,
                     &bytes_written);
 #if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
    conn->data_prot = data_sec;
 #endif
    if(CURLE_OK != res)
      break;
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -176,7 +176,7 @@ CURLcode Curl_getinfo(struct SessionHandle *data, CURLINFO info, ...)
    *param_charp = data->info.contenttype;
    break;
  case CURLINFO_PRIVATE:
-    *param_charp = data->set.private_data;
+    *param_charp = (char *) data->set.private_data;
    break;
  case CURLINFO_HTTPAUTH_AVAIL:
    *param_longp = data->info.httpauthavail;
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -175,7 +175,7 @@ static CURLcode handshake(struct connectdata *conn,
      if(timeout_ms < 0) {
        /* a precaution, no need to continue if time already is up */
        failf(data, "SSL connection timeout");
-        return CURLE_OPERATION_TIMEOUTED;
+        return CURLE_OPERATION_TIMEDOUT;
      }
      rc = Curl_socket_ready(conn->sock[sockindex],
@@ -227,7 +227,7 @@ Curl_gtls_connect(struct connectdata *conn,
                  int sockindex)
 {
-  const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
+  static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
  struct SessionHandle *data = conn->data;
  gnutls_session session;
  int rc;
@@ -299,11 +299,13 @@ Curl_gtls_connect(struct connectdata *conn,
  if(rc < 0)
    return CURLE_SSL_CONNECT_ERROR;
-  if(data->set.cert) {
+  if(data->set.str[STRING_CERT]) {
    if( gnutls_certificate_set_x509_key_file(
-          conn->ssl[sockindex].cred, data->set.cert,
+          conn->ssl[sockindex].cred,
-          data->set.key != 0 ? data->set.key : data->set.cert,
+          data->set.str[STRING_CERT],
-          do_file_type(data->set.cert_type) ) ) {
+          data->set.str[STRING_KEY] ?
          data->set.str[STRING_KEY] : data->set.str[STRING_CERT],
          do_file_type(data->set.str[STRING_CERT_TYPE]) ) ) {
      failf(data, "error reading X.509 key or certificate file");
      return CURLE_SSL_CONNECT_ERROR;
    }
@@ -420,6 +422,43 @@ Curl_gtls_connect(struct connectdata *conn,
  else
    infof(data, "\t common name: %s (matched)\n", certbuf);
  /* Check for time-based validity */
  clock = gnutls_x509_crt_get_expiration_time(x509_cert);
  if(clock == (time_t)-1) {
    failf(data, "server cert expiration date verify failed");
    return CURLE_SSL_CONNECT_ERROR;
  }
  if(clock < time(NULL)) {
    if (data->set.ssl.verifypeer) {
      failf(data, "server certificate expiration date has passed.");
      return CURLE_SSL_PEER_CERTIFICATE;
    }
    else
      infof(data, "\t server certificate expiration date FAILED\n");
  }
  else
    infof(data, "\t server certificate expiration date OK\n");
  clock = gnutls_x509_crt_get_activation_time(x509_cert);
  if(clock == (time_t)-1) {
    failf(data, "server cert activation date verify failed");
    return CURLE_SSL_CONNECT_ERROR;
  }
  if(clock > time(NULL)) {
    if (data->set.ssl.verifypeer) {
      failf(data, "server certificate not activated yet.");
      return CURLE_SSL_PEER_CERTIFICATE;
    }
    else
      infof(data, "\t server certificate activation date FAILED\n");
  }
  else
    infof(data, "\t server certificate activation date OK\n");
  /* Show:
  - ciphers used
@@ -519,17 +558,17 @@ static void close_one(struct connectdata *conn,
  if(conn->ssl[index].session) {
    gnutls_bye(conn->ssl[index].session, GNUTLS_SHUT_RDWR);
    gnutls_deinit(conn->ssl[index].session);
    conn->ssl[index].session = NULL;
  }
-  if(conn->ssl[index].cred)
+  if(conn->ssl[index].cred) {
    gnutls_certificate_free_credentials(conn->ssl[index].cred);
    conn->ssl[index].cred = NULL;
