7.18.1

132 - Xponaut's CURLFORM_STREAM option to curl_formadd()
I'm officially pushing the two remaining issues to the next release instead,
2008-03-30 09:11:35 +00:00 · 2008-03-30 09:08:40 +00:00 · 2008-03-30 09:07:08 +00:00 · 2008-03-28 18:19:11 +00:00 · 2008-03-27 23:13:57 +00:00 · 2008-03-27 23:10:24 +00:00
282 changed files with 16287 additions and 11859 deletions
--- a/696
+++ b/696
@@ -6,6 +6,702 @@
                                  Changelog
 Version 7.18.1 (30 March 2008)
 Daniel Stenberg (28 Mar 2008)
 - Stephen Collyer pointed out that configure --with-libssh2 without a given
  path didn't work properly.
 Daniel Stenberg (27 Mar 2008)
 - As found out and reported by Dan Petitt, libcurl didn't show progress/call
  the progress callback for the first (potentially huge) piece of body data
  sent together with the POST request headers in the initial send().
 Daniel Stenberg (25 Mar 2008)
 - Made setting the CURLOPT_SSL_CTX_FUNCTION option return a failure in case
  libcurl wasn't built to use OpenSSL as that is a prerequisite for this
  option to function!
 Daniel Stenberg (22 Mar 2008)
 - Fixed the problem with doing a zero byte SCP transfer, verified with test
  case 617 (which was added by Daniel Fandrich 5 Mar 2008).
 Daniel Fandrich (20 Mar 2008)
 - Fixed a problem where curl-config --protocols could erroneously show LDAPS
  support when curl didn't even have regular LDAP support.  It looks like
  this could happen when the --enable-ldaps configure switch is given but
  configure couldn't find the LDAP headers or libraries.
 Michal Marek (20 Mar 2008)
 - Added --with-ca-path=DIRECTORY configure option to use an openSSL CApath by
  default instead of a ca bundle. The configure script will also look for a
  ca path if no ca bundle is found and no option given.
 - Fixed detection of previously installed curl-ca-bundle.crt
 Daniel Fandrich (18 Mar 2008)
 - Added test 626 to reproduce an infinite loop when given an invalid
  SFTP quote command reported by Vincent Le Normand, and fixed it.
 Michal Marek (18 Mar 2008)
 - Added curl_easy_getinfo typechecker.
 - Added macros for curl_share_setopt and curl_multi_setopt to check at least
  the correct number of arguments.
 Daniel Fandrich (13 Mar 2008)
 - Added tests 622-625 to test SFTP/SCP uploads. Test 625 was an attempt to
  reproduce the --ftp-create-dirs problem reported by Brian Ulm, but that
  seems to need a call curl_easy_reset() which this test case doesn't do.
 Daniel Stenberg (13 Mar 2008)
 - Brian Ulm figured out that if you did an SFTP upload with
  CURLOPT_FTP_CREATE_MISSING_DIRS to create a directory, and then re-used the
  handle and uploaded another file to another directory that needed to be
  created, the second upload would fail. Another case of a state variable that
  wasn't properly reset between requests.
 - I rewrote the 100-continue code to use a single state variable instead of
  the previous two ones. I think it made the logic somewhat clearer.
 Daniel Stenberg (11 Mar 2008)
 - Dmitry Popov filed bug report #1911069
  (http://curl.haxx.se/bug/view.cgi?id=1911069) that identified a race
  condition in the name resolver code when the DNS cache is shared between
  multiple easy handles, each running in simultaneous threads that could cause
  crashes.
 - Added a macro for curl_easy_setopt() that accepts three arguments and simply
  does nothing with them, just to make sure libcurl users always use three
  arguments to this function. Due to its use of ... for the third argument, it
  is otherwise hard to detect abuse.
 Michal Marek (11 Mar 2008)
 - Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only
  works in C mode atm (http://curl.haxx.se/mail/lib-2008-02/0267.html ,
  http://curl.haxx.se/mail/lib-2008-02/0292.html )
 Daniel Fandrich (10 Mar 2008)
 - Added tests 618-621 to test SFTP/SCP transfers of more than one file
  (test 620 tests the just-fixed problem reported by Brian Ulm).
 Daniel Stenberg (9 Mar 2008)
 - Brian Ulm reported a crash when doing a second SFTP transfer on a re-used
  easy handle if curl_easy_reset() was used between them. I fixed it and Brian
  verified that it cured his problem.
 - Brian Ulm reported that if you first tried to download a non-existing SFTP
  file and then fetched an existing one and re-used the handle, libcurl would
  still report the second one as non-existing as well! I fixed it and Brian
  verified that it cured his problem.
 Michal Marek (6 Mar 2008)
 - Fix the gssapi configure check to detect newer MIT Kerberos (patch by
  Michael Calmer)
 Yang Tse (6 Mar 2008)
 - Fix regression on Curl_socket_ready() and Curl_poll() so that these will
  again fail on select/poll errors different than EINTR.
 Daniel Fandrich (5 Mar 2008)
 - Fixed the test harness so it will write out zero-length data files.
 - Added tests 616 and 617 to see how SFTP and SCP cope with zero-length
  files, as questioned by Mike Protts. SFTP does for me but SCP doesn't
  so test 617 is disabled for now.
 Daniel S (4 Mar 2008)
 - Mike Protts brought a patch that makes resumed transfers work with SFTP.
 Daniel S (1 Mar 2008)
 - Anatoli Tubman found and fixed a crash with Negotiate authentication used on
  a re-used connection where both requests used Negotiate.
 Guenter Knauf (26 Feb 2008)
 - Kaspar Brand provided a patch to support server name indication (RFC 4366).
 Daniel S (25 Feb 2008)
 - Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
  forces it to prefer SSLv3.
 Daniel S (23 Feb 2008)
 - Sam Listopad provided a patch in feature-request #1900014
  http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
  use OpenSSL) support a full chain of certificates in a given PKCS12
  certificate.
 Daniel S (22 Feb 2008)
 - Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model
  options as the lib/Makefile.vc6 already did.
 Daniel S (21 Feb 2008)
 - Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
  happened if you set the connection cache size to 1 and for example failed to
  login to an FTP site. Bug report #1896698
  (http://curl.haxx.se/bug/view.cgi?id=1896698)
 Daniel S (20 Feb 2008)
 - Fixed test case 405 to not fail when libcurl is built with GnuTLS
 - Based on initial work done by Gautam Kachroo to address a bug, we now keep
  better control at the exact state of the connection's SSL status so that we
  know exactly when it has completed the SSL negotiation or not so that there
  won't be accidental re-uses of connections that are wrongly believed to be
  in SSL-completed-negotiate state.
 - We no longer support setting the CURLOPT_URL option from inside a callback
  such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
  following. The patch that introduced this feature was done for 7.11.0, but
  this code and functionality has been broken since about 7.15.4 (March 2006)
  with the introduction of non-blocking OpenSSL "connects".
  It was a hack to begin with and since it doesn't work and hasn't worked
  correctly for a long time and nobody has even noticed, I consider it a very
  suitable subject for plain removal. And so it was done.
 Guenter Knauf (19 Feb 2008)
 - We do no longer support SSLv2 by default since it has known flaws.
  Kaspar Brand provided a patch for all supported SSL toolkits.
 Daniel Fandrich (19 Feb 2008)
 - Added test309 to test HTTP redirect to HTTPS URL
 Daniel S (18 Feb 2008)
 - We're no longer providing a very old ca-bundle in the curl tarball. You can
  get a fresh one downloaded and created with 'make ca-bundle' or you can get
  one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
  new one extracted from Mozilla's recent list of ca certs.
  The configure option --with-ca-bundle now lets you specify what file to use
  as default ca bundle for your build. If not specified, the configure script
  will check a few known standard places for a global ca cert to use.
 Daniel S (17 Feb 2008)
 - Jerome Muffat-Meridol helped me fix Curl_done() to close the current
  connection by force when it was called before the entire request is
  completed, simply because we can't know if the connection really can be
  re-used safely at that point.
 - Based on the same debugging logic, I've also made Curl_http_done() not
  return CURLE_GOT_NOTHING if called "prematurely". This should have no real
  effect to anything but the code makes more sense like this.
 Daniel S (15 Feb 2008)
 - Made the gnutls code path not even try to get the server cert if no peer
  verification is requested. Previously it would even return failure if gnutls
  failed to get the server cert even though no verification was asked for.
  Public server showing the problem: https://www.net222.caisse-epargne.fr
 - Fix my Curl_timeleft() leftover mistake in the gnutls code
 - Pooyan McSporran found and fixed a flaw where you first would do a normal
  http request and then you'd reuse the handle and replace the Accept: header,
  as then libcurl would send two Accept: headers!
 Daniel S (11 Feb 2008)
 - Yang Tse pointed out a few remaining quirks from my timeout refactoring from
  Feb 7 that didn't abort properly on timeouts. These are actually old
  problems but now they should be fixed.
 Yang Tse (10 Feb 2008)
 - Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) points out
  and provides test program that demonstrates that libcurl might not set error
  description message for error CURLE_COULDNT_RESOLVE_HOST for Windows threaded
  name resolver builds. Fixed now.
 Daniel Fandrich (8 Feb 2007)
 - Added key words to all SSL-using tests so they can be skipped if necessary.
  Removed a few unnecessary requires SSL statements.
 Daniel S (8 Feb 2008)
 - Mike Hommey filed and fixed bug report #1889856
  (http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl
  layer, cleaning-up and reinitializing curl ends up with https requests
  failing with "ASN1 parser: Element was not found" errors. Obviously a
  regression added in 7.16.3.
 Yang Tse (8 Feb 2008)
 - Improved test harness SCP/SFTP start up server verification, doing a real
  connection to the sftp server, authenticating and running a simple sftp
  pwd command using the test harness generated configuration and key files.
 Daniel S (8 Feb 2008)
 - G<>nter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle and
  creates a suitable ca-bundle.crt file in PEM format for use with curl. The
  recommended way to run it is to use 'make ca-bundle' in the build tree root.
 Daniel Fandrich (7 Feb 2007)
 - Added tests 1022 and 1023 to validate output of curl-config --version and
  --vernum
 Daniel S (7 Feb 2008)
 - Refactored a lot of timeout code into a few functions in an attempt to make
  them all use the same (hopefully correct) logic to make it less error-prone
  and easier to introduce library-wide where it should be used.
 Yang Tse (6 Feb 2008)
 - Fix an issue in strdup replacement function when dealing with absolutely
  huge strings. Only systems without a standard strdup would be affected.
 Daniel S (3 Feb 2008)
 - Dmitry Kurochkin cleaned up the pipelining code and removed the need for and
  use of the "is_in_pipeline" struct field.
 - I wrote up and added the threaded-ssl.c example source code that shows how
  to do multi-threaded downloads of HTTPS files with a libcurl that is built
  with OpenSSL. It uses pthreads for the threading.
 Daniel S (31 Jan 2008)
 - Niklas Angebrand made the cookie support in libcurl properly deal with the
  "HttpOnly" feature introduced by Microsoft and apparently also supported by
  Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
  is now supported when received from servers in HTTP headers, when written to
  cookie jars and when read from existing cookie jars.
  I modified test case 31 and 46 to also do some basic HttpOnly testing.
 - Dmitry Kurochkin moved several struct fields from the connectdata struct to
  the SingleRequest one to make pipelining better. It is a bit tricky to keep
  them in the right place, to keep things related to the actual request or to
  the actual connection in the right place.
 Daniel S (29 Jan 2008)
 - Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previously
  crash!
 - Michal Marek fixed minor mistake in test case 553 that prevented it from
  working on other IP-addresses or port numbers.
 Version 7.18.0 (28 January 2008)
 Daniel S (27 Jan 2008)
 - Dmitry Kurochkin: In "real world" testing I found more bugs in
  pipelining. Broken connection is not restored and we get into infinite
  loop. It happens because of wrong is_in_pipeline values.
 Daniel S (26 Jan 2008)
 - Kevin Reed filed bug report #1879375
  (http://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl
  got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any
  proxy authentication and the proxy replies with an auth (like NTLM) and then
  closes the connection after that initial informational response.
  libcurl would not properly re-initialize the connection to the proxy and
  continue the auth negotiation like supposed. It does now however, as it will
  now detect if one or more authentication methods were available and asked
  for, and will thus retry the connection and continue from there.
 - I made the progress callback get called properly during proxy CONNECT.
 Daniel S (23 Jan 2008)
 - Igor Franchuk pointed out that CURLOPT_COOKIELIST set to "ALL" leaked
  memory, and so did "SESS". Fixed now.
 Yang Tse (22 Jan 2008)
 - Check poll.h at configuration time, and use it when sys/poll.h unavailable
 Daniel S (22 Jan 2008)
 - Dmitry Kurochkin removed the cancelled state for pipelining, as we agreed
  that it is bad anyway. Starting now, removing a handle that is in used in a
  pipeline will break the pipeline - it'll be set back up again but still...
 Yang Tse (21 Jan 2008)
 - Disable ldap support for cygwin builds, since it breaks whole build process.
  Fixing it will affect other platforms, so it is postponed for another release.
 Daniel S (18 Jan 2008)
 - Lau Hang Kin found and fixed a problem with the multi interface when doing
  CONNECT over a proxy. curl_multi_fdset() didn't report back the socket
  properly during that state, due to a missing case in the switch in the
  multi_getsock() function.
 Yang Tse (17 Jan 2008)
 - Don't abort tests 518 and 537 when unable to raise the open-file soft limit.
 Daniel S (16 Jan 2008)
 - Nathan Coulter's patch that makes runtests.pl respect the PATH when figuring
  out what valgrind to run.
 Yang Tse (16 Jan 2008)
 - Improved handling of out of memory in the command line tool that afected
  data url encoded HTTP POSTs when reading it from a file.
 Daniel S (16 Jan 2008)
 - Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support that
  previously had a number of flaws, perhaps most notably when an application
  fired up N transfers at once as then they wouldn't pipeline at all that
  nicely as anyone would think... Test case 530 was also updated to take the
  improved functionality into account.
 - Calls to Curl_failf() are not supposed to provide a trailing newline as the
  function itself adds that. Fixed on 50 or something strings!
 Daniel S (15 Jan 2008)
 - I made the torture test on test 530 go through. This was actually due to
  silly code left from when we switched to let the multi handle "hold" the dns
  cache when using the multi interface... Of course this only triggered when a
  certain function call returned error at the correct moment.
 Daniel S (14 Jan 2008)
 - Joe Malicki filed bug report #1871269
  (http://curl.haxx.se/bug/view.cgi?id=1871269) and we could fix his hang-
  problem that occurred when doing a large HTTP POST request with the
  response-body read from a callback.
 Daniel S (12 Jan 2008)
 - I re-arranged the curl --help output. All the options are now sorted on
  their long option names and all descriptions are one-liners.
 - Eric Landes provided the patch (edited by me) that introduces the
  --keepalive-time to curl to set the keepalive probe interval. I also took
  the opportunity to rename the recently added no-keep-alive option to
  no-keepalive to keep a consistent naming and to avoid getting two dashes in
  these option names. Eric also provided an update to the man page for the new
  option.
 Daniel S (11 Jan 2008)
 - Daniel Egger made CURLOPT_RANGE work on file:// URLs the very same way it
  already worked for FTP:// URLs.
 - I made the curl tool switch from using CURLOPT_IOCTLFUNCTION to now use the
  spanking new CURLOPT_SEEKFUNCTION simply to take advantage of the improved
  performance for the upload resume cases where you want to upload the last
  few bytes of a very large file. To implement this decently, I had to switch
  the client code for uploading from fopen()/fread() to plain open()/read() so
  that we can use lseek() to do >32bit seeks (as fseek() doesn't allow that)
  on systems that offer support for that.
 Daniel S (10 Jan 2008)
 - Michal Marek made curl-config --libs not include /usr/lib64 in the output
  (it already before skipped /usr/lib).  /usr/lib64 is the default library
  directory on many 64bit systems and it's unlikely that anyone would use the
  path privately on systems where it's not.
 - Georg Lippitsch brought CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA to allow
  libcurl to seek in a given input stream. This is particularly important when
  doing upload resumes when there's already a huge part of the file present
  remotely. Before, and still if this callback isn't used, libcurl will read
  and through away the entire file up to the point to where the resuming
  begins (which of course can be a slow opereration depending on file size,
  I/O bandwidth and more). This new function will also be preferred to get
  used instead of the CURLOPT_IOCTLFUNCTION for seeking back in a stream when
  doing multi-stage HTTP auth with POST/PUT.
 - Nikitinskit Dmitriy filed bug report #1868255
  (http://curl.haxx.se/bug/view.cgi?id=1868255) with a patch. It identifies
  and fixes a problem with parsing WWW-Authenticate: headers with additional
  spaces in the line that the parser wasn't written to deal with.
 Daniel S (8 Jan 2008)
 - Introducing curl_easy_pause() and new magic return codes for both the read
  and the write callbacks that now can make a connection's reading and/or
  writing get paused.
 Daniel S (6 Jan 2008)
 - Jeff Johnson filed bug report #1863171
  (http://curl.haxx.se/bug/view.cgi?id=1863171) where he pointed out that
  libcurl's date parser didn't accept a +1300 time zone which actually is used
  fairly often (like New Zealand's Dailight Savings Time), so I modified the
  parser to now accept up to and including -1400 to +1400.
 Daniel S (5 Jan 2008)
 - Based on further discussion on curl-library, I reverted yesterday's SOCKS5
  code to instead introduce support for a new proxy type called
  CURLPROXY_SOCKS5_HOSTNAME that is used to send the host name to the proxy
  instead of IP address and there's thus no longer any need for a new
  curl_easy_setopt() option.
  The default SOCKS5 proxy is again back to sending the IP address to the
  proxy.  The new curl command line option for enabling sending host name to a
  SOCKS5 proxy is now --socks5-hostname.
 Daniel S (4 Jan 2008)
 - Based on Maxim Perenesenko's patch, we now do SOCKS5 operations and let the
  proxy do the host name resolving and only if --socks5ip (or
  CURLOPT_SOCKS5_RESOLVE_LOCAL) is used we resolve the host name locally and
  pass on the IP address only to the proxy.
 Yang Tse (3 Jan 2008)
 - Modified test harness to allow SCP, SFTP and SOCKS4 tests to run with
  OpenSSH 2.9.9, SunSSH 1.0 or later versions. SOCKS5 tests need OpenSSH
  3.7, SunSSH 1.0 or later.
 Daniel S (2 Jan 2008)
 - I fixed two cases of missing return code checks when handling chunked
  decoding where a write error (or abort return from a callback) didn't stop
  libcurl's processing.
 - I removed the socklen_t use from the public curl/curl.h header and instead
  made it an unsigned int. The type was only used in the curl_sockaddr struct
  definition (only used by the curl_opensocket_callback). On all platforms I
  could find information about, socklen_t is 32 unsigned bits large so I don't
  think this will break the API or ABI. The main reason for this change is of
  course for all the platforms that don't have a socklen_t definition in their
  headers to build fine again. Providing our own configure magic and custom
  definition of socklen_t on those systems proved to work but was a lot of
  cruft, code and extra magic needed - when this very small change of type
  seems harmless and still solves the missing socklen_t problem.
 - Richard Atterer brought a patch that added support for SOCKS4a proxies,
  which is an inofficial PROXY4 variant that sends the hostname to the proxy
  instead of the resolved address (which is already supported by SOCKS5).
  --socks4a is the curl command line option for it and CURLOPT_PROXYTYPE can
  now be set to CURLPROXY_SOCKS4A as well.
 Daniel S (1 Jan 2008)
 - Mohun Biswas pointed out that --libcurl generated a source code with an int
  function but without a return statement. While fixing that, I also took care
  about adding some better comments for the generated code.
 Daniel S (27 Dec 2007)
 - Dmitry Kurochkin mentioned a flaw
  (http://curl.haxx.se/mail/lib-2007-12/0252.html) in detect_proxy() which
  failed to set the bits.proxy variable properly when an environment variable
  told libcurl to use a http proxy.
 Daniel S (26 Dec 2007)
 - In an attempt to repeat the problem in bug report #1850730
  (http://curl.haxx.se/bug/view.cgi?id=1850730) I wrote up test case 552. The
  test is doing a 70K POST with a read callback and an ioctl callback over a
  proxy requiring Digest auth. The test case code is more or less identical to
  the test recipe code provided by Spacen Jasset (who submitted the bug
  report).
 Daniel S (25 Dec 2007)
 - Gary Maxwell filed bug report #1856628
  (http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the
  (small) memory leak in the SSL session ID caching code. It happened when a
  previous entry in the cache was re-used.
 Daniel Fandrich (19 Dec 2007)
 - Ensure that nroff doesn't put anything but ASCII characters into the
  --manual text.
 Yang Tse (18 Dec 2007)
 - MSVC 9.0 (VS2008) does not support Windows build targets prior to WinXP,
  and makes wrong asumptions of build target when it isn't specified. So,
  if no build target has been defined we will target WinXP when building
  curl/libcurl with MSVC 9.0 (VS2008).
 - (http://curl.haxx.se/mail/archive-2007-12/0039.html) reported and fixed
  a file truncation problem on Windows build targets triggered when retrying
  a download with curl.
 Daniel S (17 Dec 2007)
 - Mateusz Loskot pointed out that MSVC 9.0 (VS2008) has the pollfd struct and
  defines in winsock2.h somehow differently than previous versions and that
  curl 7.17.1 would fail to compile out of the box.
 Daniel S (13 Dec 2007)
 - David Wright filed bug report #1849764
  (http://curl.haxx.se/bug/view.cgi?id=1849764) with an included fix. He
  identified a problem for re-used connections that previously had sent
  Expect: 100-continue and in some situations the subsequent POST (that didn't
  use Expect:) still had the internal flag set for its use. David's fix (that
  makes the setting of the flag in every single request unconditionally) is
  fine and is now used!
 Daniel S (12 Dec 2007)
 - Gilles Blanc made the curl tool enable SO_KEEPALIVE for the connections and
  added the --no-keep-alive option that can disable that on demand.
 Daniel S (9 Dec 2007)
 - Andrew Moise filed bug report #1847501
  (http://curl.haxx.se/bug/view.cgi?id=1847501) and pointed out a memcpy()
  that should be memmove() in the convert_lineends() function.
 Daniel S (8 Dec 2007)
 - Renamed all internal static functions that had Curl_ prefixes to no longer
  have them. The Curl_ prefix is exclusively used for library internal global
  symbols. Static functions can be named anything, except for using Curl_ or
  curl_ prefixes. This is for consistency and for easier maintainance and
  overview.
 - Cleaned up and reformatted the TODO document to look like the FAQ and
  CONTRIBUTE, which makes nicer web pages
 - Added test cases 549 and 550 that test CURLOPT_PROXY_TRANSFER_MODE.
 - Added keywords on a bunch of test cases
 - Fixed an OOM problem in the curl code that would lead to fclose on a bad
  handle and crash
 Daniel S (5 Dec 2007)
 - Spacen Jasset reported a problem with doing POST (with data read with a
  callback) over a proxy when NTLM is used as auth with the proxy. The bug
  also concerned Digest and was limited to using callback only. Spacen worked
  with us to provide a useful patch. I added the test case 547 and 548 to
  verify two variations of POST over proxy with NTLM.
 Daniel S (3 Dec 2007)
 - Ray Pekowski filed bug report #1842029
  (http://curl.haxx.se/bug/view.cgi?id=1842029) in which he identified a
  problem with SSL session caching that prevent it from working, and provided
  the associated fix!
 - Now libcurl (built with OpenSSL) doesn't return error anymore if the remote
  SSL-based server doesn't present a certificate when the request is told to
  ignore certificate verification anyway.
 - Michal Marek introduced CURLOPT_PROXY_TRANSFER_MODE which is used to control
  the appending of the "type=" thing on FTP URLs when they are passed to a
  HTTP proxy. Some proxies just don't like that appending (which is done
  unconditionally in 7.17.1), and some proxies treat binary/ascii transfers
  better with the appending done!
 Daniel S (29 Nov 2007)
 - A bug report on the curl-library list showed a HTTP Digest session going on
  with a 700+ letter nonce. Previously libcurl only support 127 letter ones
  and now I bumped it to 1023.
 - Fixed the resumed FTP upload loop to not require that the read callback
  returns a full buffer on each invoke.
 Daniel S (25 Nov 2007)
 - Added test case 1015 that tests --data-urlencode in multiple ways
 - Fixed --data-urlencode for when no @ or = are used
 - Extended the user-agent buffer curl uses, since we can hit the 128 byte
  border with plenty development libraries used. Like my current set: "curl
  7.17.2-CVS (i686-pc-linux-gnu) libcurl/7.17.2-CVS OpenSSL/0.9.8g
  zlib/1.2.3.3 c-ares/1.5.2-CVS libidn/1.1 libssh2/0.19.0-CVS"
 Daniel S (24 Nov 2007)
 - Internal rearrangements, so that the previous struct HandleData is no more.
  It is now known as SingleRequest and the Curl_transfer_keeper struct within
  that was remove entirely. This has the upside that there are less duplicate
  struct members that made it hard to see and remember what struct that was
  used to store what data. The transfer_keeper thing was once stored on a
  per-connection basis and then it made sense to have the duplicate info but
  since it was moved to the SessionHandle (in 7.16.0) it just added weirdness.
  The SingleRequest struct is used by data that only is valid for this single
  request.
 Yang Tse (22 Nov 2007)
 - Provide a socklen_t definition in curl.h for Win32 API build targets
  which don't have one.
 Daniel S (22 Nov 2007)
 - Alessandro Vesely helped me improve the --data-urlencode's syntax, parser
  and documentation.
 Daniel S (21 Nov 2007)
 - While inspecting the Negotiate code, I noticed how the proxy auth was using
  the same state struct as the host auth, so both could never be used at the
  same time! I fixed it (without being able to check) to use two separate
  structs to allow authentication using Negotiate on host and proxy
  simultaneously.
 Daniel S (20 Nov 2007)
 - Emil Romanus pointed out a bug that made an easy handle get the cookie
  engine activated when set to use a share (even if the share doesn't share
  cookies). I fixed it.
 - Fixed a very long-lasting mprintf() bug that occurred when we did "%.*s%s",
  since the second %s would then wrongly used the numerical precision argument
  instead and crash.
 - Introduced --data-urlencode to the curl tool for easier url encoding of the
  data sent in a post.
 Daniel S (18 Nov 2007)
 - Rob Crittenden fixed SSL connections with NSS done with the multi-interface
 Daniel S (17 Nov 2007)
 - Michal Marek made the test suite remember what test servers that fail to
  start so that subsequent tries are simply skipped.
 - Andres Garcia made the examples build fine on Windows (mingw + msys) when
  the lib was built staticly.
 Daniel S (16 Nov 2007)
 - Ates Goral identified a problem in http.c:add_buffer_send() when a debug
  callback was used, as it could wrongly pass on a bad size for the outgoing
  HTTP header. The bad size would be a very large value as it was a wrapped
  size_t content. This happened when the whole HTTP request failed to get sent
  in one single send.  http://curl.haxx.se/mail/lib-2007-11/0165.html
 Daniel S (15 Nov 2007)
 - Fixed yet another remaining problem with doing SFTP directory listings on a
  re-used persistent connection. Mentioned by Immanuel Gregoire on the mailing
  list.
 - Michal Marek fixed the test suite to better deal with the case when the HTTP
  ipv6 server can't run.
 Yang Tse (14 Nov 2007)
 - Fix a variable potential wrapping in add_buffer() when using absolutely
  huge send buffer sizes.
 Daniel S (13 Nov 2007)
 - Fixed a remaining problem with doing SFTP directory listings on a re-used
  persistent connection. Mentioned by Immanuel Gregoire on the mailing list.
 Daniel S (12 Nov 2007)
 - Bug report #1830637 (http://curl.haxx.se/bug/view.cgi?id=1830637), which was
  forwarded from the Gentoo bug tracker by Daniel Black and was originally
  submitted by Robin Johnson, pointed out that libcurl would do bad memory
  references when it failed and bailed out before the handler thing was
  setup. My fix is not done like the provided patch does it, but instead I
  make sure that there's never any chance for a NULL pointer in that struct
  member.
 Yang Tse (10 Nov 2007)
 - Vikram Saxena (http://curl.haxx.se/mail/lib-2007-11/0096.html) pointed out
  that the pollfd struct was being multi defined when using VS2008. This is
  now fixed in /curl/lib/select.h
 Daniel S (8 Nov 2007)
 - Bug report #1823487 (http://curl.haxx.se/bug/view.cgi?id=1823487) pointed
  out that SFTP requests didn't use persistent connections. Neither did SCP
  ones.  I gave the SSH code a good beating and now both SCP and SFTP should
  use persistent connections fine. I also did a bunch of indent changes as
  well as a bug fix for the "keyboard interactive" auth.
 Dan F (6 Nov 2007)
 - Improved telnet support by drastically reducing the number of write
  callbacks needed to pass a buffer to the user.  Instead one per byte it
  is now as little as one per segment.
 Yang Tse (6 Nov 2007)
 - Bug report #1824894 (http://curl.haxx.se/bug/view.cgi?id=1824894) pointed
  out a problem in curl.h when building C++ apps with MSVC. To fix it, the
  inclusion of header files in curl.h is moved outside of the C++ extern "C"
  linkage block.
 Daniel S (1 Nov 2007)
 - Toby Peterson patched a memory problem in the command line tool that
  happened when a user had a home dir as an empty string. curl would then do
  free() on a wrong area.
 Dan F (1 Nov 2007)
 - Fixed curl-config --features to not display libz when it wasn't used
  due to a missing header file.
 Dan F (31 October 2007)
 - Fixed the output of curl-config --protocols which showed SCP and SFTP
  always, except when --without-libssh2 was given
 - Added test cases 1013 and 1014 to check that curl-config --protocols and
  curl-config --features matches the output of curl --version
 Dan F (30 October 2007)
 - Fixed an OOM problem with file: URLs
 - Moved Curl_file_connect into the protocol handler struct
 Dan F (29 October 2007)
 - Added test case 546 to check that subsequent FTP transfers work after a
  failed one using the multi interface
 Daniel S (29 October 2007)
 - Based on one of those bug reports that are intercepted by a distro's bug
  tracker (https://bugzilla.redhat.com/show_bug.cgi?id=316191), I now made
  curl-config --features and --protocols show the correct output when built
  with NSS.
 Version 7.17.1 (29 October 2007)
 Dan F (25 October 2007)
--- a/CHANGES.0
+++ b/CHANGES.0
@@ -10864,7 +10864,7 @@ Version 6.2
   the configure script to leave SSL alone. The previous functionality has
   been retained. Troy Engel helped test this new one.
-Version 6.1
+Version 6.1 (October 17 1999)
 Daniel (17 October 1999):
 - I ifdef'ed or commented all the zlib stuff in the sources and configure
@@ -10939,7 +10939,7 @@ Version 6.1beta
 - Made the -F option allow stdin when specifying files. By using '-' instead
   of file name, the data will be read from stdin.
-Version 6.0
+Version 6.0 (September 14 1999)
 Daniel (13 September 1999)
 - Added -X/--http-request <request> to enable any HTTP command to be sent.
@@ -11201,7 +11201,7 @@ Version 5.9.1
   with form posting where the variable shouldn't have any content, as in curl
   -F "form=" www.site.com. It was now fixed.
-Version 5.9
+Version 5.9 (May 22 1999)
 Daniel (22 May 1999)
 - I've got a bug report from Aaron Scarisbrick in which he states he has some
@@ -11939,7 +11939,7 @@ Version 4.8.1
   had nothing but header. Appearantly Solaris deals with negative sizes in
   fwrite() calls a lot better than Linux does... =B-]
-Version 4.8
+Version 4.8 (Aug 31, 1998)
 Daniel Stenberg
 - Continue FTP file transfer. -c is the switch. Note that you need to
   specify a file name if you wanna resume a download (you can't resume a
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE
-Copyright (c) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>.
+Copyright (c) 1996 - 2008, Daniel Stenberg, <daniel@haxx.se>.
 All rights reserved.
--- a/9
+++ b/9
@@ -12,8 +12,8 @@ inner sanctum.
 Compile and build instructions follow below.
-  CHANGES.0     contains ancient changes.
+  CHANGES.0     contains ancient changes
-  CHANGES.$year contains changes for the particular year.
+  CHANGES       contains the most recent changes
  Makefile.dist is included as the root Makefile in distribution archives
@@ -49,9 +49,8 @@ installed:
   If you don't have nroff and perl and you for some reason don't want to
   install them, you can rename the source file src/hugehelp.c.cvs to
-   src/hugehelp.c and avoid having to generate this file. This will of course
+   src/hugehelp.c and avoid having to generate this file. This will give you
-   give you an older version of the file that isn't up-to-date. That file was
+   a stubbed version of the file that doesn't contain actual content.
   checked in once and won't be updated very regularly.
 MAC OS X
--- a/Makefile.am
+++ b/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -131,3 +131,7 @@ install-data-hook:
 uninstall-hook:
 	cd include && $(MAKE) uninstall
 	cd docs && $(MAKE) uninstall
 ca-bundle: lib/mk-ca-bundle.pl
 	@echo "generate a fresh ca-bundle.crt"
 	@perl $< -b -l -u lib/ca-bundle.crt
--- a/Makefile.dist
+++ b/Makefile.dist
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -128,6 +128,12 @@ vc:
 	cd ..\src
 	nmake /f Makefile.$(VC)
 vc-x64:
 	cd lib
 	MACHINE=x64 nmake /f Makefile.$(VC) cfg=release
 	cd ..\src
 	MACHINE=x64 nmake /f Makefile.$(VC)
 vc-zlib:
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib
@@ -251,6 +257,12 @@ linux: all
 linux-ssl: ssl
 vc8:
-	echo "generate VC8 makefiles"
+	@echo "generate VC8 makefiles"
-	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" lib/Makefile.vc6 > lib/Makefile.vc8
+	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" lib/Makefile.vc6 > lib/Makefile.vc8
-	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" src/Makefile.vc6 > src/Makefile.vc8
+	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" src/Makefile.vc6 > src/Makefile.vc8
 ca-bundle: lib/mk-ca-bundle.pl
 	@echo "generate a fresh ca-bundle.crt"
 	@perl $< -b -l -u lib/ca-bundle.crt
--- a/103
+++ b/103
@@ -1,53 +1,59 @@
-Curl and libcurl 7.17.1
+Curl and libcurl 7.18.1
- Public curl release number:               102
+ Public curl releases:         104
- Releases counted from the very beginning: 128
+ Command line options:         126
- Available command line options:           121
+ curl_easy_setopt() options:   150
- Available curl_easy_setopt() options:     147
+ Public functions in libcurl:  56
- Number of public functions in libcurl:    55
+ Public web site mirrors:      39
- Amount of public web site mirrors:        43
+ Known libcurl bindings:       36
- Number of known libcurl bindings:         36
+ Contributors:                 621
 Number of contributors:                   588
 This release includes the following changes:
- o automatically append ";type=<a|i>" when using HTTP proxies for FTP urls
+ o added support for HttpOnly cookies
- o improved NSS support
+ o 'make ca-bundle' downloads and generates an updated ca bundle file
- o added --proxy-negotiate
+ o we no longer distribute or install a ca cert bundle
- o added --post301 and CURLOPT_POST301
+ o SSLv2 is now disabled by default for SSL operations
- o builds with c-ares 1.5.0
+ o the test509-style setting URL in callback is officially no longer supported
- o added CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5
+ o support a full chain of certificates in a given PKCS12 certificate
- o renamed CURLE_SSL_PEER_CERTIFICATE to CURLE_PEER_FAILED_VERIFICATION
+ o resumed transfers work with SFTP
- o added CURLOPT_OPENSOCKETFUNCTION and CURLOPT_OPENSOCKETDATA
+ o added type checking macros for curl_easy_setopt() and curl_easy_getinfo(),
- o CULROPT_COOKIELIST supports "FLUSH"
+   watch out for new warnings in code using libcurl (needs gcc-4.3 and
- o added CURLOPT_COPYPOSTFIELDS
+   currently only works in C mode)
- o added --static-libs to curl-config
+ o curl_easy_setopt(), curl_easy_getinfo(), curl_share_setopt() and
   curl_multi_setopt() uses are now checked to use exactly three arguments
 o --with-ca-path=DIR configure option allows to set an openSSL CApath instead
   of a default ca bundle.
 This release includes the following bugfixes:
- o curl-config --protocols now properly reports LDAPS, SCP and SFTP
+ o improved pipelining
- o ldapv3 support on Windows
+ o improved strdup replacement
- o ldap builds with the MSVC makefiles
+ o GnuTLS-built libcurl failed when doing global cleanup and reinit
- o no HOME and no key given caused SSH auth failure
+ o error message problem when unable to resolve a host on Windows
- o Negotiate authentication over proxy
+ o Accept: header replacing
- o --ftp-method nocwd on directory listings
+ o not verifying server certs with GnuTLS still failed if gnutls had
- o FTP, CURLOPT_NOBODY enabled and CURLOPT_HEADER disabled now does TYPE
+   problems with the cert
-   before SIZE
+ o when using the multi interface and a handle is removed while still having
- o re-used handle transfers with SFTP
+   a transfer going on, the connection is now closed by force
- o curl_easy_escape() problem with byte values >= 128
+ o bad re-use of SSL connections in non-complete state
- o handles chunked-encoded CONNECT responses
+ o test case 405 failures with GnuTLS builds
- o misuse of ares_timeout() result
+ o crash when connection cache size is 1 and Curl_do() failed
- o --local-port on TFTP transfers
+ o GnuTLS-built libcurl can now be forced to prefer SSLv3
- o CURLOPT_POSTFIELDS could fail to send binary data
+ o crash when doing Negotiate again on a re-used connection
- o specifying a proxy with a trailing slash didn't work (unless it also
+ o select/poll regression
-   contained a port number)
+ o better MIT kerberos configure check
- o redirect from HTTP to FTP or TFTP memory problems and leaks
+ o curl_easy_reset() + SFTP re-used connection download crash
- o re-used connections a bit too much when using non-SSL protocols tunneled
+ o SFTP non-existing file + SFTP existing file error
-   over a HTTP proxy
+ o sharing DNS cache between easy handles running in multiple threads could
- o embed the manifest in VC8 builds
+   lead to crash
- o use valgrind in the tests even when the lib is built shared with libtool
+ o SFTP upload with CURLOPT_FTP_CREATE_MISSING_DIRS on re-used connection
- o libcurl built with NSS can now ignore the peer verification even when the
+ o SFTP infinite loop when given an invalid quote command
-   ca cert bundle is absent
+ o curl-config erroneously reported LDAPS support with missing LDAP libraries
 o SCP infinite loop when downloading a zero byte file
 o setting the CURLOPT_SSL_CTX_FUNCTION with libcurl built without OpenSSL
   now makes curl_easy_setopt() properly return failure
 o configure --with-libssh2 (with no given path)
 This release includes the following known bugs:
@@ -59,14 +65,15 @@ Other curl-related news:
 New curl mirrors:
- o http://curl.wetzlmayr.at/ is a new web mirror in Nuremberg, Germany
+ o http://curl.cuendet.com/ is a new mirror in Atlanta, USA
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
- Dan Fandrich, Michal Marek, G<>nter Knauf, Rob Crittenden, Immanuel Gregoire,
+ Michal Marek, Dmitry Kurochkin, Niklas Angebrand, G<>nter Knauf, Yang Tse,
- Mark Davies, Max Katsev, Philip Langdale, Alex Fishman, Johnny Luong,
+ Dan Fandrich, Mike Hommey, Pooyan McSporran, Jerome Muffat-Meridol,
- Alexey Pesternikov, Yang Tse, Kim Rinnewitz, Michael Wallner,
+ Kaspar Brand, Gautam Kachroo, Zmey Petroff, Georg Lippitsch, Sam Listopad,
- Patrick Monnerat, Vladimir Lazarenko
+ Anatoli Tubman, Mike Protts, Michael Calmer, Brian Ulm, Dmitry Popov,
 Jes Badwal, Dan Petitt, Stephen Collyer
        Thanks! (and sorry if I forgot to mention someone)
--- a/17
+++ b/17
@@ -1,4 +1,17 @@
-To be addressed before 7.17.1 (planned release: late October 2007)
+To be addressed before 7.18.2 (planned release: June 2008)
 =============================
-106 - 
+128 - Phil Blundell's ares and ipv6 fix (feedback lacking)
 129 - Pierre Reiss' libcurl + https + multi = lost information (awaiting
     better example/clarification on how to figure out when the claimed
     problem occurs)
 130 - Vincent Le Normand's SFTP patch for touch
 131 - Scott Barrett's Support for CURLOPT_NOBODY with SFTP
 132 - Xponaut's CURLFORM_STREAM option to curl_formadd()
 133 - 
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -2491,3 +2491,106 @@ AC_DEFUN([CURL_CHECK_NATIVE_WINDOWS], [
  esac
 ])
 dnl CURL_CHECK_CA_BUNDLE
 dnl -------------------------------------------------
 dnl Check if a default ca-bundle should be used
 dnl
 dnl regarding the paths this will scan:
 dnl /etc/ssl/certs/ca-certificates.crt Debian systems
 dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva
 dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat
 dnl /etc/ssl/certs/ (ca path) SUSE
 AC_DEFUN([CURL_CHECK_CA_BUNDLE], [
  AC_MSG_CHECKING([default CA cert bundle/path])
  AC_ARG_WITH(ca-bundle,
 AC_HELP_STRING([--with-ca-bundle=FILE], [File name to use as CA bundle])
 AC_HELP_STRING([--without-ca-bundle], [Don't use a default CA bundle]),
  [
    want_ca="$withval"
    if test "x$want_ca" = "xyes"; then
      AC_MSG_ERROR([--with-ca-bundle=FILE requires a path to the CA bundle])
    fi
  ],
  [ want_ca="unset" ])
  AC_ARG_WITH(ca-path,
 AC_HELP_STRING([--with-ca-path=DIRECTORY], [Directory to use as CA path])
 AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
  [
    want_capath="$withval"
    if test "x$want_capath" = "xyes"; then
      AC_MSG_ERROR([--with-ca-path=DIRECTORY requires a path to the CA path directory])
    fi
  ],
  [ want_capath="unset"])
  if test "x$want_ca" != "xno" -a "x$want_ca" != "xunset" -a \
          "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
    dnl both given
    AC_MSG_ERROR([Can't specify both --with-ca-bundle and --with-ca-path.])
  elif test "x$want_ca" != "xno" -a "x$want_ca" != "xunset"; then
    dnl --with-ca-bundle given
    ca="$want_ca"
    capath="no"
  elif test "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
    dnl --with-ca-path given
    if test "x$OPENSSL_ENABLED" != "x1"; then
      AC_MSG_ERROR([--with-ca-path only works with openSSL])
    fi
    capath="$want_capath"
    ca="no"
  else
    dnl neither of --with-ca-* given
    dnl first try autodetecting a CA bundle , then a CA path
    dnl both autodetections can be skipped by --without-ca-*
    ca="no"
    capath="no"
    if test "x$want_ca" = "xunset"; then
      dnl the path we previously would have installed the curl ca bundle
      dnl to, and thus we now check for an already existing cert in that place
      dnl in case we find no other
      if test "x$prefix" != xNONE; then
        cac="${prefix}/share/curl/curl-ca-bundle.crt"
      else
        cac="$ac_default_prefix/share/curl/curl-ca-bundle.crt"
      fi
      for a in /etc/ssl/certs/ca-certificates.crt \
               /etc/pki/tls/certs/ca-bundle.crt \
               /usr/share/ssl/certs/ca-bundle.crt \
               "$cac"; do
        if test -f "$a"; then
          ca="$a"
          break
        fi
      done
    fi
    if test "x$want_capath" = "xunset" -a "x$ca" = "xno" -a \
            "x$OPENSSL_ENABLED" = "x1"; then
      for a in /etc/ssl/certs/; do
        if test -d "$a" && ls "$a"/[[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]].0 >/dev/null 2>/dev/null; then
          capath="$a"
          break
        fi
      done
    fi
  fi
  if test "x$ca" != "xno"; then
    CURL_CA_BUNDLE='"'$ca'"'
    AC_SUBST(CURL_CA_BUNDLE)
    AC_MSG_RESULT([$ca])
  elif test "x$capath" != "xno"; then
    CURL_CA_PATH="\"$capath\""
    AC_SUBST(CURL_CA_PATH)
    AC_MSG_RESULT([$capath (capath)])
  else
    AC_MSG_RESULT([no])
  fi
 ])
--- a/ares/CHANGES
+++ b/ares/CHANGES
@@ -1,5 +1,28 @@
  Changelog for the c-ares project
 * December 11 2007 (Gisle Vanem)
 - Added another sample application; acountry.c which converts an
  IPv4-address(es) and/or host-name(s) to country-name and country-code.
  This uses the service of the DNSBL at countries.nerd.dk.
 * December 3 2007 (Daniel Stenberg)
 - Brad Spencer fixed the configure script to assume that there's no
  /dev/urandom when built cross-compiled as then the script cannot check for
  it.
 - Erik Kline cleaned up ares_gethostbyaddr.c:next_lookup() somewhat
 Version 1.5.1 (Nov 21, 2007)
 * November 21 2007 (Daniel Stenberg)
 - Robin Cornelius pointed out that ares_llist.h was missing in the release
  archive for 1.5.0
 Version 1.5.0 (Nov 21, 2007)
 * October 2 2007 (Daniel Stenberg)
 - ares_strerror() segfaulted if the input error number was out of the currently
--- a/ares/Makefile.am
+++ b/ares/Makefile.am
@@ -8,11 +8,22 @@ MSVCFILES = vc/adig/adig.dep vc/adig/adig.dsp vc/vc.dsw vc/ahost/ahost.dep \
 vc/ahost/ahost.dsp vc/areslib/areslib.dep vc/areslib/areslib.dsp	   \
 vc/areslib/areslib.dsw
 if DEBUGBUILD
 PROGS =
 else
 PROGS = ahost adig acountry
 endif
 noinst_PROGRAMS =$(PROGS)
 # adig and ahost are just sample programs and thus not mentioned with the
 # regular sources and headers
-EXTRA_DIST = CHANGES README.cares Makefile.inc adig.c ahost.c $(man_MANS) \
+EXTRA_DIST = AUTHORS CHANGES README.cares Makefile.inc Makefile.dj \
- $(MSVCFILES) AUTHORS config-win32.h RELEASE-NOTES libcares.pc.in
+ Makefile.m32 Makefile.netware Makefile.vc6 adig.c ahost.c $(man_MANS) \
 $(MSVCFILES) config-win32.h RELEASE-NOTES libcares.pc.in
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libcares.pc
 VER=-version-info 2:0:0
 # This flag accepts an argument of the form current[:revision[:age]]. So,
@@ -61,6 +72,15 @@ libcares_ladir = $(includedir)
 # what headers to install on 'make install':
 libcares_la_HEADERS = ares.h ares_version.h ares_dns.h
 ahost_SOURCES = ahost.c ares_getopt.c
 ahost_LDADD = $(top_builddir)/$(lib_LTLIBRARIES)
 adig_SOURCES = adig.c ares_getopt.c
 adig_LDADD = $(top_builddir)/$(lib_LTLIBRARIES)
 acountry_SOURCES = acountry.c ares_getopt.c
 acountry_LDADD = $(top_builddir)/$(lib_LTLIBRARIES)
 # Make files named *.dist replace the file without .dist extension
 dist-hook:
 	find $(distdir) -name "*.dist" -exec rm {} \;
--- a/ares/Makefile.dj
+++ b/ares/Makefile.dj
@@ -22,7 +22,7 @@ CFLAGS += -DWATT32 -DHAVE_AF_INET6 -DHAVE_PF_INET6 -DHAVE_FIONBIO \
          -DRECV_TYPE_ARG1='int'   -DRECV_TYPE_ARG2='void*' \
          -DRECV_TYPE_ARG3='int'   -DRECV_TYPE_ARG4='int' \
          -DRECV_TYPE_RETV='int'   -DHAVE_STRUCT_TIMEVAL \
-          -Dselect=select_s        -UHAVE_CONFIG_H
+          -Dselect=select_s        -Dsocklen_t=int -UHAVE_CONFIG_H
 LDFLAGS = -s
@@ -49,7 +49,7 @@ EX_LIBS += $(WATT32_ROOT)/lib/libwatt.a
 OBJECTS = $(addprefix $(OBJ_DIR)/, $(CSOURCES:.c=.o))
-all: $(OBJ_DIR) libcares.a ahost.exe adig.exe
+all: $(OBJ_DIR) libcares.a ahost.exe adig.exe acountry.exe
 	@echo Welcome to c-ares.
 libcares.a: $(OBJECTS)
@@ -61,11 +61,14 @@ ahost.exe: ahost.c $(OBJ_DIR)/ares_getopt.o $(OBJ_HACK)
 adig.exe: adig.c $(OBJ_DIR)/ares_getopt.o $(OBJ_HACK)
 	$(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^ $(EX_LIBS)
 acountry.exe: acountry.c $(OBJ_DIR)/ares_getopt.o $(OBJ_HACK)
 	$(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^ $(EX_LIBS)
 clean:
 	rm -f $(OBJECTS) libcares.a
 vclean realclean: clean
-	rm -f ahost.exe adig.exe depend.dj
+	rm -f ahost.exe adig.exe acountry.exe depend.dj
 	- rmdir $(OBJ_DIR)
 -include depend.dj
--- a/ares/Makefile.inc
+++ b/ares/Makefile.inc
@@ -10,7 +10,7 @@ ares_parse_ns_reply.c ares_llist.c
 HHEADERS = ares.h ares_private.h setup.h ares_dns.h ares_version.h          \
           nameser.h inet_net_pton.h inet_ntop.h ares_ipv6.h bitncmp.h      \
-           setup_once.h 
+           setup_once.h ares_llist.h
 MANPAGES= ares_destroy.3 ares_expand_name.3 ares_expand_string.3 ares_fds.3 \
 ares_free_hostent.3 ares_free_string.3 ares_gethostbyaddr.3		    \
--- a/ares/Makefile.m32
+++ b/ares/Makefile.m32
@@ -32,7 +32,7 @@ $(LIB): $(OBJLIB)
 all: $(LIB) demos
-demos: adig.exe ahost.exe
+demos: adig.exe ahost.exe acountry.exe
 tags:
 	etags *.[ch]
@@ -61,7 +61,7 @@ install:
 	done)
 clean:
-	$(RM) ares_getopt.o $(OBJLIB) $(LIB) adig.exe ahost.exe
+	$(RM) ares_getopt.o $(OBJLIB) $(LIB) adig.exe ahost.exe acountry.exe
 distclean: clean
 	$(RM) config.cache config.log config.status Makefile
--- a/ares/Makefile.netware
+++ b/ares/Makefile.netware
@@ -14,14 +14,14 @@ NDKBASE	= c:/novell
 endif
 ifndef INSTDIR
-INSTDIR	= ../curl-$(LIBCURL_VERSION_STR)-bin-nw
+INSTDIR	= ../ares-$(LIBCARES_VERSION_STR)-bin-nw
 endif
 # Edit the vars below to change NLM target settings.
-TARGETS = adig.nlm ahost.nlm
+TARGETS = adig.nlm ahost.nlm acountry.nlm
 LTARGET = libcares.$(LIBEXT)
 VERSION	= $(LIBCARES_VERSION)
-COPYR	= Copyright (C) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>
+COPYR	= Copyright (C) 1996 - 2008, Daniel Stenberg, <daniel@haxx.se>
 DESCR	= cURL $(subst .def,,$(notdir $@)) $(LIBCARES_VERSION_STR) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
@@ -63,14 +63,15 @@ else
 	CC = gcc
 endif
 # a native win32 awk can be downloaded from here:
-# http://www.gknw.net/development/prgtools/awk-20050424.zip
+# http://www.gknw.net/development/prgtools/awk-20070501.zip
 AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
 MKDIR	= mkdir
 # RM	= rm -f
 # if you want to mark the target as MTSAFE you will need a tool for
 # generating the xdc data for the linker; here's a minimal tool:
-# http://www.gknw.com/development/prgtools/mkxdc.zip
+# http://www.gknw.net/development/prgtools/mkxdc.zip
 MPKXDC	= mkxdc
 # Global flags for all compilers
@@ -161,10 +162,6 @@ nlm: prebuild $(TARGETS)
 prebuild: $(OBJDIR) $(OBJDIR)/version.inc config.h arpa/nameser.h
 dist: all
 	-$(RM) $(OBJLIB) $(OBJDIR)/*.map $(OBJDIR)/*.ncv
 	-$(RM) $(OBJDIR)/*.def $(OBJDIR)/*.xdc $(OBJDIR)/version.inc
 install: $(INSTDIR) all
 	@$(CP) *.nlm $(INSTDIR)
 	@$(CP) ../CHANGES $(INSTDIR)
@@ -190,11 +187,8 @@ endif
 	@-$(RM) $@
 	@$(LD) $(LDFLAGS) $<
-$(INSTDIR):
+$(OBJDIR) $(INSTDIR):
-	@mkdir $(INSTDIR)
+	@$(MKDIR) $@
 $(OBJDIR):
 	@mkdir $(OBJDIR)
 $(OBJDIR)/%.o: %.c
 #	@echo Compiling $<
@@ -202,7 +196,7 @@ $(OBJDIR)/%.o: %.c
 $(OBJDIR)/version.inc: ares_version.h $(OBJDIR)
 	@echo Creating $@
-	@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
+	@$(AWK) -f get_ver.awk $< > $@
 $(OBJDIR)/%.xdc: Makefile.netware
 	@echo Creating $@
@@ -269,8 +263,9 @@ ifdef IMPORTS
 	@echo $(DL)import $(IMPORTS)$(DL) >> $@
 endif
 ifeq ($(LD),nlmconv)
 	@echo $(DL)input $(OBJEXE)$(DL) >> $@
 	@echo $(DL)input $(PRELUDE)$(DL) >> $@
 	@echo $(DL)input $(OBJEXE)$(DL) >> $@
 	@echo $(DL)input $(@:.def=.o)$(DL) >> $@
 	@echo $(DL)output $(notdir $(@:.def=.nlm))$(DL) >> $@
 endif
@@ -300,7 +295,6 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
 	@echo $(DL)#define socklen_t int$(DL) >> $@
 	@echo $(DL)#define strncasecmp strnicmp$(DL) >> $@
 	@echo $(DL)#define strcasecmp stricmp$(DL) >> $@
@@ -338,7 +332,6 @@ else
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
 	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
 endif
 	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_ARPA_NAMESER_H 1$(DL) >> $@
--- a/ares/Makefile.vc6
+++ b/ares/Makefile.vc6
@@ -76,7 +76,7 @@ OBJECTS = $(OBJ_DIR)\ares_fds.obj              \
          $(OBJ_DIR)\inet_net_pton.obj         \
          $(OBJ_DIR)\inet_ntop.obj
-all: $(OBJ_DIR) cares.lib cares.dll cares_imp.lib ahost.exe adig.exe
+all: $(OBJ_DIR) cares.lib cares.dll cares_imp.lib ahost.exe adig.exe acountry.exe
       @echo Welcome to c-ares library and examples
 $(OBJ_DIR):
@@ -131,6 +131,9 @@ ahost.exe: $(OBJ_DIR) $(OBJ_DIR)\ahost.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.
 adig.exe: $(OBJ_DIR) $(OBJ_DIR)\adig.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib
       link $(LDFLAGS) -out:$@ $(OBJ_DIR)\adig.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib $(EX_LIBS)
 acountry.exe: $(OBJ_DIR) $(OBJ_DIR)\acountry.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib
       link $(LDFLAGS) -out:$@ $(OBJ_DIR)\acountry.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib $(EX_LIBS)
 clean:
       - del $(OBJ_DIR)\*.obj *.ilk *.pdb *.pbt *.pbi *.pbo *._xe *.map
--- a/ares/RELEASE-NOTES
+++ b/ares/RELEASE-NOTES
@@ -1,4 +1,4 @@
-This is what's new and changed in the c-ares 1.4.1 release:
+This is what's new and changed in the c-ares 1.5.2 release:
 o 
--- a/ares/acountry.c
+++ b/ares/acountry.c
@@ -0,0 +1,589 @@
 /*
 * $Id$
 *
 * IP-address/hostname to country converter.
 *
 * Problem; you want to know where IP a.b.c.d is located.
 *
 * Use ares_gethostbyname ("d.c.b.a.zz.countries.nerd.dk")
 * and get the CNAME (host->h_name). Result will be:
 *   CNAME = zz<CC>.countries.nerd.dk with address 127.0.x.y (ver 1) or
 *   CNAME = <a.b.c.d>.zz.countries.nerd.dk with address 127.0.x.y (ver 2)
 *
 * The 2 letter country code in <CC> and the ISO-3166 country
 * number in x.y (number = x*256 + y). Version 2 of the protocol is missing
 * the <CC> number.
 *
 * Ref: http://countries.nerd.dk/more.html
 *
 * Written by G. Vanem <gvanem@broadpark.no> 2006, 2007
 *
 * NB! This program may not be big-endian aware.
 *
 * Permission to use, copy, modify, and distribute this
 * software and its documentation for any purpose and without
 * fee is hereby granted, provided that the above copyright
 * notice appear in all copies and that both that copyright
 * notice and this permission notice appear in supporting
 * documentation, and that the name of M.I.T. not be used in
 * advertising or publicity pertaining to distribution of the
 * software without specific, written prior permission.
 * M.I.T. makes no representations about the suitability of
 * this software for any purpose.  It is provided "as is"
 * without express or implied warranty.
 */
 #include "setup.h"
 #include <stdio.h>
 #include <stdlib.h>
 #include <stdarg.h>
 #include <string.h>
 #include <ctype.h>
 #ifdef HAVE_UNISTD_H
 #include <unistd.h>
 #endif
 #if defined(WIN32)
  #include <winsock.h>
 #else
  #include <arpa/inet.h>
  #include <netinet/in.h>
  #include <netdb.h>
 #endif
 #include "ares.h"
 #include "ares_getopt.h"
 #include "inet_net_pton.h"
 #include "inet_ntop.h"
 static const char *usage      = "acountry [-vh?] {host|addr} ...\n";
 static const char  nerd_fmt[] = "%u.%u.%u.%u.zz.countries.nerd.dk";
 static const char *nerd_ver1  = nerd_fmt + 14;
 static const char *nerd_ver2  = nerd_fmt + 11;
 static int         verbose    = 0;
 #define TRACE(fmt) do {               \
                     if (verbose > 0) \
                       printf fmt ;   \
                   } while (0)
 static void wait_ares(ares_channel channel);
 static void callback(void *arg, int status, int timeouts, struct hostent *host);
 static void callback2(void *arg, int status, int timeouts, struct hostent *host);
 static void find_country_from_cname(const char *cname, struct in_addr addr);
 static void Abort(const char *fmt, ...)
 {
  va_list args;
  va_start(args, fmt);
  vfprintf(stderr, fmt, args);
  va_end(args);
  exit(1);
 }
 int main(int argc, char **argv)
 {
  ares_channel channel;
  int    ch, status;
 #ifdef WIN32
  WORD wVersionRequested = MAKEWORD(USE_WINSOCK,USE_WINSOCK);
  WSADATA wsaData;
  WSAStartup(wVersionRequested, &wsaData);
 #endif
  while ((ch = ares_getopt(argc, argv, "dvh?")) != -1)
    switch (ch)
      {
      case 'd':
 #ifdef WATT32
        dbug_init();
 #endif
        break;
      case 'v':
        verbose++;
        break;
      case 'h':
      case '?':
      default:
        Abort(usage);
      }
  argc -= optind;
  argv += optind;
  if (argc < 1)
     Abort(usage);
  status = ares_init(&channel);
  if (status != ARES_SUCCESS)
    {
      fprintf(stderr, "ares_init: %s\n", ares_strerror(status));
      return 1;
    }
  /* Initiate the queries, one per command-line argument. */
  for ( ; *argv; argv++)
    {
      struct in_addr addr;
      char buf[100];
      /* If this fails, assume '*argv' is a host-name that
       * must be resolved first
       */
      if (ares_inet_pton(AF_INET, *argv, &addr) != 1)
        {
          ares_gethostbyname(channel, *argv, AF_INET, callback2, &addr);
          wait_ares(channel);
          if (addr.s_addr == INADDR_NONE)
            {
              printf("Failed to lookup %s\n", *argv);
              continue;
            }
        }
      sprintf(buf, nerd_fmt,
              (unsigned int)(addr.s_addr >> 24),
              (unsigned int)((addr.s_addr >> 16) & 255),
              (unsigned int)((addr.s_addr >> 8) & 255),
              (unsigned int)(addr.s_addr & 255));
      TRACE(("Looking up %s...", buf));
      fflush(stdout);
      ares_gethostbyname(channel, buf, AF_INET, callback, buf);
    }
  wait_ares(channel);
  ares_destroy(channel);
 #ifdef WIN32
  WSACleanup();
 #endif
  return 0;
 }
 /*
 * Wait for the queries to complete.
 */
 static void wait_ares(ares_channel channel)
 {
  while (1)
    {
      struct timeval *tvp, tv;
      fd_set read_fds, write_fds;
      int nfds;
      FD_ZERO(&read_fds);
      FD_ZERO(&write_fds);
      nfds = ares_fds(channel, &read_fds, &write_fds);
      if (nfds == 0)
        break;
      tvp = ares_timeout(channel, NULL, &tv);
      select(nfds, &read_fds, &write_fds, NULL, tvp);
      ares_process(channel, &read_fds, &write_fds);
    }
 }
 /*
 * This is the callback used when we have the IP-address of interest.
 * Extract the CNAME and figure out the country-code from it.
 */
 static void callback(void *arg, int status, int timeouts, struct hostent *host)
 {
  const char *name = (const char*)arg;
  const char *cname;
  char buf[20];
  (void)timeouts;
  if (!host || status != ARES_SUCCESS)
    {
      printf("Failed to lookup %s: %s\n", name, ares_strerror(status));
      return;
    }
  TRACE(("\nFound address %s, name %s\n",
         ares_inet_ntop(AF_INET,(const char*)host->h_addr,buf,sizeof(buf)),
         host->h_name));
  cname = host->h_name;  /* CNAME gets put here */
  if (!cname)
    printf("Failed to get CNAME for %s\n", name);
  else
    find_country_from_cname(cname, *(struct in_addr*)host->h_addr);
 }
 /*
 * This is the callback used to obtain the IP-address of the host of interest.
 */
 static void callback2(void *arg, int status, int timeouts, struct hostent *host)
 {
  struct in_addr *addr = (struct in_addr*) arg;
  (void)timeouts;
  if (!host || status != ARES_SUCCESS)
    memset(addr, INADDR_NONE, sizeof(*addr));
  else
    memcpy(addr, host->h_addr, sizeof(*addr));
 }
 struct search_list {
       int         country_number; /* ISO-3166 country number */
       char        short_name[3];  /* A2 short country code */
       const char *long_name;      /* normal country name */
     };
 const struct search_list *list_lookup(int number, const struct search_list *list, int num)
 {
  while (num > 0 && list->long_name)
    {
      if (list->country_number == number)
        return (list);
      num--;
      list++;
    }
  return (NULL);
 }
 /*
 * Ref: ftp://ftp.ripe.net/iso3166-countrycodes.txt
 */
 static const struct search_list country_list[] = {
       {   4, "af", "Afghanistan"                          },
       { 248, "ax", "<EFBFBD>land Island"                         },
       {   8, "al", "Albania"                              },
       {  12, "dz", "Algeria"                              },
       {  16, "as", "American Samoa"                       },
       {  20, "ad", "Andorra"                              },
       {  24, "ao", "Angola"                               },
       { 660, "ai", "Anguilla"                             },
       {  10, "aq", "Antarctica"                           },
       {  28, "ag", "Antigua & Barbuda"                    },
       {  32, "ar", "Argentina"                            },
       {  51, "am", "Armenia"                              },
       { 533, "aw", "Aruba"                                },
       {  36, "au", "Australia"                            },
       {  40, "at", "Austria"                              },
       {  31, "az", "Azerbaijan"                           },
       {  44, "bs", "Bahamas"                              },
       {  48, "bh", "Bahrain"                              },
       {  50, "bd", "Bangladesh"                           },
       {  52, "bb", "Barbados"                             },
       { 112, "by", "Belarus"                              },
       {  56, "be", "Belgium"                              },
       {  84, "bz", "Belize"                               },
       { 204, "bj", "Benin"                                },
       {  60, "bm", "Bermuda"                              },
       {  64, "bt", "Bhutan"                               },
       {  68, "bo", "Bolivia"                              },
       {  70, "ba", "Bosnia & Herzegowina"                 },
       {  72, "bw", "Botswana"                             },
       {  74, "bv", "Bouvet Island"                        },
       {  76, "br", "Brazil"                               },
       {  86, "io", "British Indian Ocean Territory"       },
       {  96, "bn", "Brunei Darussalam"                    },
       { 100, "bg", "Bulgaria"                             },
       { 854, "bf", "Burkina Faso"                         },
       { 108, "bi", "Burundi"                              },
       { 116, "kh", "Cambodia"                             },
       { 120, "cm", "Cameroon"                             },
       { 124, "ca", "Canada"                               },
       { 132, "cv", "Cape Verde"                           },
       { 136, "ky", "Cayman Islands"                       },
       { 140, "cf", "Central African Republic"             },
       { 148, "td", "Chad"                                 },
       { 152, "cl", "Chile"                                },
       { 156, "cn", "China"                                },
       { 162, "cx", "Christmas Island"                     },
       { 166, "cc", "Cocos Islands"                        },
       { 170, "co", "Colombia"                             },
       { 174, "km", "Comoros"                              },
       { 178, "cg", "Congo"                                },
       { 180, "cd", "Congo"                                },
       { 184, "ck", "Cook Islands"                         },
       { 188, "cr", "Costa Rica"                           },
       { 384, "ci", "Cote d'Ivoire"                        },
       { 191, "hr", "Croatia"                              },
       { 192, "cu", "Cuba"                                 },
       { 196, "cy", "Cyprus"                               },
       { 203, "cz", "Czech Republic"                       },
       { 208, "dk", "Denmark"                              },
       { 262, "dj", "Djibouti"                             },
       { 212, "dm", "Dominica"                             },
       { 214, "do", "Dominican Republic"                   },
       { 218, "ec", "Ecuador"                              },
       { 818, "eg", "Egypt"                                },
       { 222, "sv", "El Salvador"                          },
       { 226, "gq", "Equatorial Guinea"                    },
       { 232, "er", "Eritrea"                              },
       { 233, "ee", "Estonia"                              },
       { 231, "et", "Ethiopia"                             },
       { 238, "fk", "Falkland Islands"                     },
       { 234, "fo", "Faroe Islands"                        },
       { 242, "fj", "Fiji"                                 },
       { 246, "fi", "Finland"                              },
       { 250, "fr", "France"                               },
       { 249, "fx", "France, Metropolitan"                 },
       { 254, "gf", "French Guiana"                        },
       { 258, "pf", "French Polynesia"                     },
       { 260, "tf", "French Southern Territories"          },
       { 266, "ga", "Gabon"                                },
       { 270, "gm", "Gambia"                               },
       { 268, "ge", "Georgia"                              },
       { 276, "de", "Germany"                              },
       { 288, "gh", "Ghana"                                },
       { 292, "gi", "Gibraltar"                            },
       { 300, "gr", "Greece"                               },
       { 304, "gl", "Greenland"                            },
       { 308, "gd", "Grenada"                              },
       { 312, "gp", "Guadeloupe"                           },
       { 316, "gu", "Guam"                                 },
       { 320, "gt", "Guatemala"                            },
       { 324, "gn", "Guinea"                               },
       { 624, "gw", "Guinea-Bissau"                        },
       { 328, "gy", "Guyana"                               },
       { 332, "ht", "Haiti"                                },
       { 334, "hm", "Heard & Mc Donald Islands"            },
       { 336, "va", "Vatican City"                         },
       { 340, "hn", "Honduras"                             },
       { 344, "hk", "Hong kong"                            },
       { 348, "hu", "Hungary"                              },
       { 352, "is", "Iceland"                              },
       { 356, "in", "India"                                },
       { 360, "id", "Indonesia"                            },
       { 364, "ir", "Iran"                                 },
       { 368, "iq", "Iraq"                                 },
       { 372, "ie", "Ireland"                              },
       { 376, "il", "Israel"                               },
       { 380, "it", "Italy"                                },
       { 388, "jm", "Jamaica"                              },
       { 392, "jp", "Japan"                                },
       { 400, "jo", "Jordan"                               },
       { 398, "kz", "Kazakhstan"                           },
       { 404, "ke", "Kenya"                                },
       { 296, "ki", "Kiribati"                             },
       { 408, "kp", "Korea (north)"                        },
       { 410, "kr", "Korea (south)"                        },
       { 414, "kw", "Kuwait"                               },
       { 417, "kg", "Kyrgyzstan"                           },
       { 418, "la", "Laos"                                 },
       { 428, "lv", "Latvia"                               },
       { 422, "lb", "Lebanon"                              },
       { 426, "ls", "Lesotho"                              },
       { 430, "lr", "Liberia"                              },
       { 434, "ly", "Libya"                                },
       { 438, "li", "Liechtenstein"                        },
       { 440, "lt", "Lithuania"                            },
       { 442, "lu", "Luxembourg"                           },
       { 446, "mo", "Macao"                                },
       { 807, "mk", "Macedonia"                            },
       { 450, "mg", "Madagascar"                           },
       { 454, "mw", "Malawi"                               },
       { 458, "my", "Malaysia"                             },
       { 462, "mv", "Maldives"                             },
       { 466, "ml", "Mali"                                 },
       { 470, "mt", "Malta"                                },
       { 584, "mh", "Marshall Islands"                     },
       { 474, "mq", "Martinique"                           },
       { 478, "mr", "Mauritania"                           },
       { 480, "mu", "Mauritius"                            },
       { 175, "yt", "Mayotte"                              },
       { 484, "mx", "Mexico"                               },
       { 583, "fm", "Micronesia"                           },
       { 498, "md", "Moldova"                              },
       { 492, "mc", "Monaco"                               },
       { 496, "mn", "Mongolia"                             },
       { 500, "ms", "Montserrat"                           },
       { 504, "ma", "Morocco"                              },
       { 508, "mz", "Mozambique"                           },
       { 104, "mm", "Myanmar"                              },
       { 516, "na", "Namibia"                              },
       { 520, "nr", "Nauru"                                },
       { 524, "np", "Nepal"                                },
       { 528, "nl", "Netherlands"                          },
       { 530, "an", "Netherlands Antilles"                 },
       { 540, "nc", "New Caledonia"                        },
       { 554, "nz", "New Zealand"                          },
       { 558, "ni", "Nicaragua"                            },
       { 562, "ne", "Niger"                                },
       { 566, "ng", "Nigeria"                              },
       { 570, "nu", "Niue"                                 },
       { 574, "nf", "Norfolk Island"                       },
       { 580, "mp", "Northern Mariana Islands"             },
       { 578, "no", "Norway"                               },
       { 512, "om", "Oman"                                 },
       { 586, "pk", "Pakistan"                             },
       { 585, "pw", "Palau"                                },
       { 275, "ps", "Palestinian Territory"                },
       { 591, "pa", "Panama"                               },
       { 598, "pg", "Papua New Guinea"                     },
       { 600, "py", "Paraguay"                             },
       { 604, "pe", "Peru"                                 },
       { 608, "ph", "Philippines"                          },
       { 612, "pn", "Pitcairn"                             },
       { 616, "pl", "Poland"                               },
       { 620, "pt", "Portugal"                             },
       { 630, "pr", "Puerto Rico"                          },
       { 634, "qa", "Qatar"                                },
       { 638, "re", "Reunion"                              },
       { 642, "ro", "Romania"                              },
       { 643, "ru", "Russia"                               },
       { 646, "rw", "Rwanda"                               },
       { 659, "kn", "Saint Kitts & Nevis"                  },
       { 662, "lc", "Saint Lucia"                          },
       { 670, "vc", "Saint Vincent"                        },
       { 882, "ws", "Samoa"                                },
       { 674, "sm", "San Marino"                           },
       { 678, "st", "Sao Tome & Principe"                  },
       { 682, "sa", "Saudi Arabia"                         },
       { 686, "sn", "Senegal"                              },
       { 891, "cs", "Serbia and Montenegro"                },
       { 690, "sc", "Seychelles"                           },
       { 694, "sl", "Sierra Leone"                         },
       { 702, "sg", "Singapore"                            },
       { 703, "sk", "Slovakia"                             },
       { 705, "si", "Slovenia"                             },
       {  90, "sb", "Solomon Islands"                      },
       { 706, "so", "Somalia"                              },
       { 710, "za", "South Africa"                         },
       { 239, "gs", "South Georgia"                        },
       { 724, "es", "Spain"                                },
       { 144, "lk", "Sri Lanka"                            },
       { 654, "sh", "St. Helena"                           },
       { 666, "pm", "St. Pierre & Miquelon"                },
       { 736, "sd", "Sudan"                                },
       { 740, "sr", "Suriname"                             },
       { 744, "sj", "Svalbard & Jan Mayen Islands"         },
       { 748, "sz", "Swaziland"                            },
       { 752, "se", "Sweden"                               },
       { 756, "ch", "Switzerland"                          },
       { 760, "sy", "Syrian Arab Republic"                 },
       { 626, "tl", "Timor-Leste"                          },
       { 158, "tw", "Taiwan"                               },
       { 762, "tj", "Tajikistan"                           },
       { 834, "tz", "Tanzania"                             },
       { 764, "th", "Thailand"                             },
       { 768, "tg", "Togo"                                 },
       { 772, "tk", "Tokelau"                              },
       { 776, "to", "Tonga"                                },
       { 780, "tt", "Trinidad & Tobago"                    },
       { 788, "tn", "Tunisia"                              },
       { 792, "tr", "Turkey"                               },
       { 795, "tm", "Turkmenistan"                         },
       { 796, "tc", "Turks & Caicos Islands"               },
       { 798, "tv", "Tuvalu"                               },
       { 800, "ug", "Uganda"                               },
       { 804, "ua", "Ukraine"                              },
       { 784, "ae", "United Arab Emirates"                 },
       { 826, "gb", "United Kingdom"                       },
       { 840, "us", "United States"                        },
       { 581, "um", "United States Minor Outlying Islands" },
       { 858, "uy", "Uruguay"                              },
       { 860, "uz", "Uzbekistan"                           },
       { 548, "vu", "Vanuatu"                              },
       { 862, "ve", "Venezuela"                            },
       { 704, "vn", "Vietnam"                              },
       {  92, "vg", "Virgin Islands (British)"             },
       { 850, "vi", "Virgin Islands (US)"                  },
       { 876, "wf", "Wallis & Futuna Islands"              },
       { 732, "eh", "Western Sahara"                       },
       { 887, "ye", "Yemen"                                },
       { 894, "zm", "Zambia"                               },
       { 716, "zw", "Zimbabwe"                             }
     };
 /*
 * Check if start of 'str' is simply an IPv4 address.
 */
 #define BYTE_OK(x) ((x) >= 0 && (x) <= 255)
 static int is_addr(char *str, char **end)
 {
  int a0, a1, a2, a3, num, rc = 0, length = 0;
  if ((num = sscanf(str,"%3d.%3d.%3d.%3d%n",&a0,&a1,&a2,&a3,&length)) == 4 &&
      BYTE_OK(a0) && BYTE_OK(a1) && BYTE_OK(a2) && BYTE_OK(a3) &&
      length >= (3+4))
    {
      rc = 1;
      *end = str + length;
    }
  return rc;
 }
 /*
 * Find the country-code and name from the CNAME. E.g.:
 *   version 1: CNAME = zzno.countries.nerd.dk with address 127.0.2.66
 *              yields ccode_A" = "no" and cnumber 578 (2.66).
 *   version 2: CNAME = <a.b.c.d>.zz.countries.nerd.dk with address 127.0.2.66
 *              yields cnumber 578 (2.66). ccode_A is "";
 */
 static void find_country_from_cname(const char *cname, struct in_addr addr)
 {
  const struct search_list *country;
  char  ccode_A2[3], *ccopy, *dot_4;
  int   cnumber, z0, z1, ver_1, ver_2;
  u_long ip;
  ip = ntohl(addr.s_addr);
  z0 = tolower(cname[0]);
  z1 = tolower(cname[1]);
  ccopy = strdup(cname);
  ver_1 = (z0 == 'z' && z1 == 'z' && !strcasecmp(cname+4,nerd_ver1));
  ver_2 = (is_addr(ccopy,&dot_4) && !strcasecmp(dot_4,nerd_ver2));
  if (ver_1)
    {
      const char *dot = strchr(cname, '.');
      if ((z0 != 'z' && z1 != 'z') || dot != cname+4)
        {
          printf("Unexpected CNAME %s (ver_1)\n", cname);
          return;
        }
    }
  else if (ver_2)
    {
      z0 = tolower(dot_4[1]);
      z1 = tolower(dot_4[2]);
      if (z0 != 'z' && z1 != 'z')
        {
          printf("Unexpected CNAME %s (ver_2)\n", cname);
          return;
        }
    }
  else
    {
      printf("Unexpected CNAME %s (ver?)\n", cname);
      return;
    }
  if (ver_1)
    {
      ccode_A2[0] = tolower(cname[2]);
      ccode_A2[1] = tolower(cname[3]);
      ccode_A2[2] = '\0';
    }
  else
    ccode_A2[0] = '\0';
  cnumber = ip & 0xFFFF;
  TRACE(("Found country-code `%s', number %d\n",
         ver_1 ? ccode_A2 : "<n/a>", cnumber));
  country = list_lookup(cnumber, country_list,
                        sizeof(country_list) / sizeof(country_list[0]));
  if (!country)
    printf("Name for country-number %d not found.\n", cnumber);
  else
    {
      if (ver_1 && *(unsigned short*)&country->short_name != *(unsigned*)&ccode_A2)
        printf("short-name mismatch; %s vs %s\n", country->short_name, ccode_A2);
      printf("%s (%s), number %d.\n",
             country->long_name, country->short_name, cnumber);
    }
  free(ccopy);
 }
--- a/ares/ahost.c
+++ b/ares/ahost.c
@@ -40,13 +40,6 @@
 #include "inet_net_pton.h"
 #include "ares_getopt.h"
 #ifndef HAVE_STRUCT_IN6_ADDR
 struct in6_addr
 {
  unsigned char s6_addr[16];
 };
 #endif
 static void callback(void *arg, int status, int timeouts, struct hostent *host);
 static void usage(void);
--- a/ares/ares.h
+++ b/ares/ares.h
@@ -18,6 +18,14 @@
 #ifndef ARES__H
 #define ARES__H
 /*
 * Define WIN32 when build target is Win32 API
 */
 #if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
 #define WIN32
 #endif
 #include <sys/types.h>
 #if defined(_AIX) || (defined(NETWARE) && defined(__NOVELL_LIBC__))
@@ -35,8 +43,12 @@
  #include <sys/socket.h>
  #include <tcp.h>
 #elif defined(WIN32)
-  #include <winsock2.h>
+#  ifndef WIN32_LEAN_AND_MEAN
 #    define WIN32_LEAN_AND_MEAN
 #  endif
 #  include <windows.h>
 #  include <winsock2.h>
 #  include <ws2tcpip.h>
 #else
  #include <netinet/in.h>
  #include <sys/socket.h>
@@ -232,10 +244,38 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
                     int alen, char **s, long *enclen);
 int ares_expand_string(const unsigned char *encoded, const unsigned char *abuf,
                     int alen, unsigned char **s, long *enclen);
 #if !defined(HAVE_STRUCT_IN6_ADDR) && !defined(s6_addr)
 struct in6_addr {
  union {
    unsigned char _S6_u8[16];
  } _S6_un;
 };
 #define s6_addr _S6_un._S6_u8
 #endif
 struct addrttl {
  struct in_addr ipaddr;
  int            ttl;
 };
 struct addr6ttl {
  struct in6_addr ip6addr;
  int             ttl;
 };
 /*
 ** Parse the buffer, starting at *abuf and of length alen bytes, previously
 ** obtained from an ares_search call.  Put the results in *host, if nonnull.
 ** Also, if addrttls is nonnull, put up to *naddrttls IPv4 addresses along with
 ** their TTLs in that array, and set *naddrttls to the number of addresses
 ** so written.
 */
 int ares_parse_a_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host);
+                       struct hostent **host,
                       struct addrttl *addrttls, int *naddrttls);
 int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host);
+                       struct hostent **host,
                       struct addr6ttl *addrttls, int *naddrttls);
 int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr,
                         int addrlen, int family, struct hostent **host);
 int ares_parse_ns_reply(const unsigned char *abuf, int alen,
--- a/ares/ares_gethostbyaddr.c
+++ b/ares/ares_gethostbyaddr.c
@@ -58,6 +58,7 @@ static void addr_callback(void *arg, int status, int timeouts,
 static void end_aquery(struct addr_query *aquery, int status,
                       struct hostent *host);
 static int file_lookup(union ares_addr *addr, int family, struct hostent **host);
 static void ptr_rr_name(char *name, int family, union ares_addr *addr);
 void ares_gethostbyaddr(ares_channel channel, const void *addr, int addrlen,
                        int family, ares_host_callback callback, void *arg)
@@ -101,48 +102,26 @@ static void next_lookup(struct addr_query *aquery)
 {
  const char *p;
  char name[128];
-  int a1, a2, a3, a4, status;
+  int status;
  struct hostent *host;
  unsigned long addr;
  for (p = aquery->remaining_lookups; *p; p++)
    {
      switch (*p)
        {
        case 'b':
-          if (aquery->family == AF_INET)
+          ptr_rr_name(name, aquery->family, &aquery->addr);
            {
              addr = ntohl(aquery->addr.addr4.s_addr);
              a1 = (int)((addr >> 24) & 0xff);
              a2 = (int)((addr >> 16) & 0xff);
              a3 = (int)((addr >> 8) & 0xff);
              a4 = (int)(addr & 0xff);
              sprintf(name, "%d.%d.%d.%d.in-addr.arpa", a4, a3, a2, a1);
          aquery->remaining_lookups = p + 1;
          ares_query(aquery->channel, name, C_IN, T_PTR, addr_callback,
                     aquery);
            }
          else
            {
              unsigned char *bytes;
              bytes = (unsigned char *)&aquery->addr.addr6.s6_addr;
              sprintf(name, "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.ip6.arpa",
                      bytes[15]&0xf, bytes[15] >> 4, bytes[14]&0xf, bytes[14] >> 4,
                      bytes[13]&0xf, bytes[13] >> 4, bytes[12]&0xf, bytes[12] >> 4,
                      bytes[11]&0xf, bytes[11] >> 4, bytes[10]&0xf, bytes[10] >> 4,
                      bytes[9]&0xf, bytes[9] >> 4, bytes[8]&0xf, bytes[8] >> 4,
                      bytes[7]&0xf, bytes[7] >> 4, bytes[6]&0xf, bytes[6] >> 4,
                      bytes[5]&0xf, bytes[5] >> 4, bytes[4]&0xf, bytes[4] >> 4,
                      bytes[3]&0xf, bytes[3] >> 4, bytes[2]&0xf, bytes[2] >> 4,
                      bytes[1]&0xf, bytes[1] >> 4, bytes[0]&0xf, bytes[0] >> 4);
              aquery->remaining_lookups = p + 1;
              ares_query(aquery->channel, name, C_IN, T_PTR, addr_callback,
                         aquery);
            }
          return;
        case 'f':
          status = file_lookup(&aquery->addr, aquery->family, &host);
-          if (status != ARES_ENOTFOUND)
+
          /* this status check below previously checked for !ARES_ENOTFOUND,
             but we should not assume that this single error code is the one
             that can occur, as that is in fact no longer the case */
          if (status == ARES_SUCCESS)
            {
              end_aquery(aquery, status, host);
              return;
@@ -264,3 +243,31 @@ static int file_lookup(union ares_addr *addr, int family, struct hostent **host)
    *host = NULL;
  return status;
 }
 static void ptr_rr_name(char *name, int family, union ares_addr *addr)
 {
  if (family == AF_INET)
    {
       unsigned long laddr = ntohl(addr->addr4.s_addr);
       int a1 = (int)((laddr >> 24) & 0xff);
       int a2 = (int)((laddr >> 16) & 0xff);
       int a3 = (int)((laddr >> 8) & 0xff);
       int a4 = (int)(laddr & 0xff);
       sprintf(name, "%d.%d.%d.%d.in-addr.arpa", a4, a3, a2, a1);
    }
  else
    {
       unsigned char *bytes = (unsigned char *)&addr->addr6.s6_addr;
       sprintf(name,
                "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x."
                "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.ip6.arpa",
                bytes[15]&0xf, bytes[15] >> 4, bytes[14]&0xf, bytes[14] >> 4,
                bytes[13]&0xf, bytes[13] >> 4, bytes[12]&0xf, bytes[12] >> 4,
                bytes[11]&0xf, bytes[11] >> 4, bytes[10]&0xf, bytes[10] >> 4,
                bytes[9]&0xf, bytes[9] >> 4, bytes[8]&0xf, bytes[8] >> 4,
                bytes[7]&0xf, bytes[7] >> 4, bytes[6]&0xf, bytes[6] >> 4,
                bytes[5]&0xf, bytes[5] >> 4, bytes[4]&0xf, bytes[4] >> 4,
                bytes[3]&0xf, bytes[3] >> 4, bytes[2]&0xf, bytes[2] >> 4,
                bytes[1]&0xf, bytes[1] >> 4, bytes[0]&0xf, bytes[0] >> 4);
    }
 }
--- a/ares/ares_gethostbyname.c
+++ b/ares/ares_gethostbyname.c
@@ -57,7 +57,7 @@ struct host_query {
  int timeouts;
 };
-static void next_lookup(struct host_query *hquery, int status);
+static void next_lookup(struct host_query *hquery, int status_code);
 static void host_callback(void *arg, int status, int timeouts,
                          unsigned char *abuf, int alen);
 static void end_hquery(struct host_query *hquery, int status,
@@ -111,13 +111,14 @@ void ares_gethostbyname(ares_channel channel, const char *name, int family,
  hquery->timeouts = 0;
  /* Start performing lookups according to channel->lookups. */
-  next_lookup(hquery, ARES_SUCCESS);
+  next_lookup(hquery, ARES_ECONNREFUSED /* initial error code */);
 }
-static void next_lookup(struct host_query *hquery, int status)
+static void next_lookup(struct host_query *hquery, int status_code)
 {
  const char *p;
  struct hostent *host;
  int status = status_code;
  for (p = hquery->remaining_lookups; *p; p++)
    {
@@ -137,11 +138,16 @@ static void next_lookup(struct host_query *hquery, int status)
        case 'f':
          /* Host file lookup */
          status = file_lookup(hquery->name, hquery->family, &host);
-          if (status != ARES_ENOTFOUND)
+
          /* this status check below previously checked for !ARES_ENOTFOUND,
             but we should not assume that this single error code is the one
             that can occur, as that is in fact no longer the case */
          if (status == ARES_SUCCESS)
            {
              end_hquery(hquery, status, host);
              return;
            }
          status = status_code;   /* Use original status code */
          break;
        }
    }
@@ -160,13 +166,13 @@ static void host_callback(void *arg, int status, int timeouts,
    {
      if (hquery->family == AF_INET)
        {
-          status = ares_parse_a_reply(abuf, alen, &host);
+          status = ares_parse_a_reply(abuf, alen, &host, NULL, NULL);
          if (host && channel->nsort)
            sort_addresses(host, channel->sortlist, channel->nsort);
        }
      else if (hquery->family == AF_INET6)
        {
-          status = ares_parse_aaaa_reply(abuf, alen, &host);
+          status = ares_parse_aaaa_reply(abuf, alen, &host, NULL, NULL);
          if (host && channel->nsort)
            sort6_addresses(host, channel->sortlist, channel->nsort);
        }
--- a/ares/ares_ipv6.h
+++ b/ares/ares_ipv6.h
@@ -1,6 +1,7 @@
 /* $Id$ */
-/*
+/* Copyright (C) 2005 by Dominick Meglio
 *
 * Permission to use, copy, modify, and distribute this
 * software and its documentation for any purpose and without
 * fee is hereby granted, provided that the above copyright
@@ -21,11 +22,13 @@
 #define PF_INET6 AF_INET6
 #endif
-#ifndef HAVE_STRUCT_IN6_ADDR
+#if !defined(HAVE_STRUCT_IN6_ADDR) && !defined(s6_addr)
-struct in6_addr
+struct in6_addr {
-{
+  union {
-  unsigned char s6_addr[16];
+    unsigned char _S6_u8[16];
  } _S6_un;
 };
 #define s6_addr _S6_un._S6_u8
 #endif
 #ifndef HAVE_STRUCT_SOCKADDR_IN6
--- a/ares/ares_parse_a_reply.3
+++ b/ares/ares_parse_a_reply.3
@@ -22,24 +22,39 @@ ares_parse_a_reply \- Parse a reply to a DNS query of type A into a hostent
 .B #include <ares.h>
 .PP
 .B int ares_parse_a_reply(const unsigned char *\fIabuf\fP, int \fIalen\fP,
-.B 	struct hostent **\fIhost\fP);
+.B 	struct hostent **\fIhost\fP,
 .B      struct addrttl *\fIaddrttls\fB, int *\fInaddrttls\fB);
 .fi
 .SH DESCRIPTION
 The
 .B ares_parse_a_reply
 function parses the response to a query of type A into a
-.BR "struct hostent" .
+.BR "struct hostent"
 and/or an array of
 .BR "struct addrttls" . 
 The parameters
 .I abuf
 and
 .I alen
 give the contents of the response.  The result is stored in allocated
 memory and a pointer to it stored into the variable pointed to by
-.IR host .
+.IR host ,
 if host is nonnull.
 It is the caller's responsibility to free the resulting host structure
 using
 .BR ares_free_hostent (3)
 when it is no longer needed.
 .PP
 If
 .IR addrttls
 and
 .IR naddrttls
 are both nonnull,
 then up to *naddrttls
 .BR "struct addrttl"
 records are stored in the array pointed to by addrttls,
 and then *naddrttls is set to the number of records so stored.
 Note that the memory for these records is supplied by the caller.
 .SH RETURN VALUES
 .B ares_parse_a_reply
 can return any of the following values:
--- a/ares/ares_parse_a_reply.c
+++ b/ares/ares_parse_a_reply.c
@@ -32,24 +32,32 @@
 #include <stdlib.h>
 #include <string.h>
 #include <limits.h>
 #include "ares.h"
 #include "ares_dns.h"
 #include "ares_private.h"
 int ares_parse_a_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host)
+                       struct hostent **host,
                       struct addrttl *addrttls, int *naddrttls)
 {
  unsigned int qdcount, ancount;
-  int status, i, rr_type, rr_class, rr_len, naddrs;
+  int status, i, rr_type, rr_class, rr_len, rr_ttl, naddrs;
  int cname_ttl = INT_MAX;  /* the TTL imposed by the CNAME chain */
  int naliases;
  long len;
  const unsigned char *aptr;
  char *hostname, *rr_name, *rr_data, **aliases;
  struct in_addr *addrs;
  struct hostent *hostent;
  const int max_addr_ttls = (addrttls && naddrttls) ? *naddrttls : 0;
  /* Set *host to NULL for all failure cases. */
  if (host)
    *host = NULL;
  /* Same with *naddrttls. */
  if (naddrttls)
    *naddrttls = 0;
  /* Give up if abuf doesn't have room for a header. */
  if (alen < HFIXEDSZ)
@@ -73,6 +81,8 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
    }
  aptr += len + QFIXEDSZ;
  if (host)
    {
      /* Allocate addresses and aliases; ancount gives an upper bound for both. */
      addrs = malloc(ancount * sizeof(struct in_addr));
      if (!addrs)
@@ -87,6 +97,13 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
          free(addrs);
          return ARES_ENOMEM;
        }
    }
  else
    {
      addrs = NULL;
      aliases = NULL;
    }
  naddrs = 0;
  naliases = 0;
@@ -106,13 +123,33 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
      rr_type = DNS_RR_TYPE(aptr);
      rr_class = DNS_RR_CLASS(aptr);
      rr_len = DNS_RR_LEN(aptr);
      rr_ttl = DNS_RR_TTL(aptr);
      aptr += RRFIXEDSZ;
      if (rr_class == C_IN && rr_type == T_A
          && rr_len == sizeof(struct in_addr)
          && strcasecmp(rr_name, hostname) == 0)
        {
          if (addrs)
            {
              if (aptr + sizeof(struct in_addr) > abuf + alen)
              {
                status = ARES_EBADRESP;
                break;
              }
              memcpy(&addrs[naddrs], aptr, sizeof(struct in_addr));
            }
          if (naddrs < max_addr_ttls)
            {
              struct addrttl * const at = &addrttls[naddrs];
              if (aptr + sizeof(struct in_addr) > abuf + alen)
              {
                status = ARES_EBADRESP;
                break;
              }
              memcpy(&at->ipaddr, aptr,  sizeof(struct in_addr));
              at->ttl = rr_ttl;
            }
          naddrs++;
          status = ARES_SUCCESS;
        }
@@ -120,7 +157,10 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
      if (rr_class == C_IN && rr_type == T_CNAME)
        {
          /* Record the RR name as an alias. */
          if (aliases)
            aliases[naliases] = rr_name;
          else
            free(rr_name);
          naliases++;
          /* Decode the RR data and replace the hostname with it. */
@@ -129,6 +169,10 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
            break;
          free(hostname);
          hostname = rr_data;
          /* Take the min of the TTLs we see in the CNAME chain. */
          if (cname_ttl > rr_ttl)
            cname_ttl = rr_ttl;
        }
      else
        free(rr_name);
@@ -145,8 +189,23 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
    status = ARES_ENODATA;
  if (status == ARES_SUCCESS)
    {
-      /* We got our answer.  Allocate memory to build the host entry. */
+      /* We got our answer. */
      if (naddrttls)
        {
          const int n = naddrs < max_addr_ttls ? naddrs : max_addr_ttls;
          for (i = 0; i < n; i++)
            {
              /* Ensure that each A TTL is no larger than the CNAME TTL. */
              if (addrttls[i].ttl > cname_ttl)
                addrttls[i].ttl = cname_ttl;
            }
          *naddrttls = n;
        }
      if (aliases)
        aliases[naliases] = NULL;
      if (host)
        {
          /* Allocate memory to build the host entry. */
          hostent = malloc(sizeof(struct hostent));
          if (hostent)
            {
@@ -168,9 +227,13 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
            }
          status = ARES_ENOMEM;
        }
     }
  if (aliases)
    {
      for (i = 0; i < naliases; i++)
        free(aliases[i]);
      free(aliases);
    }
  free(addrs);
  free(hostname);
  return status;
--- a/ares/ares_parse_aaaa_reply.3
+++ b/ares/ares_parse_aaaa_reply.3
@@ -22,24 +22,39 @@ ares_parse_aaaa_reply \- Parse a reply to a DNS query of type AAAA into a hosten
 .B #include <ares.h>
 .PP
 .B int ares_parse_aaaa_reply(const unsigned char *\fIabuf\fP, int \fIalen\fP,
-.B 	struct hostent **\fIhost\fP);
+.B 	struct hostent **\fIhost\fP,         
 .B      struct addrttl *\fIaddrttls\fB, int *\fInaddrttls\fB);
 .fi
 .SH DESCRIPTION
 The
 .B ares_parse_aaaa_reply
 function parses the response to a query of type AAAA into a
-.BR "struct hostent" .
+.BR "struct hostent"
 and/or an array of
 .BR "struct addrttls" . 
 The parameters
 .I abuf
 and
 .I alen
 give the contents of the response.  The result is stored in allocated
 memory and a pointer to it stored into the variable pointed to by
-.IR host .
+.IR host ,
 if host is nonnull.
 It is the caller's responsibility to free the resulting host structure
 using
 .BR ares_free_hostent (3)
 when it is no longer needed.
 .PP
 If
 .IR addrttls
 and
 .IR naddrttls
 are both nonnull,
 then up to *naddrttls
 .BR "struct addr6ttl"
 records are stored in the array pointed to by addrttls,
 and then *naddrttls is set to the number of records so stored.
 Note that the memory for these records is supplied by the caller.
 .SH RETURN VALUES
 .B ares_parse_aaaa_reply
 can return any of the following values:
--- a/ares/ares_parse_aaaa_reply.c
+++ b/ares/ares_parse_aaaa_reply.c
@@ -34,25 +34,33 @@
 #include <stdlib.h>
 #include <string.h>
 #include <limits.h>
 #include "ares.h"
 #include "ares_dns.h"
 #include "inet_net_pton.h"
 #include "ares_private.h"
 int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host)
+                          struct hostent **host, struct addr6ttl *addrttls,
                          int *naddrttls)
 {
  unsigned int qdcount, ancount;
-  int status, i, rr_type, rr_class, rr_len, naddrs;
+  int status, i, rr_type, rr_class, rr_len, rr_ttl, naddrs;
  int cname_ttl = INT_MAX;  /* the TTL imposed by the CNAME chain */
  int naliases;
  long len;
  const unsigned char *aptr;
  char *hostname, *rr_name, *rr_data, **aliases;
  struct in6_addr *addrs;
  struct hostent *hostent;
  const int max_addr_ttls = (addrttls && naddrttls) ? *naddrttls : 0;
  /* Set *host to NULL for all failure cases. */
  if (host)
    *host = NULL;
  /* Same with *naddrttls. */
  if (naddrttls)
    *naddrttls = 0;
  /* Give up if abuf doesn't have room for a header. */
  if (alen < HFIXEDSZ)
@@ -77,6 +85,8 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
  aptr += len + QFIXEDSZ;
  /* Allocate addresses and aliases; ancount gives an upper bound for both. */
  if (host)
    {
      addrs = malloc(ancount * sizeof(struct in6_addr));
      if (!addrs)
        {
@@ -90,6 +100,12 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
          free(addrs);
          return ARES_ENOMEM;
        }
    }
  else
    {
      addrs = NULL;
      aliases = NULL;
    }
  naddrs = 0;
  naliases = 0;
@@ -109,13 +125,33 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
      rr_type = DNS_RR_TYPE(aptr);
      rr_class = DNS_RR_CLASS(aptr);
      rr_len = DNS_RR_LEN(aptr);
      rr_ttl = DNS_RR_TTL(aptr);
      aptr += RRFIXEDSZ;
      if (rr_class == C_IN && rr_type == T_AAAA
          && rr_len == sizeof(struct in6_addr)
          && strcasecmp(rr_name, hostname) == 0)
        {
          if (addrs)
            {
              if (aptr + sizeof(struct in6_addr) > abuf + alen)
              {
                status = ARES_EBADRESP;
                break;
              }
              memcpy(&addrs[naddrs], aptr, sizeof(struct in6_addr));
            }
          if (naddrs < max_addr_ttls)
            {
              struct addr6ttl * const at = &addrttls[naddrs];
              if (aptr + sizeof(struct in6_addr) > abuf + alen)
              {
                status = ARES_EBADRESP;
                break;
              }
              memcpy(&at->ip6addr, aptr,  sizeof(struct in6_addr));
              at->ttl = rr_ttl;
            }
          naddrs++;
          status = ARES_SUCCESS;
        }
@@ -123,7 +159,10 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
      if (rr_class == C_IN && rr_type == T_CNAME)
        {
          /* Record the RR name as an alias. */
          if (aliases)
            aliases[naliases] = rr_name;
          else
            free(rr_name);
          naliases++;
          /* Decode the RR data and replace the hostname with it. */
@@ -132,6 +171,10 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
            break;
          free(hostname);
          hostname = rr_data;
          /* Take the min of the TTLs we see in the CNAME chain. */
          if (cname_ttl > rr_ttl)
            cname_ttl = rr_ttl;
        }
      else
        free(rr_name);
@@ -148,8 +191,23 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
    status = ARES_ENODATA;
  if (status == ARES_SUCCESS)
    {
-      /* We got our answer.  Allocate memory to build the host entry. */
+      /* We got our answer. */
      if (naddrttls)
        {
          const int n = naddrs < max_addr_ttls ? naddrs : max_addr_ttls;
          for (i = 0; i < n; i++)
            {
              /* Ensure that each A TTL is no larger than the CNAME TTL. */
              if (addrttls[i].ttl > cname_ttl)
                addrttls[i].ttl = cname_ttl;
            }
          *naddrttls = n;
        }
      if (aliases)
        aliases[naliases] = NULL;
      if (host)
        {
          /* Allocate memory to build the host entry. */
          hostent = malloc(sizeof(struct hostent));
          if (hostent)
            {
@@ -171,9 +229,13 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
            }
          status = ARES_ENOMEM;
        }
    }
  if (aliases)
    {
      for (i = 0; i < naliases; i++)
        free(aliases[i]);
      free(aliases);
    }
  free(addrs);
  free(hostname);
  return status;
--- a/ares/ares_private.h
+++ b/ares/ares_private.h
@@ -18,6 +18,14 @@
 * without express or implied warranty.