  }
 }
-void Curl_gtls_close(struct connectdata *conn)
+void Curl_gtls_close(struct connectdata *conn, int sockindex)
 {
-  if(conn->ssl[0].use)
+  close_one(conn, sockindex);
    close_one(conn, 0);
  if(conn->ssl[1].use)
    close_one(conn, 1);
 }
 /*
@@ -594,8 +633,8 @@ int Curl_gtls_shutdown(struct connectdata *conn, int sockindex)
  }
  gnutls_certificate_free_credentials(conn->ssl[sockindex].cred);
  conn->ssl[sockindex].cred = NULL;
  conn->ssl[sockindex].session = NULL;
  conn->ssl[sockindex].use = FALSE;
  return retval;
 }
@@ -652,7 +691,7 @@ void Curl_gtls_session_free(void *ptr)
 size_t Curl_gtls_version(char *buffer, size_t size)
 {
-  return snprintf(buffer, size, " GnuTLS/%s", gnutls_check_version(NULL));
+  return snprintf(buffer, size, "GnuTLS/%s", gnutls_check_version(NULL));
 }
 #endif /* USE_GNUTLS */
--- a/lib/gtls.h
+++ b/lib/gtls.h
@@ -29,7 +29,9 @@ CURLcode Curl_gtls_connect(struct connectdata *conn, int sockindex);
 /* tell GnuTLS to close down all open information regarding connections (and
   thus session ID caching etc) */
 void Curl_gtls_close_all(struct SessionHandle *data);
-void Curl_gtls_close(struct connectdata *conn); /* close a SSL connection */
+
 /* close a SSL connection */
 void Curl_gtls_close(struct connectdata *conn, int index);
 /* return number of sent (non-SSL) bytes */
 ssize_t Curl_gtls_send(struct connectdata *conn, int sockindex,
--- a/lib/hash.c
+++ b/lib/hash.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -33,20 +33,6 @@
 /* this must be the last include file */
 #include "memdebug.h"
 static unsigned long
 hash_str(const char *key, size_t key_length)
 {
  char *end = (char *) key + key_length;
  unsigned long h = 5381;
  while (key < end) {
    h += h << 5;
    h ^= (unsigned long) *key++;
  }
  return h;
 }
 static void
 hash_element_dtor(void *user, void *element)
 {
@@ -63,10 +49,20 @@ hash_element_dtor(void *user, void *element)
 /* return 1 on error, 0 is fine */
 int
-Curl_hash_init(struct curl_hash *h, int slots, curl_hash_dtor dtor)
+Curl_hash_init(struct curl_hash *h,
               int slots,
               hash_function hfunc,
               comp_function comparator,
               curl_hash_dtor dtor)
 {
  int i;
  if (!slots || !hfunc || !comparator ||!dtor) {
    return 1; /* failure */
  }
  h->hash_func = hfunc;
  h->comp_func = comparator;
  h->dtor = dtor;
  h->size = 0;
  h->slots = slots;
@@ -89,13 +85,20 @@ Curl_hash_init(struct curl_hash *h, int slots, curl_hash_dtor dtor)
 }
 struct curl_hash *
-Curl_hash_alloc(int slots, curl_hash_dtor dtor)
+Curl_hash_alloc(int slots,
                hash_function hfunc,
                comp_function comparator,
                curl_hash_dtor dtor)
 {
  struct curl_hash *h;
  if (!slots || !hfunc || !comparator ||!dtor) {
    return NULL; /* failure */
  }
  h = (struct curl_hash *) malloc(sizeof(struct curl_hash));
  if (h) {
-    if(Curl_hash_init(h, slots, dtor)) {
+    if(Curl_hash_init(h, slots, hfunc, comparator, dtor)) {
      /* failure */
      free(h);
      h = NULL;
@@ -105,26 +108,16 @@ Curl_hash_alloc(int slots, curl_hash_dtor dtor)
  return h;
 }
 static int
 hash_key_compare(char *key1, size_t key1_len, char *key2, size_t key2_len)
 {
  if (key1_len == key2_len &&
      *key1 == *key2 &&
      memcmp(key1, key2, key1_len) == 0) {
    return 1;
  }
  return 0;
 }
 static struct curl_hash_element *
-mk_hash_element(char *key, size_t key_len, const void *p)
+mk_hash_element(const void *key, size_t key_len, const void *p)
 {
  struct curl_hash_element *he =
    (struct curl_hash_element *) malloc(sizeof(struct curl_hash_element));
  if(he) {
-    char *dup = malloc(key_len);
+    void *dup = malloc(key_len);
    if(dup) {
      /* copy the key */
      memcpy(dup, key, key_len);
@@ -142,22 +135,20 @@ mk_hash_element(char *key, size_t key_len, const void *p)
  return he;
 }
-#define find_slot(__h, __k, __k_len) (hash_str(__k, __k_len) % (__h)->slots)
+#define FETCH_LIST(x,y,z) x->table[x->hash_func(y, z, x->slots)]
 #define FETCH_LIST(x,y,z) x->table[find_slot(x, y, z)]
 /* Return the data in the hash. If there already was a match in the hash,
   that data is returned. */
 void *
-Curl_hash_add(struct curl_hash *h, char *key, size_t key_len, void *p)
+Curl_hash_add(struct curl_hash *h, void *key, size_t key_len, void *p)
 {
  struct curl_hash_element  *he;
  struct curl_llist_element *le;
-  struct curl_llist *l = FETCH_LIST(h, key, key_len);
+  struct curl_llist *l = FETCH_LIST (h, key, key_len);
  for (le = l->head; le; le = le->next) {
    he = (struct curl_hash_element *) le->ptr;
-    if (hash_key_compare(he->key, he->key_len, key, key_len)) {
+    if (h->comp_func(he->key, he->key_len, key, key_len)) {
      h->dtor(p);     /* remove the NEW entry */
      return he->ptr; /* return the EXISTING entry */
    }
@@ -183,7 +174,7 @@ Curl_hash_add(struct curl_hash *h, char *key, size_t key_len, void *p)
 }
 /* remove the identified hash entry, returns non-zero on failure */
-int Curl_hash_delete(struct curl_hash *h, char *key, size_t key_len)
+int Curl_hash_delete(struct curl_hash *h, void *key, size_t key_len)
 {
  struct curl_llist_element *le;
  struct curl_hash_element  *he;
@@ -191,7 +182,7 @@ int Curl_hash_delete(struct curl_hash *h, char *key, size_t key_len)
  for (le = l->head; le; le = le->next) {
    he = le->ptr;
-    if (hash_key_compare(he->key, he->key_len, key, key_len)) {
+    if (h->comp_func(he->key, he->key_len, key, key_len)) {
      Curl_llist_remove(l, le, (void *) h);
      return 0;
    }
@@ -200,7 +191,7 @@ int Curl_hash_delete(struct curl_hash *h, char *key, size_t key_len)
 }
 void *
-Curl_hash_pick(struct curl_hash *h, char *key, size_t key_len)
+Curl_hash_pick(struct curl_hash *h, void *key, size_t key_len)
 {
  struct curl_llist_element *le;
  struct curl_hash_element  *he;
@@ -208,7 +199,7 @@ Curl_hash_pick(struct curl_hash *h, char *key, size_t key_len)
  for (le = l->head; le; le = le->next) {
    he = le->ptr;
-    if (hash_key_compare(he->key, he->key_len, key, key_len)) {
+    if (h->comp_func(he->key, he->key_len, key, key_len)) {
      return he->ptr;
    }
  }
@@ -282,6 +273,34 @@ Curl_hash_destroy(struct curl_hash *h)
  free(h);
 }
 size_t Curl_hash_str(void* key, size_t key_length, size_t slots_num)
 {
  const char* key_str = (const char *) key;
  const char *end = key_str + key_length;
  unsigned long h = 5381;
  while (key_str < end) {
    h += h << 5;
    h ^= (unsigned long) *key_str++;
  }
  return (h % slots_num);
 }
 size_t Curl_str_key_compare(void*k1, size_t key1_len, void*k2, size_t key2_len)
 {
  char *key1 = (char *)k1;
  char *key2 = (char *)k2;
  if (key1_len == key2_len &&
      *key1 == *key2 &&
      memcmp(key1, key2, key1_len) == 0) {
    return 1;
  }
  return 0;
 }
 #if 0 /* useful function for debugging hashes and their contents */
 void Curl_hash_print(struct curl_hash *h,
                     void (*func)(void *))
--- a/lib/hash.h
+++ b/lib/hash.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -29,10 +29,29 @@
 #include "llist.h"
 /* Hash function prototype */
 typedef size_t (*hash_function) (void* key,
                                 size_t key_length,
                                 size_t slots_num);
 /*
   Comparator function prototype. Compares two keys.