 */
 /*
 * Define WIN32 when build target is Win32 API
 */
 #if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
 #define WIN32
 #endif
 #include <stdio.h>
 #include <sys/types.h>
--- a/ares/ares_version.h
+++ b/ares/ares_version.h
@@ -5,11 +5,11 @@
 #define ARES_VERSION_MAJOR 1
 #define ARES_VERSION_MINOR 5
-#define ARES_VERSION_PATCH 0
+#define ARES_VERSION_PATCH 2
 #define ARES_VERSION ((ARES_VERSION_MAJOR<<16)|\
                       (ARES_VERSION_MINOR<<8)|\
                       (ARES_VERSION_PATCH))
-#define ARES_VERSION_STR "1.5.0-CVS"
+#define ARES_VERSION_STR "1.5.2-CVS"
 #ifdef  __cplusplus
 extern "C" {
--- a/ares/bitncmp.h
+++ b/ares/bitncmp.h
@@ -3,7 +3,8 @@
 /* $Id$ */
-/*
+/* Copyright (C) 2005 by Dominick Meglio
 *
 * Permission to use, copy, modify, and distribute this
 * software and its documentation for any purpose and without
 * fee is hereby granted, provided that the above copyright
--- a/ares/config-win32.h
+++ b/ares/config-win32.h
@@ -159,24 +159,58 @@
 /* Define this if you have struct timeval */
 #define HAVE_STRUCT_TIMEVAL 1
 /* ---------------------------------------------------------------- */
 /*                        COMPILER SPECIFIC                         */
 /* ---------------------------------------------------------------- */
 /* Define to avoid VS2005 complaining about portable C functions */
 #if defined(_MSC_VER) && (_MSC_VER >= 1400)
 #define _CRT_SECURE_NO_DEPRECATE 1
 #define _CRT_NONSTDC_NO_DEPRECATE 1
 #endif
 /* VS2008 does not support Windows build targets prior to WinXP, */
 /* so, if no build target has been defined we will target WinXP. */
 #if defined(_MSC_VER) && (_MSC_VER >= 1500)
 #  ifndef _WIN32_WINNT
 #    define _WIN32_WINNT 0x0501
 #  endif
 #  ifndef WINVER
 #    define WINVER 0x0501
 #  endif
 #  if (_WIN32_WINNT < 0x0501) || (WINVER < 0x0501)
 #    error VS2008 does not support Windows build targets prior to WinXP
 #  endif
 #endif
 /* ---------------------------------------------------------------- */
 /*                         IPV6 COMPATIBILITY                       */
 /* ---------------------------------------------------------------- */
 /* Define this if you have address family AF_INET6 */
 #ifdef HAVE_WINSOCK2_H
 #define HAVE_AF_INET6 1
 #endif
 /* Define this if you have protocol family PF_INET6 */
 #ifdef HAVE_WINSOCK2_H
 #define HAVE_PF_INET6 1
 #endif
 /* Define this if you have struct in6_addr */
 #ifdef HAVE_WS2TCPIP_H
 #define HAVE_STRUCT_IN6_ADDR 1
 #endif
 /* Define this if you have struct sockaddr_in6 */
 #ifdef HAVE_WS2TCPIP_H
 #define HAVE_STRUCT_SOCKADDR_IN6 1
 #endif
 /* Define this if you have sockaddr_in6 with scopeid */
 #ifdef HAVE_WS2TCPIP_H
 #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
 #endif
 #endif  /* __ARES_CONFIG_WIN32_H */
--- a/ares/configure.ac
+++ b/ares/configure.ac
@@ -46,6 +46,8 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
    dnl when doing the debug stuff, use static library only
    AC_DISABLE_SHARED
    debugbuild="yes"
    dnl the entire --enable-debug is a hack that lives and runs on top of
    dnl libcurl stuff so this BUILDING_LIBCURL is not THAT much uglier
    AC_DEFINE(BUILDING_LIBCURL, 1, [when building as static part of libcurl])
@@ -70,6 +72,7 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
  esac ],
       AC_MSG_RESULT(no)
 )
 AM_CONDITIONAL(DEBUGBUILD, test x$debugbuild = xyes)
 dnl skip libtool C++ and Fortran compiler checks
 m4_ifdef([AC_PROG_CXX], [m4_undefine([AC_PROG_CXX])])
@@ -258,9 +261,6 @@ fi
 dnl socket lib?
 AC_CHECK_FUNC(connect, , [ AC_CHECK_LIB(socket, connect) ])
 dnl dl lib?
 AC_CHECK_FUNC(dlclose, , [ AC_CHECK_LIB(dl, dlopen) ])
 AC_MSG_CHECKING([whether to use libgcc])
 AC_ARG_ENABLE(libgcc,
 AC_HELP_STRING([--enable-libgcc],[use libgcc when linking]),
@@ -342,6 +342,9 @@ if test "x$RECENTAIX" = "xyes"; then
         dnl the optimizer assumes that pointers can only point to
         dnl an object of the same type.
         CFLAGS="$CFLAGS -qnoansialias"
         dnl Force AIX xlc to stop after the compilation phase, and not
         dnl generate object code, when the source compiles with errors.
         CFLAGS="$CFLAGS -qhalt=e"
       )
 fi
@@ -831,8 +834,15 @@ AC_HELP_STRING([--with-random=FILE],
               [read randomness from FILE (default=/dev/urandom)]),
    [ RANDOM_FILE="$withval" ],
    [
-        dnl Check for random device
+        dnl Check for random device.  If we're cross compiling, we can't
        dnl check, and it's better to assume it doesn't exist than it is
        dnl to fail on AC_CHECK_FILE or later.
        if test "$cross_compiling" = "no"; then
          AC_CHECK_FILE("/dev/urandom", [ RANDOM_FILE="/dev/urandom"] )
        else
          AC_MSG_WARN([cannot check for /dev/urandom while cross compiling; assuming none])
        fi
    ]
 )
 if test -n "$RANDOM_FILE" && test X"$RANDOM_FILE" != Xno ; then
--- a/ares/get_ver.awk
+++ b/ares/get_ver.awk
@@ -0,0 +1,36 @@
 # ***************************************************************************
 # *  Project: c-ares
 # *
 # * $Id$
 # ***************************************************************************
 # awk script which fetches c-ares version number and string from input
 # file and writes them to STDOUT. Here you can get an awk version for Win32:
 # http://www.gknw.net/development/prgtools/awk-20070501.zip
 #
 BEGIN {
  if (match (ARGV[1], /ares_version.h/)) {
    while ((getline < ARGV[1]) > 0) {
      if (match ($0, /^#define ARES_COPYRIGHT "[^"]+"$/)) {
        libcares_copyright_str = substr($0, 25, length($0)-25);
      }
      else if (match ($0, /^#define ARES_VERSION_STR "[^"]+"$/)) {
        libcares_ver_str = substr($3, 2, length($3)-2);
      }
      else if (match ($0, /^#define ARES_VERSION_MAJOR [0-9]+$/)) {
        libcares_ver_major = substr($3, 1, length($3));
      }
      else if (match ($0, /^#define ARES_VERSION_MINOR [0-9]+$/)) {
        libcares_ver_minor = substr($3, 1, length($3));
      }
      else if (match ($0, /^#define ARES_VERSION_PATCH [0-9]+$/)) {
        libcares_ver_patch = substr($3, 1, length($3));
      }
    }
    libcares_ver = libcares_ver_major "," libcares_ver_minor "," libcares_ver_patch;
    print "LIBCARES_VERSION = " libcares_ver "";
    print "LIBCARES_VERSION_STR = " libcares_ver_str "";
    print "LIBCARES_COPYRIGHT_STR = " libcares_copyright_str "";
  }
 }
--- a/ares/inet_net_pton.h
+++ b/ares/inet_net_pton.h
@@ -3,7 +3,8 @@
 /* $Id$ */
-/*
+/* Copyright (C) 2005 by Daniel Stenberg
 *
 * Permission to use, copy, modify, and distribute this
 * software and its documentation for any purpose and without
 * fee is hereby granted, provided that the above copyright
--- a/ares/inet_ntop.h
+++ b/ares/inet_ntop.h
@@ -3,7 +3,8 @@
 /* $Id$ */
-/*
+/* Copyright (C) 2005 by Dominick Meglio
 *
 * Permission to use, copy, modify, and distribute this
 * software and its documentation for any purpose and without
 * fee is hereby granted, provided that the above copyright
--- a/ares/libcares.pc.in
+++ b/ares/libcares.pc.in
@@ -12,7 +12,7 @@ includedir=@includedir@
 Name: c-ares
 URL: http://daniel.haxx.se/projects/c-ares/
-Description: asyncronous DNS lookup library
+Description: asynchronous DNS lookup library
 Version: @VERSION@
 Requires: 
 Requires.private: 
--- a/ares/nameser.h
+++ b/ares/nameser.h
@@ -7,9 +7,6 @@
   port build */
 #ifndef NETWARE
 #ifndef __CYGWIN__
 #include <windows.h>
 #endif
 #include <process.h> /* for the _getpid() proto */
 #endif  /* !NETWARE */
 #include <sys/types.h>
--- a/ares/setup.h
+++ b/ares/setup.h
@@ -16,13 +16,11 @@
 * without express or implied warranty.
 */
-#if !defined(WIN32) && defined(__WIN32__)
+/*
-/* Borland fix */
+ * Define WIN32 when build target is Win32 API
-#define WIN32
+ */
 #endif
-#if !defined(WIN32) && defined(_WIN32)
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
 /* VS2005 on x64 fix */
 #define WIN32
 #endif
--- a/ares/vc/adig/adig.dsp
+++ b/ares/vc/adig/adig.dsp
@@ -49,8 +49,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
 !ELSEIF  "$(CFG)" == "adig - Win32 Debug"
@@ -73,8 +73,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
 !ENDIF 
--- a/ares/vc/ahost/ahost.dsp
+++ b/ares/vc/ahost/ahost.dsp
@@ -39,6 +39,7 @@ RSC=rc.exe
 # PROP Use_Debug_Libraries 0
 # PROP Output_Dir "Release"
 # PROP Intermediate_Dir "Release"
 # PROP Ignore_Export_Lib 0
 # PROP Target_Dir ""
 # ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
 # ADD CPP /nologo /MD /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
@@ -48,8 +49,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
 !ELSEIF  "$(CFG)" == "ahost - Win32 Debug"
@@ -62,6 +63,7 @@ LINK32=link.exe
 # PROP Use_Debug_Libraries 1
 # PROP Output_Dir "Debug"
 # PROP Intermediate_Dir "Debug"
 # PROP Ignore_Export_Lib 0
 # PROP Target_Dir ""
 # ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
 # ADD CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
@@ -71,8 +73,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
 !ENDIF 
--- a/configure.ac
+++ b/configure.ac
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -24,11 +24,11 @@ dnl Process this file with autoconf to produce a configure script.
 AC_PREREQ(2.57)
-dnl We don't know the version number "staticly" so we use a dash here
+dnl We don't know the version number "statically" so we use a dash here
 AC_INIT(curl, [-], [a suitable curl mailing list => http://curl.haxx.se/mail/])
 dnl configure script copyright
-AC_COPYRIGHT([Copyright (c) 1998 - 2006 Daniel Stenberg, <daniel@haxx.se>
+AC_COPYRIGHT([Copyright (c) 1998 - 2008 Daniel Stenberg, <daniel@haxx.se>
 This configure script may be copied, distributed and modified under the
 terms of the curl license; see COPYING for more details])
@@ -174,6 +174,7 @@ case $host in
 esac
 AC_MSG_RESULT($mimpure)
 AM_CONDITIONAL(MIMPURE, test x$mimpure = xyes)
 AM_CONDITIONAL(STATICLIB, false)
 AC_MSG_CHECKING([if we need BUILDING_LIBCURL])
 case $host in
@@ -185,6 +186,7 @@ case $host in
    then
      AC_DEFINE(CURL_STATICLIB, 1, [when not building a shared library])
      AC_MSG_RESULT(yes)
      AM_CONDITIONAL(STATICLIB, true)
    else
      AC_MSG_RESULT(no)
    fi
@@ -321,10 +323,29 @@ AC_HELP_STRING([--disable-ldap],[Disable LDAP support]),
       AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
       AC_SUBST(CURL_DISABLE_LDAP, [1])
       ;;
-  *)   AC_MSG_RESULT(yes)
+  *)
       case $host in
         *-*-cygwin*)
           # Force no ldap. config/build process is broken for cygwin
           AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
           AC_SUBST(CURL_DISABLE_LDAP, [1])
           AC_MSG_RESULT(no)
           ;;
-  esac ],
+         *)
           AC_MSG_RESULT(yes)
       esac
       ;;
  esac ],[
       case $host in
         *-*-cygwin*)
           # Force no ldap. config/build process is broken for cygwin
           AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
           AC_SUBST(CURL_DISABLE_LDAP, [1])
           AC_MSG_RESULT(no)
           ;;
         *)
           AC_MSG_RESULT(yes)
       esac ]
 )
 AC_MSG_CHECKING([whether to support ldaps])
 AC_ARG_ENABLE(ldaps,
@@ -604,6 +625,8 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
      AC_MSG_WARN(["$LDAPLIBNAME" is not an LDAP library: LDAP disabled])
      AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
      AC_SUBST(CURL_DISABLE_LDAP, [1])])
      AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
      AC_SUBST(CURL_DISABLE_LDAPS, [1])
  else
    dnl Try to find the right ldap libraries for this system
    CURL_CHECK_LIBS_LDAP
@@ -612,6 +635,8 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
        AC_MSG_WARN([Cannot find libraries for LDAP support: LDAP disabled])
        AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
        AC_SUBST(CURL_DISABLE_LDAP, [1])
        AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
        AC_SUBST(CURL_DISABLE_LDAPS, [1])
        ;;
    esac
  fi
@@ -627,6 +652,8 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
        AC_MSG_WARN(["$LBERLIBNAME" is not an LBER library: LDAP disabled])
        AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
        AC_SUBST(CURL_DISABLE_LDAP, [1])])
        AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
        AC_SUBST(CURL_DISABLE_LDAPS, [1])
    fi
  fi
 fi
@@ -901,6 +928,9 @@ dnl **********************************************************************
 dnl Check for GSS-API libraries
 dnl **********************************************************************
 dnl check for gss stuff in the /usr as default
 GSSAPI_ROOT="/usr"
 AC_ARG_WITH(gssapi-includes,
  AC_HELP_STRING([--with-gssapi-includes=DIR],
                 [Specify location of GSSAPI header]),
@@ -921,6 +951,10 @@ AC_ARG_WITH(gssapi,
  GSSAPI_ROOT="$withval"
  if test x"$GSSAPI_ROOT" != xno; then
    want_gss="yes"
    if test x"$GSSAPI_ROOT" = xyes; then
      dnl if yes, then use default root
      GSSAPI_ROOT="/usr"
    fi
  fi
 ])
@@ -932,11 +966,15 @@ if test x"$want_gss" = xyes; then
  if test -z "$GSSAPI_INCS"; then
     if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
        GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
        GSSAPI_LIBS=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
     elif test "$GSSAPI_ROOT" != "yes"; then
        GSSAPI_INCS="-I$GSSAPI_ROOT/include"
        GSSAPI_LIBS="-lgssapi"
     fi
  fi
  CPPFLAGS="$CPPFLAGS $GSSAPI_INCS"
  LIBS="$LIBS $GSSAPI_LIBS"
  AC_CHECK_HEADER(gss.h,
    [
@@ -945,19 +983,19 @@ if test x"$want_gss" = xyes; then
      gnu_gss=yes
    ],
    [
-      dnl not found, check Heimdal
+      dnl not found, check MIT
      AC_CHECK_HEADER(gssapi.h,
        [
          dnl found in the given dirs
          AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have the Heimdal gssapi libraries])
        ],
        [
          dnl not found, check in gssapi/ subdir
      AC_CHECK_HEADER(gssapi/gssapi.h,
        [
-              dnl found
+          dnl found in the given dirs
          AC_DEFINE(HAVE_GSSMIT, 1, [if you have the MIT gssapi libraries])
        ],
        [
          dnl not found, check for Heimdal
          AC_CHECK_HEADER(gssapi.h,
            [
              dnl found
              AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have the Heimdal gssapi libraries])
            ],
            [
              dnl no header found, disabling GSS
              want_gss=no
@@ -978,18 +1016,23 @@ if test x"$want_gss" = xyes; then
  if test -n "$gnu_gss"; then
    curl_gss_msg="enabled (GNU GSS)"
-    LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR -lgss"
+    LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
    LIBS="$LIBS -lgss"
  elif test -z "$GSSAPI_LIB_DIR"; then
     if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
-        gss_ldflags=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
+        dnl krb5-config doesn't have --libs-only-L or similar, put everything
-        LDFLAGS="$LDFLAGS $gss_ldflags"
+        dnl into LIBS
        gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
        LIBS="$LIBS $gss_libs"
     elif test "$GSSAPI_ROOT" != "yes"; then
-        LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff -lgssapi"
+        LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
        LIBS="$LIBS -lgssapi"
     else
-        LDFLAGS="$LDFLAGS -lgssapi"
+        LIBS="$LIBS -lgssapi"
     fi
  else
-     LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR -lgssapi"
+     LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
     LIBS="$LIBS -lgssapi"
  fi
 else
  CPPFLAGS="$save_CPPFLAGS"
@@ -1292,6 +1335,7 @@ else
  if test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" != "1"
  then
    AC_MSG_WARN([configure found only the libz lib, not the header file!])
    HAVE_LIBZ=""
  elif test "$HAVE_LIBZ" != "1" && test "$HAVE_ZLIB_H" = "1"
  then
    AC_MSG_WARN([configure found only the libz header file, not the lib!])
@@ -1336,7 +1380,7 @@ if test X"$OPT_LIBSSH2" != Xno; then
  yes)
    dnl --with-libssh2 (without path) used
    PREFIX_LIBSSH2=/usr/local/lib
-    LIB_LIBSSH2="$PREFIX_LIBSSH2/lib$libsuff"
+    LIB_LIBSSH2="$PREFIX_LIBSSH2$libsuff"
    ;;
  off)
    dnl no --with-libssh2 option given, just check default places
@@ -1356,8 +1400,9 @@ if test X"$OPT_LIBSSH2" != Xno; then
  AC_CHECK_HEADERS(libssh2.h,
    curl_ssh_msg="enabled (libSSH2)"
    LIBSSH2_ENABLED=1
-    AC_DEFINE(USE_LIBSSH2, 1, [if libSSH2 is in use]))
+    AC_DEFINE(USE_LIBSSH2, 1, [if libSSH2 is in use])
    AC_SUBST(USE_LIBSSH2, [1])
  )
  if test X"$OPT_LIBSSH2" != Xoff &&
     test "$LIBSSH2_ENABLED" != "1"; then
@@ -1516,7 +1561,7 @@ if test "$OPENSSL_ENABLED" != "1" -a "$GNUTLS_ENABLED" != "1"; then
    dnl Check for functionPK11_CreateGenericObject
    dnl this is needed for using the PEM PKCS#11 module
-    AC_CHECK_LIB(nss3, PK11_CreateGenericObject-d,
+    AC_CHECK_LIB(nss3, PK11_CreateGenericObject,
     [
     AC_DEFINE(HAVE_PK11_CREATEGENERICOBJECT, 1, [if you have the function PK11_CreateGenericObject])
     AC_SUBST(HAVE_PK11_CREATEGENERICOBJECT, [1])
@@ -1566,36 +1611,20 @@ fi dnl OPENSSL != 1 -a GNUTLS_ENABLED != 1
 if test "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED" = "x"; then
  AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.])
  AC_MSG_WARN([Use --with-ssl, --with-gnutls or --with-nss to address this.])
 else
  # SSL is enabled, genericly
  AC_SUBST(SSL_ENABLED)
  SSL_ENABLED="1"
 fi
 dnl **********************************************************************
 dnl Check for the CA bundle
 dnl **********************************************************************
-if test X"$USE_NSS$USE_GNUTLS$OPENSSL_ENABLED" != "X"; then
+CURL_CHECK_CA_BUNDLE
  AC_MSG_CHECKING([CA cert bundle install path])
  AC_ARG_WITH(ca-bundle,
 AC_HELP_STRING([--with-ca-bundle=FILE], [File name to install the CA bundle as])
 AC_HELP_STRING([--without-ca-bundle], [Don't install the CA bundle]),
    [ ca="$withval" ],
    [
      if test "x$prefix" != xNONE; then
        ca="\${prefix}/share/curl/curl-ca-bundle.crt"
      else
        ca="$ac_default_prefix/share/curl/curl-ca-bundle.crt"
      fi
    ] )
    if test "x$ca" != "xno"; then
      CURL_CA_BUNDLE='"'$ca'"'
      AC_SUBST(CURL_CA_BUNDLE)
    fi
    AC_MSG_RESULT([$ca])
 fi dnl only done if some kind of SSL was enabled
 AM_CONDITIONAL(CABUNDLE, test x$ca != xno)
 AM_CONDITIONAL(CAPATH, test x$capath != xno)
 dnl **********************************************************************
 dnl Check for the presence of IDN libraries and headers
@@ -1733,6 +1762,9 @@ if test "x$RECENTAIX" = "xyes"; then
         dnl the optimizer assumes that pointers can only point to
         dnl an object of the same type.
         CFLAGS="$CFLAGS -qnoansialias"
         dnl Force AIX xlc to stop after the compilation phase, and not
         dnl generate object code, when the source compiles with errors.
         CFLAGS="$CFLAGS -qhalt=e"
       )
@@ -1782,7 +1814,7 @@ if test x$cross_compiling != xyes; then
    )
  fi
 else
-  dnl and for crosscompilings
+  dnl and for crosscompiling
  AC_CHECK_FUNCS(gmtime_r)
 fi
@@ -1827,6 +1859,7 @@ AC_CHECK_HEADERS(
        utime.h \
        sys/utime.h \
        sys/poll.h \
        poll.h \
        sys/resource.h \
        libgen.h \
        locale.h \
@@ -1874,6 +1907,7 @@ AC_CHECK_SIZEOF(curl_off_t, ,[
 AC_CHECK_SIZEOF(size_t)
 AC_CHECK_SIZEOF(long)
 AC_CHECK_SIZEOF(time_t)
 AC_CHECK_SIZEOF(off_t)
 AC_CHECK_TYPE(long long,
   [AC_DEFINE(HAVE_LONGLONG, 1, [if your compiler supports long long])]
@@ -1962,6 +1996,7 @@ AC_CHECK_FUNCS( strtoll \
                strlcat \
                getpwuid \
                geteuid \
                getppid \
                utime \
                sigsetjmp \
                basename \
@@ -2088,6 +2123,8 @@ if test "$disable_poll" = "no"; then
    AC_RUN_IFELSE([
 #ifdef HAVE_SYS_POLL_H
 #include <sys/poll.h>
 #elif defined(HAVE_POLL_H)
 #include <poll.h>
 #endif
  int main(void)
@@ -2458,7 +2495,8 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
  Built-in manual: ${curl_manual_msg}
  Verbose errors:  ${curl_verbose_msg}
  SSPI support:    ${curl_sspi_msg}
-  ca cert path:    ${ca}
+  ca cert bundle:  ${ca}
  ca cert path:    ${capath}
  LDAP support:    ${curl_ldap_msg}
  LDAPS support:   ${curl_ldaps_msg}
 ])
--- a/curl-config.in
+++ b/curl-config.in
@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 2001 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 2001 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -83,7 +83,7 @@ while test $# -gt 0; do
 	if test "@USE_SSLEAY@" = "1"; then
          echo "SSL"
          NTLM=1 # OpenSSL implies NTLM
-        elif test -n "@USE_GNUTLS@"; then
+        elif test -n "@SSL_ENABLED@"; then
          echo "SSL"
        fi
 	if test "@KRB4_ENABLED@" = "1"; then
@@ -113,13 +113,13 @@ while test $# -gt 0; do
    --protocols)
 	if test "@CURL_DISABLE_HTTP@" != "1"; then
          echo "HTTP"
-	  if test "@USE_SSLEAY@" = "1"; then
+	  if test "@SSL_ENABLED@" = "1"; then
            echo "HTTPS"
          fi
        fi
 	if test "@CURL_DISABLE_FTP@" != "1"; then
          echo "FTP"
-	  if test "@USE_SSLEAY@" = "1"; then
+	  if test "@SSL_ENABLED@" = "1"; then
            echo "FTPS"
          fi
        fi
@@ -189,7 +189,7 @@ while test $# -gt 0; do
       	;;
    --libs)
-	if test "X@libdir@" != "X/usr/lib"; then
+	if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
 	   CURLLIBDIR="-L@libdir@ "
 	else
 	   CURLLIBDIR=""
--- a/docs/BINDINGS
+++ b/docs/BINDINGS
@@ -72,7 +72,7 @@ glib/GTK+
 Java
-  Maintained by Vic Hanson
+  Maintained by [blank]
  http://curl.haxx.se/libcurl/java/
 Lisp
@@ -143,11 +143,20 @@ Rexx
  Written Mark Hessling
  http://rexxcurl.sourceforge.net/
 RPG
  Support for ILE/RPG on OS/400 is included in source distribution
  http://curl.haxx.se/libcurl/
  See packages/OS400/README.OS400 and packages/OS400/curl.inc.in
 Ruby
-  Written by Ross Bamford
+  curb - written by Ross Bamford
  http://curb.rubyforge.org/
  ruby-curl-multi - written by Kristjan Petursson and Keith Rarick
  http://curl-multi.rubyforge.org/
 Scheme
  Bigloo binding by Kirill Lisovsky
--- a/docs/CONTRIBUTE
+++ b/docs/CONTRIBUTE
@@ -102,6 +102,8 @@
 using spaces only (no tabs) and having the opening brace ({) on the same line
 as the if() or while().
 Also note that we use if() and while() with no space before the parenthesis.
 2.3 Commenting
 Comment your source code extensively using C comments (/* comment */), DO NOT
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -1,4 +1,4 @@
-Updated: July 30, 2007 (http://curl.haxx.se/docs/faq.html)
+Updated: Feb 18, 2008 (http://curl.haxx.se/docs/faq.html)
                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
@@ -18,6 +18,7 @@ FAQ
  1.8 I have a problem who do I mail?
  1.9 Where do I buy commercial support for curl?
  1.10 How many are using curl?
  1.11 Why don't you update ca-bundle.crt
 2. Install Related Problems
  2.1 configure doesn't find OpenSSL even when it is installed
@@ -83,6 +84,7 @@ FAQ
  5.10 How do I prevent libcurl from writing the response to stdout?
  5.11 How do I make libcurl not receive the whole HTTP response?
  5.12 Can I make libcurl fake or hide my real IP address?
  5.13 How do I stop an ongoing transfer?
 6. License Issues
  6.1 I have a GPL program, can I use the libcurl library?
@@ -214,8 +216,7 @@ FAQ
  improvements and have them inserted in the main sources (of course on the
  condition that developers agree on that the fixes are good).
-  The full list of the more than 530 contributors is found in the docs/THANKS
+  The full list of all contributors is found in the docs/THANKS file.
  file.
  curl is developed by a community, with Daniel at the wheel.
@@ -296,7 +297,7 @@ FAQ
  as used by numerous applications that include libcurl binaries in their
  distribution packages (like Adobe Acrobat Reader and Google Earth).
-  More than 70 known named companies use curl in commercial environments and
+  More than 80 known named companies use curl in commercial environments and
  products. More than 100 known named open source projects depend on
  (lib)curl.
@@ -317,6 +318,29 @@ FAQ
  http://counter.li.org/estimates.php
  http://news.netcraft.com/archives/2005/03/14/fedora_makes_rapid_progress.html
  1.11 Why don't you update ca-bundle.crt
  The ca-bundle.crt file that used to be bundled with curl was very outdated
  (it being last modified year 2000 should tell) and must be replaced with a
  much more modern and up-to-date version by anyone who wants to verify peers
  anyway. It is no longer provided, the last curl release that shipped it was
  curl 7.18.0.
  In the cURL project we've decided not to attempt to keep this file updated
  (or even present anymore) since deciding what to add to a ca cert bundle is
  an undertaking we've not been ready to accept, and the one we can get from
  Mozilla is perfectly fine so there's no need to duplicate that work.
  Today, with many services performed over HTTPS, every operating system
  should come with a default ca cert bundle that can be deemed somewhat
  trustworthy and that collection (if reasonably updated) should be deemed to
  be a lot better than a private curl version.
  If you want the most recent collection of ca certs that Mozilla Firefox
  uses, we recommend that you extract the collection yourself from Mozilla
  Firefox (by running 'make ca-bundle), or by using our online service setup
  for this purpose: http://curl.haxx.se/docs/caextract.html
 2. Install Related Problems
@@ -1033,6 +1057,18 @@ FAQ
  that makes you see and use a different IP address locally than what the
  remote server will see you coming from.
  5.13 How do I stop an ongoing transfer?
  There are several ways, but none of them are instant. There is no function
  you can call from another thread or similar that will stop it immediately.
  Instead you need to make sure that one of the callbacks you use return an
  appropriate value that will stop the transfer.
  Suitable callbacks that you can do this with include the progress callback,
  the read callback and the write callback.
  If you're using the multi interface, you also stop a transfer by removing
  the particular easy handle from the multi stack.
 6. License Issues
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -188,7 +188,7 @@ Win32
   environment variables, for example:
     set ZLIB_PATH=c:\zlib-1.2.3
-     set OPENSSL_PATH=c:\openssl-0.9.8e
+     set OPENSSL_PATH=c:\openssl-0.9.8g
     set LIBSSH2_PATH=c:\libssh2-0.17
   ATTENTION: if you want to build with libssh2 support you have to use latest
@@ -257,7 +257,7 @@ Win32
   Before running nmake define the OPENSSL_PATH environment variable with
   the root/base directory of OpenSSL, for example:
-     set OPENSSL_PATH=c:\openssl-0.9.8e
+     set OPENSSL_PATH=c:\openssl-0.9.8g
   Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root
   directory.  'nmake vc-ssl' will create a libcurl static and dynamic
@@ -521,7 +521,7 @@ NetWare
     http://www.gknw.net/development/ossl/netware/
     for CLIB-based builds OpenSSL needs to be patched to build with BSD
     sockets (currently only a winsock-based CLIB build is supported):
-     http://www.gknw.net/development/ossl/netware/patches/v_0.9.8e/openssl-0.9.8e.diff
+     http://www.gknw.net/development/ossl/netware/patches/v_0.9.8g/openssl-0.9.8g.diff
   - optional SSH2 sources (version 0.17 or later);
   Set a search path to your compiler, linker and tools; on Linux make
@@ -808,10 +808,12 @@ PORTS
        - ia64 Linux 2.3.99
        - m68k AmigaOS 3
        - m68k Linux
        - m68k uClinux
        - m68k OpenBSD
        - m88k dg-dgux5.4R3.00
        - s390 Linux
        - XScale/PXA250 Linux 2.4
        - Nios II uClinux
 Useful URLs
 ===========
--- a/docs/INTERNALS
+++ b/docs/INTERNALS
@@ -97,7 +97,9 @@ Library
   ... analyzes the URL, it separates the different components and connects to
   the remote host. This may involve using a proxy and/or using SSL. The
-   Curl_gethost() function in lib/hostip.c is used for looking up host names.
+   Curl_resolv() function in lib/hostip.c is used for looking up host names
   (it does then use the proper underlying method, which may vary between
   platforms and builds).
   When Curl_connect is done, we are connected to the remote site. Then it is
   time to tell the server to get a document/file. Curl_do() arranges this.
@@ -122,17 +124,20 @@ Library
   Curl_Transfer() function (in lib/transfer.c) to setup the transfer and
   returns.
-   Starting in 7.9.1, if this DO function fails and the connection is being
+   If this DO function fails and the connection is being re-used, libcurl will
-   re-used, libcurl will then close this connection, setup a new connection
+   then close this connection, setup a new connection and re-issue the DO
-   and re-issue the DO request on that. This is because there is no way to be
+   request on that. This is because there is no way to be perfectly sure that
-   perfectly sure that we have discovered a dead connection before the DO
+   we have discovered a dead connection before the DO function and thus we
-   function and thus we might wrongly be re-using a connection that was closed
+   might wrongly be re-using a connection that was closed by the remote peer.
-   by the remote peer.
+
   Some time during the DO function, the Curl_setup_transfer() function must
   be called with some basic info about the upcoming transfer: what socket(s)
   to read/write and the expected file tranfer sizes (if known).
 o Transfer()
-   Curl_perform() then calls Transfer() in lib/transfer.c that performs
+   Curl_perform() then calls Transfer() in lib/transfer.c that performs the
-   the entire file transfer.
+   entire file transfer.
   During transfer, the progress functions in lib/progress.c are called at a
   frequent interval (or at the user's choice, a specified callback might get
@@ -236,9 +241,8 @@ Library
 URL encoding and decoding, called escaping and unescaping in the source code,
 is found in lib/escape.c.
- While transfering data in Transfer() a few functions might get
+ While transfering data in Transfer() a few functions might get used.
- used. curl_getdate() in lib/getdate.c is for HTTP date comparisons (and
+ curl_getdate() in lib/parsedate.c is for HTTP date comparisons (and more).
 more).
 lib/getenv.c offers curl_getenv() which is for reading environment variables
 in a neat platform independent way. That's used in the client, but also in
@@ -254,10 +258,6 @@ Library
 A function named curl_version() that returns the full curl version string is
 found in lib/version.c.
 If authentication is requested but no password is given, a getpass_r() clone
 exists in lib/getpass.c. libcurl offers a custom callback that can be used
 instead of this, but it doesn't change much to us.
 Persistent Connections
 ======================
@@ -269,9 +269,11 @@ Persistent Connections
   all the options etc that the library-user may choose.
 o The 'SessionHandle' struct holds the "connection cache" (an array of
   pointers to 'connectdata' structs). There's one connectdata struct
-   allocated for each connection that libcurl knows about.
+   allocated for each connection that libcurl knows about. Note that when you
- o This also enables the 'curl handle' to be reused on subsequent transfers,
+   use the multi interface, the multi handle will hold the connection cache
-   something that was illegal before libcurl 7.7.
+   and not the particular easy handle. This of course to allow all easy handles
   in a multi stack to be able to share and re-use connections.
 o This enables the 'curl handle' to be reused on subsequent transfers.
 o When we are about to perform a transfer with curl_easy_perform(), we first
   check for an already existing connection in the cache that we can use,
   otherwise we create a new one and add to the cache. If the cache is full
@@ -281,11 +283,46 @@ Persistent Connections
 o When the transfer operation is complete, we try to leave the connection
   open. Particular options may tell us not to, and protocols may signal
   closure on connections and then we don't keep it open of course.
- o When curl_easy_cleanup() is called, we close all still opened connections.
+ o When curl_easy_cleanup() is called, we close all still opened connections,
   unless of course the multi interface "owns" the connections.
 You do realize that the curl handle must be re-used in order for the
 persistent connections to work.
 multi interface/non-blocking
 ============================
 We make an effort to provide a non-blocking interface to the library, the
 multi interface. To make that interface work as good as possible, no
 low-level functions within libcurl must be written to work in a blocking
 manner.
 One of the primary reasons we introduced c-ares support was to allow the name
 resolve phase to be perfectly non-blocking as well.
 The ultimate goal is to provide the easy interface simply by wrapping the
 multi interface functions and thus treat everything internally as the multi
 interface is the single interface we have.
 The FTP and the SFTP/SCP protocols are thus perfect examples of how we adapt
 and adjust the code to allow non-blocking operations even on multi-stage
 protocols. The DICT, TELNET and TFTP are crappy examples and they are subject
 for rewrite in the future to better fit the libcurl protocol family.
 SSL libraries
 =============
 Originally libcurl supported SSLeay for SSL/TLS transports, but that was then
 extended to its successor OpenSSL but has since also been extended to several
 other SSL/TLS libraries and we expect and hope to further extend the support
 in future libcurl versions.
 To deal with this internally in the best way possible, we have a generic SSL
 function API as provided by the sslgen.[ch] system, and they are the only SSL
 functions we must use from within libcurl. sslgen is then crafted to use the
 appropriate lower-level function calls to whatever SSL library that is in
 use.
 Library Symbols
 ===============
@@ -309,6 +346,13 @@ Return Codes and Informationals
 them. They are best used when revealing information that isn't otherwise
 obvious.
 API/ABI
 =======
 We make an effort to not export or show internals or how internals work, as
 that makes it easier to keep a solid API/ABI over time. See docs/libcurl/ABI
 for our promise to users.
 Client
 ======
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,6 +3,17 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!
 52. Gautam Kachroo's issue that identifies a problem with the multi interface
  where a connection can be re-used without actually being properly
  SSL-negoatiated:
  http://curl.haxx.se/mail/lib-2008-01/0277.html
 49. If using --retry and the transfer timeouts (possibly due to using -m or
  -y/-Y) the next attempt doesn't resume the transfer properly from what was
  downloaded in the previous attempt but will truncate and restart at the
  original position where it was at before the previous failed attempt. See
  http://curl.haxx.se/mail/lib-2008-01/0080.html
 48. If a CONNECT response-headers are larger than BUFSIZE (16KB) when the
  connection is meant to be kept alive (like for NTLM proxy auth), the
  function will return prematurely and will confuse the rest of the HTTP
@@ -43,23 +54,9 @@ may have been fixed since this was written!
  Also see #12. According to bug #1556528, even the SOCKS5 connect code does
  not do it right: http://curl.haxx.se/bug/view.cgi?id=1556528,
 33. Doing multi-pass HTTP authentication on a non-default port does not work.
  This happens because the multi-pass code abuses the redirect following code
  for doing multiple requests, and when we following redirects to an absolute
  URL we must use the newly specified port and not the one specified in the
  original URL. A proper fix to this would need to separate the negotiation
  "redirect" from an actual redirect.
 32. (At least on Windows) If libcurl is built with c-ares and there's no DNS
  server configured in the system, the ares_init() call fails and thus
  curl_easy_init() fails as well. This causes weird effects for people who use
  numerical IP addresses only.
 31. "curl-config --libs" will include details set in LDFLAGS when configure is
-  run that might be needed only for building libcurl. Similarly, it might
+  run that might be needed only for building libcurl. Further, curl-config
-  include options that perhaps aren't suitable both for static and dynamic
+  --cflags suffers from the same effects with CFLAGS/CPPFLAGS.
  linking. Further, curl-config --cflags suffers from the same effects with
  CFLAGS/CPPFLAGS.
 30. You need to use -g to the command line tool in order to use RFC2732-style
  IPv6 numerical addresses in URLs.
--- a/docs/SSLCERTS
+++ b/docs/SSLCERTS
@@ -1,21 +1,25 @@
                      Peer SSL Certificate Verification
                      =================================
-libcurl performs peer SSL certificate verification by default. This is done by
+libcurl performs peer SSL certificate verification by default.  This is done
-installing a default CA cert bundle on 'make install' (or similar), that CA
+by using CA cert bundle that the SSL library can use to make sure the peer's
-bundle package is used by default on operations against SSL servers.
+server certificate is valid.
 If you communicate with HTTPS or FTPS servers using certificates that are
 signed by CAs present in the bundle, you can be sure that the remote server
 really is the one it claims to be.
-If the remote server uses a self-signed certificate, if you don't install
+Until 7.18.0, curl bundled a severely outdated ca bundle file that was
-curl's CA cert bundle, if the server uses a certificate signed by a CA that
+installed by default. These days, the curl archives include no ca certs at
-isn't included in the bundle or if the remote host is an impostor
+all. You need to get them elsewhere. See below for example.
 If the remote server uses a self-signed certificate, if you don't install a CA
 cert bundle, if the server uses a certificate signed by a CA that isn't
 included in the bundle you use or if the remote host is an impostor
 impersonating your favorite site, and you want to transfer files from this
 server, do one of the following:
- 1. Tell libcurl to *not* verify the peer. With libcurl you disable with with
+ 1. Tell libcurl to *not* verify the peer. With libcurl you disable this with
    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
    With the curl command line tool, you disable this with -k/--insecure.
@@ -27,10 +31,8 @@ server, do one of the following:
    With the curl command line tool: --cacert [file]
 3. Add the CA cert for your server to the existing default CA cert bundle.
-    The default path of the CA bundle installed with the curl package is:
+    The default path of the CA bundle used can be changed by running configure
-    /usr/local/share/curl/curl-ca-bundle.crt, which can be changed by running
+    with the --with-ca-bundle option pointing out the path of your choice.
    configure with the --with-ca-bundle option pointing out the path of your
    choice.
    To do this, you need to get the CA cert for your server in PEM format and
    then append that to your CA cert bundle.
@@ -48,8 +50,6 @@ server, do one of the following:
     o Append the 'outcert.pem' to the CA cert bundle or use it stand-alone
       as described below.
     (Thanks to Frankie V for this description)
    If you use the 'openssl' tool, this is one way to get extract the CA cert
    for a particular server:
@@ -64,8 +64,6 @@ server, do one of the following:
       cert_bundle or use it stand-alone as described. Just remember that the
       security is no better than the way you obtained the certificate.
     (Thanks to Doug Kaufman for this description)
 4. If you're using the curl command line tool, you can specify your own CA
    cert path by setting the environment variable CURL_CA_BUNDLE to the path
    of your choice.
@@ -80,8 +78,9 @@ server, do one of the following:
      5. all directories along %PATH%
 5. Get a better/different/newer CA cert bundle! One option is to extract the
-    one a recent Mozilla browser uses, by following the instruction found
+    one a recent Mozilla browser uses by running 'make ca-bundle' in the curl
-    here:
+    build tree root, or possibly download a version that was generated this
    way for you:
        http://curl.haxx.se/docs/caextract.html
--- a/docs/THANKS
+++ b/docs/THANKS
@@ -12,6 +12,8 @@ Albert Chin-A-Young
 Albert Choy
 Ale Vesely
 Aleksandar Milivojevic
 Alessandro Vesely
 Alex Fishman
 Alex Neblett
 Alex Suykov
 Alex aka WindEagle
@@ -19,6 +21,7 @@ Alexander Kourakos
 Alexander Krasnostavsky
 Alexander Lazic
 Alexander Zhuravlev
 Alexey Pesternikov
 Alexey Simak
 Alexis Carvalho
 Allen Pulsifer
@@ -36,6 +39,7 @@ Andrew Biggs
 Andrew Bushnell
 Andrew Francis
 Andrew Fuller
 Andrew Moise
 Andrew Wansink
 Andr<EFBFBD>s Garc<72>a
 Andy Cedilnik
@@ -103,6 +107,7 @@ Dan Torop
 Dan Zitter
 Daniel Black
 Daniel Cater
 Daniel Egger
 Daniel Johnson
 Daniel Stenberg
 Daniel at touchtunes
@@ -128,6 +133,7 @@ David Phillips
 David Shaw
 David Tarendash
 David Thiel
 David Wright
 David Yan
 Detlef Schmier
 Diego Casorran
@@ -138,6 +144,7 @@ Dirk Eddelbuettel
 Dirk Manske
 Dmitriy Sergeyev
 Dmitry Bartsevich
 Dmitry Kurochkin
 Dmitry Rechkin
 Dolbneff A.V
 Domenico Andreoli
@@ -155,10 +162,12 @@ Dylan Salisbury
 Early Ehlinger
 Edin Kadribasic
 Ellis Pritchard
 Emil Romanus
 Emiliano Ida
 Enrico Scholz
 Enrik Berkhan
 Eric Cooper
 Eric Landes
 Eric Lavigne
 Eric Melville
 Eric Rautman
@@ -183,11 +192,13 @@ Frank Ticheler
 Fred New
 Fred Noz
 Frederic Lepied
 Gary Maxwell
 Gautam Mani
 Gavrie Philipson
 Gaz Iqbal
 Georg Horn
 Georg Huettenegger
 Georg Lippitsch
 Georg Wicherski
 Gerd v. Egidy
 Gerhard Herre
@@ -196,6 +207,7 @@ Giancarlo Formicuccia
 Giaslas Georgios
 Gilad
 Gilbert Ramirez Jr.
 Gilles Blanc
 Gisle Vanem
 Giuseppe Attardi
 Giuseppe D'Ambrosio
@@ -226,9 +238,11 @@ Ian Gulliver
 Ian Turner
 Ian Wilkes
 Ignacio Vazquez-Abrams
 Igor Franchuk
 Igor Polyakov
 Ilguiz Latypov
 Ilja van Sprundel
 Immanuel Gregoire
 Ingmar Runge
 Ingo Ralf Blum
 Ingo Wilken
@@ -256,6 +270,7 @@ Jean-Claude Chauve
 Jean-Louis Lemaire
 Jean-Marc Ranger
 Jean-Philippe Barrette-LaPierre
 Jeff Johnson
 Jeff Lawson
 Jeff Phillips
 Jeff Pohlmeyer
@@ -265,6 +280,7 @@ Jesper Jensen
 Jesse Noller
 Jim Drash
 Joe Halpin
 Joe Malicki
 Joel Chen
 Jofell Gallardo
 Johan Anderson
@@ -274,6 +290,7 @@ John Janssen
 John Kelly
 John Lask
 John McGowan
 Johnny Luong
 Jon Grubbs
 Jon Travis
 Jon Turner
@@ -285,6 +302,7 @@ Jose Kahan
 Josh Kapell
 Juan F. Codagnone
 Juan Ignacio Herv<72>s
 Judson Bishop
 Juergen Wilke
 Jukka Pihl
 Julian Noble
@@ -307,7 +325,9 @@ Ken Rastatter
 Kent Boortz
 Kevin Fisk
 Kevin Lussier
 Kevin Reed
 Kevin Roth
 Kim Rinnewitz
 Kimmo Kinnunen
 Kjell Ericson
 Kjetil Jacobsen
@@ -324,6 +344,7 @@ Lars Gustafsson
 Lars J. Aas
 Lars Nilsson
 Lars Torben Wilson
 Lau Hang Kin
 Legoff Vincent
 Lehel Bernadt
 Len Krause
@@ -348,6 +369,7 @@ Marco G. Salvagno
 Marcus Webster
 Mario Schroeder
 Mark Butler
 Mark Davies
 Mark Eichin
 Mark Lentczner
 Markus Koetter
@@ -360,6 +382,7 @@ Martin Skinner
 Marty Kuhrt
 Maruko
 Massimiliano Ziccardi
 Mateusz Loskot
 Mathias Axelsson
 Mats Lidell
 Matt Kraai
@@ -368,6 +391,8 @@ Matt Witherspoon
 Matthew Blain
 Matthew Clarke
 Maurice Barnum
 Max Katsev
 Maxim Perenesenko
 Mekonikum
 Mettgut Jamalla
 Michael Benedict
@@ -389,6 +414,7 @@ Mitz Wark
 Mohamed Lrhazi
 Mohun Biswas
 Moonesamy
 Nathan Coulter
 Nathan O'Sullivan
 Nathanael Nerode
 Naveen Noel
@@ -404,6 +430,7 @@ Nicolas Croiset
 Nicolas Fran<61>ois
 Niels van Tongeren
 Nikita Schmidt
 Nikitinskit Dmitriy
 Nir Soffer
 Nis Jorgensen
 Nodak Sodak
@@ -440,6 +467,7 @@ Peter Wullinger
 Peteris Krumins
 Phil Karn
 Philip Gladstone
 Philip Langdale
 Philippe Hameau
 Philippe Raoult
 Philippe Vaucher
@@ -453,6 +481,7 @@ Ralph Mitchell
 Ramana Mokkapati
 Randy McMurchy
 Ravi Pratap
 Ray Pekowski
 Reinout van Schouwen
 Renaud Chaillat
 Renaud Duhaut
@@ -479,6 +508,7 @@ Robert Foreman
 Robert Iakobashvili
 Robert Olson
 Robert Weaver
 Robin Johnson
 Robin Kay
 Robson Braga Araujo
 Rodney Simmons
@@ -514,6 +544,7 @@ Simon Josefsson
 Simon Liu
 Song Ma
 Sonia Subramanian
 Spacen Jasset
 Spiridonoff A.V
 Stadler Stephan
 Stefan Esser
@@ -571,10 +602,12 @@ Ulf H
 Ulrich Zadow
 Venkat Akella
 Victor Snezhko
 Vikram Saxena
 Vilmos Nebehaj
 Vincent Bronner
 Vincent Penquerc'h
 Vincent Sanders
 Vladimir Lazarenko
 Vojtech Janota
 Vojtech Minarik
 Walter J. Mack
--- a/docs/TODO
+++ b/docs/TODO
@@ -4,257 +4,445 @@
                            | (__| |_| |  _ <| |___ 
                             \___|\___/|_| \_\_____|
-TODO
+                Things that could be nice to do in the future
 Things to do in project cURL. Please tell us what you think, contribute and
- send us patches that improve things! Also check the http://curl.haxx.se/dev
+ send us patches that improve things!
 web section for various technical development notes.
 All bugs documented in the KNOWN_BUGS document are subject for fixing!
- LIBCURL
+ 1. libcurl
 1.1 Zero-copy interface
 1.2 More data sharing
 1.3 struct lifreq
 1.4 Get IP address
 1.5 c-ares ipv6
 1.6 configure-based info in public headers
- * Introduce another callback interface for upload/download that makes one
+ 2. libcurl - multi interface
-   less copy of data and thus a faster operation.
+ 2.1 More non-blocking
 2.2 Pause transfers
 2.3 Remove easy interface internally
 2.4 Avoid having to remove/readd handles
 3. Documentation
 3.1  More and better
 4. FTP
 4.1 PRET
 4.2 Alter passive/active on failure and retry
 4.3 Earlier bad letter detection
 4.4 REST for large files
 4.5 FTP proxy support
 4.6 PORT port range
 4.7 ASCII support
 5. HTTP
 5.1 Other HTTP versions with CONNECT
 5.2 Better persistancy for HTTP 1.0
 5.3 support FF3 sqlite cookie files
 6. TELNET
 6.1 ditch stdin
 6.2 ditch telnet-specific select
 7. SSL
 7.1 Disable specific versions
 7.2 Provide mytex locking API
 7.3 dumpcert
 7.4 Evaluate SSL patches
 7.5 Cache OpenSSL contexts
 7.6 Export session ids
 7.7 Provide callback for cert verfication
 7.8 Support other SSL libraries
 7.9  Support SRP on the TLS layer
 7.10 improve configure --with-ssl
 8. GnuTLS
 8.1 Make NTLM work without OpenSSL functions
 8.2 SSl engine stuff
 8.3 SRP
 8.4 non-blocking
 8.5 check connection
 9. LDAP
 9.1 ditch ldap-specific select
 10. New protocols
 10.1 RTSP
 10.2 RSYNC
 10.3 RTMP
 11. Client
 11.1 Content-Disposition
 11.2 sync
 11.3 glob posts
 11.4 prevent file overwriting
 11.5 ftp wildcard download
 11.6 simultaneous parallel transfers
 11.7 provide formpost headers
 11.8 url-specific options
 12. Build
 12.1 roffit
 13. Test suite
 13.1 SSL tunnel
 13.2 nicer lacking perl message
 13.3 more protocols supported
 13.4 more platforms supported
 14. Next SONAME bump
 14.1 http-style HEAD output for ftp
 14.2 combine error codes
 14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
 15. Next major release
 15.1 cleanup return codes
 15.2 remove obsolete defines
 15.3 size_t
 15.4 remove several functions
 15.5 remove CURLOPT_FAILONERROR
 15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
 ==============================================================================
 1. libcurl
 1.1 Zero-copy interface
 Introdue another callback interface for upload/download that makes one less
 copy of data and thus a faster operation.
 [http://curl.haxx.se/dev/no_copy_callbacks.txt]
- * More data sharing. curl_share_* functions already exist and work, and they
+1.2 More data sharing
   can be extended to share more. For example, enable sharing of the ares
   channel and the connection cache.
- * Introduce a new error code indicating authentication problems (for proxy
+ curl_share_* functions already exist and work, and they can be extended to
-   CONNECT error 407 for example). This cannot be an error code, we must not
+ share more. For example, enable sharing of the ares channel and the
-   return informational stuff as errors, consider a new info returned by
+ connection cache.
   curl_easy_getinfo() http://curl.haxx.se/bug/view.cgi?id=845941
- * Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
+1.3 struct lifreq
 Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
 SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
-   To support ipv6 interface addresses properly.
+ To support ipv6 interface addresses for network interfaces properly.
- * Add the following to curl_easy_getinfo(): GET_HTTP_IP, GET_FTP_IP and
+1.4 Get IP address
   GET_FTP_DATA_IP. Return a string with the used IP. Suggested by Alan.
- * Add option that changes the interval in which the progress callback is
+ Add the following to curl_easy_getinfo(): GET_HTTP_IP, GET_FTP_IP and
-   called at most.
+ GET_FTP_DATA_IP. Return a string with the used IP.
- * Make libcurl built with c-ares use c-ares' IPv6 abilities. They weren't
+1.5 c-ares ipv6
 Make libcurl built with c-ares use c-ares' IPv6 abilities. They weren't
 present when we first added c-ares support but they have been added since!
 When this is done and works, we can actually start considering making c-ares
 powered libcurl the default build (which of course would require that we'd
 bundle the c-ares source code in the libcurl source code releases).
- * Make the curl/*.h headers include the proper system includes based on what
+1.6 configure-based info in public headers
   was present at the time when configure was run. Currently, the sys/select.h
   header is for example included by curl/multi.h only on specific platforms
   we know MUST have it. This is error-prone. We therefore want the header
   files to adapt to configure results. Those results must be stored in a new
   header and they must use a curl name space, i.e not be HAVE_* prefix (as
   that would risk collide with other apps that use libcurl and that runs
   configure).