 */
 typedef size_t (*comp_function) (void* key1,
                                 size_t key1_len,
                                 void*key2,
                                 size_t key2_len);
 typedef void (*curl_hash_dtor)(void *);
 struct curl_hash {
  struct curl_llist **table;
  /* Hash function to be used for this hash table */
  hash_function hash_func;
  /* Comparator function to compare keys */
  comp_function comp_func;
  curl_hash_dtor   dtor;
  int slots;
  size_t size;
@@ -45,11 +64,20 @@ struct curl_hash_element {
 };
-int Curl_hash_init(struct curl_hash *, int, curl_hash_dtor);
+int Curl_hash_init(struct curl_hash *h,
-struct curl_hash *Curl_hash_alloc(int, curl_hash_dtor);
+                   int slots,
-void *Curl_hash_add(struct curl_hash *, char *, size_t, void *);
+                   hash_function hfunc,
-int Curl_hash_delete(struct curl_hash *h, char *key, size_t key_len);
+                   comp_function comparator,
-void *Curl_hash_pick(struct curl_hash *, char *, size_t);
+                   curl_hash_dtor dtor);
 struct curl_hash *Curl_hash_alloc(int slots,
                                  hash_function hfunc,
                                  comp_function comparator,
                                  curl_hash_dtor dtor);
 void *Curl_hash_add(struct curl_hash *h, void *key, size_t key_len, void *p);
 int Curl_hash_delete(struct curl_hash *h, void *key, size_t key_len);
 void *Curl_hash_pick(struct curl_hash *, void * key, size_t key_len);
 void Curl_hash_apply(struct curl_hash *h, void *user,
                     void (*cb)(void *user, void *ptr));
 int Curl_hash_count(struct curl_hash *h);
@@ -58,4 +86,8 @@ void Curl_hash_clean_with_criterium(struct curl_hash *h, void *user,
                                    int (*comp)(void *, void *));
 void Curl_hash_destroy(struct curl_hash *h);
 size_t Curl_hash_str(void* key, size_t key_length, size_t slots_num);
 size_t Curl_str_key_compare(void*k1, size_t key1_len, void*k2,
                            size_t key2_len);
 #endif
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -131,7 +131,8 @@ static void freednsentry(void *freethis);
 void Curl_global_host_cache_init(void)
 {
  if (!host_cache_initialized) {
-    Curl_hash_init(&hostname_cache, 7, freednsentry);
+    Curl_hash_init(&hostname_cache, 7, Curl_hash_str, Curl_str_key_compare,
                   freednsentry);
    host_cache_initialized = 1;
  }
 }
@@ -199,7 +200,7 @@ create_hostcache_id(const char *server, int port)
 }
 struct hostcache_prune_data {
-  int cache_timeout;
+  long cache_timeout;
  time_t now;
 };
@@ -231,7 +232,7 @@ hostcache_timestamp_remove(void *datap, void *hc)
 * Prune the DNS cache. This assumes that a lock has already been taken.
 */
 static void
-hostcache_prune(struct curl_hash *hostcache, int cache_timeout, time_t now)
+hostcache_prune(struct curl_hash *hostcache, long cache_timeout, time_t now)
 {
  struct hostcache_prune_data user;
@@ -537,7 +538,7 @@ static void freednsentry(void *freethis)
 */
 struct curl_hash *Curl_mk_dnscache(void)
 {
-  return Curl_hash_alloc(7, freednsentry);
+  return Curl_hash_alloc(7, Curl_hash_str, Curl_str_key_compare, freednsentry);
 }
 #ifdef CURLRES_ADDRINFO_COPY
@@ -574,6 +575,8 @@ void Curl_freeaddrinfo(Curl_addrinfo *ai)
  /* walk over the list and free all entries */
  while(ai) {
    next = ai->ai_next;
    if(ai->ai_canonname)
      free(ai->ai_canonname);
    free(ai);
    ai = next;
  }
--- a/lib/hostip.h
+++ b/lib/hostip.h
@@ -26,9 +26,9 @@
 #include "setup.h"
 #include "hash.h"
-#if (defined(NETWARE) && defined(__NOVELL_LIBC__))
+#ifdef NETWARE
 #undef in_addr_t
-#define in_addr_t uint32_t
+#define in_addr_t unsigned long
 #endif
 /*
--- a/Show More
+++ b/Show More