-   Work on this has been started but hasn't been finished, and the initial
+ Make the public headers include the proper system includes based on what was
-   patch and some details are found here:
+ present at the time when configure was run. Currently, the sys/select.h
 header is for example included by curl/multi.h only on specific platforms we
 know MUST have it. This is error-prone. We therefore want the header files to
 adapt to configure results. Those results must be stored in a new header and
 they must use a curl name space, i.e not be HAVE_* prefix (as that would risk
 collide with other apps that use libcurl and that runs configure).
 Work on this has been started but hasn't been finished, and the initial patch
 and some details are found here:
 http://curl.haxx.se/mail/lib-2006-12/0084.html
- LIBCURL - multi interface
+ The remaining problems to solve involve the platforms that can't run
 configure.
- * Make sure we don't ever loop because of non-blocking sockets return
+2. libcurl - multi interface
 2.1 More non-blocking
 Make sure we don't ever loop because of non-blocking sockets return
 EWOULDBLOCK or similar. The GnuTLS connection etc.
- * Make transfers treated more carefully. We need a way to tell libcurl we
+2.2 Pause transfers
   have data to write, as the current system expects us to upload data each
   time the socket is writable and there is no way to say that we want to
   upload data soon just not right now, without that aborting the upload. The
   opposite situation should be possible as well, that we tell libcurl we're
   ready to accept read data. Today libcurl feeds the data as soon as it is
   available for reading, no matter what.
- * Make curl_easy_perform() a wrapper-function that simply creates a multi
+ Make transfers treated more carefully. We need a way to tell libcurl we have
 data to write, as the current system expects us to upload data each time the
 socket is writable and there is no way to say that we want to upload data
 soon just not right now, without that aborting the upload. The opposite
 situation should be possible as well, that we tell libcurl we're ready to
 accept read data. Today libcurl feeds the data as soon as it is available for
 reading, no matter what.
 2.3 Remove easy interface internally
 Make curl_easy_perform() a wrapper-function that simply creates a multi
 handle, adds the easy handle to it, runs curl_multi_perform() until the
 transfer is done, then detach the easy handle, destroy the multi handle and
 return the easy handle's return code. This will thus make everything
 internally use and assume the multi interface. The select()-loop should use
 curl_multi_socket().
- * curl_multi_handle_control() - this can control the easy handle (while)
+2.4 Avoid having to remove/readd handles
-   added to a multi handle in various ways:
+
 curl_multi_handle_control() - this can control the easy handle (while) added
 to a multi handle in various ways:
 o RESTART, unconditionally restart this easy handle's transfer from the
   start, re-init the state
 o RESTART_COMPLETED, restart this easy handle's transfer but only if the
   existing transfer has already completed and it is in a "finished state".
 o STOP, just stop this transfer and consider it completed
 o PAUSE?
 o RESUME?
- DOCUMENTATION
+3. Documentation
- * More and better
+3.1  More and better
- FTP
+ Exactly
- * PRET is a command that primarily "drftpd" supports, which could be useful
+4. FTP
 4.1 PRET
 PRET is a command that primarily "drftpd" supports, which could be useful
 when using libcurl against such a server. It is a non-standard and a rather
 oddly designed command, but...
 http://curl.haxx.se/bug/feature.cgi?id=1729967
- * When trying to connect passively to a server which only supports active
+4.2 Alter passive/active on failure and retry
 When trying to connect passively to a server which only supports active
 connections, libcurl returns CURLE_FTP_WEIRD_PASV_REPLY and closes the
 connection. There could be a way to fallback to an active connection (and
 vice versa). http://curl.haxx.se/bug/feature.cgi?id=1754793
- * Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in
+4.3 Earlier bad letter detection
   the process to avoid doing a resolve and connect in vain.
- * REST fix for servers not behaving well on >2GB requests. This should fail
+ Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in the
-   if the server doesn't set the pointer to the requested index. The tricky
+ process to avoid doing a resolve and connect in vain.
   (impossible?) part is to figure out if the server did the right thing or
   not.
- * Support the most common FTP proxies, Philip Newton provided a list
+4.4 REST for large files
   allegedly from ncftp:
   http://curl.haxx.se/mail/archive-2003-04/0126.html
- * Make CURLOPT_FTPPORT support an additional port number on the IP/if/name,
+ REST fix for servers not behaving well on >2GB requests. This should fail if
 the server doesn't set the pointer to the requested index. The tricky
 (impossible?) part is to figure out if the server did the right thing or not.
 4.5 FTP proxy support
 Support the most common FTP proxies, Philip Newton provided a list allegedly
 from ncftp. This is not a subject without debate, and is probably not really
 suitable for libcurl.  http://curl.haxx.se/mail/archive-2003-04/0126.html
 4.6 PORT port range
 Make CURLOPT_FTPPORT support an additional port number on the IP/if/name,
 like "blabla:[port]" or possibly even "blabla:[portfirst]-[portsecond]".
 http://curl.haxx.se/bug/feature.cgi?id=1505166
- * FTP ASCII transfers do not follow RFC959. They don't convert the data
+4.7 ASCII support
 FTP ASCII transfers do not follow RFC959. They don't convert the data
 accordingly.
- * Since USERPWD always override the user and password specified in URLs, we
+5. HTTP
   might need another way to specify user+password for anonymous ftp logins.
- * The FTP code should get a way of returning errors that is known to still
+5.1 Other HTTP versions with CONNECT
   have the control connection alive and sound. Currently, a returned error
   from within ftp-functions does not tell if the control connection is still
   OK to use or not. This causes libcurl to fail to re-use connections
   slightly too often.
- HTTP
+ When doing CONNECT to a HTTP proxy, libcurl always uses HTTP/1.0. This has
 never been reported as causing trouble to anyone, but should be considered to
 use the HTTP version the user has chosen.
- * When doing CONNECT to a HTTP proxy, libcurl always uses HTTP/1.0. This has
+5.2 Better persistancy for HTTP 1.0
   never been reported as causing trouble to anyone, but should be considered
   to use the HTTP version the user has chosen.
- * "Better" support for persistent connections over HTTP 1.0
+ "Better" support for persistent connections over HTTP 1.0
 http://curl.haxx.se/bug/feature.cgi?id=1089001
- TELNET
+5.3 support FF3 sqlite cookie files
- * Reading input (to send to the remote server) on stdin is a crappy solution
+ Firefox 3 is changing from its former format to a a sqlite database instead.
-   for library purposes. We need to invent a good way for the application to
+ We should consider how (lib)curl can/should support this.
-   be able to provide the data to send.
+ http://curl.haxx.se/bug/feature.cgi?id=1871388
- * Move the telnet support's network select() loop go away and merge the code
+6. TELNET
 6.1 ditch stdin
 Reading input (to send to the remote server) on stdin is a crappy solution for
 library purposes. We need to invent a good way for the application to be able
 to provide the data to send.
 6.2 ditch telnet-specific select
 Move the telnet support's network select() loop go away and merge the code
 into the main transfer loop. Until this is done, the multi interface won't
 work for telnet.
- SSL
+7. SSL
- * Provide an option that allows for disabling specific SSL versions, such as
+7.1 Disable specific versions
 Provide an option that allows for disabling specific SSL versions, such as
 SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276
- * Provide a libcurl API for setting mutex callbacks in the underlying SSL
+7.2 Provide mytex locking API
 Provide a libcurl API for setting mutex callbacks in the underlying SSL
 library, so that the same application code can use mutex-locking
 independently of OpenSSL or GnutTLS being used.
- * Anton Fedorov's "dumpcert" patch:
+7.3 dumpcert
 Anton Fedorov's "dumpcert" patch:
 http://curl.haxx.se/mail/lib-2004-03/0088.html
- * Evaluate/apply Gertjan van Wingerde's SSL patches:
+7.4 Evaluate SSL patches
 Evaluate/apply Gertjan van Wingerde's SSL patches:
 http://curl.haxx.se/mail/lib-2004-03/0087.html
- * "Look at SSL cafile - quick traces look to me like these are done on every
+7.5 Cache OpenSSL contexts
   request as well, when they should only be necessary once per ssl context
   (or once per handle)". The major improvement we can rather easily do is to
   make sure we don't create and kill a new SSL "context" for every request,
   but instead make one for every connection and re-use that SSL context in
   the same style connections are re-used. It will make us use slightly more
   memory but it will libcurl do less creations and deletions of SSL contexts.
- * Add an interface to libcurl that enables "session IDs" to get
+ "Look at SSL cafile - quick traces look to me like these are done on every
 request as well, when they should only be necessary once per ssl context (or
 once per handle)". The major improvement we can rather easily do is to make
 sure we don't create and kill a new SSL "context" for every request, but
 instead make one for every connection and re-use that SSL context in the same
 style connections are re-used. It will make us use slightly more memory but
 it will libcurl do less creations and deletions of SSL contexts.
 7.6 Export session ids
 Add an interface to libcurl that enables "session IDs" to get
 exported/imported. Cris Bailiff said: "OpenSSL has functions which can
-   serialise the current SSL state to a buffer of your choice, and
+ serialise the current SSL state to a buffer of your choice, and recover/reset
-   recover/reset the state from such a buffer at a later date - this is used
+ the state from such a buffer at a later date - this is used by mod_ssl for
-   by mod_ssl for apache to implement and SSL session ID cache".
+ apache to implement and SSL session ID cache".
- * OpenSSL supports a callback for customised verification of the peer
+7.7 Provide callback for cert verfication
 OpenSSL supports a callback for customised verification of the peer
 certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
-   it be? There's so much that could be done if it were! (brought by Chris
+ it be? There's so much that could be done if it were!
   Clark)
- * Make curl's SSL layer capable of using other free SSL libraries.  Such as
+7.8 Support other SSL libraries
 Make curl's SSL layer capable of using other free SSL libraries.  Such as
 MatrixSSL (http://www.matrixssl.org/).
- * Peter Sylvester's patch for SRP on the TLS layer.
+7.9  Support SRP on the TLS layer
   Awaits OpenSSL support for this, no need to support this in libcurl before
   there's an OpenSSL release that does it.
- * make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
+ Peter Sylvester's patch for SRP on the TLS layer.  Awaits OpenSSL support for
 this, no need to support this in libcurl before there's an OpenSSL release
 that does it.
 7.10 improve configure --with-ssl
 make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
 then NSS...
- GnuTLS
+8. GnuTLS
- * Get NTLM working using the functions provided by libgcrypt, since GnuTLS
+8.1 Make NTLM work without OpenSSL functions
 Get NTLM working using the functions provided by libgcrypt, since GnuTLS
 already depends on that to function. Not strictly SSL/TLS related, but
 hey... Another option is to get available DES and MD4 source code from the
 cryptopp library. They are fine license-wise, but are C++.
- * SSL engine stuff?
+8.2 SSl engine stuff
- * Work out a common method with Peter Sylvester's OpenSSL-patch for SRP
+ Is this even possible?
   on the TLS to provide name and password
- * Fix the connection phase to be non-blocking when multi interface is used
+8.3 SRP
- * Add a way to check if the connection seems to be alive, to correspond to
+ Work out a common method with Peter Sylvester's OpenSSL-patch for SRP on the
-   the SSL_peak() way we use with OpenSSL.
+ TLS to provide name and password. GnuTLS already supports it...
- LDAP
+8.4 non-blocking
 Fix the connection phase to be non-blocking when multi interface is used
 8.5 check connection
 Add a way to check if the connection seems to be alive, to correspond to the
 SSL_peak() way we use with OpenSSL.
 9. LDAP
 9.1 ditch ldap-specific select
 * Look over the implementation. The looping will have to "go away" from the
   lib/ldap.c source file and get moved to the main network code so that the
   multi interface and friends will work for LDAP as well.
- NEW PROTOCOLS
+10. New protocols
- * RTSP - RFC2326 (protocol - very HTTP-like, also contains URL description)
+10.1 RTSP
- * RSYNC (no RFCs for protocol nor URI/URL format).  An implementation should
+ RFC2326 (protocol - very HTTP-like, also contains URL description)
 10.2 RSYNC
 There's no RFC for protocol nor URI/URL format.  An implementation should
 most probably use an existing rsync library, such as librsync.
- CLIENT
+10.3 RTMP
- * Add option that is similar to -O but that takes the output file name from
+ There exists a patch that claims to introduce this protocol:
-   the Content-Disposition: header, and/or uses the local file name used in
+ http://osdir.com/ml/gnu.gnash.devel2/2006-11/msg00278.html, further details
 in the feature-request: http://curl.haxx.se/bug/feature.cgi?id=1843469
 11. Client
 11.1 Content-Disposition
 Add option that is similar to -O but that takes the output file name from the
 Content-Disposition: header, and/or uses the local file name used in
 redirections for the cases the server bounces the request further to a
 different file (name): http://curl.haxx.se/bug/feature.cgi?id=1364676
- * "curl --sync http://example.com/feed[1-100].rss" or
+11.2 sync
 "curl --sync http://example.com/feed[1-100].rss" or
 "curl --sync http://example.net/{index,calendar,history}.html"
 Downloads a range or set of URLs using the remote name, but only if the
 remote file is newer than the local file. A Last-Modified HTTP date header
 should also be used to set the mod date on the downloaded file.
   (idea from "Brianiac")
- * Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
+11.3 glob posts
   Requested by Dane Jensen and others. This is easily scripted though.
- * Add an option that prevents cURL from overwriting existing local files. When
+ Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
 This is easily scripted though.
 11.4 prevent file overwriting
 Add an option that prevents cURL from overwriting existing local files. When
 used, and there already is an existing file with the target file name
 (either -O or -o), a number should be appended (and increased if already
 existing). So that index.html becomes first index.html.1 and then
-   index.html.2 etc. Jeff Pohlmeyer suggested.
+ index.html.2 etc.
- * "curl ftp://site.com/*.txt"
+11.5 ftp wildcard download
- * The client could be told to use maximum N simultaneous parallel transfers
+ "curl ftp://site.com/*.txt"
   and then just make sure that happens. It should of course not make more
   than one connection to the same remote host. This would require the client
   to use the multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
- * Extending the capabilities of the multipart formposting. How about leaving
+11.6 simultaneous parallel transfers
 The client could be told to use maximum N simultaneous parallel transfers and
 then just make sure that happens. It should of course not make more than one
 connection to the same remote host. This would require the client to use the
 multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
 11.7 provide formpost headers
 Extending the capabilities of the multipart formposting. How about leaving
 the ';type=foo' syntax as it is and adding an extra tag (headers) which
 works like this: curl -F "coolfiles=@fil1.txt;headers=@fil1.hdr" where
 fil1.hdr contains extra headers like
@@ -264,17 +452,11 @@ TODO
   X-User-Comment: Please don't use browser specific HTML code
 which should overwrite the program reasonable defaults (plain/text,
-   8bit...) (Idea brough to us by kromJx)
+ 8bit...)
- * ability to specify the classic computing suffixes on the range
+11.8 url-specific options
   specifications. For example, to download the first 500 Kilobytes of a file,
   be able to specify the following for the -r option: "-r 0-500K" or for the
   first 2 Megabytes of a file: "-r 0-2M". (Mark Smith suggested)
- * --data-encode that URL encodes the data before posting
+ Provide a way to make options bound to a specific URL among several on the
   http://curl.haxx.se/mail/archive-2003-11/0091.html (Kevin Roth suggested)
 * Provide a way to make options bound to a specific URL among several on the
 command line. Possibly by letting ':' separate options between URLs,
 similar to this:
@@ -286,32 +468,46 @@ TODO
 The example would do a POST-GET-POST combination on a single command line.
- BUILD
+12. Build
- * Consider extending 'roffit' to produce decent ASCII output, and use that
+12.1 roffit
 Consider extending 'roffit' to produce decent ASCII output, and use that
 instead of (g)nroff when building src/hugehelp.c
- TEST SUITE
+13. Test suite
- * Make our own version of stunnel for simple port forwarding to enable HTTPS
+13.1 SSL tunnel
 Make our own version of stunnel for simple port forwarding to enable HTTPS
 and FTP-SSL tests without the stunnel dependency, and it could allow us to
 provide test tools built with either OpenSSL or GnuTLS
- * If perl wasn't found by the configure script, don't attempt to run the
+13.2 nicer lacking perl message
   tests but explain something nice why it doesn't.
- * Extend the test suite to include more protocols. The telnet could just do
+ If perl wasn't found by the configure script, don't attempt to run the tests
-   ftp or http operations (for which we have test servers).
+ but explain something nice why it doesn't.
- * Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
+13.3 more protocols supported
 Extend the test suite to include more protocols. The telnet could just do ftp
 or http operations (for which we have test servers).
 13.4 more platforms supported
 Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
 fork()s and it should become even more portable.
- NEXT soname bump
+14. Next SONAME bump
- * #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
+14.1 http-style HEAD output for ftp
 #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
 from being output in NOBODY requests over ftp
- * Combine some of the error codes to remove duplicates.  The original
+14.2 combine error codes
 Combine some of the error codes to remove duplicates.  The original
 numbering should not be changed, and the old identifiers would be
 macroed to the new ones in an CURL_NO_OLDIES section to help with
 backward compatibility.
@@ -327,23 +523,50 @@ TODO
    CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND
    CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED
- NEXT MAJOR RELEASE
+14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
- * curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
+ The current prototype only provides 'purpose' that tells what the
 connection/socket is for, but not any protocol or similar. It makes it hard
 for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
 similar.
 15. Next major release
 15.1 cleanup return codes
 curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
 CURLMcode. These should be changed to be the same.
- * remove obsolete defines from curl/curl.h
+15.2 remove obsolete defines
- * make several functions use size_t instead of int in their APIs
+ remove obsolete defines from curl/curl.h
 15.3 size_t
 make several functions use size_t instead of int in their APIs
 15.4 remove several functions
 remove the following functions from the public API:
 * remove the following functions from the public API:
 curl_getenv
 curl_mprintf (and variations)
 curl_strequal
 curl_strnequal
 They will instead become curlx_ - alternatives. That makes the curl app
 still capable of building with them from source.
- * Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
+15.5 remove CURLOPT_FAILONERROR
 Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
 internally. Let the app judge success or not for itself.
 15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
 Remove support for a global DNS cache. Anything global is silly, and we
 already offer the share interface for the same functionality but done
 "right".
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH curl 1 "21 Sep 2007" "Curl 7.17.1" "Curl Manual"
+.TH curl 1 "5 Jan 2008" "Curl 7.18.0" "Curl Manual"
 .SH NAME
 curl \- transfer a URL
 .SH SYNOPSIS
@@ -82,7 +82,7 @@ specified on a single command line and cannot be used between separate curl
 invokes.
 .SH "PROGRESS METER"
 curl normally displays a progress meter during operations, indicating amount
-of transfered data, transfer speeds and estimated time left etc.
+of transferred data, transfer speeds and estimated time left etc.
 However, since curl displays data to the terminal by default, if you invoke
 curl to do an operation and it is about to write data to the terminal, it
@@ -115,10 +115,10 @@ used.
 .IP "--anyauth"
 (HTTP) Tells curl to figure out authentication method by itself, and use the
 most secure one the remote site claims it supports. This is done by first
-doing a request and checking the response-headers, thus inducing an extra
+doing a request and checking the response-headers, thus possibly inducing an
-network round-trip. This is used instead of setting a specific authentication
+extra network round-trip. This is used instead of setting a specific
-method, which you can do with \fI--basic\fP, \fI--digest\fP, \fI--ntlm\fP, and
+authentication method, which you can do with \fI--basic\fP, \fI--digest\fP,
-\fI--negotiate\fP.
+\fI--ntlm\fP, and \fI--negotiate\fP.
 Note that using --anyauth is not recommended if you do uploads from stdin,
 since it may require data to be sent twice and then the client must be able to
@@ -224,43 +224,63 @@ To create remote directories when using FTP or SFTP, try
 If this option is used several times, the following occurrences make no
 difference.
 .IP "-d/--data <data>"
-(HTTP) Sends the specified data in a POST request to the HTTP server, in a way
+(HTTP) Sends the specified data in a POST request to the HTTP server, in the
-that can emulate as if a user has filled in a HTML form and pressed the submit
+same way that a browser does when a user has filled in an HTML form and
-button. Note that the data is sent exactly as specified with no extra
+presses the submit button. This will cause curl to pass the data to the server
-processing (with all newlines cut off).  The data is expected to be
+using the content-type application/x-www-form-urlencoded.  Compare to
-\&"url-encoded". This will cause curl to pass the data to the server using the
+\fI-F/--form\fP.
-content-type application/x-www-form-urlencoded. Compare to \fI-F/--form\fP. If
+
-this option is used more than once on the same command line, the data pieces
+\fI-d/--data\fP is the same as \fI--data-ascii\fP. To post data purely binary,
-specified will be merged together with a separating &-letter. Thus, using '-d
+you should instead use the \fI--data-binary\fP option. To URL encode the value
-name=daniel -d skill=lousy' would generate a post chunk that looks like
+of a form field you may use \fI--data-urlencode\fP.
-\&'name=daniel&skill=lousy'.
+
 If any of these options is used more than once on the same command line, the
 data pieces specified will be merged together with a separating
 &-letter. Thus, using '-d name=daniel -d skill=lousy' would generate a post
 chunk that looks like \&'name=daniel&skill=lousy'.
 If you start the data with the letter @, the rest should be a file name to
 read the data from, or - if you want curl to read the data from stdin.  The
 contents of the file must already be url-encoded. Multiple files can also be
 specified. Posting data from a file named 'foobar' would thus be done with
-\fI--data\fP @foobar".
+\fI--data @foobar\fP.
 To post data purely binary, you should instead use the \fI--data-binary\fP
 option.
 \fI-d/--data\fP is the same as \fI--data-ascii\fP.
 If this option is used several times, the ones following the first will
 append data.
 .IP "--data-ascii <data>"
 (HTTP) This is an alias for the \fI-d/--data\fP option.
 If this option is used several times, the ones following the first will
 append data.
 .IP "--data-binary <data>"
-(HTTP) This posts data in a similar manner as \fI--data-ascii\fP does,
+(HTTP) This posts data exactly as specified with no extra processing
-although when using this option the entire context of the posted data is kept
+whatsoever.
 as-is. If you want to post a binary file without the strip-newlines feature of
 the \fI--data-ascii\fP option, this is for you.
-If this option is used several times, the ones following the first will
+If you start the data with the letter @, the rest should be a filename.  Data
-append data.
+is posted in a similar manner as \fI--data-ascii\fP does, except that newlines
 are preserved and conversions are never done.
 If this option is used several times, the ones following the first will append
 data. As described in \fI-d/--data\fP.
 .IP "--data-urlencode <data>"
 (HTTP) This posts data, similar to the other --data options with the exception
 that this performs URL encoding. (Added in 7.18.0)
 To be CGI compliant, the <data> part should begin with a \fIname\fP followed
 by a separator and a content specification. The <data> part can be passed to
 curl using one of the following syntaxes:
 .RS
 .IP "content"
 This will make curl URL encode the content and pass that on. Just be careful
 so that the content doesn't contain any = or @ letters, as that will then make
 the syntax match one of the other cases below!
 .IP "=content"
 This will make curl URL encode the content and pass that on. The preceding =
 letter is not included in the data.
 .IP "name=content"
 This will make curl URL encode the content part and pass that on. Note that
 the name part is expected to be URL encoded already.
 .IP "@filename"
 This will make curl load data from the given file (including any newlines),
 URL encode that data and pass it on in the POST.
 .IP "name@filename"
 This will make curl load data from the given file (including any newlines),
 URL encode that data and pass it on in the POST. The name part gets an equal
 sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
 name is expected to be URL encoded already.
 .RE
 .IP "--digest"
 (HTTP) Enables HTTP Digest authentication. This is a authentication that
 prevents the password from being sent over the wire in clear text. Use this in
@@ -341,9 +361,10 @@ DER and ENG are recognized types.  If not specified, PEM is assumed.
 If this option is used several times, the last one will be used.
 .IP "--cacert <CA certificate>"
-(SSL) Tells curl to use the specified certificate file to verify the
+(SSL) Tells curl to use the specified certificate file to verify the peer. The
-peer. The file may contain multiple CA certificates. The certificate(s) must
+file may contain multiple CA certificates. The certificate(s) must be in PEM
-be in PEM format.
+format. Normally curl is built to use a default file for this, so this option
 is typically used to alter that default file.
 curl recognizes the environment variable named 'CURL_CA_BUNDLE' if that is
 set, and uses the given path as a path to a CA cert bundle. This option
@@ -388,9 +409,10 @@ has been provided, this data is sent off using the ACCT command. (Added in
 If this option is used twice, the second will override the previous use.
 .IP "--ftp-create-dirs"
-(FTP) When an FTP or SFTP URL/operation uses a path that doesn't currently exist on
+(FTP/SFTP) When an FTP or SFTP URL/operation uses a path that doesn't
-the server, the standard behavior of curl is to fail. Using this option, curl
+currently exist on the server, the standard behavior of curl is to
-will instead attempt to create missing directories.
+fail. Using this option, curl will instead attempt to create missing
 directories.
 If this option is used twice, the second will again disable directory creation.
 .IP "--ftp-method [method]"
@@ -546,7 +568,7 @@ See also the \fI-A/--user-agent\fP and \fI-e/--referer\fP options.
 This option can be used multiple times to add/replace/remove multiple headers.
 .IP "--hostpubmd5"
 Pass a string containing 32 hexadecimal digits. The string should be the 128
-bit MD5 cheksum of the remote host's public key, curl will refuse the
+bit MD5 checksum of the remote host's public key, curl will refuse the
 connection with the host unless the md5sums match. This option is only for SCP
 and SFTP transfers. (Added in 7.17.1)
 .IP "--ignore-content-length"
@@ -592,6 +614,14 @@ See this online resource for further details:
 \fBhttp://curl.haxx.se/docs/sslcerts.html\fP
 If this option is used twice, the second time will again disable it.
 .IP "--keepalive-time <seconds>"
 This option sets the time a connection needs to remain idle before sending
 keepalive probes and the time between individual keepalive probes. It is
 currently effective on operating systems offering the TCP_KEEPIDLE and
 TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This
 option has no effect if \fI--no-keepalive\fP is used. (Added in 7.18.0)
 If this option is used multiple times, the last occurrence sets the amount.
 .IP "--key <key>"
 (SSL/SSH) Private key file name. Allows you to provide your private key in this
 separate file.
@@ -617,8 +647,12 @@ If this option is used several times, the last one will be used.
 Specify which config file to read curl arguments from. The config file is a
 text file in which command line arguments can be written which then will be
 used as if they were written on the actual command line. Options and their
-parameters must be specified on the same config file line. If the parameter is
+parameters must be specified on the same config file line, separated by
-to contain white spaces, the parameter must be enclosed within quotes.  If the
+white space, colon, the equals sign or any combination thereof (however,
 the preferred separator is the equals sign). If the parameter is to contain
 white spaces, the parameter must be enclosed within quotes. Within double
 quotes, the following escape sequences are available: \\\\, \\", \\t, \\n,
 \\r and \\v. A backlash preceding any other letter is  ignored. If the
 first column of a config line is a '#' character, the rest of the line will be
 treated as a comment. Only write one option per physical line in the config
 file.
@@ -673,7 +707,8 @@ NOTE: this does not properly support -F and the sending of multipart
 formposts, so in those cases the output program will be missing necessary
 calls to \fIcurl_formadd(3)\fP, and possibly more.
-If this option is used several times, the last given file name will be used.
+If this option is used several times, the last given file name will be
 used. (Added in 7.16.1)
 .IP "--limit-rate <speed>"
 Specify the maximum transfer rate you want curl to use. This feature is useful
 if you have a limited pipe and you'd like your transfer not use your entire
@@ -799,6 +834,11 @@ will output the data in chunks, not necessarily exactly when the data arrives.
 Using this option will disable that buffering.
 If this option is used twice, the second will again switch on buffering.
 .IP "--no-keepalive"
 Disables the use of keepalive messages on the TCP connection, as by default
 curl enables them.
 If this option is used twice, the second will again enable keepalive.
 .IP "--no-sessionid"
 (SSL) Disable curl's use of SSL session-ID caching.  By default all transfers
 are done using the cache. Note that while nothing ever should get hurt by
@@ -861,7 +901,7 @@ a redirection. This option is meaningful only when using \fI-L/--location\fP
 (Added in 7.17.1)
 .IP "--proxy-anyauth"
 Tells curl to pick a suitable authentication method when communicating with
-the given proxy. This will cause an extra request/response round-trip. (Added
+the given proxy. This might cause an extra request/response round-trip. (Added
 in 7.13.2)
 If this option is used twice, the second will again disable the proxy use-any
@@ -948,9 +988,9 @@ This option can be used multiple times.
 random data. The data is used to seed the random engine for SSL connections.
 See also the \fI--egd-file\fP option.
 .IP "-r/--range <range>"
-(HTTP/FTP)
+(HTTP/FTP/FILE) Retrieve a byte range (i.e a partial document) from a
-Retrieve a byte range (i.e a partial document) from a HTTP/1.1 or FTP
+HTTP/1.1, FTP server or a local FILE. Ranges can be specified in a number of
-server. Ranges can be specified in a number of ways.
+ways.
 .RS
 .TP 10
 .B 0-499
@@ -1049,9 +1089,28 @@ This option overrides any previous use of \fI-x/--proxy\fP, as they are
 mutually exclusive.
 If this option is used several times, the last one will be used.
 .IP "--socks4a <host[:port]>"
 Use the specified SOCKS4a proxy. If the port number is not specified, it is
 assumed at port 1080. (Added in 7.18.0)
 This option overrides any previous use of \fI-x/--proxy\fP, as they are
 mutually exclusive.
 If this option is used several times, the last one will be used.
 .IP "--socks5-hostname <host[:port]>"
 Use the specified SOCKS5 proxy (and let the proxy resolve the host name). If
 the port number is not specified, it is assumed at port 1080. (Added in
 7.18.0)
 This option overrides any previous use of \fI-x/--proxy\fP, as they are
 mutually exclusive.
 If this option is used several times, the last one will be used. (This option
 was previously wrongly documented and used as --socks without the number
 appended.)
 .IP "--socks5 <host[:port]>"
-Use the specified SOCKS5 proxy. If the port number is not specified, it is
+Use the specified SOCKS5 proxy - but resolve the host name locally. If the
-assumed at port 1080. (Added in 7.11.1)
+port number is not specified, it is assumed at port 1080.
 This option overrides any previous use of \fI-x/--proxy\fP, as they are
 mutually exclusive.
@@ -1128,6 +1187,9 @@ If this option is used several times, each occurrence will toggle it on/off.
 Specify user and password to use for server authentication. Overrides
 \fI-n/--netrc\fP and \fI--netrc-optional\fP.
 If you just give the user name (without entering a colon) curl will prompt for
 a password.
 If you use an SSPI-enabled curl binary and do NTLM authentication, you can
 force curl to pick up the user name and password from your environment by
 simply specifying a single colon with this option: "-u :".
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -18,6 +18,9 @@
 #include <string.h>
 #include <unistd.h>
 #include <curl/multi.h>
 #ifdef WIN32
 #include <windows.h>
 #endif
 static const char *urls[] = {
  "http://www.microsoft.com",
@@ -74,7 +77,7 @@ static const char *urls[] = {
 #define MAX 10 /* number of simultaneous transfers */
 #define CNT sizeof(urls)/sizeof(char*) /* total number of transfers to do */
-static int cb(char *d, size_t n, size_t l, void *p)
+static size_t cb(char *d, size_t n, size_t l, void *p)
 {
  /* take care of the data here, ignored in this example */
  (void)d;
@@ -138,7 +141,11 @@ int main(void)
        L = 100;
      if (M == -1) {
 #ifdef WIN32
        Sleep(L);
 #else
        sleep(L / 1000);
 #endif
      } else {
        T.tv_sec = L/1000;
        T.tv_usec = (L%1000)*1000;
--- a/docs/examples/Makefile.am
+++ b/docs/examples/Makefile.am
@@ -4,28 +4,24 @@
 AUTOMAKE_OPTIONS = foreign nostdinc
-EXTRA_DIST = README Makefile.example makefile.dj $(COMPLICATED_EXAMPLES)
+EXTRA_DIST = README Makefile.example Makefile.inc Makefile.m32 \
 	makefile.dj $(COMPLICATED_EXAMPLES)
 INCLUDES = -I$(top_srcdir)/include
 LIBDIR = $(top_builddir)/lib
-CPPFLAGS = -DCURL_NO_OLDIES
+
 if STATICLIB
 # we need this define when building with a static lib on Windows
 STATICCPPFLAGS = -DCURL_STATICLIB
 endif
 CPPFLAGS = -DCURL_NO_OLDIES $(STATICCPPFLAGS)
 # Dependencies
 LDADD = $(LIBDIR)/libcurl.la
-# These are all libcurl example programs to be test compiled
+# Makefile.inc provides the noinst_PROGRAMS and COMPLICATED_EXAMPLES defines
-noinst_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
+include Makefile.inc
  debug fileupload fopen ftpget ftpgetresp ftpupload \
  getinfo getinmemory http-post httpput \
  https multi-app multi-debugcallback multi-double \
  multi-post multi-single persistant post-callback \
  postit2 sepheaders simple simplepost simplessl
 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
 COMPLICATED_EXAMPLES = \
 curlgtk.c curlx.c htmltitle.cc cacertinmem.c ftpuploadresume.c \
 ghiper.c hiperfifo.c htmltidy.c multithread.c \
 opensslthreadlock.c sampleconv.c synctime.c
--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@@ -0,0 +1,16 @@
 # These are all libcurl example programs to be test compiled
 noinst_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
  debug fileupload fopen ftpget ftpgetresp ftpupload \
  getinfo getinmemory http-post httpput \
  https multi-app multi-debugcallback multi-double \
  multi-post multi-single persistant post-callback \
  postit2 sepheaders simple simplepost simplessl
 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
 COMPLICATED_EXAMPLES = \
 curlgtk.c curlx.c htmltitle.cc cacertinmem.c ftpuploadresume.c \
 ghiper.c hiperfifo.c htmltidy.c multithread.c \
 opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c
--- a/docs/examples/Makefile.m32
+++ b/docs/examples/Makefile.m32
@@ -0,0 +1,135 @@
 #########################################################################
 # $Id$
 #
 ## Makefile for building curl examples with MingW32
 ## and optionally OpenSSL (0.9.8), libssh2 (0.18), zlib (1.2.3)
 ##
 ## Usage:
 ## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
 ##
 ## Hint: you can also set environment vars to control the build, f.e.:
 ## set ZLIB_PATH=c:/zlib-1.2.3
 ## set ZLIB=1
 ##
 #########################################################################
 # Edit the path below to point to the base of your Zlib sources.
 ifndef ZLIB_PATH
 ZLIB_PATH = ../../zlib-1.2.3
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
 OPENSSL_PATH = ../../openssl-0.9.8g
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
 LIBSSH2_PATH = ../../libssh2-0.18
 endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
 LDAP_SDK = c:/novell/ndk/cldapsdk/win32
 endif
 PROOT = ../..
 ARES_LIB = $(PROOT)/ares
 SSL = 1
 ZLIB = 1
 CC = gcc
 CFLAGS = -g -O2 -Wall
 # comment LDFLAGS below to keep debug info
 LDFLAGS = -s
 RC = windres
 RCFLAGS = --include-dir=$(PROOT)/include -O COFF -i
 RM = del /q /f > NUL 2>&1
 CP = copy
 ########################################################
 ## Nothing more to do below this line!
 INCLUDES = -I. -I$(PROOT) -I$(PROOT)/include -I$(PROOT)/lib
 LINK = $(CC) $(LDFLAGS) -o $@
 curl_PROGRAMS = curl.exe
 ifdef DYN
  curl_DEPENDENCIES = $(PROOT)/lib/libcurldll.a $(PROOT)/lib/libcurl.dll
  curl_LDADD = -L$(PROOT)/lib -lcurldll
 else
  curl_DEPENDENCIES = $(PROOT)/lib/libcurl.a
  curl_LDADD = -L$(PROOT)/lib -lcurl
  CFLAGS += -DCURL_STATICLIB
 endif
 ifdef ARES
  ifndef DYN
    curl_DEPENDENCIES += $(ARES_LIB)/libcares.a
  endif
  CFLAGS += -DUSE_ARES
  curl_LDADD += -L$(ARES_LIB) -lcares
 endif
 ifdef SSH2
  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
  curl_LDADD += -L$(LIBSSH2_PATH)/win32 -lssh2
 endif
 ifdef SSL
  INCLUDES += -I"$(OPENSSL_PATH)/outinc"
  CFLAGS += -DUSE_SSLEAY -DHAVE_OPENSSL_ENGINE_H
  ifdef DYN
    curl_LDADD += -L$(OPENSSL_PATH)/out -leay32 -lssl32
  else
    curl_LDADD += -L$(OPENSSL_PATH)/out -lssl -lcrypto -lgdi32
  endif
 endif
 ifdef ZLIB
  INCLUDES += -I"$(ZLIB_PATH)"
  CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H
  curl_LDADD += -L$(ZLIB_PATH) -lz
 endif
 ifdef SSPI
  CFLAGS += -DUSE_WINDOWS_SSPI
 endif
 ifdef IPV6
  CFLAGS += -DENABLE_IPV6
 endif
 ifdef LDAPS
  CFLAGS += -DHAVE_LDAP_SSL
 endif
 ifdef USE_LDAP_NOVELL
  CFLAGS += -DCURL_HAS_NOVELL_LDAPSDK
  curl_LDADD += -L"$(LDAP_SDK)/lib/mscvc" -lldapsdk -lldapssl -lldapx
 endif
 ifdef USE_LDAP_OPENLDAP
  CFLAGS += -DCURL_HAS_OPENLDAP_LDAPSDK
  curl_LDADD += -L"$(LDAP_SDK)/lib" -lldap -llber
 endif
 ifndef USE_LDAP_NOVELL
 ifndef USE_LDAP_OPENLDAP
 curl_LDADD += -lwldap32
 endif
 endif
 curl_LDADD += -lws2_32 -lwinmm
 COMPILE = $(CC) $(INCLUDES) $(CFLAGS)
 # Makefile.inc provides the noinst_PROGRAMS and COMPLICATED_EXAMPLES defines
 include Makefile.inc
 example_PROGRAMS := $(patsubst %,%.exe,$(strip $(noinst_PROGRAMS)))
 .SUFFIXES: .rc .res .o .exe
 all: $(example_PROGRAMS)
 .o.exe: $(curl_DEPENDENCIES)
 	$(LINK) $< $(curl_LDADD)
 .c.o:
 	$(COMPILE) -c $<
 .rc.res:
 	$(RC) $(RCFLAGS) $< -o $@
 clean:
 	$(RM) $(example_PROGRAMS)
--- a/docs/examples/anyauthput.c
+++ b/docs/examples/anyauthput.c
@@ -37,7 +37,7 @@
 /* ioctl callback function */
 static curlioerr my_ioctl(CURL *handle, curliocmd cmd, void *userp)
 {
-  int fd = (int)userp;
+  intptr_t fd = (intptr_t)userp;
  (void)handle; /* not used in here */
@@ -61,7 +61,7 @@ static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
 {
  size_t retcode;
-  int fd = (int)stream;
+  intptr_t fd = (intptr_t)stream;
  retcode = read(fd, ptr, size * nmemb);
@@ -74,7 +74,7 @@ int main(int argc, char **argv)
 {
  CURL *curl;
  CURLcode res;
-  int hd ;
+  intptr_t hd ;
  struct stat file_info;
  char *file;
@@ -100,13 +100,13 @@ int main(int argc, char **argv)
    curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
    /* which file to upload */
-    curl_easy_setopt(curl, CURLOPT_READDATA, hd);
+    curl_easy_setopt(curl, CURLOPT_READDATA, (void*)hd);
    /* set the ioctl function */
    curl_easy_setopt(curl, CURLOPT_IOCTLFUNCTION, my_ioctl);
    /* pass the file descriptor to the ioctl callback as well */
-    curl_easy_setopt(curl, CURLOPT_IOCTLDATA, hd);
+    curl_easy_setopt(curl, CURLOPT_IOCTLDATA, (void*)hd);
    /* enable "uploading" (which means PUT when doing HTTP) */
    curl_easy_setopt(curl, CURLOPT_UPLOAD, TRUE) ;
--- a/docs/examples/debug.c
+++ b/docs/examples/debug.c
@@ -65,7 +65,7 @@ void dump(const char *text,
 static
 int my_trace(CURL *handle, curl_infotype type,
-             unsigned char *data, size_t size,
+             char *data, size_t size,
             void *userp)
 {
  struct data *config = (struct data *)userp;
@@ -98,7 +98,7 @@ int my_trace(CURL *handle, curl_infotype type,
    break;
  }
-  dump(text, stderr, data, size, config->trace_ascii);
+  dump(text, stderr, (unsigned char *)data, size, config->trace_ascii);
  return 0;
 }
--- a/docs/examples/ftpget.c
+++ b/docs/examples/ftpget.c
@@ -26,7 +26,7 @@ struct FtpFile {
  FILE *stream;
 };
-static int my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream)
+static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream)
 {
  struct FtpFile *out=(struct FtpFile *)stream;
  if(out && !out->stream) {
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -14,7 +14,12 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
 #include <errno.h>
 #ifdef WIN32
 #include <io.h>
 #else
 #include <unistd.h>
 #endif
 /*
 * This example shows an FTP upload, with a rename of the file just after
@@ -28,12 +33,26 @@
 #define REMOTE_URL      "ftp://localhost/"  UPLOAD_FILE_AS
 #define RENAME_FILE_TO  "renamed-and-fine.txt"
 /* NOTE: if you want this example to work on Windows with libcurl as a
   DLL, you MUST also provide a read callback with CURLOPT_READFUNCTION.
   Failing to do so will give you a crash since a DLL may not use the
   variable's memory when passed in to it from an app like this. */
 static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
 {
  /* in real-world cases, this would probably get this data differently
     as this fread() stuff is exactly what the library already would do
     by default internally */
  size_t retcode = fread(ptr, size, nmemb, stream);
  fprintf(stderr, "*** We read %d bytes from file\n", retcode);
  return retcode;
 }
 int main(int argc, char **argv)
 {
  CURL *curl;
  CURLcode res;
  FILE *hd_src;
  int hd ;
  struct stat file_info;
  struct curl_slist *headerlist=NULL;
@@ -41,13 +60,13 @@ int main(int argc, char **argv)
  static const char buf_2 [] = "RNTO " RENAME_FILE_TO;
  /* get the file size of the local file */
-  hd = open(LOCAL_FILE, O_RDONLY) ;
+  if(stat(LOCAL_FILE, &file_info)) {
-  fstat(hd, &file_info);
+    printf("Couldnt open '%s': %s\n", LOCAL_FILE, strerror(errno));
-  close(hd) ;
+    return 1;
  }
  printf("Local file size: %ld bytes.\n", file_info.st_size);
-  /* get a FILE * of the same file, could also be made with
+  /* get a FILE * of the same file */
     fdopen() from the previous descriptor, but hey this is just
     an example! */
  hd_src = fopen(LOCAL_FILE, "rb");
  /* In windows, this will init the winsock stuff */
@@ -60,6 +79,9 @@ int main(int argc, char **argv)
    headerlist = curl_slist_append(headerlist, buf_1);
    headerlist = curl_slist_append(headerlist, buf_2);
    /* we want to use our own read function */
    curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
    /* enable uploading */
    curl_easy_setopt(curl, CURLOPT_UPLOAD, 1) ;
@@ -72,12 +94,6 @@ int main(int argc, char **argv)
    /* now specify which file to upload */
    curl_easy_setopt(curl, CURLOPT_READDATA, hd_src);
    /* NOTE: if you want this example to work on Windows with libcurl as a
       DLL, you MUST also provide a read callback with
       CURLOPT_READFUNCTION. Failing to do so will give you a crash since a
       DLL may not use the variable's memory when passed in to it from an app
       like this. */
    /* Set the size of the file to upload (optional).  If you give a *_LARGE
       option you MUST make sure that the type of the passed-in argument is a
       curl_off_t. If you use CURLOPT_INFILESIZE (without _LARGE) you must
--- a/docs/examples/getinmemory.c
+++ b/docs/examples/getinmemory.c
@@ -98,5 +98,8 @@ int main(int argc, char **argv)
  if(chunk.memory)
    free(chunk.memory);
  /* we're done with libcurl, so clean it up */
  curl_global_cleanup();
  return 0;
 }
--- a/docs/examples/multi-debugcallback.c
+++ b/docs/examples/multi-debugcallback.c
@@ -74,7 +74,7 @@ void dump(const char *text,
 static
 int my_trace(CURL *handle, curl_infotype type,
-             unsigned char *data, size_t size,
+             char *data, size_t size,
             void *userp)
 {
  const char *text;
--- a/docs/examples/post-callback.c
+++ b/docs/examples/post-callback.c
@@ -75,7 +75,7 @@ int main(void)
    */
 #ifdef USE_CHUNKED
    {
-      curl_slist *chunk = NULL;
+      struct curl_slist *chunk = NULL;
      chunk = curl_slist_append(chunk, "Transfer-Encoding: chunked");
      res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
@@ -98,7 +98,7 @@ int main(void)
    /* A less good option would be to enforce HTTP 1.0, but that might also
       have other implications. */
    {
-      curl_slist *chunk = NULL;
+      struct curl_slist *chunk = NULL;
      chunk = curl_slist_append(chunk, "Expect:");
      res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
--- a/docs/examples/smooth-gtk-thread.c
+++ b/docs/examples/smooth-gtk-thread.c
@@ -0,0 +1,217 @@
 /*****************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * $Id$
 *
 * This is a multi threaded application that uses a progress bar to show
 * status.  It uses Gtk+ to make a smooth pulse.
 *
 * Written by Jud Bishop after studying the other examples provided with
 * libcurl.
 *
 * To compile (on a single line):
 * gcc -ggdb `pkg-config --cflags  --libs gtk+-2.0` -lcurl -lssl -lcrypto
 *   -lgthread-2.0 -dl  smooth-gtk-thread.c -o smooth-gtk-thread
 */
 #include <stdio.h>
 #include <gtk/gtk.h>
 #include <glib.h>
 #include <unistd.h>
 #include <pthread.h>
 #include <curl/curl.h>
 #include <curl/types.h> /* new for v7 */
 #include <curl/easy.h> /* new for v7 */
 #define NUMT 4
 pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
 int j = 0;
 gint num_urls = 9; /* Just make sure this is less than urls[]*/
 char *urls[]= {
  "90022",
  "90023",
  "90024",
  "90025",
  "90026",
  "90027",
  "90028",
  "90029",
  "90030"
 };
 size_t write_file(void *ptr, size_t size, size_t nmemb, FILE *stream)
 {
  /* printf("write_file\n"); */
  return fwrite(ptr, size, nmemb, stream);
 }
 /* http://xoap.weather.com/weather/local/46214?cc=*&dayf=5&unit=i */
 void *pull_one_url(void *NaN)
 {
  CURL *curl;
  CURLcode res;
  gchar *http;
  FILE *outfile;
  gint i;
  /* Stop threads from entering unless j is incremented */
  pthread_mutex_lock(&lock);
  while ( j < num_urls )
  {
    printf("j = %d\n", j);
    http =
      g_strdup_printf("xoap.weather.com/weather/local/%s?cc=*&dayf=5&unit=i\n",
                      urls[j]);
    printf( "http %s", http );
    curl = curl_easy_init();
    if(curl)
    {
      outfile = fopen(urls[j], "w");
      /* printf("fopen\n"); */
      /* Set the URL and transfer type */
      curl_easy_setopt(curl, CURLOPT_URL, http);
      /* Write to the file */
      curl_easy_setopt(curl, CURLOPT_WRITEDATA, outfile);
      curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_file);
      j++;  /* critical line */
      pthread_mutex_unlock(&lock);
      res = curl_easy_perform(curl);
      fclose(outfile);
      printf("fclose\n");
      curl_easy_cleanup(curl);
    }
    g_free (http);
    /* Adds more latency, testing the mutex.*/
    sleep(1);
  } /* end while */
  return NULL;
 }
 gboolean pulse_bar(gpointer data)
 {
  gdk_threads_enter();
  gtk_progress_bar_pulse (GTK_PROGRESS_BAR (data));
  gdk_threads_leave();
  /* Return true so the function will be called again;
   * returning false removes this timeout function.
   */
  return TRUE;
 }
 void *create_thread(void *progress_bar)
 {
  pthread_t tid[NUMT];
  int i;
  int error;
  /* Make sure I don't create more threads than urls. */
  for(i=0; i < NUMT && i < num_urls ; i++) {
    error = pthread_create(&tid[i],
                           NULL, /* default attributes please */
                           pull_one_url,
                           NULL);
    if(0 != error)
      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
    else
      fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]);
  }
  /* Wait for all threads to terminate. */
  for(i=0; i < NUMT && i < num_urls; i++) {
    error = pthread_join(tid[i], NULL);
    fprintf(stderr, "Thread %d terminated\n", i);
  }
  /* This stops the pulsing if you have it turned on in the progress bar
     section */
  g_source_remove(GPOINTER_TO_INT(g_object_get_data(G_OBJECT(progress_bar),
                                                    "pulse_id")));
  /* This destroys the progress bar */
  gtk_widget_destroy(progress_bar);
  /* [Un]Comment this out to kill the program rather than pushing close. */
  /* gtk_main_quit(); */
  return NULL;
 }
 static gboolean cb_delete(GtkWidget *window, gpointer data)
 {
  gtk_main_quit();
  return FALSE;
 }
 int main(int argc, char **argv)
 {
  GtkWidget *top_window, *outside_frame, *inside_frame, *progress_bar;
  GtkAdjustment *adj;
  /* Init thread */
  g_thread_init(NULL);
  gdk_threads_init ();
  gdk_threads_enter ();
  gtk_init(&argc, &argv);
  /* Base window */
  top_window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
  /* Frame */
  outside_frame = gtk_frame_new(NULL);
  gtk_frame_set_shadow_type(GTK_FRAME(outside_frame), GTK_SHADOW_OUT);
  gtk_container_add(GTK_CONTAINER(top_window), outside_frame);
  /* Frame */
  inside_frame = gtk_frame_new(NULL);
  gtk_frame_set_shadow_type(GTK_FRAME(inside_frame), GTK_SHADOW_IN);
  gtk_container_set_border_width(GTK_CONTAINER(inside_frame), 5);
  gtk_container_add(GTK_CONTAINER(outside_frame), inside_frame);
  /* Progress bar */
  progress_bar = gtk_progress_bar_new();
  gtk_progress_bar_pulse (GTK_PROGRESS_BAR (progress_bar));
  /* Make uniform pulsing */
  gint pulse_ref = g_timeout_add (300, pulse_bar, progress_bar);
  g_object_set_data(G_OBJECT(progress_bar), "pulse_id",
                    GINT_TO_POINTER(pulse_ref));
  gtk_container_add(GTK_CONTAINER(inside_frame), progress_bar);
  gtk_widget_show_all(top_window);
  printf("gtk_widget_show_all\n");
  g_signal_connect(G_OBJECT (top_window), "delete-event",
                   G_CALLBACK(cb_delete), NULL);
  if (!g_thread_create(&create_thread, progress_bar, FALSE, NULL) != 0)
    g_warning("can't create the thread");
  gtk_main();
  gdk_threads_leave();
  printf("gdk_threads_leave\n");
  return 0;
 }
--- a/docs/examples/threaded-ssl.c
+++ b/docs/examples/threaded-ssl.c
@@ -0,0 +1,145 @@
 /*****************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * $Id$
 *
 * A multi-threaded example that uses pthreads and fetches 4 remote files at
 * once over HTTPS. The lock callbacks and stuff assume OpenSSL or GnuTLS
 * (libgcrypt) so far.
 *
 * OpenSSL docs for this:
 *   http://www.openssl.org/docs/crypto/threads.html
 * gcrypt docs for this:
 *   http://gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
 */
 #define USE_OPENSSL /* or USE_GNUTLS accordingly */
 #include <stdio.h>
 #include <pthread.h>
 #include <curl/curl.h>
 /* we have this global to let the callback get easy access to it */
 static pthread_mutex_t *lockarray;
 #ifdef USE_OPENSSL
 #include <openssl/crypto.h>
 static void lock_callback(int mode, int type, char *file, int line)
 {
  (void)file;
  (void)line;
  if (mode & CRYPTO_LOCK) {
    pthread_mutex_lock(&(lockarray[type]));
  }
  else {
    pthread_mutex_unlock(&(lockarray[type]));
  }
 }
 static unsigned long thread_id(void)
 {
  unsigned long ret;
  ret=(unsigned long)pthread_self();
  return(ret);
 }
 static void init_locks(void)
 {
  int i;
  lockarray=(pthread_mutex_t *)OPENSSL_malloc(CRYPTO_num_locks() *
                                            sizeof(pthread_mutex_t));
  for (i=0; i<CRYPTO_num_locks(); i++) {
    pthread_mutex_init(&(lockarray[i]),NULL);
  }
  CRYPTO_set_id_callback((unsigned long (*)())thread_id);
  CRYPTO_set_locking_callback((void (*)())lock_callback);
 }
 static void kill_locks(void)
 {
  int i;
  CRYPTO_set_locking_callback(NULL);
  for (i=0; i<CRYPTO_num_locks(); i++)
    pthread_mutex_destroy(&(lockarray[i]));
  OPENSSL_free(lockarray);
 }
 #endif
 #ifdef USE_GNUTLS
 #include <gcrypt.h>
 #include <errno.h>
 GCRY_THREAD_OPTION_PTHREAD_IMPL;
 void init_locks(void)
 {
  gcry_control(GCRYCTL_SET_THREAD_CBS);
 }
 #define kill_locks()
 #endif
 /* List of URLs to fetch.*/
 const char *urls[]= {
  "https://www.sf.net/",
  "https://www.openssl.org/",
  "https://www.sf.net/",
  "https://www.openssl.org/",
 };
 static void *pull_one_url(void *url)
 {
  CURL *curl;
  curl = curl_easy_init();
  curl_easy_setopt(curl, CURLOPT_URL, url);
  /* this example doesn't verify the server's certificate, which means we
     might be downloading stuff from an impostor */
  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
  curl_easy_perform(curl); /* ignores error */
  curl_easy_cleanup(curl);
  return NULL;
 }
 int main(int argc, char **argv)
 {
  pthread_t tid[4];
  int i;
  int error;
  (void)argc; /* we don't use any arguments in this example */
  (void)argv;
  init_locks();
  for(i=0; i< 4; i++) {
    error = pthread_create(&tid[i],
                           NULL, /* default attributes please */
                           pull_one_url,
                           (void *)urls[i]);
    if(0 != error)
      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
    else
      fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]);
  }
  /* now wait for all threads to terminate */
  for(i=0; i< 4; i++) {
    error = pthread_join(tid[i], NULL);
    fprintf(stderr, "Thread %d terminated\n", i);
  }
  kill_locks();
  return 0;
 }
--- a/docs/libcurl/Makefile.am
+++ b/docs/libcurl/Makefile.am
@@ -18,7 +18,8 @@ man_MANS = curl_easy_cleanup.3 curl_easy_getinfo.3 curl_easy_init.3	 \
 curl_multi_strerror.3 curl_share_strerror.3 curl_global_init_mem.3	 \
 libcurl-tutorial.3 curl_easy_reset.3 curl_easy_escape.3		 \
 curl_easy_unescape.3 curl_multi_setopt.3 curl_multi_socket.3		 \
- curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3
+ curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3		 \
 curl_easy_pause.3
 HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html		  \
 curl_easy_init.html curl_easy_perform.html curl_easy_setopt.html	  \
@@ -36,7 +37,7 @@ HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html		  \
 curl_share_strerror.html curl_global_init_mem.html libcurl-tutorial.html \
 curl_easy_reset.html curl_easy_escape.html curl_easy_unescape.html	  \
 curl_multi_setopt.html curl_multi_socket.html curl_multi_timeout.html	  \
- curl_formget.html curl_multi_assign.html
+ curl_formget.html curl_multi_assign.html curl_easy_pause.html
 PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf curl_easy_init.pdf \
 curl_easy_perform.pdf curl_easy_setopt.pdf curl_easy_duphandle.pdf	  \
@@ -53,7 +54,7 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf curl_easy_init.pdf \
 curl_share_strerror.pdf curl_global_init_mem.pdf libcurl-tutorial.pdf	  \
 curl_easy_reset.pdf curl_easy_escape.pdf curl_easy_unescape.pdf	  \
 curl_multi_setopt.pdf curl_multi_socket.pdf curl_multi_timeout.pdf	  \
- curl_formget.pdf curl_multi_assign.pdf
+ curl_formget.pdf curl_multi_assign.pdf curl_easy_pause.pdf
 CLEANFILES = $(HTMLPAGES) $(PDFPAGES)
--- a/docs/libcurl/curl_easy_pause.3
+++ b/docs/libcurl/curl_easy_pause.3
@@ -0,0 +1,63 @@
 .\" $Id$
 .\"
 .TH curl_easy_pause 3 "17 Dec 2007" "libcurl 7.18.0" "libcurl Manual"
 .SH NAME
 curl_easy_pause - pause and unpause a connection
 .SH SYNOPSIS
 .B #include <curl/curl.h>
 .BI "CURLcode curl_easy_pause(CURL *"handle ", int "bitmask " );"
 .SH DESCRIPTION
 Using this function, you can explicitly mark a running connection to get
 paused, and you can unpause a connection that was previously paused.
 A connection can made to pause by using this function or by letting the read
 or the write callbacks return the proper magic return code
 (\fICURL_READFUNC_PAUSE\fP and \fICURL_WRITEFUNC_PAUSE\fP).
 NOTE: while it may feel tempting, take care and notice that you cannot call
 this function from another thread.
 When this function is called to unpause reading, the chance is high that you
 will get your write callback called before this function returns.
 The \fBhandle\fP argument is of course identifying the handle that operates on
 the connection you want to pause or unpause.
 The \fBbitmask\fP argument is a set of bits that sets the new state of the
 connection. The following bits can be used:
 .IP CURLPAUSE_RECV
 Pause receiving data. There will be no data received on this conneciton until
 this function is called again without this bit set. Thus, the write callback
 (\fICURLOPT_WRITEFUNCTION\fP) won't be called.
 .IP CURLPAUSE_SEND
 Pause sending data. There will be no data sent on this connection until this
 function is called again without this bit set. Thus, the read callback
 (\fICURLOPT_READFUNCTION\fP) won't be called.
 .IP CURLPAUSE_ALL
 Convenience define that pauses both directions.
 .IP CURLPAUSE_CONT
 Convenience define that unpauses both directions
 .SH RETURN VALUE
 CURLE_OK (zero) means that the option was set properly, and a non-zero return
 code means something wrong occurred after the new state was set.  See the
 \fIlibcurl-errors(3)\fP man page for the full list with descriptions.
 .SH AVAILABILITY
 This function was added in libcurl 7.18.0. Before this version, there was no
 explicit support for pausing transfers.
 .SH "MEMORY USE"
 When pausing a read by returning the magic return code from a write callback,
 the read data is already in libcurl's internal buffers so it'll have to keep
 it in an allocated buffer until the reading is again unpaused using this
 function.
 If the downloaded data is compressed and is asked to get uncompressed
 automatially on download, libcurl will continue to uncompress the entire
 downloaded chunk and it will cache the data uncompressed. This has the side-
 effect that if you download something that is compressed a lot, it can result
 in a very large data amount needing to be allocated to save the data during
 the pause. This said, you should probably consider not using paused reading if
 you allow libcurl to uncompress data automatically.
 .SH "SEE ALSO"
 .BR curl_easy_cleanup "(3), " curl_easy_reset "(3)"
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH curl_easy_setopt 3 "30 Aug 2007" "libcurl 7.17.0" "libcurl Manual"
+.TH curl_easy_setopt 3 "5 Jan 2008" "libcurl 7.18.0" "libcurl Manual"
 .SH NAME
 curl_easy_setopt \- set options for a curl easy handle
 .SH SYNOPSIS
@@ -95,6 +95,10 @@ of bytes actually taken care of. If that amount differs from the amount passed
 to your function, it'll signal an error to the library and it will abort the
 transfer and return \fICURLE_WRITE_ERROR\fP.
 From 7.18.0, the function can return CURL_WRITEFUNC_PAUSE which then will
 cause writing to this connection to become paused. See
 \fIcurl_easy_pause(3)\fP for further details.
 This function may be called with zero bytes data if the transfered file is
 empty.
@@ -142,6 +146,10 @@ The read callback may return \fICURL_READFUNC_ABORT\fP to stop the current
 operation immediately, resulting in a \fICURLE_ABORTED_BY_CALLBACK\fP error
 code from the transfer (Added in 7.12.1)
 From 7.18.0, the function can return CURL_READFUNC_PAUSE which then will cause
 reading from this connection to become paused. See \fIcurl_easy_pause(3)\fP
 for further details.
 If you set the callback pointer to NULL, or doesn't set it at all, the default
 internal read function will be used. It is simply doing an fread() on the FILE
 * stream set with \fICURLOPT_READDATA\fP.
@@ -163,11 +171,32 @@ something special I/O-related needs to be done that the library can't do by
 itself. For now, rewinding the read data stream is the only action it can
 request. The rewinding of the read data stream may be necessary when doing a
 HTTP PUT or POST with a multi-pass authentication method.  (Option added in
-7.12.3)
+7.12.3).
 Use \fICURLOPT_SEEKFUNCTION\fP instead to provide seeking!
 .IP CURLOPT_IOCTLDATA
 Pass a pointer that will be untouched by libcurl and passed as the 3rd
 argument in the ioctl callback set with \fICURLOPT_IOCTLFUNCTION\fP.  (Option
 added in 7.12.3)
 .IP CURLOPT_SEEKFUNCTION
 Function pointer that should match the following prototype: \fIint
 function(void *instream, curl_off_t offset, int origin);\fP This function gets
 called by libcurl to seek to a certain position in the input stream and can be
 used to fast forward a file in a resumed upload (instead of reading all
 uploaded bytes with the normal read function/callback). It is also called to
 rewind a stream when doing a HTTP PUT or POST with a multi-pass authentication
 method. The function shall work like "fseek" or "lseek" and accepted SEEK_SET,
 SEEK_CUR and SEEK_END as argument for origin, although (in 7.18.0) libcurl
 only passes SEEK_SET. The callback must return 0 on success as returning
 non-zero will cause the upload operation to fail.
 If you forward the input arguments directly to "fseek" or "lseek", note that
 the data type for \fIoffset\fP is not the same as defined for curl_off_t on
 many systems! (Option added in 7.18.0)
 .IP CURLOPT_SEEKDATA
 Data pointer to pass to the file read function. If you use the
 \fICURLOPT_SEEKFUNCTION\fP option, this is the pointer you'll get as input. If
 you don't specify a seek callback, NULL is passed. (Option added in 7.18.0)
 .IP CURLOPT_SOCKOPTFUNCTION
 Function pointer that should match the \fIcurl_sockopt_callback\fP prototype
 found in \fI<curl/curl.h>\fP. This function gets called by libcurl after the
@@ -281,6 +310,9 @@ Pass a pointer to whatever you want passed in to your
 \fICURLOPT_DEBUGFUNCTION\fP in the last void * argument. This pointer is not
 used by libcurl, it is only passed to the callback.
 .IP CURLOPT_SSL_CTX_FUNCTION
 This option does only function for libcurl powered by OpenSSL. If libcurl was
 built against another SSL library, this functionality is absent.
 Function pointer that should match the following prototype: \fBCURLcode
 sslctxfun(CURL *curl, void *sslctx, void *parm);\fP This function gets called
 by libcurl just before the initialization of an SSL connection after having
@@ -430,13 +462,21 @@ Pass a long with this option to set the proxy port to connect to unless it is
 specified in the proxy string \fICURLOPT_PROXY\fP.
 .IP CURLOPT_PROXYTYPE
 Pass a long with this option to set type of the proxy. Available options for
-this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_SOCKS4\fP (added in 7.15.2)
+this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_SOCKS4\fP (added in 7.15.2),
-\fICURLPROXY_SOCKS5\fP. The HTTP type is default. (Added in 7.10)
+\fICURLPROXY_SOCKS5\fP, \fICURLPROXY_SOCKS4A\fP (added in 7.18.0) and
 \fICURLPROXY_SOCKS5_HOSTNAME\fP (added in 7.18.0). The HTTP type is
 default. (Added in 7.10)
 .IP CURLOPT_HTTPPROXYTUNNEL
 Set the parameter to non-zero to get the library to tunnel all operations
 through a given HTTP proxy. There is a big difference between using a proxy
 and to tunnel through it. If you don't know what this means, you probably
 don't want this tunneling option.
 .IP CURLOPT_SOCKS5_RESOLVE_LOCAL
 Set the parameter to 1 to get the library to resolve the host name locally
 instead of passing it to the proxy to resolve, when using a SOCKS5 proxy.
 Note that libcurl before 7.18.0 always resolved the host name locally even
 when SOCKS5 was used. (Added in 7.18.0)
 .IP CURLOPT_INTERFACE
 Pass a char * as parameter. This set the interface name to use as outgoing
 network interface. The name can be an interface name, an IP address or a host
@@ -670,7 +710,9 @@ and \fICURLOPT_READDATA\fP options but then you must make sure to not set
 \fICURLOPT_POSTFIELDS\fP to anything but NULL. When providing data with a
 callback, you must transmit it using chunked transfer-encoding or you must set
 the size of the data with the \fICURLOPT_POSTFIELDSIZE\fP or
-\fICURLOPT_POSTFIELDSIZE_LARGE\fP option.
+\fICURLOPT_POSTFIELDSIZE_LARGE\fP option. To enable chunked encoding, you
 simply pass in the appropriate Transfer-Encoding header, see the
 post-callback.c example.
 You can override the default POST Content-Type: header by setting your own
 with \fICURLOPT_HTTPHEADER\fP.
@@ -1064,6 +1106,13 @@ or similar.
 libcurl does not do a complete ASCII conversion when doing ASCII transfers
 over FTP. This is a known limitation/flaw that nobody has rectified. libcurl
 simply sets the mode to ascii and performs a standard transfer.
 .IP CURLOPT_PROXY_TRANSFER_MODE
 Pass a long. If the value is set to 1 (one), it tells libcurl to set the
 transfer mode (binary or ASCII) for FTP transfers done via an HTTP proxy, by
 appending ;type=a or ;type=i to the URL. Without this setting, or it being
 set to 0 (zero, the default), \fICURLOPT_TRANSFERTEXT\fP has no effect when
 doing FTP via a proxy. Beware that not all proxies support this feature.
 (Added in 7.18.0)
 .IP CURLOPT_CRLF
 Convert Unix newlines to CRLF newlines on transfers.
 .IP CURLOPT_RANGE
@@ -1073,6 +1122,8 @@ transfers also support several intervals, separated with commas as in
 \fI"X-Y,N-M"\fP. Using this kind of multiple intervals will cause the HTTP
 server to send the response document in pieces (using standard MIME separation
 techniques). Pass a NULL to this option to disable the use of ranges.
 Ranges work on HTTP, FTP and FILE (since 7.18.0) transfers only.
 .IP CURLOPT_RESUME_FROM
 Pass a long as parameter. It contains the offset in number of bytes that you
 want the transfer to start from. Set this option to 0 to make the transfer
@@ -1326,15 +1377,19 @@ operations.
 If the crypto device cannot be set, \fICURLE_SSL_ENGINE_SETFAILED\fP is
 returned.
 Note that even though this option doesn't need any parameter, in some
 configurations \fIcurl_easy_setopt\fP might be defined as a macro taking
 exactly three arguments. Therefore, it's recommended to pass 1 as parameter to
 this option.
 .IP CURLOPT_SSLVERSION
 Pass a long as parameter to control what version of SSL/TLS to attempt to use.
 The available options are:
 .RS
 .IP CURL_SSLVERSION_DEFAULT
-The default action. When libcurl built with OpenSSL or NSS, this will attempt
+The default action. This will attempt to figure out the remote SSL protocol
-to figure out the remote SSL protocol version. Unfortunately there are a lot of
+version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled
-ancient and broken servers in use which cannot handle this technique and will
+by default with 7.18.1).
 fail to connect. When libcurl is built with GnuTLS, this will mean SSLv3.
 .IP CURL_SSLVERSION_TLSv1
 Force TLSv1
 .IP CURL_SSLVERSION_SSLv2
@@ -1491,6 +1546,14 @@ this curl handle use the data from the shared handle instead of keeping the
 data to itself. This enables several curl handles to share data. If the curl
 handles are used simultaneously, you \fBMUST\fP use the locking methods in the
 share handle. See \fIcurl_share_setopt(3)\fP for details.
 If you add a share that is set to share cookies, your easy handle will use
 that cookie cache and get the cookie engine enabled. If you unshare an object
 that were using cookies (or change to another object that doesn't share
 cookies), the easy handle will get its cookie engine disabled.
 Data that the share object is not set to share will be dealt with the usual
 way, as if no share was used.
 .IP CURLOPT_NEW_FILE_PERMS
 Pass a long as a parameter, containing the value of the permissions that will
 be assigned to newly created files on the remote server.  The default value is
--- a/docs/libcurl/curl_multi_setopt.3
+++ b/docs/libcurl/curl_multi_setopt.3
@@ -47,10 +47,11 @@ changes. The timeout value is at what latest time the application should call
 one of the \&"performing" functions of the multi interface
 (\fIcurl_multi_socket(3)\fP, \fIcurl_multi_socket_all(3)\fP and
 \fIcurl_multi_perform(3)\fP) - to allow libcurl to keep timeouts and retries
-etc to work. Libcurl attempts to limit calling this only when the fixed future
+etc to work. A timeout value of -1 means that there is no timeout at all, and
-timeout time actually change. See also \fICURLMOPT_TIMERDATA\fP. This callback
+0 means that the timeout is already reached. Libcurl attempts to limit calling
-can be used instead of, or in addition to, \fIcurl_multi_timeout(3)\fP. (Added
+this only when the fixed future timeout time actually change. See also
-in 7.16.0)
+\fICURLMOPT_TIMERDATA\fP. This callback can be used instead of, or in addition
 to, \fIcurl_multi_timeout(3)\fP. (Added in 7.16.0)
 .IP CURLMOPT_TIMERDATA
 Pass a pointer to whatever you want passed to the
 \fBcurl_multi_timer_callback\fP's third argument, the userp pointer.  This is
--- a/docs/libcurl/curl_multi_socket.3
+++ b/docs/libcurl/curl_multi_socket.3
@@ -27,7 +27,7 @@ application has detected action on a socket handled by libcurl, it should call
 socket with the action. When the events on a socket are known, they can be
 passed as an events bitmask \fBev_bitmask\fP by first setting \fBev_bitmask\fP
 to 0, and then adding using bitwise OR (|) any combination of events to be
-choosen from CURL_CSELECT_IN, CURL_CSELECT_OUT or CURL_CSELECT_ERR. When the
+chosen from CURL_CSELECT_IN, CURL_CSELECT_OUT or CURL_CSELECT_ERR. When the
 events on a socket are unknown, pass 0 instead, and libcurl will test the
 descriptor internally.
@@ -45,17 +45,20 @@ socket callback function set with the CURLMOPT_SOCKETFUNCTION option to
 \fIcurl_multi_setopt(3)\fP. They update the status with changes since the
 previous time this function was called.
-To force libcurl to (re-)check all its internal sockets and transfers instead
+Force libcurl to (re-)check all its internal sockets and transfers instead of
-of just a single one, you call \fBcurl_multi_socket_all(3)\fP. This is
+just a single one by calling \fBcurl_multi_socket_all(3)\fP. This is typically
-typically done as the first function call before the application has any
+done as the first function call before the application has any knowledge about
-knowledge about what sockets libcurl uses.
+what sockets libcurl uses.
-Applications should call \fBcurl_multi_timeout(3)\fP to figure out how long to
+Get the timeout time - how long to wait for socket actions at most before
-wait for socket actions \- at most \- before doing the timeout action: call
+doing the timeout action: call the \fBcurl_multi_socket(3)\fP function with
-the \fBcurl_multi_socket(3)\fP function with the \fBsockfd\fP argument set to
+the \fBsockfd\fP argument set to CURL_SOCKET_TIMEOUT, by setting the
-CURL_SOCKET_TIMEOUT.
+\fICURLMOPT_TIMERFUNCTION\fP option with \fIcurl_multi_setopt(3)\fP. You can
 also use the \fIcurl_multi_timeout(3)\fP function to poll the value at any
 given time, but for an event-based system using the callback is far better
 than relying on polling the timeout value.
-Usage of \fIcurl_multi_socket(3)\fP is depricated, whereas the function is
+Usage of \fIcurl_multi_socket(3)\fP is deprecated, whereas the function is
 equivalent to \fIcurl_multi_socket_action(3)\fP, when \fBev_bitmask\fP is set 
 to 0.
@@ -91,7 +94,7 @@ register, interested in write readiness
 .IP "CURL_POLL_INOUT (3)"
 register, interested in both read and write readiness
 .IP "CURL_POLL_REMOVE (4)"
-deregister
+unregister
 .RE
 The \fIsocketp\fP argument is a private pointer you have previously set with
@@ -131,7 +134,7 @@ them for activity. This can be done through your application code, or by way
 of an external library such as libevent or glib.
 7. Wait for activity on any of libcurl's sockets, use the timeout value your
-calback has been told
+callback has been told
 8, When activity is detected, call curl_multi_socket_action() for the
 socket(s) that got action. If no activity is detected and the timeout expires,
--- a/docs/libcurl/curl_multi_timeout.3
+++ b/docs/libcurl/curl_multi_timeout.3
@@ -23,6 +23,10 @@ The timeout value returned in the long \fBtimeout\fP points to, is in number
 of milliseconds at this very moment. If 0, it means you should proceed
 immediately without waiting for anything. If it returns -1, there's no timeout
 at all set.
 Note: if libcurl returns a -1 timeout here, it just means that libcurl
 currently has no stored timeout value. You must not wait too long (more than a
 few seconds perhaps) before you call curl_multi_perform() again.
 .SH "RETURN VALUE"
 The standard CURLMcode for multi interface error codes.
 .SH "TYPICAL USAGE"
@@ -30,7 +34,7 @@ Call \fBcurl_multi_timeout(3)\fP, then wait for action on the sockets. You
 figure out which sockets to wait for by calling \fBcurl_multi_fdset(3)\fP or
 by a previous call to \fBcurl_multi_socket(3)\fP.
 .SH AVAILABILITY
-This function was added in libcurl 7.15.4, although not deemed stable yet.
+This function was added in libcurl 7.15.4.
 .SH "SEE ALSO"
 .BR curl_multi_cleanup "(3), " curl_multi_init "(3), "
 .BR curl_multi_fdset "(3), " curl_multi_info_read "(3), "
--- a/include/curl/Makefile.am
+++ b/include/curl/Makefile.am
@@ -1,5 +1,6 @@
 pkginclude_HEADERS = \
-	curl.h curlver.h easy.h mprintf.h stdcheaders.h types.h multi.h
+	curl.h curlver.h easy.h mprintf.h stdcheaders.h types.h multi.h \
 	typecheck-gcc.h
 pkgincludedir= $(includedir)/curl
 CLEANFILES = *dist
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -29,6 +29,14 @@
 #include "curlver.h" /* the libcurl version defines */
 /*
 * Define WIN32 when build target is Win32 API
 */
 #if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
 #define WIN32
 #endif
 #include <stdio.h>
 #include <limits.h>
@@ -41,12 +49,42 @@
 # include <time.h>
 #endif /* defined (vms) */
-typedef void CURL;
+#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__GNUC__) && \
  !defined(__CYGWIN__) || defined(__MINGW32__)
 #if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H))
 /* The check above prevents the winsock2 inclusion if winsock.h already was
   included, since they can't co-exist without problems */
 #include <winsock2.h>
 #include <ws2tcpip.h>
 #endif
 #else
 /* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
   libc5-based Linux systems. Only include it on system that are known to
   require it! */
 #if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || defined(__minix)
 #include <sys/select.h>
 #endif
 #ifndef _WIN32_WCE
 #include <sys/socket.h>
 #endif
 #ifndef __WATCOMC__
 #include <sys/time.h>
 #endif
 #include <sys/types.h>
 #endif
 #ifdef __BEOS__
 #include <support/SupportDefs.h>
 #endif
 #ifdef  __cplusplus
 extern "C" {
 #endif
 typedef void CURL;
 /*
 * Decorate exportable functions for Win32 DLL linking.
 * This avoids using a .def file for building libcurl.dll.
@@ -139,38 +177,6 @@ extern "C" {
 #undef FILESIZEBITS
 #endif
 #if defined(_WIN32) && !defined(WIN32)
 /* Chris Lewis mentioned that he doesn't get WIN32 defined, only _WIN32 so we
   make this adjustment to catch this. */
 #define WIN32 1
 #endif
 #if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__GNUC__) && \
  !defined(__CYGWIN__) || defined(__MINGW32__)
 #if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H))
 /* The check above prevents the winsock2 inclusion if winsock.h already was
   included, since they can't co-exist without problems */
 #include <winsock2.h>
 #include <ws2tcpip.h>
 #endif
 #else
 /* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
   libc5-based Linux systems. Only include it on system that are known to
   require it! */
 #if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || defined(__minix)
 #include <sys/select.h>
 #endif
 #ifndef _WIN32_WCE
 #include <sys/socket.h>
 #endif
 #ifndef __WATCOMC__
 #include <sys/time.h>
 #endif
 #include <sys/types.h>
 #endif
 #ifndef curl_socket_typedef
 /* socket typedef */
 #ifdef WIN32
@@ -224,7 +230,9 @@ typedef int (*curl_progress_callback)(void *clientp,
     time for those who feel adventurous. */
 #define CURL_MAX_WRITE_SIZE 16384
 #endif
-
+/* This is a magic return code for the write callback that, when returned,
   will signal libcurl to pause receving on the current transfer. */
 #define CURL_WRITEFUNC_PAUSE 0x10000001
 typedef size_t (*curl_write_callback)(char *buffer,
                                      size_t size,
                                      size_t nitems,
@@ -233,6 +241,13 @@ typedef size_t (*curl_write_callback)(char *buffer,
 /* This is a return code for the read callback that, when returned, will
   signal libcurl to immediately abort the current transfer. */
 #define CURL_READFUNC_ABORT 0x10000000
 /* This is a return code for the read callback that, when returned, will
   signal libcurl to pause sending data on the current transfer. */
 #define CURL_READFUNC_PAUSE 0x10000001
 typedef int (*curl_seek_callback)(void *instream,
                                  curl_off_t offset,
 				  int origin); /* 'whence' */
 typedef size_t (*curl_read_callback)(char *buffer,
                                      size_t size,
                                      size_t nitems,
@@ -251,7 +266,9 @@ struct curl_sockaddr {
  int family;
  int socktype;
  int protocol;
-  socklen_t addrlen;
+  unsigned int addrlen; /* addrlen was a socklen_t type before 7.18.0 but it
                           turned really ugly and painful on the systems that
                           lack this type */
  struct sockaddr addr;
 };
@@ -487,10 +504,15 @@ typedef CURLcode (*curl_ssl_ctx_callback)(CURL *curl,    /* easy handle */
                                          void *userptr);
 typedef enum {
-  CURLPROXY_HTTP = 0,
+  CURLPROXY_HTTP = 0,   /* added in 7.10 */
-  CURLPROXY_SOCKS4 = 4,
+  CURLPROXY_SOCKS4 = 4, /* support added in 7.15.2, enum existed already
-  CURLPROXY_SOCKS5 = 5
+                           in 7.10 */
-} curl_proxytype;
+  CURLPROXY_SOCKS5 = 5, /* added in 7.10 */
  CURLPROXY_SOCKS4A = 6, /* added in 7.18.0 */
  CURLPROXY_SOCKS5_HOSTNAME = 7 /* Use the SOCKS5 protocol but pass along the
                                   host name rather than the IP address. added
                                   in 7.18.0 */
 } curl_proxytype;  /* this enum was added in 7.10 */
 #define CURLAUTH_NONE         0       /* nothing */
 #define CURLAUTH_BASIC        (1<<0)  /* Basic (default) */
@@ -935,7 +957,7 @@ typedef enum {
  CINIT(SHARE, OBJECTPOINT, 100),
  /* indicates type of proxy. accepted values are CURLPROXY_HTTP (default),
-     CURLPROXY_SOCKS4 and CURLPROXY_SOCKS5. */
+     CURLPROXY_SOCKS4, CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5. */
  CINIT(PROXYTYPE, LONG, 101),
  /* Set the Accept-Encoding string. Use this to tell a server you would like
@@ -1159,6 +1181,13 @@ typedef enum {
  /* POST volatile input fields. */
  CINIT(COPYPOSTFIELDS, OBJECTPOINT, 165),
  /* set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy */
  CINIT(PROXY_TRANSFER_MODE, LONG, 166),
  /* Callback function for seeking in the input stream */
  CINIT(SEEKFUNCTION, FUNCTIONPOINT, 167),
  CINIT(SEEKDATA, OBJECTPOINT, 168),
  CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;
@@ -1241,10 +1270,6 @@ typedef enum {
  CURL_TIMECOND_LAST
 } curl_TimeCond;
 #ifdef __BEOS__
 #include <support/SupportDefs.h>
 #endif
 /* curl_strequal() and curl_strnequal() are subject for removal in a future
   libcurl, see lib/README.curlx for details */
@@ -1737,6 +1762,26 @@ CURL_EXTERN const char *curl_easy_strerror(CURLcode);
 */
 CURL_EXTERN const char *curl_share_strerror(CURLSHcode);
 /*
 * NAME curl_easy_pause()
 *
 * DESCRIPTION
 *
 * The curl_easy_pause function pauses or unpauses transfers. Select the new
 * state by setting the bitmask, use the convenience defines below.
 *
 */
 CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int bitmask);
 #define CURLPAUSE_RECV      (1<<0)
 #define CURLPAUSE_RECV_CONT (0)
 #define CURLPAUSE_SEND      (1<<2)
 #define CURLPAUSE_SEND_CONT (0)
 #define CURLPAUSE_ALL       (CURLPAUSE_RECV|CURLPAUSE_SEND)
 #define CURLPAUSE_CONT      (CURLPAUSE_RECV_CONT|CURLPAUSE_SEND_CONT)
 #ifdef  __cplusplus
 }
 #endif
@@ -1746,4 +1791,20 @@ CURL_EXTERN const char *curl_share_strerror(CURLSHcode);
 #include "easy.h" /* nothing in curl is fun without the easy stuff */
 #include "multi.h"
 /* the typechecker doesn't work in C++ (yet) */
 #if (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3)) && \
    !defined(__cplusplus)
 #include "typecheck-gcc.h"
 #else
 #if defined(__STDC__) && (__STDC__ >= 1) 
 /* This preprocessor magic that replaces a call with the exact same call is
   only done to make sure application authors pass exactly three arguments
   to these functions. */
 #define curl_easy_setopt(handle,opt,param) curl_easy_setopt(handle,opt,param)
 #define curl_easy_getinfo(handle,info,arg) curl_easy_getinfo(handle,info,arg)
 #define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
 #define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
 #endif /* __STDC__ >= 1 */
 #endif /* gcc >= 4.3 && !__cplusplus */
 #endif /* __CURL_CURL_H */
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -26,14 +26,17 @@
 /* This header file contains nothing but libcurl version info, generated by
   a script at release-time. This was made its own header file in 7.11.2 */
 /* This is the global package copyright */
 #define LIBCURL_COPYRIGHT "1996 - 2008 Daniel Stenberg, <daniel@haxx.se>."
 /* This is the version number of the libcurl package from which this header
   file origins: */
-#define LIBCURL_VERSION "7.17.1-CVS"
+#define LIBCURL_VERSION "7.18.1-CVS"
 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBCURL_VERSION_MAJOR 7
-#define LIBCURL_VERSION_MINOR 17
+#define LIBCURL_VERSION_MINOR 18
 #define LIBCURL_VERSION_PATCH 1
 /* This is the numeric version of the libcurl version number, meant for easier
@@ -51,7 +54,7 @@
   and it is always a greater number in a more recent release. It makes
   comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071101
+#define LIBCURL_VERSION_NUM 0x071201
 /*
 * This is the date and time when the full source package was created. The
--- a/include/curl/typecheck-gcc.h
+++ b/include/curl/typecheck-gcc.h
@@ -0,0 +1,539 @@
 #ifndef __CURL_TYPECHECK_GCC_H
 #define __CURL_TYPECHECK_GCC_H
 /***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at http://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 * $Id$
 ***************************************************************************/
 /* wraps curl_easy_setopt() with typechecking */
 /* To add a new kind of warning, add an
 *   if(_curl_is_sometype_option(_curl_opt) && ! _curl_is_sometype(value))
 *     _curl_easy_setopt_err_sometype();
 * block and define _curl_is_sometype_option, _curl_is_sometype and
 * _curl_easy_setopt_err_sometype below
 *
 * To add an option that uses the same type as an existing option, you'll just
 * need to extend the appropriate _curl_*_option macro
 */
 #define curl_easy_setopt(handle, option, value)                               \
 __extension__ ({                                                              \
  __typeof__ (option) _curl_opt = option;                                     \
  if (__builtin_constant_p(_curl_opt)) {                                      \
    if (_curl_is_long_option(_curl_opt) && !_curl_is_long(value))             \
      _curl_easy_setopt_err_long();                                           \
    if (_curl_is_off_t_option(_curl_opt) && !_curl_is_off_t(value))           \
      _curl_easy_setopt_err_curl_off_t();                                     \
    if (_curl_is_string_option(_curl_opt) && !_curl_is_string(value))         \
      _curl_easy_setopt_err_string();                                         \
    if (_curl_is_write_cb_option(_curl_opt) && !_curl_is_write_cb(value))     \
      _curl_easy_setopt_err_write_callback();                                 \
    if ((_curl_opt) == CURLOPT_READFUNCTION && !_curl_is_read_cb(value))      \
      _curl_easy_setopt_err_read_cb();                                        \
    if ((_curl_opt) == CURLOPT_IOCTLFUNCTION && !_curl_is_ioctl_cb(value))    \
      _curl_easy_setopt_err_ioctl_cb();                                       \
    if ((_curl_opt) == CURLOPT_SOCKOPTFUNCTION && !_curl_is_sockopt_cb(value))\
      _curl_easy_setopt_err_sockopt_cb();                                     \
    if ((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION &&                          \
            !_curl_is_opensocket_cb(value))                                   \
      _curl_easy_setopt_err_opensocket_cb();                                  \
    if ((_curl_opt) == CURLOPT_PROGRESSFUNCTION &&                            \
            !_curl_is_progress_cb(value))                                     \
      _curl_easy_setopt_err_progress_cb();                                    \
    if ((_curl_opt) == CURLOPT_DEBUGFUNCTION && !_curl_is_debug_cb(value))    \
      _curl_easy_setopt_err_debug_cb();                                       \
    if ((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION &&                            \
            !_curl_is_ssl_ctx_cb(value))                                      \
      _curl_easy_setopt_err_ssl_ctx_cb();                                     \
    if (_curl_is_conv_cb_option(_curl_opt) && !_curl_is_conv_cb(value))       \
      _curl_easy_setopt_err_conv_cb();                                        \
    if ((_curl_opt) == CURLOPT_SEEKFUNCTION && !_curl_is_seek_cb(value))      \
      _curl_easy_setopt_err_seek_cb();                                        \
    if (_curl_is_cb_data_option(_curl_opt) && !_curl_is_cb_data(value))       \
      _curl_easy_setopt_err_cb_data();                                        \
    if ((_curl_opt) == CURLOPT_ERRORBUFFER && !_curl_is_error_buffer(value))  \
      _curl_easy_setopt_err_error_buffer();                                   \
    if ((_curl_opt) == CURLOPT_STDERR && !_curl_is_FILE(value))               \
      _curl_easy_setopt_err_FILE();                                           \
    if (_curl_is_postfields_option(_curl_opt) && !_curl_is_postfields(value)) \
      _curl_easy_setopt_err_postfields();                                     \
    if ((_curl_opt) == CURLOPT_HTTPPOST &&                                    \
            !_curl_is_arr((value), struct curl_httppost))                     \
      _curl_easy_setopt_err_curl_httpost();                                   \
    if (_curl_is_slist_option(_curl_opt) &&                                   \
            !_curl_is_arr((value), struct curl_slist))                        \
      _curl_easy_setopt_err_curl_slist();                                     \
    if ((_curl_opt) == CURLOPT_SHARE && !_curl_is_ptr((value), CURLSH))       \
      _curl_easy_setopt_err_CURLSH();                                         \
  }                                                                           \
  curl_easy_setopt(handle, _curl_opt, value);                                 \
 })
 /* wraps curl_easy_getinfo() with typechecking */
 /* FIXME: don't allow const pointers */
 #define curl_easy_getinfo(handle, info, arg)                                  \
 __extension__ ({                                                              \
  __typeof__ (info) _curl_info = info;                                        \
  if (__builtin_constant_p(_curl_info)) {                                     \
    if (_curl_is_string_info(_curl_info) && !_curl_is_arr((arg), char *))     \
      _curl_easy_getinfo_err_string();                                        \
    if (_curl_is_long_info(_curl_info) && !_curl_is_arr((arg), long))         \
      _curl_easy_getinfo_err_long();                                          \
    if (_curl_is_double_info(_curl_info) && !_curl_is_arr((arg), double))     \
      _curl_easy_getinfo_err_double();                                        \
    if (_curl_is_slist_info(_curl_info) &&                                    \
           !_curl_is_arr((arg), struct curl_slist *))                         \
      _curl_easy_getinfo_err_curl_slist();                                    \
  }                                                                           \
  curl_easy_getinfo(handle, _curl_info, arg);                                 \
 })
 /* TODO: typechecking for curl_share_setopt() and curl_multi_setopt(),
 * for now just make sure that the functions are called with three
 * arguments
 */
 #define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
 #define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
 /* the actual warnings, triggered by calling the _curl_easy_setopt_err*
 * functions */
 /* To define a new warning, use _CURL_WARNING(identifier, "message") */
 #define _CURL_WARNING(id, message)                                            \
  static void __attribute__((warning(message))) __attribute__((unused))       \
  __attribute__((noinline)) id(void) { __asm__(""); }
 _CURL_WARNING(_curl_easy_setopt_err_long,
  "curl_easy_setopt expects a long argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_curl_off_t,
  "curl_easy_setopt expects a curl_off_t argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_string,
  "curl_easy_setopt expects a string (char* or char[]) argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_write_callback,
  "curl_easy_setopt expects a curl_write_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_read_cb,
  "curl_easy_setopt expects a curl_read_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_ioctl_cb,
  "curl_easy_setopt expects a curl_ioctl_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_sockopt_cb,
  "curl_easy_setopt expects a curl_sockopt_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_opensocket_cb,
  "curl_easy_setopt expects a curl_opensocket_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_progress_cb,
  "curl_easy_setopt expects a curl_progress_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_debug_cb,
  "curl_easy_setopt expects a curl_debug_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_ssl_ctx_cb,
  "curl_easy_setopt expects a curl_ssl_ctx_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_conv_cb,
  "curl_easy_setopt expects a curl_conv_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_seek_cb,
  "curl_easy_setopt expects a curl_seek_callback argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_cb_data,
  "curl_easy_setopt expects a private data pointer as argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_error_buffer,
  "curl_easy_setopt expects a char buffer of CURL_ERROR_SIZE as argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_FILE,
  "curl_easy_setopt expects a FILE* argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_postfields,
  "curl_easy_setopt expects a void* or char* argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_curl_httpost,
  "curl_easy_setopt expects a struct curl_httppost* argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_curl_slist,
  "curl_easy_setopt expects a struct curl_slist* argument for this option")
 _CURL_WARNING(_curl_easy_setopt_err_CURLSH,
  "curl_easy_setopt expects a CURLSH* argument for this option")
 _CURL_WARNING(_curl_easy_getinfo_err_string,
  "curl_easy_getinfo expects a pointer to char * for this info")
 _CURL_WARNING(_curl_easy_getinfo_err_long,
  "curl_easy_getinfo expects a pointer to long for this info")
 _CURL_WARNING(_curl_easy_getinfo_err_double,
  "curl_easy_getinfo expects a pointer to double for this info")
 _CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
  "curl_easy_getinfo expects a pointer to struct curl_slist * for this info")
 /* groups of curl_easy_setops options that take the same type of argument */
 /* To add a new option to one of the groups, just add
 *   (option) == CURLOPT_SOMETHING
 * to the or-expression. If the option takes a long or curl_off_t, you don't
 * have to do anything
 */
 /* evaluates to true if option takes a long argument */
 #define _curl_is_long_option(option)                                          \
  (0 < (option) && (option) < CURLOPTTYPE_OBJECTPOINT)
 #define _curl_is_off_t_option(option)                                         \
  ((option) > CURLOPTTYPE_OFF_T)
 /* evaluates to true if option takes a char* argument */
 #define _curl_is_string_option(option)                                        \
  ((option) == CURLOPT_URL ||                                                 \
   (option) == CURLOPT_PROXY ||                                               \
   (option) == CURLOPT_INTERFACE ||                                           \
   (option) == CURLOPT_NETRC_FILE ||                                          \
   (option) == CURLOPT_USERPWD ||                                             \
   (option) == CURLOPT_PROXYUSERPWD ||                                        \
   (option) == CURLOPT_ENCODING ||                                            \
   (option) == CURLOPT_REFERER ||                                             \
   (option) == CURLOPT_USERAGENT ||                                           \
   (option) == CURLOPT_COOKIE ||                                              \
   (option) == CURLOPT_COOKIEFILE ||                                          \
   (option) == CURLOPT_COOKIEJAR ||                                           \
   (option) == CURLOPT_COOKIELIST ||                                          \
   (option) == CURLOPT_FTPPORT ||                                             \
   (option) == CURLOPT_FTP_ALTERNATIVE_TO_USER ||                             \
   (option) == CURLOPT_FTP_ACCOUNT ||                                         \
   (option) == CURLOPT_RANGE ||                                               \
   (option) == CURLOPT_CUSTOMREQUEST ||                                       \
   (option) == CURLOPT_SSLCERT ||                                             \
   (option) == CURLOPT_SSLCERTTYPE ||                                         \
   (option) == CURLOPT_SSLKEY ||                                              \
   (option) == CURLOPT_SSLKEYTYPE ||                                          \
   (option) == CURLOPT_KEYPASSWD ||                                           \
   (option) == CURLOPT_SSLENGINE ||                                           \
   (option) == CURLOPT_CAINFO ||                                              \
   (option) == CURLOPT_CAPATH ||                                              \
   (option) == CURLOPT_RANDOM_FILE ||                                         \
   (option) == CURLOPT_EGDSOCKET ||                                           \
   (option) == CURLOPT_SSL_CIPHER_LIST ||                                     \
   (option) == CURLOPT_KRBLEVEL ||                                            \
   (option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 ||                             \
   (option) == CURLOPT_SSH_PUBLIC_KEYFILE ||                                  \
   (option) == CURLOPT_SSH_PRIVATE_KEYFILE ||                                 \
   0)
 /* evaluates to true if option takes a curl_write_callback argument */
 #define _curl_is_write_cb_option(option)                                      \
  ((option) == CURLOPT_HEADERFUNCTION ||                                      \
   (option) == CURLOPT_WRITEFUNCTION)
 /* evaluates to true if option takes a curl_conv_callback argument */
 #define _curl_is_conv_cb_option(option)                                       \
  ((option) == CURLOPT_CONV_TO_NETWORK_FUNCTION ||                            \
   (option) == CURLOPT_CONV_FROM_NETWORK_FUNCTION ||                          \
   (option) == CURLOPT_CONV_FROM_UTF8_FUNCTION)
 /* evaluates to true if option takes a data argument to pass to a callback */
 #define _curl_is_cb_data_option(option)                                       \
  ((option) == CURLOPT_WRITEDATA ||                                           \
   (option) == CURLOPT_READDATA ||                                            \
   (option) == CURLOPT_IOCTLDATA ||                                           \
   (option) == CURLOPT_SOCKOPTDATA ||                                         \
   (option) == CURLOPT_OPENSOCKETDATA ||                                      \
   (option) == CURLOPT_PROGRESSDATA ||                                        \
   (option) == CURLOPT_WRITEHEADER ||                                         \
   (option) == CURLOPT_DEBUGDATA ||                                           \
   (option) == CURLOPT_SSL_CTX_DATA ||                                        \
   (option) == CURLOPT_SEEKDATA ||                                            \
   (option) == CURLOPT_PRIVATE ||                                             \
   0)
 /* evaluates to true if option takes a POST data argument (void* or char*) */
 #define _curl_is_postfields_option(option)                                    \
  ((option) == CURLOPT_POSTFIELDS ||                                          \
   (option) == CURLOPT_COPYPOSTFIELDS ||                                      \
   0)
 /* evaluates to true if option takes a struct curl_slist * argument */
 #define _curl_is_slist_option(option)                                         \
  ((option) == CURLOPT_HTTPHEADER ||                                          \
   (option) == CURLOPT_HTTP200ALIASES ||                                      \
   (option) == CURLOPT_QUOTE ||                                               \
   (option) == CURLOPT_POSTQUOTE ||                                           \
   (option) == CURLOPT_PREQUOTE ||                                            \
   (option) == CURLOPT_TELNETOPTIONS ||                                       \
   0)
 /* groups of curl_easy_getinfo infos that take the same type of argument */
 /* evaluates to true if info expects a pointer to char * argument */
 #define _curl_is_string_info(info)                                            \
  (CURLINFO_STRING < (info) && (info) < CURLINFO_LONG)
 /* evaluates to true if info expects a pointer to long argument */
 #define _curl_is_long_info(info)                                              \
  (CURLINFO_LONG < (info) && (info) < CURLINFO_DOUBLE)
 /* evaluates to true if info expects a pointer to double argument */
 #define _curl_is_double_info(info)                                            \
  (CURLINFO_DOUBLE < (info) && (info) < CURLINFO_SLIST)
 /* evaluates to true if info expects a pointer to struct curl_slist * argument */
 #define _curl_is_slist_info(info)                                             \
  (CURLINFO_SLIST < (info))
 /* typecheck helpers -- check whether given expression has requested type*/
 /* For pointers, you can use the _curl_is_ptr/_curl_is_arr macros,
 * otherwise define a new macro. Search for __builtin_types_compatible_p
 * in the GCC manual.
 * NOTE: these macros MUST NOT EVALUATE their arguments! The argument is
 * the actual expression passed to the curl_easy_setopt macro. This
 * means that you can only apply the sizeof and __typeof__ operators, no
 * == or whatsoever.
 */
 /* XXX: should evaluate to true iff expr is a pointer */
 #define _curl_is_any_ptr(expr)                                                \
  (sizeof(expr) == sizeof(void*))
 /* evaluates to true if expr is NULL */
 /* XXX: must not evaluate expr, so this check is not accurate */
 #define _curl_is_NULL(expr)                                                   \
  (__builtin_types_compatible_p(__typeof__(expr), __typeof__(NULL)))
 /* evaluates to true if expr is type*, const type* or NULL */
 #define _curl_is_ptr(expr, type)                                              \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), type *) ||                  \
   __builtin_types_compatible_p(__typeof__(expr), const type *))
 /* evaluates to true if expr is one of type[], type*, NULL or const type* */
 #define _curl_is_arr(expr, type)                                              \
  (_curl_is_ptr((expr), type) ||                                              \
   __builtin_types_compatible_p(__typeof__(expr), type []))
 /* evaluates to true if expr is a string */
 #define _curl_is_string(expr)                                                 \
  (_curl_is_arr((expr), char) ||                                              \
   _curl_is_arr((expr), signed char) ||                                       \
   _curl_is_arr((expr), unsigned char))
 /* evaluates to true if expr is a long (no matter the signedness)
 * XXX: for now, int is also accepted (and therefore short and char, which
 * are promoted to int when passed to a variadic function) */
 #define _curl_is_long(expr)                                                   \
  (__builtin_types_compatible_p(__typeof__(expr), long) ||                    \
   __builtin_types_compatible_p(__typeof__(expr), signed long) ||             \
   __builtin_types_compatible_p(__typeof__(expr), unsigned long) ||           \
   __builtin_types_compatible_p(__typeof__(expr), int) ||                     \
   __builtin_types_compatible_p(__typeof__(expr), signed int) ||              \
   __builtin_types_compatible_p(__typeof__(expr), unsigned int) ||            \
   __builtin_types_compatible_p(__typeof__(expr), short) ||                   \
   __builtin_types_compatible_p(__typeof__(expr), signed short) ||            \
   __builtin_types_compatible_p(__typeof__(expr), unsigned short) ||          \
   __builtin_types_compatible_p(__typeof__(expr), char) ||                    \
   __builtin_types_compatible_p(__typeof__(expr), signed char) ||             \
   __builtin_types_compatible_p(__typeof__(expr), unsigned char))
 /* evaluates to true if expr is of type curl_off_t */
 #define _curl_is_off_t(expr)                                                  \
  (__builtin_types_compatible_p(__typeof__(expr), curl_off_t))
 /* evaluates to true if expr is abuffer suitable for CURLOPT_ERRORBUFFER */
 /* XXX: also check size of an char[] array? */
 #define _curl_is_error_buffer(expr)                                           \
  (__builtin_types_compatible_p(__typeof__(expr), char *) ||                  \
   __builtin_types_compatible_p(__typeof__(expr), char[]))
 /* evaluates to true if expr is of type (const) void* or (const) FILE* */
 #if 0
 #define _curl_is_cb_data(expr)                                                \
  (_curl_is_ptr((expr), void) ||                                              \
   _curl_is_ptr((expr), FILE))
 #else /* be less strict */
 #define _curl_is_cb_data(expr)                                                \
  _curl_is_any_ptr(expr)
 #endif
 /* evaluates to true if expr is of type FILE* */
 #define _curl_is_FILE(expr)                                                   \
  (__builtin_types_compatible_p(__typeof__(expr), FILE *))
 /* evaluates to true if expr can be passed as POST data (void* or char*) */
 #define _curl_is_postfields(expr)                                             \
  (_curl_is_ptr((expr), void) ||                                              \
   _curl_is_arr((expr), char))
 /* FIXME: the whole callback checking is messy...
 * The idea is to tolerate char vs. void and const vs. not const
 * pointers in arguments at least
 */
 /* helper: __builtin_types_compatible_p distinguishes between functions and
 * function pointers, hide it */
 #define _curl_callback_compatible(func, type)                                 \
  (__builtin_types_compatible_p(__typeof__(func), type) ||                    \
   __builtin_types_compatible_p(__typeof__(func), type*))
 /* evaluates to true if expr is of type curl_read_callback or "similar" */
 #define _curl_is_read_cb(expr)                                          \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), __typeof__(fread)) ||       \
   __builtin_types_compatible_p(__typeof__(expr), curl_read_callback) ||      \
   _curl_callback_compatible((expr), _curl_read_callback1) ||                 \
   _curl_callback_compatible((expr), _curl_read_callback2) ||                 \
   _curl_callback_compatible((expr), _curl_read_callback3) ||                 \
   _curl_callback_compatible((expr), _curl_read_callback4) ||                 \
   _curl_callback_compatible((expr), _curl_read_callback5) ||                 \
   _curl_callback_compatible((expr), _curl_read_callback6))
 typedef size_t (_curl_read_callback1)(char *, size_t, size_t, void*);
 typedef size_t (_curl_read_callback2)(char *, size_t, size_t, const void*);
 typedef size_t (_curl_read_callback3)(char *, size_t, size_t, FILE*);
 typedef size_t (_curl_read_callback4)(void *, size_t, size_t, void*);
 typedef size_t (_curl_read_callback5)(void *, size_t, size_t, const void*);
 typedef size_t (_curl_read_callback6)(void *, size_t, size_t, FILE*);
 /* evaluates to true if expr is of type curl_write_callback or "similar" */
 #define _curl_is_write_cb(expr)                                               \
  (_curl_is_read_cb(expr) ||                                            \
   __builtin_types_compatible_p(__typeof__(expr), __typeof__(fwrite)) ||      \
   __builtin_types_compatible_p(__typeof__(expr), curl_write_callback) ||     \
   _curl_callback_compatible((expr), _curl_write_callback1) ||                \
   _curl_callback_compatible((expr), _curl_write_callback2) ||                \
   _curl_callback_compatible((expr), _curl_write_callback3) ||                \
   _curl_callback_compatible((expr), _curl_write_callback4) ||                \
   _curl_callback_compatible((expr), _curl_write_callback5) ||                \
   _curl_callback_compatible((expr), _curl_write_callback6))
 typedef size_t (_curl_write_callback1)(const char *, size_t, size_t, void*);
 typedef size_t (_curl_write_callback2)(const char *, size_t, size_t, const void*);
 typedef size_t (_curl_write_callback3)(const char *, size_t, size_t, FILE*);
 typedef size_t (_curl_write_callback4)(const void *, size_t, size_t, void*);
 typedef size_t (_curl_write_callback5)(const void *, size_t, size_t, const void*);
 typedef size_t (_curl_write_callback6)(const void *, size_t, size_t, FILE*);
 /* evaluates to true if expr is of type curl_ioctl_callback or "similar" */
 #define _curl_is_ioctl_cb(expr)                                         \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), curl_ioctl_callback) ||     \
   _curl_callback_compatible((expr), _curl_ioctl_callback1) ||                \
   _curl_callback_compatible((expr), _curl_ioctl_callback2) ||                \
   _curl_callback_compatible((expr), _curl_ioctl_callback3) ||                \
   _curl_callback_compatible((expr), _curl_ioctl_callback4))
 typedef curlioerr (_curl_ioctl_callback1)(CURL *, int, void*);
 typedef curlioerr (_curl_ioctl_callback2)(CURL *, int, const void*);
 typedef curlioerr (_curl_ioctl_callback3)(CURL *, curliocmd, void*);
 typedef curlioerr (_curl_ioctl_callback4)(CURL *, curliocmd, const void*);
 /* evaluates to true if expr is of type curl_sockopt_callback or "similar" */
 #define _curl_is_sockopt_cb(expr)                                       \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), curl_sockopt_callback) ||   \
   _curl_callback_compatible((expr), _curl_sockopt_callback1) ||              \
   _curl_callback_compatible((expr), _curl_sockopt_callback2))
 typedef int (_curl_sockopt_callback1)(void *, curl_socket_t, curlsocktype);
 typedef int (_curl_sockopt_callback2)(const void *, curl_socket_t, curlsocktype);
 /* evaluates to true if expr is of type curl_opensocket_callback or "similar" */
 #define _curl_is_opensocket_cb(expr)                                    \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), curl_opensocket_callback) ||\
   _curl_callback_compatible((expr), _curl_opensocket_callback1) ||           \
   _curl_callback_compatible((expr), _curl_opensocket_callback2) ||           \
   _curl_callback_compatible((expr), _curl_opensocket_callback3) ||           \
   _curl_callback_compatible((expr), _curl_opensocket_callback4))
 typedef curl_socket_t (_curl_opensocket_callback1)
  (void *, curlsocktype, struct curl_sockaddr *);
 typedef curl_socket_t (_curl_opensocket_callback2)
  (void *, curlsocktype, const struct curl_sockaddr *);
 typedef curl_socket_t (_curl_opensocket_callback3)
  (const void *, curlsocktype, struct curl_sockaddr *);
 typedef curl_socket_t (_curl_opensocket_callback4)
  (const void *, curlsocktype, const struct curl_sockaddr *);
 /* evaluates to true if expr is of type curl_progress_callback or "similar" */
 #define _curl_is_progress_cb(expr)                                      \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), curl_progress_callback) ||  \
   _curl_callback_compatible((expr), _curl_progress_callback1) ||             \
   _curl_callback_compatible((expr), _curl_progress_callback2))
 typedef int (_curl_progress_callback1)(void *,
    double, double, double, double);
 typedef int (_curl_progress_callback2)(const void *,
    double, double, double, double);
 /* evaluates to true if expr is of type curl_debug_callback or "similar" */
 #define _curl_is_debug_cb(expr)                                         \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), curl_debug_callback) ||     \
   _curl_callback_compatible((expr), _curl_debug_callback1) ||                \
   _curl_callback_compatible((expr), _curl_debug_callback2) ||                \
   _curl_callback_compatible((expr), _curl_debug_callback3) ||                \
   _curl_callback_compatible((expr), _curl_debug_callback4))
 typedef int (_curl_debug_callback1) (CURL *,
    curl_infotype, char *, size_t, void *);
 typedef int (_curl_debug_callback2) (CURL *,
    curl_infotype, char *, size_t, const void *);
 typedef int (_curl_debug_callback3) (CURL *,
    curl_infotype, const char *, size_t, void *);
 typedef int (_curl_debug_callback4) (CURL *,
    curl_infotype, const char *, size_t, const void *);
 /* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */
 /* this is getting even messier... */
 #define _curl_is_ssl_ctx_cb(expr)                                       \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), curl_ssl_ctx_callback) ||   \
   _curl_callback_compatible((expr), _curl_ssl_ctx_callback1) ||              \
   _curl_callback_compatible((expr), _curl_ssl_ctx_callback2) ||              \
   _curl_callback_compatible((expr), _curl_ssl_ctx_callback3) ||              \
   _curl_callback_compatible((expr), _curl_ssl_ctx_callback4) ||              \
   _curl_callback_compatible((expr), _curl_ssl_ctx_callback5) ||              \
   _curl_callback_compatible((expr), _curl_ssl_ctx_callback6) ||              \
   _curl_callback_compatible((expr), _curl_ssl_ctx_callback7) ||              \
   _curl_callback_compatible((expr), _curl_ssl_ctx_callback8))
 typedef CURLcode (_curl_ssl_ctx_callback1)(CURL *, void *, void *);
 typedef CURLcode (_curl_ssl_ctx_callback2)(CURL *, void *, const void *);
 typedef CURLcode (_curl_ssl_ctx_callback3)(CURL *, const void *, void *);
 typedef CURLcode (_curl_ssl_ctx_callback4)(CURL *, const void *, const void *);
 #ifdef HEADER_SSL_H
 /* hack: if we included OpenSSL's ssl.h, we know about SSL_CTX
 * this will of course break if we're included before OpenSSL headers...
 */
 typedef CURLcode (_curl_ssl_ctx_callback5)(CURL *, SSL_CTX, void *);
 typedef CURLcode (_curl_ssl_ctx_callback6)(CURL *, SSL_CTX, const void *);
 typedef CURLcode (_curl_ssl_ctx_callback7)(CURL *, const SSL_CTX, void *);
 typedef CURLcode (_curl_ssl_ctx_callback8)(CURL *, const SSL_CTX, const void *);
 #else
 typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback5;
 typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback6;
 typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback7;
 typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback8;
 #endif
 /* evaluates to true if expr is of type curl_conv_callback or "similar" */
 #define _curl_is_conv_cb(expr)                                          \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), curl_conv_callback) ||      \
   _curl_callback_compatible((expr), _curl_conv_callback1) ||                 \
   _curl_callback_compatible((expr), _curl_conv_callback2) ||                 \
   _curl_callback_compatible((expr), _curl_conv_callback3) ||                 \
   _curl_callback_compatible((expr), _curl_conv_callback4))
 typedef CURLcode (*_curl_conv_callback1)(char *, size_t length);
 typedef CURLcode (*_curl_conv_callback2)(const char *, size_t length);
 typedef CURLcode (*_curl_conv_callback3)(void *, size_t length);
 typedef CURLcode (*_curl_conv_callback4)(const void *, size_t length);
 /* evaluates to true if expr is of type curl_seek_callback or "similar" */
 #define _curl_is_seek_cb(expr)                                          \
  (_curl_is_NULL(expr) ||                                                     \
   __builtin_types_compatible_p(__typeof__(expr), curl_seek_callback) ||      \
   _curl_callback_compatible((expr), _curl_seek_callback1) ||                 \
   _curl_callback_compatible((expr), _curl_seek_callback2))
 typedef CURLcode (*_curl_seek_callback1)(void *, curl_off_t, int);
 typedef CURLcode (*_curl_seek_callback2)(const void *, curl_off_t, int);
 #endif /* __CURL_TYPECHECK_GCC_H */
--- a/lib/Makefile.Watcom
+++ b/lib/Makefile.Watcom
@@ -1,21 +1,32 @@
 #
 #  Watcom / OpenWatcom / Win32 makefile for libcurl.
-#  G. Vanem <giva@bgnett.no>
+#  G. Vanem <gvanem@broadpark.no>
 #
 # $Id$
-TARGETS = ca-bundle.h libcurl_wc.lib libcurl_wc.dll libcurl_wc_imp.lib
+TARGETS = ca-bundle.h libcurl_wc.dll libcurl_wc_imp.lib
 CC = wcc386
-CFLAGS = -3r -mf -d3 -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm -bt=nt -bd &
+CFLAGS = -3r -mf -d3 -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm -bt=nt &
-         -d+ -dWIN32 -dCURL_CA_BUNDLE=getenv("CURL_CA_BUNDLE")                     &
+         -bd -d+ -dWIN32 -dCURL_CA_BUNDLE=getenv("CURL_CA_BUNDLE")                 &
         -dBUILDING_LIBCURL -dWITHOUT_MM_LIB -dHAVE_SPNEGO=1 -dENABLE_IPV6         &
         -dDEBUG_THREADING_GETADDRINFO -dDEBUG=1 -dCURLDEBUG -d_WIN32_WINNT=0x0501 &
-         -I. -I..\include -dCURL_DISABLE_LDAP
+         -dWINBERAPI=__declspec(cdecl) -dWINLDAPAPI=__declspec(cdecl)              &
         -I. -I..\include
-OBJ_DIR  = Watcom_obj
+#
-LIB_ARG  = $(OBJ_DIR)\wlib.arg
+# Change to suite.
 #
 ZLIB_ROOT = ..\..\..\zlib-1.2.3
 USE_ZLIB  = 0
 !ifeq USE_ZLIB 1
 CFLAGS += -dHAVE_ZLIB_H -dHAVE_LIBZ -I$(ZLIB_ROOT)
 !endif
 OBJ_DIR  = WC_Win32.obj
 C_ARG    = $(OBJ_DIR)\wcc386.arg
 LINK_ARG = $(OBJ_DIR)\wlink.arg
 OBJS = $(OBJ_DIR)\base64.obj           $(OBJ_DIR)\connect.obj     &
@@ -50,7 +61,7 @@ OBJS = $(OBJ_DIR)\base64.obj           $(OBJ_DIR)\connect.obj     &
 RESOURCE = $(OBJ_DIR)\libcurl.res
-all: $(OBJ_DIR) $(TARGETS) .SYMBOLIC
+all: $(OBJ_DIR) $(C_ARG) $(TARGETS) .SYMBOLIC
 	@echo Welcome to libcurl
 $(OBJ_DIR):
@@ -59,17 +70,14 @@ $(OBJ_DIR):
 ca-bundle.h:
 	@echo /* dummy ca-bundle.h. Not used */ > $@
-libcurl_wc.lib: $(OBJS) $(LIB_ARG)
+libcurl_wc.dll libcurl_wc_imp.lib: $(OBJS) $(RESOURCE) $(LINK_ARG)
 	wlib -q -b -c $@ @$(LIB_ARG)
 libcurl_wc.dll: $(OBJS) $(RESOURCE) $(LINK_ARG)
 	wlink name libcurl_wc.dll @$(LINK_ARG)
 clean: .SYMBOLIC
 	- rm -f $(OBJS) $(RESOURCE)
 vclean realclean: clean .SYMBOLIC
-	- rm -f $(TARGETS) $(LIB_ARG) $(LINK_ARG) libcurl_wc.map
+	- rm -f $(TARGETS) $(C_ARG) $(LINK_ARG) libcurl_wc.map
 	- rmdir $(OBJ_DIR)
 .ERASE
@@ -78,12 +86,11 @@ $(RESOURCE): libcurl.rc
 .ERASE
 .c{$(OBJ_DIR)}.obj:
-	$(CC) $[@ $(CFLAGS) -fo=$@
+	$(CC) $[@ @$(C_ARG) -fo=$@
 	@echo .
-$(LIB_ARG): $(__MAKEFILES__)
+$(C_ARG): $(__MAKEFILES__)
 	%create $^@
-	for %f in ($(OBJS)) do @%append $^@ +- %f
+	%append $^@ $(CFLAGS)
 $(LINK_ARG): $(__MAKEFILES__)
 	%create $^@
@@ -91,7 +98,10 @@ $(LINK_ARG): $(__MAKEFILES__)
 	@%append $^@ file { $(OBJS) }
 	@%append $^@ option quiet, map, caseexact, eliminate, implib=libcurl_wc_imp.lib,
 	@%append $^@ res=$(RESOURCE) libpath $(%watcom)\lib386;$(%watcom)\lib386\nt
-	@%append $^@ library clib3r.lib, ws2_32.lib
+	@%append $^@ library clib3r.lib, wldap32.lib, ws2_32.lib
 !ifeq USE_ZLIB 1
 	@%append $^@ library $(ZLIB_ROOT)\zlib.lib
 !endif
 #
 # Dependencies based on "gcc -MM .."
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -30,12 +30,12 @@ DOCS = README.encoding README.memoryleak README.ares README.curlx	\
 EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 Makefile.riscos	\
 $(DSP) curllib.dsw config-win32.h config-win32ce.h config-riscos.h	\
- config-mac.h config.h.in ca-bundle.crt makefile.dj config.dos		\
+ config-mac.h config.h.in makefile.dj config.dos		\
 libcurl.framework.make libcurl.plist libcurl.rc config-amigaos.h	\
 amigaos.c amigaos.h makefile.amiga Makefile.netware nwlib.c nwos.c	\
 libcurl.imp msvcproj.head msvcproj.foot config-win32ce.h		\
 config-os400.h setup-os400.h \
- Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ)
+ Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ) mk-ca-bundle.pl
 CLEANFILES = $(DSP) $(VCPROJ)
@@ -111,14 +111,13 @@ $(top_builddir)/lib/ca-bundle.h: Makefile.in Makefile
 if CABUNDLE
 	echo '#define CURL_CA_BUNDLE @CURL_CA_BUNDLE@' >> $@
 else
-	echo '#undef CURL_CA_BUNDLE /* unknown */' >> $@
+	echo '#undef CURL_CA_BUNDLE /* unknown default path */' >> $@
 endif
 if CAPATH
 	echo '#define CURL_CA_PATH @CURL_CA_PATH@' >> $@
 else
 	echo '#undef CURL_CA_PATH /* unknown default path */' >>$@
 endif
 install-data-hook:
 	@if test -n "@CURL_CA_BUNDLE@"; then \
 	  $(mkinstalldirs) `dirname $(DESTDIR)@CURL_CA_BUNDLE@`; \
 	  @INSTALL_DATA@ $(srcdir)/ca-bundle.crt $(DESTDIR)@CURL_CA_BUNDLE@; \
        fi
 # this hook is mainly for non-unix systems to build even if configure
 # isn't run
--- a/lib/Makefile.m32
+++ b/lib/Makefile.m32
@@ -1,8 +1,8 @@
 #########################################################################
 # $Id$
 #
-## Makefile for building libcurl.a with MingW32 (GCC-3.2) and
+## Makefile for building libcurl.a with MingW32 (GCC-3.2)
-## optionally OpenSSL (0.9.8), libssh2 (0.17), zlib (1.2.3)
+## and optionally OpenSSL (0.9.8), libssh2 (0.18), zlib (1.2.3)
 ##
 ## Usage:
 ## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
@@ -21,11 +21,11 @@ ZLIB_PATH = ../../zlib-1.2.3
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8e
+OPENSSL_PATH = ../../openssl-0.9.8g
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-0.17
+LIBSSH2_PATH = ../../libssh2-0.18
 endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
@@ -41,7 +41,7 @@ LDFLAGS = -s
 RANLIB = ranlib
 RC = windres
 RCFLAGS = --include-dir=../include -DCURLDEBUG=0 -O COFF -i
-RM = del /q /f
+RM = del /q /f > NUL 2>&1
 STRIP = strip -g
 ########################################################
--- a/lib/Makefile.netware
+++ b/lib/Makefile.netware
@@ -20,12 +20,12 @@ endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8e
+OPENSSL_PATH = ../../openssl-0.9.8g
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-0.16
+LIBSSH2_PATH = ../../libssh2-0.18
 endif
 ifndef INSTDIR
@@ -35,13 +35,16 @@ endif
 # Edit the vars below to change NLM target settings.
 TARGET  = libcurl
 VERSION	= $(LIBCURL_VERSION)
-COPYR	= Copyright (C) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>
+COPYR	= Copyright (C) $(LIBCURL_COPYRIGHT_STR)
 DESCR	= cURL libcurl $(LIBCURL_VERSION_STR) ($(LIBARCH)) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
 SCREEN	= none
 EXPORTS	= @libcurl.imp
 # Uncomment the next line to enable linking with POSIX semantics.
 # POSIXFL = 1
 # Edit the var below to point to your lib architecture.
 ifndef LIBARCH
 LIBARCH = LIBC
@@ -71,11 +74,13 @@ ifdef METROWERKS
 else
 	CC = gcc
 endif
 PERL	= perl
 # a native win32 awk can be downloaded from here:
-# http://www.gknw.net/development/prgtools/awk-20050424.zip
+# http://www.gknw.net/development/prgtools/awk-20070501.zip
 AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
 MKDIR	= mkdir
 # RM	= rm -f
 # if you want to mark the target as MTSAFE you will need a tool for
 # generating the xdc data for the linker; here's a minimal tool:
@@ -102,7 +107,11 @@ CFLAGS	+= -msgstyle gcc -gccinc -inline off -opt nointrinsics -proc 586
 CFLAGS	+= -relax_pointers
 #CFLAGS	+= -w on
 ifeq ($(LIBARCH),LIBC)
 ifeq ($(POSIXFL),1)
 	PRELUDE = $(SDK_LIBC)/imports/posixpre.o
 else
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.o
 endif
 	CFLAGS += -align 4
 else
 	# PRELUDE = $(SDK_CLIB)/imports/clibpre.o
@@ -121,7 +130,11 @@ RANLIB	= ranlib
 CFLAGS	+= -fno-builtin -fpcc-struct-return -fno-strict-aliasing
 CFLAGS	+= -Wall # -pedantic
 ifeq ($(LIBARCH),LIBC)
 ifeq ($(POSIXFL),1)
 	PRELUDE = $(SDK_LIBC)/imports/posixpre.gcc.o
 else
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
 endif
 else
 	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
 	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
@@ -159,6 +172,7 @@ ifdef WITH_SSL
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
 	IMPORTS += GetProcessSwitchCount RunningProcess
 	INSTDEP += ca-bundle.crt
 endif
 ifdef WITH_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
@@ -226,11 +240,7 @@ $(OBJDIR)/version.inc: ../include/curl/curlver.h $(OBJDIR)
 	@echo Creating $@
 	@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
-dist: all
+install: $(INSTDIR) all $(INSTDEP)
 	-$(RM) $(OBJDIR)/*.o $(OBJDIR)/$(TARGET).map $(OBJDIR)/$(TARGET).ncv
 	-$(RM) $(OBJDIR)/$(TARGET).def $(OBJDIR)/version.inc $(XDCDATA)
 install: $(INSTDIR) all
 	@$(CP) $(TARGET).nlm $(INSTDIR)
 	@$(CP) $(TARGET).$(LIBEXT) $(INSTDIR)
 	@$(CP) ../CHANGES $(INSTDIR)
@@ -238,7 +248,7 @@ install: $(INSTDIR) all
 	@$(CP) ../README $(INSTDIR)
 	@$(CP) ../RELEASE-NOTES $(INSTDIR)
 ifdef WITH_SSL
-	@$(CP) ca-bundle.crt $(INSTDIR)
+	@-$(CP) ca-bundle.crt $(INSTDIR)/ca-bundle.crt
 endif
 clean:
@@ -246,13 +256,11 @@ clean:
 	-$(RM) -r $(OBJDIR)
 distclean: clean
-	-$(RM) -r $(TARGET).$(LIBEXT) $(TARGET).nlm
+	-$(RM) $(TARGET).$(LIBEXT) $(TARGET).nlm
 	-$(RM) certdata.txt ca-bundle.crt
-$(INSTDIR):
+$(OBJDIR) $(INSTDIR):
-	@mkdir $(INSTDIR)
+	@$(MKDIR) $@
 $(OBJDIR):
 	@mkdir $(OBJDIR)
 $(TARGET).$(LIBEXT): $(OBJS)
 	@echo Creating $@
@@ -305,27 +313,36 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)import @$(SDK_CLIB)/imports/threads.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_CLIB)/imports/nlmlib.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_CLIB)/imports/socklib.imp$(DL) >> $@
 	@echo $(DL)module clib$(DL) >> $@
 ifndef DISABLE_LDAP
 	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapsdk.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapssl.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
+#	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
-	@echo $(DL)module ldapsdk ldapssl ldapx$(DL) >> $@
+	@echo $(DL)module ldapsdk ldapssl$(DL) >> $@
 endif
 	@echo $(DL)module clib$(DL) >> $@
 else
 ifeq ($(POSIXFL),1)
 	@echo $(DL)flag_on 4194304$(DL) >> $@
 endif
 	@echo $(DL)pseudopreemption$(DL) >> $@
 ifeq ($(findstring posixpre,$(PRELUDE)),posixpre)
 	@echo $(DL)start POSIX_Start$(DL) >> $@
 	@echo $(DL)exit POSIX_Stop$(DL) >> $@
 	@echo $(DL)check POSIX_CheckUnload$(DL) >> $@
 else
 	@echo $(DL)start _LibCPrelude$(DL) >> $@
 	@echo $(DL)exit _LibCPostlude$(DL) >> $@
 	@echo $(DL)check _LibCCheckUnload$(DL) >> $@
 endif
 	@echo $(DL)import @$(SDK_LIBC)/imports/libc.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LIBC)/imports/netware.imp$(DL) >> $@
 	@echo $(DL)module libc$(DL) >> $@
 ifndef DISABLE_LDAP
 	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapsdk.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapssl.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
+#	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
-	@echo $(DL)module lldapsdk lldapssl lldapx$(DL) >> $@
+	@echo $(DL)module lldapsdk lldapssl$(DL) >> $@
 endif
 	@echo $(DL)module libc$(DL) >> $@
 endif
 ifdef MODULES
 	@echo $(DL)module $(MODULES)$(DL) >> $@
@@ -336,9 +353,9 @@ endif
 ifdef IMPORTS
 	@echo $(DL)import $(IMPORTS)$(DL) >> $@
 endif
-ifeq ($(LD),nlmconv)
+ifeq ($(findstring nlmconv,$(LD)),nlmconv)
 	@echo $(DL)input $(OBJL)$(DL) >> $@
 	@echo $(DL)input $(PRELUDE)$(DL) >> $@
 	@echo $(DL)input $(OBJL)$(DL) >> $@
 #ifdef LDLIBS
 #	@echo $(DL)input $(LDLIBS)$(DL) >> $@
 #endif
@@ -372,7 +389,6 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define socklen_t int$(DL) >> $@
 	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
 else
 	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
 	@echo $(DL)#define HAVE_FTRUNCATE 1$(DL) >> $@
@@ -405,7 +421,6 @@ else
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
 	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
 ifdef ENABLE_IPV6
 	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
 endif
@@ -556,4 +571,8 @@ endif
 $(ARES_LIB)/libcares.$(LIBEXT):
 	$(MAKE) -C $(ARES_LIB) -f Makefile.netware lib
 ca-bundle.crt: mk-ca-bundle.pl
 	@echo Creating $@
 	@-$(PERL) $< -b -n $@
--- a/lib/Makefile.vc6
+++ b/lib/Makefile.vc6
@@ -35,7 +35,7 @@ IMPLIB_NAME       = libcurl_imp
 IMPLIB_NAME_DEBUG = libcurld_imp
 !IFNDEF OPENSSL_PATH
-OPENSSL_PATH   = ../../openssl-0.9.8e
+OPENSSL_PATH   = ../../openssl-0.9.8g
 !ENDIF
 !IFNDEF ZLIB_PATH
@@ -58,7 +58,7 @@ MACHINE  = X86
 # It can be downloaded from:
 # http://www.microsoft.com/msdownload/platformsdk/sdkupdate/
-# USE_WINDOWS_SSPI = 1
+# WINDOWS_SSPI = 1
 !IFDEF WINDOWS_SSPI
 !IFNDEF WINDOWS_SDK_PATH
--- a/lib/ca-bundle.crt
+++ b/lib/ca-bundle.crt
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -347,6 +347,36 @@
 #define HAVE_LONGLONG 1
 #endif
 /* Define to avoid VS2005 complaining about portable C functions */
 #if defined(_MSC_VER) && (_MSC_VER >= 1400)
 #define _CRT_SECURE_NO_DEPRECATE 1
 #define _CRT_NONSTDC_NO_DEPRECATE 1
 #endif
 /* VS2005 and later dafault size for time_t is 64-bit, unless */
 /* _USE_32BIT_TIME_T has been defined to get a 32-bit time_t. */
 #if defined(_MSC_VER) && (_MSC_VER >= 1400)
 #  ifndef _USE_32BIT_TIME_T
 #    define SIZEOF_TIME_T 8
 #  else
 #    define SIZEOF_TIME_T 4
 #  endif
 #endif
 /* VS2008 does not support Windows build targets prior to WinXP, */
 /* so, if no build target has been defined we will target WinXP. */
 #if defined(_MSC_VER) && (_MSC_VER >= 1500)
 #  ifndef _WIN32_WINNT
 #    define _WIN32_WINNT 0x0501
 #  endif
 #  ifndef WINVER
 #    define WINVER 0x0501
 #  endif
 #  if (_WIN32_WINNT < 0x0501) || (WINVER < 0x0501)
 #    error VS2008 does not support Windows build targets prior to WinXP
 #  endif
 #endif
 /* ---------------------------------------------------------------- */
 /*                           LDAP SUPPORT                           */
 /* ---------------------------------------------------------------- */
@@ -370,10 +400,6 @@
 /*                       ADDITIONAL DEFINITIONS                     */
 /* ---------------------------------------------------------------- */
 /* Defines set for VS2005 to _not_ deprecate a few functions we use. */
 #define _CRT_SECURE_NO_DEPRECATE 1
 #define _CRT_NONSTDC_NO_DEPRECATE 1
 /* Define cpu-machine-OS */
 #undef OS
 #if defined(_M_IX86) || defined(__i386__) /* x86 (MSVC or gcc) */
--- a/lib/config-win32ce.h
+++ b/lib/config-win32ce.h
@@ -308,6 +308,22 @@
 /* Undef keyword 'const' if it does not work.  */
 /* #undef const */
 /* Define to avoid VS2005 complaining about portable C functions */
 #if defined(_MSC_VER) && (_MSC_VER >= 1400)
 #define _CRT_SECURE_NO_DEPRECATE 1
 #define _CRT_NONSTDC_NO_DEPRECATE 1
 #endif
 /* VS2005 and later dafault size for time_t is 64-bit, unless */
 /* _USE_32BIT_TIME_T has been defined to get a 32-bit time_t. */
 #if defined(_MSC_VER) && (_MSC_VER >= 1400)
 #  ifndef _USE_32BIT_TIME_T
 #    define SIZEOF_TIME_T 8
 #  else
 #    define SIZEOF_TIME_T 4
 #  endif
 #endif
 /* ---------------------------------------------------------------- */
 /*                           LDAP SUPPORT                           */
 /* ---------------------------------------------------------------- */
@@ -320,10 +336,6 @@
 /*                       ADDITIONAL DEFINITIONS                     */
 /* ---------------------------------------------------------------- */
 /* Defines set for VS2005 to _not_ deprecate a few functions we use. */
 #define _CRT_SECURE_NO_DEPRECATE 1
 #define _CRT_NONSTDC_NO_DEPRECATE 1
 /* Define cpu-machine-OS */
 #undef OS
 #define OS "i386-pc-win32ce"
--- a/lib/connect.c
+++ b/lib/connect.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -101,6 +101,66 @@ singleipconnect(struct connectdata *conn,
                long timeout_ms,
                bool *connected);
 /*
 * Curl_timeleft() returns the amount of milliseconds left allowed for the
 * transfer/connection. If the value is negative, the timeout time has already
 * elapsed.
 *
 * If 'nowp' is non-NULL, it points to the current time.
 * 'duringconnect' is FALSE if not during a connect, as then of course the
 * connect timeout is not taken into account!
 */
 long Curl_timeleft(struct connectdata *conn,
                   struct timeval *nowp,
                   bool duringconnect)
 {
  struct SessionHandle *data = conn->data;
  int timeout_set = 0;
  long timeout_ms = duringconnect?DEFAULT_CONNECT_TIMEOUT:0;
  struct timeval now;
  /* if a timeout is set, use the most restrictive one */
  if(data->set.timeout > 0)
    timeout_set |= 1;
  if(duringconnect && (data->set.connecttimeout > 0))
    timeout_set |= 2;
  switch (timeout_set) {
  case 1:
    timeout_ms = data->set.timeout;
    break;
  case 2:
    timeout_ms = data->set.connecttimeout;
    break;
  case 3:
    if(data->set.timeout < data->set.connecttimeout)
      timeout_ms = data->set.timeout;
    else
      timeout_ms = data->set.connecttimeout;
    break;
  default:
    /* use the default */
    if(!duringconnect)
      /* if we're not during connect, there's no default timeout so if we're
         at zero we better just return zero and not make it a negative number
         by the math below */
      return 0;
    break;
  }
  if(!nowp) {
    now = Curl_tvnow();
    nowp = &now;
  }
  /* substract elapsed time */
  timeout_ms -= Curl_tvdiff(*nowp, data->progress.t_startsingle);
  return timeout_ms;
 }
 /*
 * Curl_nonblock() set the given socket to either blocking or non-blocking
 * mode based on the 'nonblock' boolean argument. This function is highly
@@ -533,42 +593,33 @@ CURLcode Curl_is_connected(struct connectdata *conn,
  CURLcode code = CURLE_OK;
  curl_socket_t sockfd = conn->sock[sockindex];
  long allow = DEFAULT_CONNECT_TIMEOUT;
  long allow_total = 0;
  long has_passed;
  DEBUGASSERT(sockindex >= FIRSTSOCKET && sockindex <= SECONDARYSOCKET);
  *connected = FALSE; /* a very negative world view is best */
  /* Evaluate in milliseconds how much time that has passed */
  has_passed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
  /* subtract the most strict timeout of the ones */
  if(data->set.timeout && data->set.connecttimeout) {
    if (data->set.timeout < data->set.connecttimeout)
      allow_total = allow = data->set.timeout;
    else
      allow = data->set.connecttimeout;
  }
  else if(data->set.timeout) {
    allow_total = allow = data->set.timeout;
  }
  else if(data->set.connecttimeout) {
    allow = data->set.connecttimeout;
  }
  if(has_passed > allow ) {
    /* time-out, bail out, go home */
    failf(data, "Connection time-out after %ld ms", has_passed);
    return CURLE_OPERATION_TIMEDOUT;
  }
  if(conn->bits.tcpconnect) {
    /* we are connected already! */
    long allow_total = 0;
    /* subtract the most strict timeout of the ones */
    if(data->set.timeout)
      allow_total = data->set.timeout;
    Curl_expire(data, allow_total);
    *connected = TRUE;
    return CURLE_OK;
  }
  /* figure out how long time we have left to connect */
  allow = Curl_timeleft(conn, NULL, TRUE);
  if(allow < 0) {
    /* time-out, bail out, go home */
    failf(data, "Connection time-out");
    return CURLE_OPERATION_TIMEDOUT;
  }
  Curl_expire(data, allow);
  /* check for connect without timeout as we want to return immediately */
@@ -694,7 +745,7 @@ singleipconnect(struct connectdata *conn,
  addr->protocol=ai->ai_protocol;
  addr->addrlen =
    (ai->ai_addrlen < (socklen_t)sizeof(struct Curl_sockaddr_storage)) ?
-     ai->ai_addrlen : (socklen_t)sizeof(struct Curl_sockaddr_storage);
+     (unsigned int)ai->ai_addrlen : sizeof(struct Curl_sockaddr_storage);
  memcpy(&addr->addr, ai->ai_addr, addr->addrlen);
  /* If set, use opensocket callback to get the socket */
@@ -821,7 +872,6 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
  int num_addr;
  Curl_addrinfo *ai;
  Curl_addrinfo *curr_addr;
  int timeout_set = 0;
  struct timeval after;
  struct timeval before = Curl_tvnow();
@@ -834,40 +884,14 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
  *connected = FALSE; /* default to not connected */
-  /* if a timeout is set, use the most restrictive one */
+  /* get the timeout left */
  timeout_ms = Curl_timeleft(conn, &before, TRUE);
  if (data->set.timeout > 0)
    timeout_set += 1;
  if (data->set.connecttimeout > 0)
    timeout_set += 2;
  switch (timeout_set) {
  case 1:
    timeout_ms = data->set.timeout;
    break;
  case 2:
    timeout_ms = data->set.connecttimeout;
    break;
  case 3:
    if (data->set.timeout < data->set.connecttimeout)
      timeout_ms = data->set.timeout;
    else
      timeout_ms = data->set.connecttimeout;
    break;
  default:
    timeout_ms = DEFAULT_CONNECT_TIMEOUT;
    break;
  }
  if (timeout_set > 0) {
    /* if a timeout was already set, substract elapsed time */
    timeout_ms -= Curl_tvdiff(before, data->progress.t_startsingle);
  if(timeout_ms < 0) {
    /* a precaution, no need to continue if time already is up */
    failf(data, "Connection time-out");
    return CURLE_OPERATION_TIMEDOUT;
  }
  }
  Curl_expire(data, timeout_ms);
  /* Max time for each address */
--- a/lib/connect.h
+++ b/lib/connect.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -31,14 +31,20 @@ CURLcode Curl_is_connected(struct connectdata *conn,
                           bool *connected);
 CURLcode Curl_connecthost(struct connectdata *conn,
-                          const struct Curl_dns_entry *host, /* connect to this */
+                          const struct Curl_dns_entry *host, /* connect to
                                                                this */
                          curl_socket_t *sockconn, /* not set if error */
                          Curl_addrinfo **addr, /* the one we used */
-                          bool *connected /* truly connected? */
+                          bool *connected); /* truly connected? */
                          );
 CURLcode Curl_store_ip_addr(struct connectdata *conn);
 /* generic function that returns how much time there's left to run, according
   to the timeouts set */
 long Curl_timeleft(struct connectdata *conn,
                   struct timeval *nowp,
                   bool duringconnect);
 #define DEFAULT_CONNECT_TIMEOUT 300000 /* milliseconds == five minutes */
 #endif
--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@@ -77,7 +77,7 @@ exit_zlib(z_stream *z, zlibInitState *zlib_init, CURLcode result)
 static CURLcode
 inflate_stream(struct connectdata *conn,
-               struct Curl_transfer_keeper *k)
+               struct SingleRequest *k)
 {
  int allow_restart = 1;
  z_stream *z = &k->z;          /* zlib state structure */
@@ -152,7 +152,7 @@ inflate_stream(struct connectdata *conn,
 CURLcode
 Curl_unencode_deflate_write(struct connectdata *conn,
-                            struct Curl_transfer_keeper *k,
+                            struct SingleRequest *k,
                            ssize_t nread)
 {
  z_stream *z = &k->z;          /* zlib state structure */
@@ -265,7 +265,7 @@ static enum {
 CURLcode
 Curl_unencode_gzip_write(struct connectdata *conn,
-                         struct Curl_transfer_keeper *k,
+                         struct SingleRequest *k,
                         ssize_t nread)
 {
  z_stream *z = &k->z;          /* zlib state structure */
--- a/lib/content_encoding.h
+++ b/lib/content_encoding.h
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -32,10 +32,10 @@
 #endif
 CURLcode Curl_unencode_deflate_write(struct connectdata *conn,
-                                     struct Curl_transfer_keeper *k,
+                                     struct SingleRequest *req,
                                     ssize_t nread);
 CURLcode
 Curl_unencode_gzip_write(struct connectdata *conn,
-                         struct Curl_transfer_keeper *k,
+                         struct SingleRequest *k,
                         ssize_t nread);
--- a/lib/cookie.c
+++ b/lib/cookie.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -367,8 +367,12 @@ Curl_cookie_add(struct SessionHandle *data,
      else {
        if(sscanf(ptr, "%" MAX_COOKIE_LINE_TXT "[^;\r\n]",
                  what)) {
-          if(strequal("secure", what))
+          if(strequal("secure", what)) {
            co->secure = TRUE;
          }
          else if (strequal("httponly", what)) {
            co->httponly = TRUE;
          }
          /* else,
             unsupported keyword without assign! */
@@ -433,6 +437,19 @@ Curl_cookie_add(struct SessionHandle *data,
    char *tok_buf;
    int fields;
    /* IE introduced HTTP-only cookies to prevent XSS attacks. Cookies 
       marked with httpOnly after the domain name are not accessible  
       from javascripts, but since curl does not operate at javascript  
       level, we include them anyway. In Firefox's cookie files, these 
       lines are preceeded with #HttpOnly_ and then everything is
       as usual, so we skip 10 characters of the line..
    */
    if (strncmp(lineptr, "#HttpOnly_", 10) == 0) {
      lineptr += 10;
      co->httponly = TRUE;
    }
    if(lineptr[0]=='#') {
      /* don't even try the comments */
      free(co);
@@ -812,7 +829,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
 void Curl_cookie_clearall(struct CookieInfo *cookies)
 {
  if(cookies) {
-    Curl_cookie_freelist(cookies->cookies);
+    Curl_cookie_freelist(cookies->cookies, TRUE);
    cookies->cookies = NULL;
    cookies->numcookies = 0;
  }
@@ -824,16 +841,22 @@ void Curl_cookie_clearall(struct CookieInfo *cookies)
 *
 * Free a list of cookies previously returned by Curl_cookie_getlist();
 *
 * The 'cookiestoo' argument tells this function whether to just free the
 * list or actually also free all cookies within the list as well.
 *
 ****************************************************************************/
-void Curl_cookie_freelist(struct Cookie *co)
+void Curl_cookie_freelist(struct Cookie *co, bool cookiestoo)
 {
  struct Cookie *next;
  if(co) {
    while(co) {
      next = co->next;
-      free(co); /* we only free the struct since the "members" are all
+      if(cookiestoo)
-                      just copied! */
+        freecookie(co);
      else
        free(co); /* we only free the struct since the "members" are all just
                     pointed out in the main cookie list! */
      co = next;
    }
  }
@@ -867,7 +890,7 @@ void Curl_cookie_clearsess(struct CookieInfo *cookies)
      else
        prev->next = next;
-      free(curr);
+      freecookie(curr);
      cookies->numcookies--;
    }
    else
@@ -912,6 +935,7 @@ void Curl_cookie_cleanup(struct CookieInfo *c)
 static char *get_netscape_format(const struct Cookie *co)
 {
  return aprintf(
    "%s"     /* httponly preamble */
    "%s%s\t" /* domain */
    "%s\t"   /* tailmatch */
    "%s\t"   /* path */
@@ -919,6 +943,7 @@ static char *get_netscape_format(const struct Cookie *co)
    "%" FORMAT_OFF_T "\t"   /* expires */
    "%s\t"   /* name */
    "%s",    /* value */
    co->httponly?"#HttpOnly_":"",
    /* Make sure all domains are prefixed with a dot if they allow
       tailmatching. This is Mozilla-style. */
    (co->tailmatch && co->domain && co->domain[0] != '.')? ".":"",
--- a/lib/cookie.h
+++ b/lib/cookie.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -50,6 +50,7 @@ struct Cookie {
  bool secure;       /* whether the 'secure' keyword was used */
  bool livecookie;   /* updated from a server, not a stored file */
  bool httponly;     /* true if the httponly directive is present */
 };
 struct CookieInfo {
@@ -91,7 +92,7 @@ struct CookieInfo *Curl_cookie_init(struct SessionHandle *data,
                                    const char *, struct CookieInfo *, bool);
 struct Cookie *Curl_cookie_getlist(struct CookieInfo *, const char *,
 		                   const char *, bool);
-void Curl_cookie_freelist(struct Cookie *);
+void Curl_cookie_freelist(struct Cookie *cookies, bool cookiestoo);
 void Curl_cookie_clearall(struct CookieInfo *cookies);
 void Curl_cookie_clearsess(struct CookieInfo *cookies);
 void Curl_cookie_cleanup(struct CookieInfo *);
--- a/lib/dict.c
+++ b/lib/dict.c
@@ -87,7 +87,7 @@
 * Forward declarations.
 */
-static CURLcode Curl_dict(struct connectdata *conn, bool *done);
+static CURLcode dict_do(struct connectdata *conn, bool *done);
 /*
 * DICT protocol handler.
@@ -96,7 +96,7 @@ static CURLcode Curl_dict(struct connectdata *conn, bool *done);
 const struct Curl_handler Curl_handler_dict = {
  "DICT",                               /* scheme */
  ZERO_NULL,                            /* setup_connection */
-  Curl_dict,                            /* do_it */
+  dict_do,                              /* do_it */
  ZERO_NULL,                            /* done */
  ZERO_NULL,                            /* do_more */
  ZERO_NULL,                            /* connect_it */
@@ -142,7 +142,7 @@ static char *unescape_word(struct SessionHandle *data, const char *inp)
  return dictp;
 }
-static CURLcode Curl_dict(struct connectdata *conn, bool *done)
+static CURLcode dict_do(struct connectdata *conn, bool *done)
 {
  char *word;
  char *eword;
@@ -155,8 +155,8 @@ static CURLcode Curl_dict(struct connectdata *conn, bool *done)
  struct SessionHandle *data=conn->data;
  curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
-  char *path = data->reqdata.path;
+  char *path = data->state.path;
-  curl_off_t *bytecount = &data->reqdata.keep.bytecount;
+  curl_off_t *bytecount = &data->req.bytecount;
  *done = TRUE; /* unconditionally */
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -348,6 +348,7 @@ CURL *curl_easy_init(void)
 * easy handle.
 */
 #undef curl_easy_setopt
 CURLcode curl_easy_setopt(CURL *curl, CURLoption tag, ...)
 {
  va_list arg;
@@ -466,14 +467,24 @@ CURLcode curl_easy_perform(CURL *curl)
    return CURLE_BAD_FUNCTION_ARGUMENT;
  if( ! (data->share && data->share->hostcache) ) {
    /* this handle is not using a shared dns cache */
-    if (Curl_global_host_cache_use(data) &&
+    if(data->set.global_dns_cache &&
       (data->dns.hostcachetype != HCACHE_GLOBAL)) {
      /* global dns cache was requested but still isn't */
      struct curl_hash *ptr;
      if(data->dns.hostcachetype == HCACHE_PRIVATE)
        /* if the current cache is private, kill it first */
        Curl_hash_destroy(data->dns.hostcache);
-      data->dns.hostcache = Curl_global_host_cache_get();
+
      ptr = Curl_global_host_cache_init();
      if(ptr) {
        /* only do this if the global cache init works */
        data->dns.hostcache = ptr;
        data->dns.hostcachetype = HCACHE_GLOBAL;
      }
    }
    if(!data->dns.hostcache) {
      data->dns.hostcachetype = HCACHE_PRIVATE;
@@ -528,15 +539,16 @@ void Curl_easy_addmulti(struct SessionHandle *data,
 void Curl_easy_initHandleData(struct SessionHandle *data)
 {
-    memset(&data->reqdata, 0, sizeof(struct HandleData));
+    memset(&data->req, 0, sizeof(struct SingleRequest));
-    data->reqdata.maxdownload = -1;
+    data->req.maxdownload = -1;
 }
 /*
 * curl_easy_getinfo() is an external interface that allows an app to retrieve
 * information from a performed transfer and similar.
 */
 #undef curl_easy_getinfo
 CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...)
 {
  va_list arg;
@@ -676,11 +688,11 @@ void curl_easy_reset(CURL *curl)
 {
  struct SessionHandle *data = (struct SessionHandle *)curl;
-  Curl_safefree(data->reqdata.pathbuffer);
+  Curl_safefree(data->state.pathbuffer);
-  data->reqdata.pathbuffer=NULL;
+  data->state.pathbuffer=NULL;
-  Curl_safefree(data->reqdata.proto.generic);
+  Curl_safefree(data->state.proto.generic);
-  data->reqdata.proto.generic=NULL;
+  data->state.proto.generic=NULL;
  /* zero out UserDefined data: */
  Curl_freeset(data);
@@ -733,9 +745,11 @@ void curl_easy_reset(CURL *curl)
   */
  data->set.ssl.verifypeer = TRUE;
  data->set.ssl.verifyhost = 2;
-#ifdef CURL_CA_BUNDLE
+  /* This is our prefered CA cert bundle/path since install time */
-  /* This is our prefered CA cert bundle since install time */
+#if defined(CURL_CA_BUNDLE)
  (void) curl_easy_setopt(curl, CURLOPT_CAINFO, (char *) CURL_CA_BUNDLE);
 #elif defined(CURL_CA_PATH)
  (void) curl_easy_setopt(curl, CURLOPT_CAPATH, (char *) CURL_CA_PATH);
 #endif
  data->set.ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
@@ -744,6 +758,107 @@ void curl_easy_reset(CURL *curl)
  data->set.new_directory_perms = 0755; /* Default permissions */
 }
 /*
 * curl_easy_pause() allows an application to pause or unpause a specific
 * transfer and direction. This function sets the full new state for the
 * current connection this easy handle operates on.
 *
 * NOTE: if you have the receiving paused and you call this function to remove
 * the pausing, you may get your write callback called at this point.
 *
 * Action is a bitmask consisting of CURLPAUSE_* bits in curl/curl.h
 */
 CURLcode curl_easy_pause(CURL *curl, int action)
 {
  struct SessionHandle *data = (struct SessionHandle *)curl;
  struct SingleRequest *k = &data->req;
  CURLcode result = CURLE_OK;
  /* first switch off both pause bits */
  int newstate = k->keepon &~ (KEEP_READ_PAUSE| KEEP_WRITE_PAUSE);
  /* set the new desired pause bits */
  newstate |= ((action & CURLPAUSE_RECV)?KEEP_READ_PAUSE:0) |
    ((action & CURLPAUSE_SEND)?KEEP_WRITE_PAUSE:0);
  /* put it back in the keepon */
  k->keepon = newstate;
  if(!(newstate & KEEP_READ_PAUSE) && data->state.tempwrite) {
    /* we have a buffer for writing that we now seem to be able to deliver since
       the receive pausing is lifted! */
    /* get the pointer, type and length in local copies since the function may
       return PAUSE again and then we'll get a new copy allocted and stored in
       the tempwrite variables */
    char *tempwrite = data->state.tempwrite;
    size_t tempsize = data->state.tempwritesize;
    int temptype = data->state.tempwritetype;
    size_t chunklen;
    /* clear tempwrite here just to make sure it gets cleared if there's no
       further use of it, and make sure we don't clear it after the function
       invoke as it may have been set to a new value by then */
    data->state.tempwrite = NULL;
    /* since the write callback API is define to never exceed
       CURL_MAX_WRITE_SIZE bytes in a single call, and since we may in fact
       have more data than that in our buffer here, we must loop sending the
       data in multiple calls until there's no data left or we get another
       pause returned.
       A tricky part is that the function we call will "buffer" the data
       itself when it pauses on a particular buffer, so we may need to do some
       extra trickery if we get a pause return here.
    */
    do {
      chunklen = (tempsize > CURL_MAX_WRITE_SIZE)?CURL_MAX_WRITE_SIZE:tempsize;
      result = Curl_client_write(data->state.current_conn,
                                 temptype, tempwrite, chunklen);
      if(!result)
        /* failures abort the loop at once */
        break;
      if(data->state.tempwrite && (tempsize - chunklen)) {
        /* Ouch, the reading is again paused and the block we send is now
           "cached". If this is the final chunk we can leave it like this, but
           if we have more chunks that is cached after this, we need to free
           the newly cached one and put back a version that is truly the entire
           contents that is saved for later
        */
        char *newptr;
        free(data->state.tempwrite); /* free the one just cached as it isn't
                                        enough */
        /* note that tempsize is still the size as before the callback was
           used, and thus the whole piece of data to keep */
        newptr = malloc(tempsize);
        if(!newptr) {
          result = CURLE_OUT_OF_MEMORY;
          /* tempwrite will be freed further down */
          break;
        }
        data->state.tempwrite = newptr; /* store new pointer */
        memcpy(newptr, tempwrite, tempsize);
        data->state.tempwritesize = tempsize; /* store new size */
        /* tempwrite will be freed further down */
        break; /* go back to pausing until further notice */
      }
      else {
        tempsize -= chunklen;  /* left after the call above */
        tempwrite += chunklen; /* advance the pointer */
      }
    } while((result == CURLE_OK) && tempsize);
    free(tempwrite); /* this is unconditionally no longer used */
  }
  return result;
 }
 #ifdef CURL_DOES_CONVERSIONS
 /*
 * Curl_convert_to_network() is an internal function
--- a/lib/file.c
+++ b/lib/file.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -70,6 +70,7 @@
 #endif
 #include "strtoofft.h"
 #include "urldata.h"
 #include <curl/curl.h>
 #include "progress.h"
@@ -94,9 +95,10 @@
 * Forward declarations.
 */
-static CURLcode Curl_file(struct connectdata *, bool *done);
+static CURLcode file_do(struct connectdata *, bool *done);
-static CURLcode Curl_file_done(struct connectdata *conn,
+static CURLcode file_done(struct connectdata *conn,
                          CURLcode status, bool premature);
 static CURLcode file_connect(struct connectdata *conn, bool *done);
 /*
 * FILE scheme handler.
@@ -105,10 +107,10 @@ static CURLcode Curl_file_done(struct connectdata *conn,
 const struct Curl_handler Curl_handler_file = {
  "FILE",                               /* scheme */
  ZERO_NULL,                            /* setup_connection */
-  Curl_file,                            /* do_it */
+  file_do,                              /* do_it */
-  Curl_file_done,                       /* done */
+  file_done,                            /* done */
  ZERO_NULL,                            /* do_more */
-  ZERO_NULL,                            /* connect_it */
+  file_connect,                         /* connect_it */
  ZERO_NULL,                            /* connecting */
  ZERO_NULL,                            /* doing */
  ZERO_NULL,                            /* proto_getsock */
@@ -118,15 +120,70 @@ const struct Curl_handler Curl_handler_file = {
  PROT_FILE                             /* protocol */
 };
 /*
- * Curl_file_connect() gets called from Curl_protocol_connect() to allow us to
+  Check if this is a range download, and if so, set the internal variables
  properly. This code is copied from the FTP implementation and might as
  well be factored out.
 */
 static CURLcode file_range(struct connectdata *conn)
 {
  curl_off_t from, to;
  curl_off_t totalsize=-1;
  char *ptr;
  char *ptr2;
  struct SessionHandle *data = conn->data;
  if(data->state.use_range && data->state.range) {
    from=curlx_strtoofft(data->state.range, &ptr, 0);
    while(ptr && *ptr && (isspace((int)*ptr) || (*ptr=='-')))
      ptr++;
    to=curlx_strtoofft(ptr, &ptr2, 0);
    if(ptr == ptr2) {
      /* we didn't get any digit */
      to=-1;
    }
    if((-1 == to) && (from>=0)) {
      /* X - */
      data->state.resume_from = from;
      DEBUGF(infof(data, "RANGE %" FORMAT_OFF_T " to end of file\n",
                   from));
    }
    else if(from < 0) {
      /* -Y */
      totalsize = -from;
      data->req.maxdownload = -from;
      data->state.resume_from = from;
      DEBUGF(infof(data, "RANGE the last %" FORMAT_OFF_T " bytes\n",
                   totalsize));
    }
    else {
      /* X-Y */
      totalsize = to-from;
      data->req.maxdownload = totalsize+1; /* include last byte */
      data->state.resume_from = from;
      DEBUGF(infof(data, "RANGE from %" FORMAT_OFF_T
                   " getting %" FORMAT_OFF_T " bytes\n",
                   from, data->req.maxdownload));
    }
    DEBUGF(infof(data, "range-download from %" FORMAT_OFF_T
                 " to %" FORMAT_OFF_T ", totally %" FORMAT_OFF_T " bytes\n",
                 from, to, data->req.maxdownload));
  }
  else
    data->req.maxdownload = -1;
  return CURLE_OK;
 }
 /*
 * file_connect() gets called from Curl_protocol_connect() to allow us to
 * do protocol-specific actions at connect-time.  We emulate a
 * connect-then-transfer protocol and "connect" to the file here
 */
-CURLcode Curl_file_connect(struct connectdata *conn)
+static CURLcode file_connect(struct connectdata *conn, bool *done)
 {
  struct SessionHandle *data = conn->data;
-  char *real_path = curl_easy_unescape(data, data->reqdata.path, 0, NULL);
+  char *real_path = curl_easy_unescape(data, data->state.path, 0, NULL);
  struct FILEPROTO *file;
  int fd;
 #if defined(WIN32) || defined(MSDOS) || defined(__EMX__)
@@ -141,17 +198,17 @@ CURLcode Curl_file_connect(struct connectdata *conn)
     sessionhandle, deal with it */
  Curl_reset_reqproto(conn);
-  if (!data->reqdata.proto.file) {
+  if(!data->state.proto.file) {
    file = (struct FILEPROTO *)calloc(sizeof(struct FILEPROTO), 1);
    if(!file) {
      free(real_path);
      return CURLE_OUT_OF_MEMORY;
    }
-    data->reqdata.proto.file = file;
+    data->state.proto.file = file;
  }
  else {
    /* file is not a protocol that can deal with "persistancy" */
-    file = data->reqdata.proto.file;
+    file = data->state.proto.file;
    Curl_safefree(file->freepath);
    if(file->fd != -1)
      close(file->fd);
@@ -199,18 +256,19 @@ CURLcode Curl_file_connect(struct connectdata *conn)
  file->fd = fd;
  if(!data->set.upload && (fd == -1)) {
-    failf(data, "Couldn't open file %s", data->reqdata.path);
+    failf(data, "Couldn't open file %s", data->state.path);
-    Curl_file_done(conn, CURLE_FILE_COULDNT_READ_FILE, FALSE);
+    file_done(conn, CURLE_FILE_COULDNT_READ_FILE, FALSE);
    return CURLE_FILE_COULDNT_READ_FILE;
  }
  *done = TRUE;
  return CURLE_OK;
 }
-static CURLcode Curl_file_done(struct connectdata *conn,
+static CURLcode file_done(struct connectdata *conn,
                               CURLcode status, bool premature)
 {
-  struct FILEPROTO *file = conn->data->reqdata.proto.file;
+  struct FILEPROTO *file = conn->data->state.proto.file;
  (void)status; /* not used */
  (void)premature; /* not used */
  Curl_safefree(file->freepath);
@@ -218,9 +276,6 @@ static CURLcode Curl_file_done(struct connectdata *conn,
  if(file->fd != -1)
    close(file->fd);
  free(file);
  conn->data->reqdata.proto.file= NULL; /* clear it! */
  return CURLE_OK;
 }
@@ -232,7 +287,7 @@ static CURLcode Curl_file_done(struct connectdata *conn,
 static CURLcode file_upload(struct connectdata *conn)
 {
-  struct FILEPROTO *file = conn->data->reqdata.proto.file;
+  struct FILEPROTO *file = conn->data->state.proto.file;
  const char *dir = strchr(file->path, DIRSEP);
  FILE *fp;
  CURLcode res=CURLE_OK;
@@ -251,7 +306,7 @@ static CURLcode file_upload(struct connectdata *conn)
   */
  conn->fread_func = data->set.fread_func;
  conn->fread_in = data->set.in;
-  conn->data->reqdata.upload_fromhere = buf;
+  conn->data->req.upload_fromhere = buf;
  if(!dir)
    return CURLE_FILE_COULDNT_READ_FILE; /* fix: better error code */
@@ -259,7 +314,7 @@ static CURLcode file_upload(struct connectdata *conn)
  if(!dir[1])
     return CURLE_FILE_COULDNT_READ_FILE; /* fix: better error code */
-  if(data->reqdata.resume_from)
+  if(data->state.resume_from)
    fp = fopen( file->path, "ab" );
  else {
    int fd;
@@ -288,14 +343,14 @@ static CURLcode file_upload(struct connectdata *conn)
    Curl_pgrsSetUploadSize(data, data->set.infilesize);
  /* treat the negative resume offset value as the case of "-" */
-  if(data->reqdata.resume_from < 0){
+  if(data->state.resume_from < 0) {
    if(stat(file->path, &file_stat)) {
      fclose(fp);
      failf(data, "Can't get the size of %s", file->path);
      return CURLE_WRITE_ERROR;
    }
    else
-      data->reqdata.resume_from = (curl_off_t)file_stat.st_size;
+      data->state.resume_from = (curl_off_t)file_stat.st_size;
  }
  while(res == CURLE_OK) {
@@ -310,16 +365,16 @@ static CURLcode file_upload(struct connectdata *conn)
    nread = (size_t)readcount;
    /*skip bytes before resume point*/
-    if(data->reqdata.resume_from) {
+    if(data->state.resume_from) {
-      if( (curl_off_t)nread <= data->reqdata.resume_from ) {
+      if( (curl_off_t)nread <= data->state.resume_from ) {
-        data->reqdata.resume_from -= nread;
+        data->state.resume_from -= nread;
        nread = 0;
        buf2 = buf;
      }
      else {
-        buf2 = buf + data->reqdata.resume_from;
+        buf2 = buf + data->state.resume_from;
-        nread -= data->reqdata.resume_from;
+        nread -= (size_t)data->state.resume_from;
-        data->reqdata.resume_from = 0;
+        data->state.resume_from = 0;
      }
    }
    else
@@ -350,14 +405,14 @@ static CURLcode file_upload(struct connectdata *conn)
 }
 /*
- * Curl_file() is the protocol-specific function for the do-phase, separated
+ * file_do() is the protocol-specific function for the do-phase, separated
 * from the connect-phase above. Other protocols merely setup the transfer in
 * the do-phase, to have it done in the main transfer loop but since some
 * platforms we support don't allow select()ing etc on file handles (as
 * opposed to sockets) we instead perform the whole do-operation in this
 * function.
 */
-static CURLcode Curl_file(struct connectdata *conn, bool *done)
+static CURLcode file_do(struct connectdata *conn, bool *done)
 {
  /* This implementation ignores the host name in conformance with
     RFC 1738. Only local files (reachable via the standard file system)
@@ -371,6 +426,7 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
  curl_off_t expected_size=0;
  bool fstated=FALSE;
  ssize_t nread;
  size_t bytestoread;
  struct SessionHandle *data = conn->data;
  char *buf = data->state.buffer;
  curl_off_t bytecount = 0;
@@ -379,7 +435,6 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
  *done = TRUE; /* unconditionally */
  Curl_readwrite_init(conn);
  Curl_initinfo(data);
  Curl_pgrsStartNow(data);
@@ -387,7 +442,7 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
    return file_upload(conn);
  /* get the fd from the connection phase */
-  fd = conn->data->reqdata.proto.file->fd;
+  fd = conn->data->state.proto.file->fd;
  /* VMS: This only works reliable for STREAMLF files */
  if( -1 != fstat(fd, &statbuf)) {
@@ -399,7 +454,7 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
  /* If we have selected NOBODY and HEADER, it means that we only want file
     information. Which for FILE can't be much more than the file size and
     date. */
-  if(conn->bits.no_body && data->set.include_header && fstated) {
+  if(data->set.opt_no_body && data->set.include_header && fstated) {
    CURLcode result;
    snprintf(buf, sizeof(data->state.buffer),
             "Content-Length: %" FORMAT_OFF_T "\r\n", expected_size);
@@ -436,13 +491,31 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
    return result;
  }
-  if (data->reqdata.resume_from <= expected_size)
+  /* Check whether file range has been specified */
-    expected_size -= data->reqdata.resume_from;
+  file_range(conn);
  /* Adjust the start offset in case we want to get the N last bytes
   * of the stream iff the filesize could be determined */
  if(data->state.resume_from < 0) {
    if(!fstated) {
      failf(data, "Can't get the size of file.");
      return CURLE_READ_ERROR;
    }
    else
      data->state.resume_from += (curl_off_t)statbuf.st_size;
  }
  if(data->state.resume_from <= expected_size)
    expected_size -= data->state.resume_from;
  else {
    failf(data, "failed to resume file:// transfer");
    return CURLE_BAD_DOWNLOAD_RESUME;
  }
  /* A high water mark has been specified so we obey... */
  if (data->req.maxdownload > 0)
    expected_size = data->req.maxdownload;
  if(fstated && (expected_size == 0))
    return CURLE_OK;
@@ -453,24 +526,27 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
  if(fstated)
    Curl_pgrsSetDownloadSize(data, expected_size);
-  if(data->reqdata.resume_from) {
+  if(data->state.resume_from) {
-    if(data->reqdata.resume_from !=
+    if(data->state.resume_from !=
-       lseek(fd, data->reqdata.resume_from, SEEK_SET))
+       lseek(fd, data->state.resume_from, SEEK_SET))
      return CURLE_BAD_DOWNLOAD_RESUME;
  }
  Curl_pgrsTime(data, TIMER_STARTTRANSFER);
  while(res == CURLE_OK) {
-    nread = read(fd, buf, BUFSIZE-1);
+    /* Don't fill a whole buffer if we want less than all data */
    bytestoread = (expected_size < BUFSIZE-1)?(size_t)expected_size:BUFSIZE-1;
    nread = read(fd, buf, bytestoread);
    if( nread > 0)
      buf[nread] = 0;
-    if (nread <= 0)
+    if (nread <= 0 || expected_size == 0)
      break;
    bytecount += nread;
    expected_size -= nread;
    res = Curl_client_write(conn, CLIENTWRITE_BODY, buf, nread);
    if(res)
--- a/lib/file.h
+++ b/lib/file.h
@@ -25,7 +25,5 @@
 ***************************************************************************/
 #ifndef CURL_DISABLE_FILE
 extern const struct Curl_handler Curl_handler_file;
 CURLcode Curl_file_connect(struct connectdata *);
 #endif
 #endif
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -134,21 +134,21 @@ static CURLcode ftp_nb_type(struct connectdata *conn,
                            bool ascii, ftpstate newstate);
 static int ftp_need_type(struct connectdata *conn,
                         bool ascii);
-static CURLcode Curl_ftp(struct connectdata *conn, bool *done);
+static CURLcode ftp_do(struct connectdata *conn, bool *done);
-static CURLcode Curl_ftp_done(struct connectdata *conn,
+static CURLcode ftp_done(struct connectdata *conn,
                              CURLcode, bool premature);
-static CURLcode Curl_ftp_connect(struct connectdata *conn, bool *done);
+static CURLcode ftp_connect(struct connectdata *conn, bool *done);
-static CURLcode Curl_ftp_disconnect(struct connectdata *conn);
+static CURLcode ftp_disconnect(struct connectdata *conn);
-static CURLcode Curl_ftp_nextconnect(struct connectdata *conn);
+static CURLcode ftp_nextconnect(struct connectdata *conn);
-static CURLcode Curl_ftp_multi_statemach(struct connectdata *conn, bool *done);
+static CURLcode ftp_multi_statemach(struct connectdata *conn, bool *done);
-static int Curl_ftp_getsock(struct connectdata *conn,
+static int ftp_getsock(struct connectdata *conn,
                            curl_socket_t *socks,
                            int numsocks);
-static CURLcode Curl_ftp_doing(struct connectdata *conn,
+static CURLcode ftp_doing(struct connectdata *conn,
                               bool *dophase_done);
-static CURLcode Curl_ftp_setup_connection(struct connectdata * conn);
+static CURLcode ftp_setup_connection(struct connectdata * conn);
 #ifdef USE_SSL
-static CURLcode Curl_ftps_setup_connection(struct connectdata * conn);
+static CURLcode ftps_setup_connection(struct connectdata * conn);
 #endif
 /* easy-to-use macro: */
@@ -164,16 +164,16 @@ static CURLcode Curl_ftps_setup_connection(struct connectdata * conn);
 const struct Curl_handler Curl_handler_ftp = {
  "FTP",                                /* scheme */
-  Curl_ftp_setup_connection,            /* setup_connection */
+  ftp_setup_connection,            /* setup_connection */
-  Curl_ftp,                             /* do_it */
+  ftp_do,                          /* do_it */
-  Curl_ftp_done,                        /* done */
+  ftp_done,                        /* done */
-  Curl_ftp_nextconnect,                 /* do_more */
+  ftp_nextconnect,                 /* do_more */
-  Curl_ftp_connect,                     /* connect_it */
+  ftp_connect,                     /* connect_it */
-  Curl_ftp_multi_statemach,             /* connecting */
+  ftp_multi_statemach,             /* connecting */
-  Curl_ftp_doing,                       /* doing */
+  ftp_doing,                       /* doing */
-  Curl_ftp_getsock,                     /* proto_getsock */
+  ftp_getsock,                     /* proto_getsock */
-  Curl_ftp_getsock,                     /* doing_getsock */
+  ftp_getsock,                     /* doing_getsock */
-  Curl_ftp_disconnect,                  /* disconnect */
+  ftp_disconnect,                  /* disconnect */
  PORT_FTP,                             /* defport */
  PROT_FTP                              /* protocol */
 };
@@ -186,16 +186,16 @@ const struct Curl_handler Curl_handler_ftp = {
 const struct Curl_handler Curl_handler_ftps = {
  "FTPS",                               /* scheme */
-  Curl_ftps_setup_connection,           /* setup_connection */
+  ftps_setup_connection,           /* setup_connection */
-  Curl_ftp,                             /* do_it */
+  ftp_do,                          /* do_it */
-  Curl_ftp_done,                        /* done */
+  ftp_done,                        /* done */
-  Curl_ftp_nextconnect,                 /* do_more */
+  ftp_nextconnect,                 /* do_more */
-  Curl_ftp_connect,                     /* connect_it */
+  ftp_connect,                     /* connect_it */
-  Curl_ftp_multi_statemach,             /* connecting */
+  ftp_multi_statemach,             /* connecting */
-  Curl_ftp_doing,                       /* doing */
+  ftp_doing,                       /* doing */
-  Curl_ftp_getsock,                     /* proto_getsock */
+  ftp_getsock,                     /* proto_getsock */
-  Curl_ftp_getsock,                     /* doing_getsock */
+  ftp_getsock,                     /* doing_getsock */
-  Curl_ftp_disconnect,                  /* disconnect */
+  ftp_disconnect,                  /* disconnect */
  PORT_FTPS,                            /* defport */
  PROT_FTP | PROT_FTPS | PROT_SSL       /* protocol */
 };
@@ -300,44 +300,15 @@ static bool isBadFtpString(const char *string)
 */
 static CURLcode AllowServerConnect(struct connectdata *conn)
 {
  long timeout_ms;
  struct SessionHandle *data = conn->data;
  curl_socket_t sock = conn->sock[SECONDARYSOCKET];
-  int timeout_set = 0;
+  long timeout_ms = Curl_timeleft(conn, NULL, TRUE);
  /* if a timeout is set, use the most restrictive one */
  if (data->set.timeout > 0)
    timeout_set += 1;
  if (data->set.connecttimeout > 0)
    timeout_set += 2;
  switch (timeout_set) {
  case 1:
    timeout_ms = data->set.timeout;
    break;
  case 2:
    timeout_ms = data->set.connecttimeout;
    break;
  case 3:
    if (data->set.timeout < data->set.connecttimeout)
      timeout_ms = data->set.timeout;
    else
      timeout_ms = data->set.connecttimeout;
    break;
  default:
    timeout_ms = 60000; /* 60 seconds default timeout */
    break;
  }
  if (timeout_set > 0) {
    /* if a timeout was already set, substract elapsed time */
    timeout_ms -= Curl_tvdiff(Curl_tvnow(), conn->now);
  if(timeout_ms < 0) {
    /* if a timeout was already reached, bail out */
    failf(data, "Timed out before server could connect to us");
    return CURLE_OPERATION_TIMEDOUT;
  }
  }
  switch (Curl_socket_ready(sock, CURL_SOCKET_BAD, (int)timeout_ms)) {
  case -1: /* error */
@@ -403,7 +374,7 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
                             int *ftpcode, /* return the ftp-code if done */
                             size_t *size) /* size of the response */
 {
-  int perline; /* count bytes per line */
+  ssize_t perline; /* count bytes per line */
  bool keepon=TRUE;
  ssize_t gotbytes;
  char *ptr;
@@ -418,8 +389,9 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
  ptr=buf + ftpc->nread_resp;
-  perline= (int)(ptr-ftpc->linestart_resp); /* number of bytes in the current
+  /* number of bytes in the current line, so far */
-                                              line, so far */
+  perline = (ssize_t)(ptr-ftpc->linestart_resp);
  keepon=TRUE;
  while((ftpc->nread_resp<BUFSIZE) && (keepon && !result)) {
@@ -479,10 +451,10 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
       * byte to a set of lines and possible just a piece of the last
       * line */
      ssize_t i;
-      int clipamount = 0;
+      ssize_t clipamount = 0;
      bool restart = FALSE;
-      data->reqdata.keep.headerbytecount += gotbytes;
+      data->req.headerbytecount += gotbytes;
      ftpc->nread_resp += gotbytes;
      for(i = 0; i < gotbytes; ptr++, i++) {
@@ -788,7 +760,7 @@ static void state(struct connectdata *conn,
 static CURLcode ftp_state_user(struct connectdata *conn)
 {
  CURLcode result;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
  /* send USER */
  NBFTPSENDF(conn, "USER %s", ftp->user?ftp->user:"");
@@ -810,7 +782,7 @@ static CURLcode ftp_state_pwd(struct connectdata *conn)
 }
 /* For the FTP "protocol connect" and "doing" phases only */
-static int Curl_ftp_getsock(struct connectdata *conn,
+static int ftp_getsock(struct connectdata *conn,
                            curl_socket_t *socks,
                            int numsocks)
 {
@@ -933,7 +905,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
    rc = getnameinfo((struct sockaddr *)&ss, sslen, hbuf, sizeof(hbuf), NULL,
                     0, NIFLAGS);
    if(rc) {
-      failf(data, "getnameinfo() returned %d \n", rc);
+      failf(data, "getnameinfo() returned %d", rc);
      return CURLE_FTP_PORT_FAILED;
    }
    host = hbuf; /* use this host name */
@@ -1313,7 +1285,7 @@ static CURLcode ftp_state_use_pasv(struct connectdata *conn)
 static CURLcode ftp_state_post_rest(struct connectdata *conn)
 {
  CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
  struct SessionHandle *data = conn->data;
  if(ftp->transfer != FTPTRANSFER_BODY) {
@@ -1337,7 +1309,7 @@ static CURLcode ftp_state_post_rest(struct connectdata *conn)
 static CURLcode ftp_state_post_size(struct connectdata *conn)
 {
  CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  if((ftp->transfer != FTPTRANSFER_BODY) && ftpc->file) {
@@ -1358,7 +1330,7 @@ static CURLcode ftp_state_post_size(struct connectdata *conn)
 static CURLcode ftp_state_post_type(struct connectdata *conn)
 {
  CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  if((ftp->transfer == FTPTRANSFER_INFO) && ftpc->file) {
@@ -1398,11 +1370,11 @@ static CURLcode ftp_state_post_listtype(struct connectdata *conn)
  lstArg = NULL;
  if((data->set.ftp_filemethod == FTPFILE_NOCWD) &&
-     data->reqdata.path &&
+     data->state.path &&
-     data->reqdata.path[0] &&
+     data->state.path[0] &&
-     strchr(data->reqdata.path,'/')) {
+     strchr(data->state.path,'/')) {
-    lstArg = strdup(data->reqdata.path);
+    lstArg = strdup(data->state.path);
    if(!lstArg)
      return CURLE_OUT_OF_MEMORY;
@@ -1465,14 +1437,14 @@ static CURLcode ftp_state_post_stortype(struct connectdata *conn)
 static CURLcode ftp_state_post_mdtm(struct connectdata *conn)
 {
  CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
  struct SessionHandle *data = conn->data;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  /* If we have selected NOBODY and HEADER, it means that we only want file
     information. Which in FTP can't be much more than the file size and
     date. */
-  if(conn->bits.no_body && ftpc->file &&
+  if(data->set.opt_no_body && ftpc->file &&
     ftp_need_type(conn, data->set.prefer_ascii)) {
    /* The SIZE command is _not_ RFC 959 specified, and therefor many servers
       may not support it! It is however the only way we have to get a file's
@@ -1522,13 +1494,12 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
                                   bool sizechecked)
 {
  CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
  struct SessionHandle *data = conn->data;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  curl_off_t passed=0;
-  if((data->reqdata.resume_from && !sizechecked) ||
+  if((data->state.resume_from && !sizechecked) ||
-     ((data->reqdata.resume_from > 0) && sizechecked)) {
+     ((data->state.resume_from > 0) && sizechecked)) {
    /* we're about to continue the uploading of a file */
    /* 1. get already existing file's size. We use the SIZE command for this
       which may not exist in the server!  The SIZE command is not in
@@ -1542,7 +1513,7 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
    /* 4. lower the infilesize counter */
    /* => transfer as usual */
-    if(data->reqdata.resume_from < 0 ) {
+    if(data->state.resume_from < 0 ) {
      /* Got no given size to start from, figure it out */
      NBFTPSENDF(conn, "SIZE %s", ftpc->file);
      state(conn, FTP_STOR_SIZE);
@@ -1552,14 +1523,21 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
    /* enable append */
    data->set.ftp_append = TRUE;
-    /* Let's read off the proper amount of bytes from the input. If we knew it
+    /* Let's read off the proper amount of bytes from the input. */
-       was a proper file we could've just fseek()ed but we only have a stream
+    if(conn->seek_func) {
-       here */
+      curl_off_t readthisamountnow = data->state.resume_from;
-    /* TODO: allow the ioctlfunction to provide a fast forward function that
+      if(conn->seek_func(conn->seek_client,
-       can be used here and use this method only as a fallback! */
+			 readthisamountnow, SEEK_SET) != 0) {
        failf(data, "Could not seek stream");
        return CURLE_FTP_COULDNT_USE_REST;
      }
    }
    else {
      curl_off_t passed=0;
      do {
-      curl_off_t readthisamountnow = (data->reqdata.resume_from - passed);
+        curl_off_t readthisamountnow = (data->state.resume_from - passed);
        curl_off_t actuallyread;
        if(readthisamountnow > BUFSIZE)
@@ -1570,16 +1548,18 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
                      conn->fread_in);
        passed += actuallyread;
-      if(actuallyread != readthisamountnow) {
+        if((actuallyread <= 0) || (actuallyread > readthisamountnow)) {
-        failf(data, "Could only read %" FORMAT_OFF_T
+          /* this checks for greater-than only to make sure that the
-              " bytes from the input", passed);
+             CURL_READFUNC_ABORT return code still aborts */
          failf(data, "Failed to read data");
          return CURLE_FTP_COULDNT_USE_REST;
        }
-    } while(passed != data->reqdata.resume_from);
+      } while(passed < data->state.resume_from);
    }
    /* now, decrease the size of the read */
    if(data->set.infilesize>0) {
-      data->set.infilesize -= data->reqdata.resume_from;
+      data->set.infilesize -= data->state.resume_from;
      if(data->set.infilesize <= 0) {
        infof(data, "File already completely uploaded\n");
@@ -1588,7 +1568,7 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
        result=Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
        /* Set ->transfer so that we won't get any error in
-         * Curl_ftp_done() because we didn't transfer anything! */
+         * ftp_done() because we didn't transfer anything! */
        ftp->transfer = FTPTRANSFER_NONE;
        state(conn, FTP_STOP);
@@ -1612,7 +1592,7 @@ static CURLcode ftp_state_quote(struct connectdata *conn,
 {
  CURLcode result = CURLE_OK;
  struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  bool quote=FALSE;
  struct curl_slist *item;
@@ -1726,7 +1706,9 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
          if(conn->bits.tunnel_proxy ||
             data->set.proxytype == CURLPROXY_SOCKS5 ||
-              data->set.proxytype == CURLPROXY_SOCKS4)
+             data->set.proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
             data->set.proxytype == CURLPROXY_SOCKS4 ||
             data->set.proxytype == CURLPROXY_SOCKS4A)
            /* proxy tunnel -> use other host info because ip_addr_str is the
               proxy address not the ftp host */
            snprintf(newhost, sizeof(newhost), "%s", conn->host.name);
@@ -1780,7 +1762,9 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
            conn->ip_addr_str);
      if(conn->bits.tunnel_proxy ||
          data->set.proxytype == CURLPROXY_SOCKS5 ||
-          data->set.proxytype == CURLPROXY_SOCKS4)
+          data->set.proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
          data->set.proxytype == CURLPROXY_SOCKS4 ||
          data->set.proxytype == CURLPROXY_SOCKS4A)
        /* proxy tunnel -> use other host info because ip_addr_str is the
           proxy address not the ftp host */
        snprintf(newhost, sizeof(newhost), "%s", conn->host.name);
@@ -1877,6 +1861,7 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
  switch(data->set.proxytype) {
  case CURLPROXY_SOCKS5:
  case CURLPROXY_SOCKS5_HOSTNAME:
    result = Curl_SOCKS5(conn->proxyuser, conn->proxypasswd, newhost, newport,
                         SECONDARYSOCKET, conn);
    break;
@@ -1885,7 +1870,11 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
    break;
  case CURLPROXY_SOCKS4:
    result = Curl_SOCKS4(conn->proxyuser, newhost, newport,
-                         SECONDARYSOCKET, conn);
+                         SECONDARYSOCKET, conn, FALSE);
    break;
  case CURLPROXY_SOCKS4A:
    result = Curl_SOCKS4(conn->proxyuser, newhost, newport,
                         SECONDARYSOCKET, conn, TRUE);
    break;
  default:
    failf(data, "unknown proxytype option given");
@@ -1907,13 +1896,13 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
     * FTP pointer
     */
    struct HTTP http_proxy;
-    struct FTP *ftp_save = data->reqdata.proto.ftp;
+    struct FTP *ftp_save = data->state.proto.ftp;
    memset(&http_proxy, 0, sizeof(http_proxy));
-    data->reqdata.proto.http = &http_proxy;
+    data->state.proto.http = &http_proxy;
    result = Curl_proxyCONNECT(conn, SECONDARYSOCKET, newhost, newport);
-    data->reqdata.proto.ftp = ftp_save;
+    data->state.proto.ftp = ftp_save;
    if(CURLE_OK != result)
      return result;
@@ -1963,7 +1952,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata *conn,
 {
  CURLcode result = CURLE_OK;
  struct SessionHandle *data=conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  switch(ftpcode) {
@@ -1989,7 +1978,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata *conn,
      /* If we asked for a time of the file and we actually got one as well,
         we "emulate" a HTTP-style header in our output. */
-      if(conn->bits.no_body &&
+      if(data->set.opt_no_body &&
         ftpc->file &&
         data->set.get_filetime &&
         (data->info.filetime>=0) ) {
@@ -2095,7 +2084,7 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
 {
  CURLcode result = CURLE_OK;
  struct SessionHandle *data=conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  if(data->set.max_filesize && (filesize > data->set.max_filesize)) {
@@ -2104,7 +2093,7 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
  }
  ftp->downloadsize = filesize;
-  if(data->reqdata.resume_from) {
+  if(data->state.resume_from) {
    /* We always (attempt to) get the size of downloads, so it is done before
       this even when not doing resumes. */
    if(filesize == -1) {
@@ -2117,28 +2106,28 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
    else {
      /* We got a file size report, so we check that there actually is a
         part of the file left to get, or else we go home.  */
-      if(data->reqdata.resume_from< 0) {
+      if(data->state.resume_from< 0) {
        /* We're supposed to download the last abs(from) bytes */
-        if(filesize < -data->reqdata.resume_from) {
+        if(filesize < -data->state.resume_from) {
          failf(data, "Offset (%" FORMAT_OFF_T
                ") was beyond file size (%" FORMAT_OFF_T ")",
-                data->reqdata.resume_from, filesize);
+                data->state.resume_from, filesize);
          return CURLE_BAD_DOWNLOAD_RESUME;
        }
        /* convert to size to download */
-        ftp->downloadsize = -data->reqdata.resume_from;
+        ftp->downloadsize = -data->state.resume_from;
        /* download from where? */
-        data->reqdata.resume_from = filesize - ftp->downloadsize;
+        data->state.resume_from = filesize - ftp->downloadsize;
      }
      else {
-        if(filesize < data->reqdata.resume_from) {
+        if(filesize < data->state.resume_from) {
          failf(data, "Offset (%" FORMAT_OFF_T
                ") was beyond file size (%" FORMAT_OFF_T ")",
-                data->reqdata.resume_from, filesize);
+                data->state.resume_from, filesize);
          return CURLE_BAD_DOWNLOAD_RESUME;
        }
        /* Now store the number of bytes we are expected to download */
-        ftp->downloadsize = filesize-data->reqdata.resume_from;
+        ftp->downloadsize = filesize-data->state.resume_from;
      }
    }
@@ -2147,7 +2136,7 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
      result = Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
      infof(data, "File already completely downloaded\n");
-      /* Set ->transfer so that we won't get any error in Curl_ftp_done()
+      /* Set ->transfer so that we won't get any error in ftp_done()
       * because we didn't transfer the any file */
      ftp->transfer = FTPTRANSFER_NONE;
      state(conn, FTP_STOP);
@@ -2156,9 +2145,9 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
    /* Set resume file transfer offset */
    infof(data, "Instructs server to resume from offset %" FORMAT_OFF_T
-          "\n", data->reqdata.resume_from);
+          "\n", data->state.resume_from);
-    NBFTPSENDF(conn, "REST %" FORMAT_OFF_T, data->reqdata.resume_from);
+    NBFTPSENDF(conn, "REST %" FORMAT_OFF_T, data->state.resume_from);
    state(conn, FTP_RETR_REST);
@@ -2202,7 +2191,7 @@ static CURLcode ftp_state_size_resp(struct connectdata *conn,
    result = ftp_state_post_retr_size(conn, filesize);
  }
  else if(instate == FTP_STOR_SIZE) {
-    data->reqdata.resume_from = filesize;
+    data->state.resume_from = filesize;
    result = ftp_state_ul_setup(conn, TRUE);
  }
@@ -2250,7 +2239,7 @@ static CURLcode ftp_state_stor_resp(struct connectdata *conn,
 {
  CURLcode result = CURLE_OK;
  struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
  if(ftpcode>=400) {
    failf(data, "Failed FTP upload: %0d", ftpcode);
@@ -2297,7 +2286,7 @@ static CURLcode ftp_state_get_resp(struct connectdata *conn,
 {
  CURLcode result = CURLE_OK;
  struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
  char *buf = data->state.buffer;
  if((ftpcode == 150) || (ftpcode == 125)) {
@@ -2384,10 +2373,10 @@ static CURLcode ftp_state_get_resp(struct connectdata *conn,
        return result;
    }
-    if(size > data->reqdata.maxdownload && data->reqdata.maxdownload > 0)
+    if(size > data->req.maxdownload && data->req.maxdownload > 0)
-      size = data->reqdata.size = data->reqdata.maxdownload;
+      size = data->req.size = data->req.maxdownload;
-    infof(data, "Maxdownload = %" FORMAT_OFF_T "\n", data->reqdata.maxdownload);
+    infof(data, "Maxdownload = %" FORMAT_OFF_T "\n", data->req.maxdownload);
    if(instate != FTP_LIST)
      infof(data, "Getting file with size: %" FORMAT_OFF_T "\n", size);
@@ -2465,7 +2454,7 @@ static CURLcode ftp_state_user_resp(struct connectdata *conn,
 {
  CURLcode result = CURLE_OK;
  struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  (void)instate; /* no use for this yet */
@@ -2612,7 +2601,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
          ftpc->count1 = 1;
          break;
        default:
-          failf(data, "unsupported parameter to CURLOPT_FTPSSLAUTH: %d\n",
+          failf(data, "unsupported parameter to CURLOPT_FTPSSLAUTH: %d",
                data->set.ftpsslauth);
          return CURLE_FAILED_INIT; /* we don't know what to do */
        }
@@ -2929,7 +2918,7 @@ static long ftp_state_timeout(struct connectdata *conn)
 /* called repeatedly until done from multi.c */
-static CURLcode Curl_ftp_multi_statemach(struct connectdata *conn,
+static CURLcode ftp_multi_statemach(struct connectdata *conn,
                                         bool *done)
 {
  curl_socket_t sock = conn->sock[FIRSTSOCKET];
@@ -3009,17 +2998,17 @@ static CURLcode ftp_init(struct connectdata *conn)
 {
  struct SessionHandle *data = conn->data;
  struct FTP *ftp;
-  if(data->reqdata.proto.ftp)
+  if(data->state.proto.ftp)
    return CURLE_OK;
  ftp = (struct FTP *)calloc(sizeof(struct FTP), 1);
  if(!ftp)
    return CURLE_OUT_OF_MEMORY;
-  data->reqdata.proto.ftp = ftp;
+  data->state.proto.ftp = ftp;
  /* get some initial data into the ftp struct */
-  ftp->bytecountp = &data->reqdata.keep.bytecount;
+  ftp->bytecountp = &data->req.bytecount;
  /* no need to duplicate them, this connectdata struct won't change */
  ftp->user = conn->user;
@@ -3031,14 +3020,14 @@ static CURLcode ftp_init(struct connectdata *conn)
 }
 /*
- * Curl_ftp_connect() should do everything that is to be considered a part of
+ * ftp_connect() should do everything that is to be considered a part of
 * the connection phase.
 *
 * The variable 'done' points to will be TRUE if the protocol-layer connect
 * phase is done when this function returns, or FALSE is not. When called as
 * a part of the easy interface, it will always be TRUE.
 */
-static CURLcode Curl_ftp_connect(struct connectdata *conn,
+static CURLcode ftp_connect(struct connectdata *conn,
                                 bool *done) /* see description above */
 {
  CURLcode result;
@@ -3076,14 +3065,14 @@ static CURLcode Curl_ftp_connect(struct connectdata *conn,
     * Curl_proxyCONNECT we have to set back the member to the original struct
     * FTP pointer
     */
-    ftp_save = data->reqdata.proto.ftp;
+    ftp_save = data->state.proto.ftp;
    memset(&http_proxy, 0, sizeof(http_proxy));
-    data->reqdata.proto.http = &http_proxy;
+    data->state.proto.http = &http_proxy;
    result = Curl_proxyCONNECT(conn, FIRSTSOCKET,
                               conn->host.name, conn->remote_port);
-    data->reqdata.proto.ftp = ftp_save;
+    data->state.proto.ftp = ftp_save;
    if(CURLE_OK != result)
      return result;
@@ -3106,7 +3095,7 @@ static CURLcode Curl_ftp_connect(struct connectdata *conn,
  ftpc->response = Curl_tvnow(); /* start response time-out now! */
  if(data->state.used_interface == Curl_if_multi)
-    result = Curl_ftp_multi_statemach(conn, done);
+    result = ftp_multi_statemach(conn, done);
  else {
    result = ftp_easy_statemach(conn);
    if(!result)
@@ -3118,26 +3107,25 @@ static CURLcode Curl_ftp_connect(struct connectdata *conn,
 /***********************************************************************
 *
- * Curl_ftp_done()
+ * ftp_done()
 *
 * The DONE function. This does what needs to be done after a single DO has
 * performed.
 *
 * Input argument is already checked for validity.
 */
-static CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status,
+static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
                              bool premature)
 {
  struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  ssize_t nread;
  int ftpcode;
  CURLcode result=CURLE_OK;
  bool was_ctl_valid = ftpc->ctl_valid;
  char *path;
-  char *path_to_use = data->reqdata.path;
+  char *path_to_use = data->state.path;
  struct Curl_transfer_keeper *k = &data->reqdata.keep;
  if(!ftp)
    /* When the easy handle is removed from the multi while libcurl is still
@@ -3281,22 +3269,24 @@ static CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status,
    }
  }
  else {
-    if((-1 != k->size) && (k->size != *ftp->bytecountp) &&
+    if((-1 != data->req.size) &&
       (data->req.size != *ftp->bytecountp) &&
 #ifdef CURL_DO_LINEEND_CONV
       /* Most FTP servers don't adjust their file SIZE response for CRLFs, so
        * we'll check to see if the discrepancy can be explained by the number
        * of CRLFs we've changed to LFs.
        */
-       ((k->size + data->state.crlf_conversions) != *ftp->bytecountp) &&
+       ((data->req.size + data->state.crlf_conversions) !=
        *ftp->bytecountp) &&
 #endif /* CURL_DO_LINEEND_CONV */
-       (k->maxdownload != *ftp->bytecountp)) {
+       (data->req.maxdownload != *ftp->bytecountp)) {
      failf(data, "Received only partial file: %" FORMAT_OFF_T " bytes",
            *ftp->bytecountp);
      result = CURLE_PARTIAL_FILE;
    }
    else if(!ftpc->dont_check &&
            !*ftp->bytecountp &&
-            (k->size>0)) {
+            (data->req.size>0)) {
      failf(data, "No data was received!");
      result = CURLE_FTP_COULDNT_RETR_FILE;
    }
@@ -3426,8 +3416,8 @@ static CURLcode ftp_range(struct connectdata *conn)
  struct SessionHandle *data = conn->data;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
-  if(data->reqdata.use_range && data->reqdata.range) {
+  if(data->state.use_range && data->state.range) {
-    from=curlx_strtoofft(data->reqdata.range, &ptr, 0);
+    from=curlx_strtoofft(data->state.range, &ptr, 0);
    while(ptr && *ptr && (ISSPACE(*ptr) || (*ptr=='-')))
      ptr++;
    to=curlx_strtoofft(ptr, &ptr2, 0);
@@ -3437,53 +3427,53 @@ static CURLcode ftp_range(struct connectdata *conn)
    }
    if((-1 == to) && (from>=0)) {
      /* X - */
-      data->reqdata.resume_from = from;
+      data->state.resume_from = from;
      DEBUGF(infof(conn->data, "FTP RANGE %" FORMAT_OFF_T " to end of file\n",
                   from));
    }
    else if(from < 0) {
      /* -Y */
      totalsize = -from;
-      data->reqdata.maxdownload = -from;
+      data->req.maxdownload = -from;
-      data->reqdata.resume_from = from;
+      data->state.resume_from = from;
      DEBUGF(infof(conn->data, "FTP RANGE the last %" FORMAT_OFF_T " bytes\n",
                   totalsize));
    }
    else {
      /* X-Y */
      totalsize = to-from;
-      data->reqdata.maxdownload = totalsize+1; /* include last byte */
+      data->req.maxdownload = totalsize+1; /* include last byte */
-      data->reqdata.resume_from = from;
+      data->state.resume_from = from;
      DEBUGF(infof(conn->data, "FTP RANGE from %" FORMAT_OFF_T
                   " getting %" FORMAT_OFF_T " bytes\n",
-                   from, data->reqdata.maxdownload));
+                   from, data->req.maxdownload));
    }
    DEBUGF(infof(conn->data, "range-download from %" FORMAT_OFF_T
                 " to %" FORMAT_OFF_T ", totally %" FORMAT_OFF_T " bytes\n",
-                 from, to, data->reqdata.maxdownload));
+                 from, to, data->req.maxdownload));
    ftpc->dont_check = TRUE; /* dont check for successful transfer */
  }
  else
-    data->reqdata.maxdownload = -1;
+    data->req.maxdownload = -1;
  return CURLE_OK;
 }
 /*
- * Curl_ftp_nextconnect()
+ * ftp_nextconnect()
 *
 * This function shall be called when the second FTP (data) connection is
 * connected.
 */
-static CURLcode Curl_ftp_nextconnect(struct connectdata *conn)
+static CURLcode ftp_nextconnect(struct connectdata *conn)
 {
  struct SessionHandle *data=conn->data;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  CURLcode result = CURLE_OK;
-  /* the ftp struct is inited in Curl_ftp_connect() */
+  /* the ftp struct is inited in ftp_connect() */
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
  DEBUGF(infof(data, "DO-MORE phase starts\n"));
@@ -3525,7 +3515,7 @@ static CURLcode Curl_ftp_nextconnect(struct connectdata *conn)
    result = ftp_easy_statemach(conn);
  }
-  if(ftp->transfer != FTPTRANSFER_BODY)
+  if((result == CURLE_OK) && (ftp->transfer != FTPTRANSFER_BODY))
    /* no data to transfer. FIX: it feels like a kludge to have this here
       too! */
    result = Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
@@ -3556,9 +3546,9 @@ CURLcode ftp_perform(struct connectdata *conn,
  DEBUGF(infof(conn->data, "DO phase starts\n"));
-  if(conn->bits.no_body) {
+  if(conn->data->set.opt_no_body) {
    /* requested no body means no transfer... */
-    struct FTP *ftp = conn->data->reqdata.proto.ftp;
+    struct FTP *ftp = conn->data->state.proto.ftp;
    ftp->transfer = FTPTRANSFER_INFO;
  }
@@ -3572,7 +3562,7 @@ CURLcode ftp_perform(struct connectdata *conn,
  /* run the state-machine */
  if(conn->data->state.used_interface == Curl_if_multi)
-    result = Curl_ftp_multi_statemach(conn, dophase_done);
+    result = ftp_multi_statemach(conn, dophase_done);
  else {
    result = ftp_easy_statemach(conn);
    *dophase_done = TRUE; /* with the easy interface we are done here */
@@ -3587,14 +3577,14 @@ CURLcode ftp_perform(struct connectdata *conn,
 /***********************************************************************
 *
- * Curl_ftp()
+ * ftp_do()
 *
 * This function is registered as 'curl_do' function. It decodes the path
 * parts etc as a wrapper to the actual DO function (ftp_perform).
 *
 * The input argument is already checked for validity.
 */
-static CURLcode Curl_ftp(struct connectdata *conn, bool *done)
+static CURLcode ftp_do(struct connectdata *conn, bool *done)
 {
  CURLcode retcode = CURLE_OK;
@@ -3604,7 +3594,7 @@ static CURLcode Curl_ftp(struct connectdata *conn, bool *done)
    Since connections can be re-used between SessionHandles, this might be a
    connection already existing but on a fresh SessionHandle struct so we must
    make sure we have a good 'struct FTP' to play with. For new connections,
-    the struct FTP is allocated and setup in the Curl_ftp_connect() function.
+    the struct FTP is allocated and setup in the ftp_connect() function.
  */
  Curl_reset_reqproto(conn);
  retcode = ftp_init(conn);
@@ -3787,12 +3777,12 @@ static CURLcode ftp_quit(struct connectdata *conn)
 /***********************************************************************
 *
- * Curl_ftp_disconnect()
+ * ftp_disconnect()
 *
 * Disconnect from an FTP server. Cleanup protocol-specific per-connection
 * resources. BLOCKING.
 */
-static CURLcode Curl_ftp_disconnect(struct connectdata *conn)
+static CURLcode ftp_disconnect(struct connectdata *conn)
 {
  struct ftp_conn *ftpc= &conn->proto.ftpc;
@@ -3840,11 +3830,11 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
 {
  struct SessionHandle *data = conn->data;
  /* the ftp struct is already inited in ftp_connect() */
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  size_t dlen;
  char *slash_pos;  /* position of the first '/' char in curpos */
-  char *path_to_use = data->reqdata.path;
+  char *path_to_use = data->state.path;
  char *cur_pos;
  cur_pos = path_to_use; /* current position in path. point at the begin
@@ -3864,10 +3854,10 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
      the first condition in the if() right here, is there just in case
      someone decides to set path to NULL one day
   */
-    if(data->reqdata.path &&
+    if(data->state.path &&
-       data->reqdata.path[0] &&
+       data->state.path[0] &&
-       (data->reqdata.path[strlen(data->reqdata.path) - 1] != '/') )
+       (data->state.path[strlen(data->state.path) - 1] != '/') )
-      ftpc->file = data->reqdata.path;  /* this is a full file path */
+      ftpc->file = data->state.path;  /* this is a full file path */
    else
      ftpc->file = NULL;
      /*
@@ -3924,7 +3914,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
      /* parse the URL path into separate path components */
      while((slash_pos = strchr(cur_pos, '/')) != NULL) {
        /* 1 or 0 to indicate absolute directory */
-        bool absolute_dir = (bool)((cur_pos - data->reqdata.path > 0) &&
+        bool absolute_dir = (bool)((cur_pos - data->state.path > 0) &&
                                   (ftpc->dirdepth == 0));
        /* seek out the next path component */
@@ -3995,7 +3985,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
  if(ftpc->prevpath) {
    /* prevpath is "raw" so we convert the input path before we compare the
       strings */
-    char *path = curl_easy_unescape(conn->data, data->reqdata.path, 0, NULL);
+    char *path = curl_easy_unescape(conn->data, data->state.path, 0, NULL);
    if(!path) {
      freedirs(ftpc);
      return CURLE_OUT_OF_MEMORY;
@@ -4018,11 +4008,11 @@ static CURLcode ftp_dophase_done(struct connectdata *conn,
                                 bool connected)
 {
  CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
  if(connected)
-    result = Curl_ftp_nextconnect(conn);
+    result = ftp_nextconnect(conn);
  if(result && (conn->sock[SECONDARYSOCKET] != CURL_SOCKET_BAD)) {
    /* Failure detected, close the second socket if it was created already */
@@ -4044,11 +4034,11 @@ static CURLcode ftp_dophase_done(struct connectdata *conn,
 }
 /* called from multi.c while DOing */
-static CURLcode Curl_ftp_doing(struct connectdata *conn,
+static CURLcode ftp_doing(struct connectdata *conn,
                               bool *dophase_done)
 {
  CURLcode result;
-  result = Curl_ftp_multi_statemach(conn, dophase_done);
+  result = ftp_multi_statemach(conn, dophase_done);
  if(*dophase_done) {
    result = ftp_dophase_done(conn, FALSE /* not connected */);
@@ -4068,7 +4058,7 @@ static CURLcode Curl_ftp_doing(struct connectdata *conn,
 * remote host.
 *
 * ftp->ctl_valid starts out as FALSE, and gets set to TRUE if we reach the
- * Curl_ftp_done() function without finding any major problem.
+ * ftp_done() function without finding any major problem.
 */
 static
 CURLcode ftp_regular_transfer(struct connectdata *conn,
@@ -4078,7 +4068,7 @@ CURLcode ftp_regular_transfer(struct connectdata *conn,
  bool connected=0;
  struct SessionHandle *data = conn->data;
  struct ftp_conn *ftpc = &conn->proto.ftpc;
-  data->reqdata.size = -1; /* make sure this is unknown at this point */
+  data->req.size = -1; /* make sure this is unknown at this point */
  Curl_pgrsSetUploadCounter(data, 0);
  Curl_pgrsSetDownloadCounter(data, 0);
@@ -4107,7 +4097,7 @@ CURLcode ftp_regular_transfer(struct connectdata *conn,
  return result;
 }
-static CURLcode Curl_ftp_setup_connection(struct connectdata * conn)
+static CURLcode ftp_setup_connection(struct connectdata * conn)
 {
  struct SessionHandle *data = conn->data;
  char * type;
@@ -4134,11 +4124,11 @@ static CURLcode Curl_ftp_setup_connection(struct connectdata * conn)
 #endif
  }
-  data->reqdata.path++;   /* don't include the initial slash */
+  data->state.path++;   /* don't include the initial slash */
  /* FTP URLs support an extension like ";type=<typecode>" that
   * we'll try to get now! */
-  type = strstr(data->reqdata.path, ";type=");
+  type = strstr(data->state.path, ";type=");
  if(!type)
    type = strstr(conn->host.rawalloc, ";type=");
@@ -4168,12 +4158,12 @@ static CURLcode Curl_ftp_setup_connection(struct connectdata * conn)
 }
 #ifdef USE_SSL
-static CURLcode Curl_ftps_setup_connection(struct connectdata * conn)
+static CURLcode ftps_setup_connection(struct connectdata * conn)
 {
  struct SessionHandle *data = conn->data;
  conn->ssl[SECONDARYSOCKET].use = data->set.ftp_ssl != CURLUSESSL_CONTROL;
-  return Curl_ftp_setup_connection(conn);
+  return ftp_setup_connection(conn);
 }
 #endif
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -43,6 +43,7 @@
 #include "urldata.h"
 #include "sendf.h"
 #include "inet_pton.h"
 #include "gtls.h"
 #include "sslgen.h"
 #include "parsedate.h"
@@ -110,8 +111,10 @@ static int _Curl_gtls_init(void)
 int Curl_gtls_cleanup(void)
 {
-  if (gtls_inited)
+  if(gtls_inited) {
    gnutls_global_deinit();
    gtls_inited = FALSE;
  }
  return 1;
 }
@@ -154,23 +157,7 @@ static CURLcode handshake(struct connectdata *conn,
    rc = gnutls_handshake(session);
    if((rc == GNUTLS_E_AGAIN) || (rc == GNUTLS_E_INTERRUPTED)) {
-      long timeout_ms = DEFAULT_CONNECT_TIMEOUT;
+      long timeout_ms = Curl_timeleft(conn, NULL, duringconnect);
      long has_passed;
      if(duringconnect && data->set.connecttimeout)
        timeout_ms = data->set.connecttimeout;
      if(data->set.timeout) {
        /* get the strictest timeout of the ones converted to milliseconds */
        if(data->set.timeout < timeout_ms)
          timeout_ms = data->set.timeout;
      }
      /* Evaluate in milliseconds how much time that has passed */
      has_passed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
      /* subtract the passed time */
      timeout_ms -= has_passed;
      if(timeout_ms < 0) {
        /* a precaution, no need to continue if time already is up */
@@ -239,13 +226,20 @@ Curl_gtls_connect(struct connectdata *conn,
  size_t size;
  unsigned int algo;
  unsigned int bits;
-  time_t clock;
+  time_t certclock;
  const char *ptr;
  void *ssl_sessionid;
  size_t ssl_idsize;
 #ifdef ENABLE_IPV6
  struct in6_addr addr;
 #else
  struct in_addr addr;
 #endif
-  if (!gtls_inited) _Curl_gtls_init();
+  if(!gtls_inited)
-  /* GnuTLS only supports TLSv1 (and SSLv3?) */
+    _Curl_gtls_init();
  /* GnuTLS only supports SSLv3 and TLSv1 */
  if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
    failf(data, "GnuTLS does not support SSLv2");
    return CURLE_SSL_CONNECT_ERROR;
@@ -287,11 +281,27 @@ Curl_gtls_connect(struct connectdata *conn,
  /* convenient assign */
  session = conn->ssl[sockindex].session;
  if ((0 == Curl_inet_pton(AF_INET, conn->host.name, &addr)) &&
 #ifdef ENABLE_IPV6
      (0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr)) &&
 #endif
      (gnutls_server_name_set(session, GNUTLS_NAME_DNS, conn->host.name,
                              strlen(conn->host.name)) < 0))
    infof(data, "WARNING: failed to configure server name indication (SNI) "
          "TLS extension\n");
  /* Use default priorities */
  rc = gnutls_set_default_priority(session);
  if(rc < 0)
    return CURLE_SSL_CONNECT_ERROR;
  if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) {
    int protocol_priority[] = { GNUTLS_SSL3, 0 };
    gnutls_protocol_set_priority(session, protocol_priority);
    if(rc < 0)
      return CURLE_SSL_CONNECT_ERROR;
  }
  /* Sets the priority on the certificate types supported by gnutls. Priority
     is higher for types specified before others. After specifying the types
     you want, you must append a 0. */
@@ -350,19 +360,20 @@ Curl_gtls_connect(struct connectdata *conn,
  chainp = gnutls_certificate_get_peers(session, &cert_list_size);
  if(!chainp) {
-    if(data->set.ssl.verifyhost) {
+    if(data->set.ssl.verifypeer) {
      failf(data, "failed to get server cert");
      return CURLE_PEER_FAILED_VERIFICATION;
    }
    infof(data, "\t common name: WARNING couldn't obtain\n");
  }
  if(data->set.ssl.verifypeer) {
    /* This function will try to verify the peer's certificate and return its
-     status (trusted, invalid etc.). The value of status should be one or more
+       status (trusted, invalid etc.). The value of status should be one or
-     of the gnutls_certificate_status_t enumerated elements bitwise or'd. To
+       more of the gnutls_certificate_status_t enumerated elements bitwise
-     avoid denial of service attacks some default upper limits regarding the
+       or'd. To avoid denial of service attacks some default upper limits
-     certificate key size and chain size are set. To override them use
+       regarding the certificate key size and chain size are set. To override
-     gnutls_certificate_set_verify_limits(). */
+       them use gnutls_certificate_set_verify_limits(). */
    rc = gnutls_certificate_verify_peers2(session, &verify_status);
    if(rc < 0) {
@@ -382,6 +393,9 @@ Curl_gtls_connect(struct connectdata *conn,
    }
    else
      infof(data, "\t server certificate verification OK\n");
  }
  else
    infof(data, "\t server certificate verification SKIPPED\n");
  /* initialize an X.509 certificate structure. */
  gnutls_x509_crt_init(&x509_cert);
@@ -423,14 +437,14 @@ Curl_gtls_connect(struct connectdata *conn,
    infof(data, "\t common name: %s (matched)\n", certbuf);
  /* Check for time-based validity */
-  clock = gnutls_x509_crt_get_expiration_time(x509_cert);
+  certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
-  if(clock == (time_t)-1) {
+  if(certclock == (time_t)-1) {
    failf(data, "server cert expiration date verify failed");
    return CURLE_SSL_CONNECT_ERROR;
  }
-  if(clock < time(NULL)) {
+  if(certclock < time(NULL)) {
    if(data->set.ssl.verifypeer) {
      failf(data, "server certificate expiration date has passed.");
      return CURLE_PEER_FAILED_VERIFICATION;
@@ -441,14 +455,14 @@ Curl_gtls_connect(struct connectdata *conn,
  else
    infof(data, "\t server certificate expiration date OK\n");
-  clock = gnutls_x509_crt_get_activation_time(x509_cert);
+  certclock = gnutls_x509_crt_get_activation_time(x509_cert);
-  if(clock == (time_t)-1) {
+  if(certclock == (time_t)-1) {
    failf(data, "server cert activation date verify failed");
    return CURLE_SSL_CONNECT_ERROR;
  }
-  if(clock > time(NULL)) {
+  if(certclock > time(NULL)) {
    if(data->set.ssl.verifypeer) {
      failf(data, "server certificate not activated yet.");
      return CURLE_PEER_FAILED_VERIFICATION;
@@ -484,11 +498,11 @@ Curl_gtls_connect(struct connectdata *conn,
  gnutls_x509_crt_get_dn(x509_cert, certbuf, &size);
  infof(data, "\t subject: %s\n", certbuf);
-  clock = gnutls_x509_crt_get_activation_time(x509_cert);
+  certclock = gnutls_x509_crt_get_activation_time(x509_cert);
-  showtime(data, "start date", clock);
+  showtime(data, "start date", certclock);
-  clock = gnutls_x509_crt_get_expiration_time(x509_cert);
+  certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
-  showtime(data, "expire date", clock);
+  showtime(data, "expire date", certclock);
  size = sizeof(certbuf);
  gnutls_x509_crt_get_issuer_dn(x509_cert, certbuf, &size);
@@ -509,6 +523,8 @@ Curl_gtls_connect(struct connectdata *conn,
  ptr = gnutls_mac_get_name(gnutls_mac_get(session));
  infof(data, "\t MAC: %s\n", ptr);
  conn->ssl[sockindex].state = ssl_connection_complete;
  if(!ssl_sessionid) {
    /* this session was not previously in the cache, add it now */
@@ -553,16 +569,16 @@ void Curl_gtls_close_all(struct SessionHandle *data)
 }
 static void close_one(struct connectdata *conn,
-                      int index)
+                      int idx)
 {
-  if(conn->ssl[index].session) {
+  if(conn->ssl[idx].session) {
-    gnutls_bye(conn->ssl[index].session, GNUTLS_SHUT_RDWR);
+    gnutls_bye(conn->ssl[idx].session, GNUTLS_SHUT_RDWR);
-    gnutls_deinit(conn->ssl[index].session);
+    gnutls_deinit(conn->ssl[idx].session);
-    conn->ssl[index].session = NULL;
+    conn->ssl[idx].session = NULL;
  }
-  if(conn->ssl[index].cred) {
+  if(conn->ssl[idx].cred) {
-    gnutls_certificate_free_credentials(conn->ssl[index].cred);
+    gnutls_certificate_free_credentials(conn->ssl[idx].cred);
-    conn->ssl[index].cred = NULL;
+    conn->ssl[idx].cred = NULL;
  }
 }
--- a/lib/hostip.c
+++ b/lib/hostip.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -127,22 +127,19 @@ static void freednsentry(void *freethis);
 * Curl_global_host_cache_init() initializes and sets up a global DNS cache.
 * Global DNS cache is general badness. Do not use. This will be removed in
 * a future version. Use the share interface instead!
 *
 * Returns a struct curl_hash pointer on success, NULL on failure.
 */
-void Curl_global_host_cache_init(void)
+struct curl_hash *Curl_global_host_cache_init(void)
 {
  int rc = 0;
  if(!host_cache_initialized) {
-    Curl_hash_init(&hostname_cache, 7, Curl_hash_str, Curl_str_key_compare,
+    rc = Curl_hash_init(&hostname_cache, 7, Curl_hash_str,
-                   freednsentry);
+                        Curl_str_key_compare, freednsentry);
    if(!rc)
      host_cache_initialized = 1;
  }
-}
+  return rc?NULL:&hostname_cache;
 /*
 * Return a pointer to the global cache
 */
 struct curl_hash *Curl_global_host_cache_get(void)
 {
  return &hostname_cache;
 }
 /*
@@ -271,6 +268,9 @@ void Curl_hostcache_prune(struct SessionHandle *data)
    Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
 }
 /*
 * Check if the entry should be pruned. Assumes a locked cache.
 */
 static int
 remove_entry_if_stale(struct SessionHandle *data, struct Curl_dns_entry *dns)
 {
@@ -287,19 +287,10 @@ remove_entry_if_stale(struct SessionHandle *data, struct Curl_dns_entry *dns)
  if( !hostcache_timestamp_remove(&user,dns) )
    return 0;
  /* ok, we do need to clear the cache. although we need to remove just a
     single entry we clean the entire hash, as no explicit delete function
     is provided */
  if(data->share)
    Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE);
  Curl_hash_clean_with_criterium(data->dns.hostcache,
                                 (void *) &user,
                                 hostcache_timestamp_remove);
  if(data->share)
    Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
  return 1;
 }
@@ -400,7 +391,7 @@ int Curl_resolv(struct connectdata *conn,
  size_t entry_len;
  struct SessionHandle *data = conn->data;
  CURLcode result;
-  int rc;
+  int rc = CURLRESOLV_ERROR; /* default to failure */
  *entry = NULL;
 #ifdef HAVE_SIGSETJMP
@@ -410,7 +401,7 @@ int Curl_resolv(struct connectdata *conn,
    if(sigsetjmp(curl_jmpenv, 1)) {
      /* this is coming from a siglongjmp() */
      failf(data, "name lookup timed out");
-      return CURLRESOLV_ERROR;
+      return rc;
    }
  }
 #endif
@@ -419,7 +410,7 @@ int Curl_resolv(struct connectdata *conn,
  entry_id = create_hostcache_id(hostname, port);
  /* If we can't create the entry id, fail */
  if(!entry_id)
-    return CURLRESOLV_ERROR;
+    return rc;
  entry_len = strlen(entry_id);
@@ -429,19 +420,21 @@ int Curl_resolv(struct connectdata *conn,
  /* See if its already in our dns cache */
  dns = Curl_hash_pick(data->dns.hostcache, entry_id, entry_len+1);
  /* See whether the returned entry is stale. Done before we release lock */
  if( remove_entry_if_stale(data, dns) )
    dns = NULL; /* the memory deallocation is being handled by the hash */
  if(dns) {
    dns->inuse++; /* we use it! */
    rc = CURLRESOLV_RESOLVED;
  }
  if(data->share)
    Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
  /* free the allocated entry_id again */
  free(entry_id);
  /* See whether the returned entry is stale. Deliberately done after the
     locked block */
  if ( remove_entry_if_stale(data,dns) )
    dns = NULL; /* the memory deallocation is being handled by the hash */
  rc = CURLRESOLV_ERROR; /* default to failure */
  if(!dns) {
    /* The entry was not in the cache. Resolve it to IP address */
@@ -489,14 +482,6 @@ int Curl_resolv(struct connectdata *conn,
        rc = CURLRESOLV_RESOLVED;
    }
  }
  else {
    if(data->share)
      Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE);
    dns->inuse++; /* we use it! */
    if(data->share)
      Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
    rc = CURLRESOLV_RESOLVED;
  }
  *entry = dns;
--- a/lib/hostip.h
+++ b/lib/hostip.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -125,11 +125,15 @@ struct hostent;
 struct SessionHandle;
 struct connectdata;
-void Curl_global_host_cache_init(void);
+/*
 * Curl_global_host_cache_init() initializes and sets up a global DNS cache.
 * Global DNS cache is general badness. Do not use. This will be removed in
 * a future version. Use the share interface instead!
 *
 * Returns a struct curl_hash pointer on success, NULL on failure.
 */
 struct curl_hash *Curl_global_host_cache_init(void);
 void Curl_global_host_cache_dtor(void);
 struct curl_hash *Curl_global_host_cache_get(void);
 #define Curl_global_host_cache_use(__p) ((__p)->set.global_dns_cache)
 struct Curl_dns_entry {
  Curl_addrinfo *addr;
--- a/lib/hostthre.c
+++ b/lib/hostthre.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -682,6 +682,8 @@ CURLcode Curl_wait_for_resolv(struct connectdata *conn,
 CURLcode Curl_is_resolved(struct connectdata *conn,
                          struct Curl_dns_entry **entry)
 {
  struct SessionHandle *data = conn->data;
  *entry = NULL;
  if(conn->async.done) {
@@ -689,6 +691,8 @@ CURLcode Curl_is_resolved(struct connectdata *conn,
    Curl_destroy_thread_data(&conn->async);
    if(!conn->async.dns) {
      TRACE(("Curl_is_resolved(): CURLE_COULDNT_RESOLVE_HOST\n"));
      failf(data, "Could not resolve host: %s; %s",
            conn->host.name, Curl_strerror(conn, conn->async.status));
      return CURLE_COULDNT_RESOLVE_HOST;
    }
    *entry = conn->async.dns;
--- a/lib/http.c
+++ b/lib/http.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -109,9 +109,9 @@
 * Forward declarations.
 */
-static CURLcode Curl_https_connecting(struct connectdata *conn, bool *done);
+static CURLcode https_connecting(struct connectdata *conn, bool *done);
 #ifdef USE_SSL
-static int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                         curl_socket_t *socks,
                         int numsocks);
 #endif
@@ -146,9 +146,9 @@ const struct Curl_handler Curl_handler_https = {
  Curl_http_done,                       /* done */
  ZERO_NULL,                            /* do_more */
  Curl_http_connect,                    /* connect_it */
-  Curl_https_connecting,                /* connecting */
+  https_connecting,                     /* connecting */
  ZERO_NULL,                            /* doing */
-  Curl_https_getsock,                   /* proto_getsock */
+  https_getsock,                        /* proto_getsock */
  ZERO_NULL,                            /* doing_getsock */
  ZERO_NULL,                            /* disconnect */
  PORT_HTTPS,                           /* defport */
@@ -176,12 +176,12 @@ static char *checkheaders(struct SessionHandle *data, const char *thisheader)
 }
 /*
- * Curl_output_basic() sets up an Authorization: header (or the proxy version)
+ * http_output_basic() sets up an Authorization: header (or the proxy version)
 * for HTTP Basic authentication.
 *
 * Returns CURLcode.
 */
-static CURLcode Curl_output_basic(struct connectdata *conn, bool proxy)
+static CURLcode http_output_basic(struct connectdata *conn, bool proxy)
 {
  char *authorization;
  struct SessionHandle *data=conn->data;
@@ -275,8 +275,7 @@ static bool pickoneauth(struct auth *pick)
 static CURLcode perhapsrewind(struct connectdata *conn)
 {
  struct SessionHandle *data = conn->data;
-  struct HTTP *http = data->reqdata.proto.http;
+  struct HTTP *http = data->state.proto.http;
  struct Curl_transfer_keeper *k = &data->reqdata.keep;
  curl_off_t bytessent;
  curl_off_t expectsend = -1; /* default is unknown */
@@ -338,7 +337,7 @@ static CURLcode perhapsrewind(struct connectdata *conn)
    /* This is not NTLM or NTLM with many bytes left to send: close
     */
    conn->bits.close = TRUE;
-    k->size = 0; /* don't download any more than 0 bytes */
+    data->req.size = 0; /* don't download any more than 0 bytes */
  }
  if(bytessent)
@@ -361,7 +360,7 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
  bool pickproxy = FALSE;
  CURLcode code = CURLE_OK;
-  if(100 == data->reqdata.keep.httpcode)
+  if(100 == data->req.httpcode)
    /* this is a transient response code, ignore */
    return CURLE_OK;
@@ -369,23 +368,23 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
    return data->set.http_fail_on_error?CURLE_HTTP_RETURNED_ERROR:CURLE_OK;
  if(conn->bits.user_passwd &&
-     ((data->reqdata.keep.httpcode == 401) ||
+     ((data->req.httpcode == 401) ||
-      (conn->bits.authneg && data->reqdata.keep.httpcode < 300))) {
+      (conn->bits.authneg && data->req.httpcode < 300))) {
    pickhost = pickoneauth(&data->state.authhost);
    if(!pickhost)
      data->state.authproblem = TRUE;
  }
  if(conn->bits.proxy_user_passwd &&
-     ((data->reqdata.keep.httpcode == 407) ||
+     ((data->req.httpcode == 407) ||
-      (conn->bits.authneg && data->reqdata.keep.httpcode < 300))) {
+      (conn->bits.authneg && data->req.httpcode < 300))) {
    pickproxy = pickoneauth(&data->state.authproxy);
    if(!pickproxy)
      data->state.authproblem = TRUE;
  }
  if(pickhost || pickproxy) {
-    data->reqdata.newurl = strdup(data->change.url); /* clone URL */
+    data->req.newurl = strdup(data->change.url); /* clone URL */
-    if (!data->reqdata.newurl)
+    if(!data->req.newurl)
      return CURLE_OUT_OF_MEMORY;
    if((data->set.httpreq != HTTPREQ_GET) &&
@@ -397,7 +396,7 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
    }
  }
-  else if((data->reqdata.keep.httpcode < 300) &&
+  else if((data->req.httpcode < 300) &&
          (!data->state.authhost.done) &&
          conn->bits.authneg) {
    /* no (known) authentication available,
@@ -406,15 +405,15 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
       we didn't try HEAD or GET */
    if((data->set.httpreq != HTTPREQ_GET) &&
       (data->set.httpreq != HTTPREQ_HEAD)) {
-      data->reqdata.newurl = strdup(data->change.url); /* clone URL */
+      data->req.newurl = strdup(data->change.url); /* clone URL */
-      if (!data->reqdata.newurl)
+      if(!data->req.newurl)
        return CURLE_OUT_OF_MEMORY;
      data->state.authhost.done = TRUE;
    }
  }
  if(Curl_http_should_fail(conn)) {
    failf (data, "The requested URL returned error: %d",
-           data->reqdata.keep.httpcode);
+           data->req.httpcode);
    code = CURLE_HTTP_RETURNED_ERROR;
  }
@@ -436,7 +435,7 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
 * @returns CURLcode
 */
 static CURLcode
-Curl_http_output_auth(struct connectdata *conn,
+http_output_auth(struct connectdata *conn,
                 const char *request,
                 const char *path,
                 bool proxytunnel) /* TRUE if this is the request setting
@@ -503,11 +502,11 @@ Curl_http_output_auth(struct connectdata *conn,
        if(conn->bits.proxy_user_passwd &&
           !checkheaders(data, "Proxy-authorization:")) {
          auth="Basic";
-          result = Curl_output_basic(conn, TRUE);
+          result = http_output_basic(conn, TRUE);
          if(result)
            return result;
        }
-        /* NOTE: Curl_output_basic() should set 'done' TRUE, as the other auth
+        /* NOTE: http_output_basic() should set 'done' TRUE, as the other auth
           functions work that way */
        authproxy->done = TRUE;
      }
@@ -583,7 +582,7 @@ Curl_http_output_auth(struct connectdata *conn,
          if(conn->bits.user_passwd &&
             !checkheaders(data, "Authorization:")) {
            auth="Basic";
-            result = Curl_output_basic(conn, FALSE);
+            result = http_output_basic(conn, FALSE);
            if(result)
              return result;
          }
@@ -660,8 +659,8 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
      /* if exactly this is wanted, go */
      int neg = Curl_input_negotiate(conn, (bool)(httpcode == 407), start);
      if(neg == 0) {
-        data->reqdata.newurl = strdup(data->change.url);
+        data->req.newurl = strdup(data->change.url);
-        data->state.authproblem = (data->reqdata.newurl == NULL);
+        data->state.authproblem = (data->req.newurl == NULL);
      }
      else {
        infof(data, "Authentication problem. Ignoring this.\n");
@@ -743,16 +742,13 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
 int Curl_http_should_fail(struct connectdata *conn)
 {
  struct SessionHandle *data;
-  struct Curl_transfer_keeper *k;
+  int httpcode;
  DEBUGASSERT(conn);
  data = conn->data;
  DEBUGASSERT(data);
-  /*
+  httpcode = data->req.httpcode;
  ** For readability
  */
  k = &data->reqdata.keep;
  /*
  ** If we haven't been asked to fail on error,
@@ -764,12 +760,12 @@ int Curl_http_should_fail(struct connectdata *conn)
  /*
  ** Any code < 400 is never terminal.
  */
-  if (k->httpcode < 400)
+  if(httpcode < 400)
    return 0;
-  if (data->reqdata.resume_from &&
+  if(data->state.resume_from &&
     (data->set.httpreq==HTTPREQ_GET) &&
-      (k->httpcode == 416)) {
+     (httpcode == 416)) {
    /* "Requested Range Not Satisfiable", just proceed and
       pretend this is no error */
    return 0;
@@ -779,14 +775,14 @@ int Curl_http_should_fail(struct connectdata *conn)
  ** Any code >= 400 that's not 401 or 407 is always
  ** a terminal error
  */
-  if ((k->httpcode != 401) &&
+  if((httpcode != 401) &&
-      (k->httpcode != 407))
+      (httpcode != 407))
    return 1;
  /*
  ** All we have left to deal with is 401 and 407
  */
-  DEBUGASSERT((k->httpcode == 401) || (k->httpcode == 407));
+  DEBUGASSERT((httpcode == 401) || (httpcode == 407));
  /*
  ** Examine the current authentication state to see if this
@@ -807,7 +803,8 @@ int Curl_http_should_fail(struct connectdata *conn)
  infof(data,"%s: authavail = 0x%08x\n",__FUNCTION__,data->state.authavail);
  infof(data,"%s: httpcode = %d\n",__FUNCTION__,k->httpcode);
  infof(data,"%s: authdone = %d\n",__FUNCTION__,data->state.authdone);
-  infof(data,"%s: newurl = %s\n",__FUNCTION__,data->reqdata.newurl ? data->reqdata.newurl : "(null)");
+  infof(data,"%s: newurl = %s\n",__FUNCTION__,data->req.newurl ?
        data->req.newurl : "(null)");
  infof(data,"%s: authproblem = %d\n",__FUNCTION__,data->state.authproblem);
 #endif
@@ -815,9 +812,9 @@ int Curl_http_should_fail(struct connectdata *conn)
  ** Either we're not authenticating, or we're supposed to
  ** be authenticating something else.  This is an error.
  */
-  if((k->httpcode == 401) && !conn->bits.user_passwd)
+  if((httpcode == 401) && !conn->bits.user_passwd)
    return TRUE;
-  if((k->httpcode == 407) && !conn->bits.proxy_user_passwd)
+  if((httpcode == 407) && !conn->bits.proxy_user_passwd)
    return TRUE;
  return data->state.authproblem;
@@ -837,7 +834,7 @@ static size_t readmoredata(char *buffer,
                           void *userp)
 {
  struct connectdata *conn = (struct connectdata *)userp;
-  struct HTTP *http = conn->data->reqdata.proto.http;
+  struct HTTP *http = conn->data->state.proto.http;
  size_t fullsize = size * nitems;
  if(0 == http->postsize)
@@ -845,7 +842,7 @@ static size_t readmoredata(char *buffer,
    return 0;
  /* make sure that a HTTP request is never sent away chunked! */
-  conn->bits.forbidchunk = (bool)(http->sending == HTTPSEND_REQUEST);
+  conn->data->req.forbidchunk = (bool)(http->sending == HTTPSEND_REQUEST);
  if(http->postsize <= (curl_off_t)fullsize) {
    memcpy(buffer, http->postdata, (size_t)http->postsize);
@@ -929,9 +926,10 @@ CURLcode add_buffer_send(send_buffer *in,
  CURLcode res;
  char *ptr;
  size_t size;
-  struct HTTP *http = conn->data->reqdata.proto.http;
+  struct HTTP *http = conn->data->state.proto.http;
  size_t sendsize;
  curl_socket_t sockfd;
  size_t headersize;
  DEBUGASSERT(socketindex <= SECONDARYSOCKET);
@@ -943,9 +941,13 @@ CURLcode add_buffer_send(send_buffer *in,
  ptr = in->buffer;
  size = in->size_used;
  headersize = size - included_body_bytes; /* the initial part that isn't body
                                              is header */
  DEBUGASSERT(size > included_body_bytes);
 #ifdef CURL_DOES_CONVERSIONS
-  if(size - included_body_bytes > 0) {
+  res = Curl_convert_to_network(conn->data, ptr, headersize);
    res = Curl_convert_to_network(conn->data, ptr, size - included_body_bytes);
  /* Curl_convert_to_network calls failf if unsuccessful */
  if(res != CURLE_OK) {
    /* conversion failed, free memory and return to the caller */
@@ -954,7 +956,6 @@ CURLcode add_buffer_send(send_buffer *in,
    free(in);
    return res;
  }
  }
 #endif /* CURL_DOES_CONVERSIONS */
  if(conn->protocol & PROT_HTTPS) {
@@ -981,20 +982,29 @@ CURLcode add_buffer_send(send_buffer *in,
  res = Curl_write(conn, sockfd, ptr, sendsize, &amount);
  if(CURLE_OK == res) {
    /*
     * Note that we may not send the entire chunk at once, and we have a set
     * number of data bytes at the end of the big buffer (out of which we may
     * only send away a part).
     */
    /* how much of the header that was sent */
    size_t headlen = (size_t)amount>headersize?headersize:(size_t)amount;
    size_t bodylen = amount - headlen;
    if(conn->data->set.verbose) {
      /* this data _may_ contain binary stuff */
-      Curl_debug(conn->data, CURLINFO_HEADER_OUT, ptr,
+      Curl_debug(conn->data, CURLINFO_HEADER_OUT, ptr, headlen, conn);
-                 (size_t)(amount-included_body_bytes), conn);
+      if((size_t)amount > headlen) {
-      if (included_body_bytes)
+        /* there was body data sent beyond the initial header part, pass that
           on to the debug callback too */
        Curl_debug(conn->data, CURLINFO_DATA_OUT,
-                   ptr+amount-included_body_bytes,
+                   ptr+headlen, bodylen, conn);
                   (size_t)included_body_bytes, conn);
      }
-    if (included_body_bytes)
+    }
    if(bodylen)
      /* since we sent a piece of the body here, up the byte counter for it
         accordingly */
-      http->writebytecount = included_body_bytes;
+      http->writebytecount += bodylen;
    *bytes_written += amount;
@@ -1083,9 +1093,28 @@ CURLcode add_buffer(send_buffer *in, const void *inptr, size_t size)
  char *new_rb;
  size_t new_size;
  if(~size < in->size_used) {
    /* If resulting used size of send buffer would wrap size_t, cleanup
       the whole buffer and return error. Otherwise the required buffer
       size will fit into a single allocatable memory chunk */
    Curl_safefree(in->buffer);
    free(in);
    return CURLE_OUT_OF_MEMORY;
  }
  if(!in->buffer ||
     ((in->size_used + size) > (in->size_max - 1))) {
    /* If current buffer size isn't enough to hold the result, use a
       buffer size that doubles the required size. If this new size
       would wrap size_t, then just use the largest possible one */
    if((size > (size_t)-1/2) || (in->size_used > (size_t)-1/2) ||
       (~(size*2) < (in->size_used*2)))
      new_size = (size_t)-1;
    else
      new_size = (in->size_used+size)*2;
    if(in->buffer)
      /* we have a buffer, enlarge the existing one */
      new_rb = (char *)realloc(in->buffer, new_size);
@@ -1188,7 +1217,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
 {
  int subversion=0;
  struct SessionHandle *data=conn->data;
-  struct Curl_transfer_keeper *k = &data->reqdata.keep;
+  struct SingleRequest *k = &data->req;
  CURLcode result;
  int res;
  long timeout =
@@ -1214,12 +1243,12 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
      infof(data, "Establish HTTP proxy tunnel to %s:%d\n",
            hostname, remote_port);
-      if(data->reqdata.newurl) {
+      if(data->req.newurl) {
        /* This only happens if we've looped here due to authentication
           reasons, and we don't really use the newly cloned URL here
           then. Just free() it. */
-        free(data->reqdata.newurl);
+        free(data->req.newurl);
-        data->reqdata.newurl = NULL;
+        data->req.newurl = NULL;
      }
      /* initialize a dynamic send-buffer */
@@ -1235,7 +1264,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
      }
      /* Setup the proxy-authorization header, if any */
-      result = Curl_http_output_auth(conn, (char *)"CONNECT", host_port, TRUE);
+      result = http_output_auth(conn, (char *)"CONNECT", host_port, TRUE);
      if(CURLE_OK == result) {
        char *host=(char *)"";
@@ -1380,9 +1409,16 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
            keepon = FALSE;
          else if(gotbytes <= 0) {
            keepon = FALSE;
            if(data->set.proxyauth && data->state.authproxy.avail) {
              /* proxy auth was requested and there was proxy auth available,
                 then deem this as "mere" proxy disconnect */
              conn->bits.proxy_connect_closed = TRUE;
            }
            else {
              error = SELECT_ERROR;
              failf(data, "Proxy CONNECT aborted");
            }
          }
          else {
            /*
             * We got a whole chunk of data, which can be anything from one
@@ -1561,6 +1597,8 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
          }
          break;
        } /* switch */
        if(Curl_pgrsUpdate(conn))
          return CURLE_ABORTED_BY_CALLBACK;
      } /* while there's buffer left and loop is requested */
      if(error)
@@ -1571,20 +1609,20 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
           headers. 'newurl' is set to a new URL if we must loop. */
        Curl_http_auth_act(conn);
-      if (closeConnection && data->reqdata.newurl) {
+      if(closeConnection && data->req.newurl) {
        /* Connection closed by server. Don't use it anymore */
        sclose(conn->sock[sockindex]);
        conn->sock[sockindex] = CURL_SOCKET_BAD;
        break;
      }
    } /* END NEGOTIATION PHASE */
-  } while(data->reqdata.newurl);
+  } while(data->req.newurl);
-  if(200 != k->httpcode) {
+  if(200 != data->req.httpcode) {
    failf(data, "Received HTTP code %d from proxy after CONNECT",
-          k->httpcode);
+          data->req.httpcode);
-    if (closeConnection && data->reqdata.newurl)
+    if(closeConnection && data->req.newurl)
      conn->bits.proxy_connect_closed = TRUE;
    return CURLE_RECV_ERROR;
@@ -1599,7 +1637,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
  data->state.authproxy.done = TRUE;
  infof (data, "Proxy replied OK to CONNECT request\n");
-  k->ignorebody = FALSE; /* put it (back) to non-ignore state */
+  data->req.ignorebody = FALSE; /* put it (back) to non-ignore state */
  return CURLE_OK;
 }
@@ -1653,7 +1691,7 @@ CURLcode Curl_http_connect(struct connectdata *conn, bool *done)
  if(conn->protocol & PROT_HTTPS) {
    /* perform SSL initialization */
    if(data->state.used_interface == Curl_if_multi) {
-      result = Curl_https_connecting(conn, done);
+      result = https_connecting(conn, done);
      if(result)
        return result;
    }
@@ -1672,7 +1710,7 @@ CURLcode Curl_http_connect(struct connectdata *conn, bool *done)
  return CURLE_OK;
 }
-static CURLcode Curl_https_connecting(struct connectdata *conn, bool *done)
+static CURLcode https_connecting(struct connectdata *conn, bool *done)
 {
  CURLcode result;
  DEBUGASSERT((conn) && (conn->protocol & PROT_HTTPS));
@@ -1688,7 +1726,7 @@ static CURLcode Curl_https_connecting(struct connectdata *conn, bool *done)
 #ifdef USE_SSLEAY
 /* This function is OpenSSL-specific. It should be made to query the generic
   SSL layer instead. */
-static int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                         curl_socket_t *socks,
                         int numsocks)
 {
@@ -1713,7 +1751,7 @@ static int Curl_https_getsock(struct connectdata *conn,
 }
 #else
 #ifdef USE_GNUTLS
-int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                         curl_socket_t *socks,
                         int numsocks)
 {
@@ -1724,7 +1762,7 @@ int Curl_https_getsock(struct connectdata *conn,
 }
 #else
 #ifdef USE_NSS
-int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                         curl_socket_t *socks,
                         int numsocks)
 {
@@ -1735,7 +1773,7 @@ int Curl_https_getsock(struct connectdata *conn,
 }
 #else
 #ifdef USE_QSOSSL
-int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                         curl_socket_t *socks,
                         int numsocks)
 {
@@ -1758,13 +1796,14 @@ CURLcode Curl_http_done(struct connectdata *conn,
                        CURLcode status, bool premature)
 {
  struct SessionHandle *data = conn->data;
-  struct HTTP *http =data->reqdata.proto.http;
+  struct HTTP *http =data->state.proto.http;
  struct Curl_transfer_keeper *k = &data->reqdata.keep;
  (void)premature; /* not used */
  /* set the proper values (possibly modified on POST) */
  conn->fread_func = data->set.fread_func; /* restore */
  conn->fread_in = data->set.in; /* restore */
  conn->seek_func = data->set.seek_func; /* restore */
  conn->seek_client = data->set.seek_client; /* restore */
  if(http == NULL)
    return CURLE_OK;
@@ -1778,7 +1817,7 @@ CURLcode Curl_http_done(struct connectdata *conn,
  }
  if(HTTPREQ_POST_FORM == data->set.httpreq) {
-    k->bytecount = http->readbytecount + http->writebytecount;
+    data->req.bytecount = http->readbytecount + http->writebytecount;
    Curl_formclean(&http->sendit); /* Now free that whole lot */
    if(http->form.fp) {
@@ -1788,15 +1827,17 @@ CURLcode Curl_http_done(struct connectdata *conn,
    }
  }
  else if(HTTPREQ_PUT == data->set.httpreq)
-    k->bytecount = http->readbytecount + http->writebytecount;
+    data->req.bytecount = http->readbytecount + http->writebytecount;
  if(status != CURLE_OK)
    return (status);
-  if(!conn->bits.retry &&
+  if(!premature && /* this check is pointless when DONE is called before the
                      entire operation is complete */
     !conn->bits.retry &&
     ((http->readbytecount +
-       data->reqdata.keep.headerbytecount -
+       data->req.headerbytecount -
-       data->reqdata.keep.deductheadercount)) <= 0) {
+       data->req.deductheadercount)) <= 0) {
    /* If this connection isn't simply closed to be retried, AND nothing was
       read from the HTTP server (that counts), this can't be right so we
       return an error here */
@@ -1879,7 +1920,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
  char *buf = data->state.buffer; /* this is a short cut to the buffer */
  CURLcode result=CURLE_OK;
  struct HTTP *http;
-  char *ppath = data->reqdata.path;
+  char *ppath = data->state.path;
  char ftp_typecode[sizeof(";type=?")] = "";
  char *host = conn->host.name;
  const char *te = ""; /* transfer-encoding */
@@ -1888,6 +1929,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
  Curl_HttpReq httpreq = data->set.httpreq;
  char *addcookies = NULL;
  curl_off_t included_body = 0;
  const char *httpstring;
  send_buffer *req_buffer;
  curl_off_t postsize; /* off_t type to be able to hold a large file size */
  /* Always consider the DO phase done after this function call, even if there
     may be parts of the request that is not yet sent, since we can deal with
@@ -1898,16 +1943,16 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
     sessionhandle, deal with it */
  Curl_reset_reqproto(conn);
-  if(!data->reqdata.proto.http) {
+  if(!data->state.proto.http) {
    /* Only allocate this struct if we don't already have it! */
    http = (struct HTTP *)calloc(sizeof(struct HTTP), 1);
    if(!http)
      return CURLE_OUT_OF_MEMORY;
-    data->reqdata.proto.http = http;
+    data->state.proto.http = http;
  }
  else
-    http = data->reqdata.proto.http;
+    http = data->state.proto.http;
  if( (conn->protocol&(PROT_HTTP|PROT_FTP)) &&
       data->set.upload) {
@@ -1918,7 +1963,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
  if(data->set.str[STRING_CUSTOMREQUEST])
    request = data->set.str[STRING_CUSTOMREQUEST];
  else {
-    if(conn->bits.no_body)
+    if(data->set.opt_no_body)
      request = (char *)"HEAD";
    else {
      DEBUGASSERT((httpreq > HTTPREQ_NONE) && (httpreq < HTTPREQ_LAST));
@@ -1951,7 +1996,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
  }
  /* setup the authentication headers */
-  result = Curl_http_output_auth(conn, request, ppath, FALSE);
+  result = http_output_auth(conn, request, ppath, FALSE);
  if(result)
    return result;
@@ -1986,13 +2031,23 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
  ptr = checkheaders(data, "Transfer-Encoding:");
  if(ptr) {
    /* Some kind of TE is requested, check if 'chunked' is chosen */
-    conn->bits.upload_chunky =
+    data->req.upload_chunky =
      Curl_compareheader(ptr, "Transfer-Encoding:", "chunked");
  }
  else {
-    if (httpreq == HTTPREQ_GET)
+    if((conn->protocol&PROT_HTTP) &&
-      conn->bits.upload_chunky = FALSE;
+        data->set.upload &&
-    if(conn->bits.upload_chunky)
+        (data->set.infilesize == -1) &&
        (data->set.httpversion != CURL_HTTP_VERSION_1_0)) {
      /* HTTP, upload, unknown file size and not HTTP 1.0 */
      data->req.upload_chunky = TRUE;
    }
    else {
      /* else, no chunky upload */
      data->req.upload_chunky = FALSE;
    }
    if(data->req.upload_chunky)
      te = "Transfer-Encoding: chunked\r\n";
  }
@@ -2035,7 +2090,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    if(((conn->protocol&PROT_HTTPS) && (conn->remote_port == PORT_HTTPS)) ||
       (!(conn->protocol&PROT_HTTPS) && (conn->remote_port == PORT_HTTP)) )
-      /* If (HTTPS on port 443) OR (non-HTTPS on port 80) then don't include
+      /* if(HTTPS on port 443) OR (non-HTTPS on port 80) then don't include
         the port number in the host string */
      conn->allocptr.host = aprintf("Host: %s%s%s\r\n",
                                    conn->bits.ipv6_ip?"[":"",
@@ -2094,6 +2149,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      }
    }
    ppath = data->change.url;
    if (data->set.proxy_transfer_mode) {
      /* when doing ftp, append ;type=<a|i> if not present */
      if(checkprefix("ftp://", ppath) || checkprefix("ftps://", ppath)) {
        char *p = strstr(ppath, ";type=");
@@ -2112,6 +2168,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                   data->set.prefer_ascii ? 'a' : 'i');
      }
    }
  }
  if(HTTPREQ_POST_FORM == httpreq) {
    /* we must build the whole darned post sequence first, so that we have
       a size of the whole shebang before we start to send it */
@@ -2131,13 +2188,12 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
     (conn->bits.httpproxy && !conn->bits.tunnel_proxy) )?
    "Pragma: no-cache\r\n":NULL;
-  if(!checkheaders(data, "Accept:"))
+  http->p_accept = checkheaders(data, "Accept:")?NULL:"Accept: */*\r\n";
    http->p_accept = "Accept: */*\r\n";
  if(( (HTTPREQ_POST == httpreq) ||
       (HTTPREQ_POST_FORM == httpreq) ||
       (HTTPREQ_PUT == httpreq) ) &&
-     data->reqdata.resume_from) {
+     data->state.resume_from) {
    /**********************************************************************
     * Resuming upload in HTTP means that we PUT or POST and that we have
     * got a resume_from value set. The resume value has already created
@@ -2146,30 +2202,40 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
     * file size before we continue this venture in the dark lands of HTTP.
     *********************************************************************/
-    if(data->reqdata.resume_from < 0 ) {
+    if(data->state.resume_from < 0 ) {
      /*
       * This is meant to get the size of the present remote-file by itself.
       * We don't support this now. Bail out!
       */
-       data->reqdata.resume_from = 0;
+       data->state.resume_from = 0;
    }
-    if(data->reqdata.resume_from && !data->state.this_is_a_follow) {
+    if(data->state.resume_from && !data->state.this_is_a_follow) {
      /* do we still game? */
      curl_off_t passed=0;
      /* Now, let's read off the proper amount of bytes from the
-         input. If we knew it was a proper file we could've just
+         input. */
-         fseek()ed but we only have a stream here */
+      if(conn->seek_func) {
        curl_off_t readthisamountnow = data->state.resume_from;
        if(conn->seek_func(conn->seek_client,
                           readthisamountnow, SEEK_SET) != 0) {
          failf(data, "Could not seek stream");
          return CURLE_READ_ERROR;
        }
      }
      else {
        curl_off_t passed=0;
        do {
-        size_t readthisamountnow = (size_t)(data->reqdata.resume_from - passed);
+          size_t readthisamountnow = (size_t)(data->state.resume_from - passed);
          size_t actuallyread;
          if(readthisamountnow > BUFSIZE)
            readthisamountnow = BUFSIZE;
-        actuallyread =
+          actuallyread = data->set.fread_func(data->state.buffer, 1,
-          data->set.fread_func(data->state.buffer, 1, (size_t)readthisamountnow,
+                                              (size_t)readthisamountnow,
                                              data->set.in);
          passed += actuallyread;
@@ -2179,11 +2245,12 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                  passed);
            return CURLE_READ_ERROR;
          }
-      } while(passed != data->reqdata.resume_from); /* loop until done */
+        } while(passed != data->state.resume_from); /* loop until done */
      }
      /* now, decrease the size of the read */
      if(data->set.infilesize>0) {
-        data->set.infilesize -= data->reqdata.resume_from;
+        data->set.infilesize -= data->state.resume_from;
        if(data->set.infilesize <= 0) {
          failf(data, "File already completely uploaded");
@@ -2193,7 +2260,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      /* we've passed, proceed as normal */
    }
  }
-  if(data->reqdata.use_range) {
+  if(data->state.use_range) {
    /*
     * A range is selected. We use different headers whether we're downloading
     * or uploading and we always let customized headers override our internal
@@ -2205,7 +2272,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      if(conn->allocptr.rangeline)
        free(conn->allocptr.rangeline);
      conn->allocptr.rangeline = aprintf("Range: bytes=%s\r\n",
-                                         data->reqdata.range);
+                                         data->state.range);
    }
    else if((httpreq != HTTPREQ_GET) &&
            !checkheaders(data, "Content-Range:")) {
@@ -2214,14 +2281,14 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      if(conn->allocptr.rangeline)
        free(conn->allocptr.rangeline);
-      if(data->reqdata.resume_from) {
+      if(data->state.resume_from) {
        /* This is because "resume" was selected */
        curl_off_t total_expected_size=
-          data->reqdata.resume_from + data->set.infilesize;
+          data->state.resume_from + data->set.infilesize;
        conn->allocptr.rangeline =
            aprintf("Content-Range: bytes %s%" FORMAT_OFF_T
                    "/%" FORMAT_OFF_T "\r\n",
-                    data->reqdata.range, total_expected_size-1,
+                    data->state.range, total_expected_size-1,
                    total_expected_size);
      }
      else {
@@ -2229,20 +2296,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
           append total size */
        conn->allocptr.rangeline =
            aprintf("Content-Range: bytes %s/%" FORMAT_OFF_T "\r\n",
-                    data->reqdata.range, data->set.infilesize);
+                    data->state.range, data->set.infilesize);
      }
      if(!conn->allocptr.rangeline)
        return CURLE_OUT_OF_MEMORY;
    }
  }
  {
  /* Use 1.1 unless the use specificly asked for 1.0 */
-    const char *httpstring=
+  httpstring= data->set.httpversion==CURL_HTTP_VERSION_1_0?"1.0":"1.1";
      data->set.httpversion==CURL_HTTP_VERSION_1_0?"1.0":"1.1";
    send_buffer *req_buffer;
    curl_off_t postsize; /* off_t type to be able to hold a large file size */
  /* initialize a dynamic send-buffer */
  req_buffer = add_buffer_init();
@@ -2274,7 +2336,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                conn->allocptr.proxyuserpwd?
                conn->allocptr.proxyuserpwd:"",
                conn->allocptr.userpwd?conn->allocptr.userpwd:"",
-                (data->reqdata.use_range && conn->allocptr.rangeline)?
+                (data->state.use_range && conn->allocptr.rangeline)?
                conn->allocptr.rangeline:"",
                (data->set.str[STRING_USERAGENT] &&
                 *data->set.str[STRING_USERAGENT] && conn->allocptr.uagent)?
@@ -2295,6 +2357,14 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                te
      );
  /*
   * Free userpwd now --- cannot reuse this for Negotiate and possibly NTLM
   * with basic and digest, it will be freed anyway by the next request
   */
  Curl_safefree (conn->allocptr.userpwd);
  conn->allocptr.userpwd = NULL;
  if(result)
    return result;
@@ -2307,7 +2377,8 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
      co = Curl_cookie_getlist(data->cookies,
                               conn->allocptr.cookiehost?
-                                 conn->allocptr.cookiehost:host, data->reqdata.path,
+                               conn->allocptr.cookiehost:host,
                               data->state.path,
                               (bool)(conn->protocol&PROT_HTTPS?TRUE:FALSE));
      Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
    }
@@ -2330,7 +2401,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
        }
        co = co->next; /* next cookie please */
      }
-        Curl_cookie_freelist(store); /* free the cookie list */
+      Curl_cookie_freelist(store, FALSE); /* free the cookie list */
    }
    if(addcookies && (CURLE_OK == result)) {
      if(!count)
@@ -2441,7 +2512,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    http->sending = HTTPSEND_BODY;
-      if(!conn->bits.upload_chunky) {
+    if(!data->req.upload_chunky) {
      /* only add Content-Length if not uploading chunked */
      result = add_bufferf(req_buffer,
                           "Content-Length: %" FORMAT_OFF_T "\r\n",
@@ -2513,7 +2584,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    else
      postsize = data->set.infilesize;
-      if((postsize != -1) && !conn->bits.upload_chunky) {
+    if((postsize != -1) && !data->req.upload_chunky) {
      /* only add Content-Length if not uploading chunked */
      result = add_bufferf(req_buffer,
                           "Content-Length: %" FORMAT_OFF_T "\r\n",
@@ -2559,7 +2630,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
        data->set.postfieldsize:
        (data->set.postfields? (curl_off_t)strlen(data->set.postfields):0);
-      if(!conn->bits.upload_chunky) {
+        if(!data->req.upload_chunky) {
          /* We only set Content-Length and allow a custom Content-Length if
             we don't upload data chunked, as RFC2616 forbids us to set both
             kinds of headers (Transfer-Encoding: chunked and Content-Length) */
@@ -2582,10 +2653,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
            return result;
        }
-      if(data->set.postfields) {
+        /* For really small posts we don't use Expect: headers at all, and for
-
+           the somewhat bigger ones we allow the app to disable it. Just make
-        /* for really small posts we don't use Expect: headers at all, and for
+           sure that the expect100header is always set to the preferred value
-           the somewhat bigger ones we allow the app to disable it */
+           here. */
        if(postsize > TINY_INITIAL_POST_SIZE) {
          result = expect100(data, req_buffer);
          if(result)
@@ -2594,6 +2665,8 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
        else
          data->state.expect100header = FALSE;
        if(data->set.postfields) {
          if(!data->state.expect100header &&
             (postsize < MAX_INITIAL_POST_SIZE))  {
            /* if we don't use expect: 100  AND
@@ -2607,7 +2680,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
            if(result)
              return result;
-          if(!conn->bits.upload_chunky) {
+            if(!data->req.upload_chunky) {
              /* We're not sending it 'chunked', append it to the request
                 already now to reduce the number if send() calls */
              result = add_buffer(req_buffer, data->set.postfields,
@@ -2656,9 +2729,13 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
            /* set the upload size to the progress meter */
            Curl_pgrsSetUploadSize(data, postsize?postsize:-1);
-          /* set the pointer to mark that we will send the post body using
+            /* set the pointer to mark that we will send the post body using the
-             the read callback */
+               read callback, but only if we're not in authenticate
               negotiation  */
            if(!conn->bits.authneg) {
              http->postdata = (char *)&http->postdata;
              http->postsize = postsize;
            }
          }
        }
        /* issue the request */
@@ -2695,8 +2772,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
  }
  if(result)
    return result;
  if(http->writebytecount) {
    /* if a request-body has been sent off, we make sure this progress is noted
       properly */
    Curl_pgrsSetUploadCounter(data, http->writebytecount);
    if(Curl_pgrsUpdate(conn))
      result = CURLE_ABORTED_BY_CALLBACK;
  }
-  return CURLE_OK;
+  return result;
 }
 #endif
--- a/lib/http_chunks.c
+++ b/lib/http_chunks.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -109,7 +109,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
  CURLcode result=CURLE_OK;
  struct SessionHandle *data = conn->data;
  struct Curl_chunker *ch = &conn->chunk;
-  struct Curl_transfer_keeper *k = &data->reqdata.keep;
+  struct SingleRequest *k = &data->req;
  size_t piece;
  size_t length = (size_t)datalen;
  size_t *wrote = (size_t *)wrotep;
@@ -118,8 +118,11 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
  /* the original data is written to the client, but we go on with the
     chunk read process, to properly calculate the content length*/
-  if (data->set.http_te_skip && !k->ignorebody)
+  if(data->set.http_te_skip && !k->ignorebody) {
-    Curl_client_write(conn, CLIENTWRITE_BODY, datap,datalen);
+    result = Curl_client_write(conn, CLIENTWRITE_BODY, datap, datalen);
    if(result)
      return CHUNKE_WRITE_ERROR;
  }
  while(length) {
    switch(ch->state) {
@@ -178,7 +181,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
      if(*datap == 0x0a) {
        /* we're now expecting data to come, unless size was zero! */
        if(0 == ch->datasize) {
-          if (conn->bits.trailerHdrPresent!=TRUE) {
+          if(k->trailerhdrpresent!=TRUE) {
            /* No Trailer: header found - revert to original Curl processing */
            ch->state = CHUNK_STOPCR;
@@ -217,7 +220,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
      /* Write the data portion available */
 #ifdef HAVE_LIBZ
      switch (conn->data->set.http_ce_skip?
-              IDENTITY : data->reqdata.keep.content_encoding) {
+              IDENTITY : data->req.content_encoding) {
      case IDENTITY:
 #endif
        if(!k->ignorebody) {
@@ -231,16 +234,16 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
        break;
      case DEFLATE:
-        /* update data->reqdata.keep.str to point to the chunk data. */
+        /* update data->req.keep.str to point to the chunk data. */
-        data->reqdata.keep.str = datap;
+        data->req.str = datap;
-        result = Curl_unencode_deflate_write(conn, &data->reqdata.keep,
+        result = Curl_unencode_deflate_write(conn, &data->req,
                                             (ssize_t)piece);
        break;
      case GZIP:
-        /* update data->reqdata.keep.str to point to the chunk data. */
+        /* update data->req.keep.str to point to the chunk data. */
-        data->reqdata.keep.str = datap;
+        data->req.str = datap;
-        result = Curl_unencode_gzip_write(conn, &data->reqdata.keep,
+        result = Curl_unencode_gzip_write(conn, &data->req,
                                          (ssize_t)piece);
        break;
@@ -362,9 +365,12 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
            return(CHUNKE_BAD_CHUNK);
          }
 #endif /* CURL_DOES_CONVERSIONS */
-          if ( !data->set.http_te_skip )
+          if(!data->set.http_te_skip) {
-            Curl_client_write(conn, CLIENTWRITE_HEADER,
+            result = Curl_client_write(conn, CLIENTWRITE_HEADER,
                                       conn->trailer, conn->trlPos);
            if(result)
              return CHUNKE_WRITE_ERROR;
          }
        }
        ch->state = CHUNK_TRAILER;
        conn->trlPos=0;
--- a/Show More
+++ b/Show More
`@@ -1,4 +1,4 @@`
	`This is what's new and changed in the c-ares 1.4.1 release:`	`This is what's new and changed in the c-ares 1.5.2 release:`

	`o`	`o`