7.18.1

since they're still not clear enough to be to sort about before 7.18.1

CHANGES

@@ -6,6 +6,702 @@
 
                                   Changelog
 
+Version 7.18.1 (30 March 2008)
+
+Daniel Stenberg (28 Mar 2008)
+- Stephen Collyer pointed out that configure --with-libssh2 without a given
+  path didn't work properly.
+
+Daniel Stenberg (27 Mar 2008)
+- As found out and reported by Dan Petitt, libcurl didn't show progress/call
+  the progress callback for the first (potentially huge) piece of body data
+  sent together with the POST request headers in the initial send().
+
+Daniel Stenberg (25 Mar 2008)
+- Made setting the CURLOPT_SSL_CTX_FUNCTION option return a failure in case
+  libcurl wasn't built to use OpenSSL as that is a prerequisite for this
+  option to function!
+
+Daniel Stenberg (22 Mar 2008)
+- Fixed the problem with doing a zero byte SCP transfer, verified with test
+  case 617 (which was added by Daniel Fandrich 5 Mar 2008).
+
+Daniel Fandrich (20 Mar 2008)
+- Fixed a problem where curl-config --protocols could erroneously show LDAPS
+  support when curl didn't even have regular LDAP support.  It looks like
+  this could happen when the --enable-ldaps configure switch is given but
+  configure couldn't find the LDAP headers or libraries.
+
+Michal Marek (20 Mar 2008)
+- Added --with-ca-path=DIRECTORY configure option to use an openSSL CApath by
+  default instead of a ca bundle. The configure script will also look for a
+  ca path if no ca bundle is found and no option given.
+
+- Fixed detection of previously installed curl-ca-bundle.crt
+
+Daniel Fandrich (18 Mar 2008)
+- Added test 626 to reproduce an infinite loop when given an invalid
+  SFTP quote command reported by Vincent Le Normand, and fixed it.
+
+Michal Marek (18 Mar 2008)
+- Added curl_easy_getinfo typechecker.
+
+- Added macros for curl_share_setopt and curl_multi_setopt to check at least
+  the correct number of arguments.
+
+Daniel Fandrich (13 Mar 2008)
+- Added tests 622-625 to test SFTP/SCP uploads. Test 625 was an attempt to
+  reproduce the --ftp-create-dirs problem reported by Brian Ulm, but that
+  seems to need a call curl_easy_reset() which this test case doesn't do.
+
+Daniel Stenberg (13 Mar 2008)
+- Brian Ulm figured out that if you did an SFTP upload with
+  CURLOPT_FTP_CREATE_MISSING_DIRS to create a directory, and then re-used the
+  handle and uploaded another file to another directory that needed to be
+  created, the second upload would fail. Another case of a state variable that
+  wasn't properly reset between requests.
+
+- I rewrote the 100-continue code to use a single state variable instead of
+  the previous two ones. I think it made the logic somewhat clearer.
+
+Daniel Stenberg (11 Mar 2008)
+- Dmitry Popov filed bug report #1911069
+  (http://curl.haxx.se/bug/view.cgi?id=1911069) that identified a race
+  condition in the name resolver code when the DNS cache is shared between
+  multiple easy handles, each running in simultaneous threads that could cause
+  crashes.
+
+- Added a macro for curl_easy_setopt() that accepts three arguments and simply
+  does nothing with them, just to make sure libcurl users always use three
+  arguments to this function. Due to its use of ... for the third argument, it
+  is otherwise hard to detect abuse.
+
+Michal Marek (11 Mar 2008)
+- Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only
+  works in C mode atm (http://curl.haxx.se/mail/lib-2008-02/0267.html ,
+  http://curl.haxx.se/mail/lib-2008-02/0292.html )
+
+Daniel Fandrich (10 Mar 2008)
+- Added tests 618-621 to test SFTP/SCP transfers of more than one file
+  (test 620 tests the just-fixed problem reported by Brian Ulm).
+
+Daniel Stenberg (9 Mar 2008)
+- Brian Ulm reported a crash when doing a second SFTP transfer on a re-used
+  easy handle if curl_easy_reset() was used between them. I fixed it and Brian
+  verified that it cured his problem.
+
+- Brian Ulm reported that if you first tried to download a non-existing SFTP
+  file and then fetched an existing one and re-used the handle, libcurl would
+  still report the second one as non-existing as well! I fixed it and Brian
+  verified that it cured his problem.
+
+Michal Marek (6 Mar 2008)
+- Fix the gssapi configure check to detect newer MIT Kerberos (patch by
+  Michael Calmer)
+
+Yang Tse (6 Mar 2008)
+- Fix regression on Curl_socket_ready() and Curl_poll() so that these will
+  again fail on select/poll errors different than EINTR.
+
+Daniel Fandrich (5 Mar 2008)
+- Fixed the test harness so it will write out zero-length data files.
+
+- Added tests 616 and 617 to see how SFTP and SCP cope with zero-length
+  files, as questioned by Mike Protts. SFTP does for me but SCP doesn't
+  so test 617 is disabled for now.
+
+Daniel S (4 Mar 2008)
+- Mike Protts brought a patch that makes resumed transfers work with SFTP.
+
+Daniel S (1 Mar 2008)
+- Anatoli Tubman found and fixed a crash with Negotiate authentication used on
+  a re-used connection where both requests used Negotiate.
+
+Guenter Knauf (26 Feb 2008)
+- Kaspar Brand provided a patch to support server name indication (RFC 4366).
+
+Daniel S (25 Feb 2008)
+- Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
+  forces it to prefer SSLv3.
+
+Daniel S (23 Feb 2008)
+- Sam Listopad provided a patch in feature-request #1900014
+  http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
+  use OpenSSL) support a full chain of certificates in a given PKCS12
+  certificate.
+
+Daniel S (22 Feb 2008)
+- Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model
+  options as the lib/Makefile.vc6 already did.
+
+Daniel S (21 Feb 2008)
+- Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
+  happened if you set the connection cache size to 1 and for example failed to
+  login to an FTP site. Bug report #1896698
+  (http://curl.haxx.se/bug/view.cgi?id=1896698)
+
+Daniel S (20 Feb 2008)
+- Fixed test case 405 to not fail when libcurl is built with GnuTLS
+
+- Based on initial work done by Gautam Kachroo to address a bug, we now keep
+  better control at the exact state of the connection's SSL status so that we
+  know exactly when it has completed the SSL negotiation or not so that there
+  won't be accidental re-uses of connections that are wrongly believed to be
+  in SSL-completed-negotiate state.
+
+- We no longer support setting the CURLOPT_URL option from inside a callback
+  such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
+  following. The patch that introduced this feature was done for 7.11.0, but
+  this code and functionality has been broken since about 7.15.4 (March 2006)
+  with the introduction of non-blocking OpenSSL "connects".
+
+  It was a hack to begin with and since it doesn't work and hasn't worked
+  correctly for a long time and nobody has even noticed, I consider it a very
+  suitable subject for plain removal. And so it was done.
+
+Guenter Knauf (19 Feb 2008)
+- We do no longer support SSLv2 by default since it has known flaws.
+  Kaspar Brand provided a patch for all supported SSL toolkits.
+ 
+Daniel Fandrich (19 Feb 2008)
+- Added test309 to test HTTP redirect to HTTPS URL
+
+Daniel S (18 Feb 2008)
+- We're no longer providing a very old ca-bundle in the curl tarball. You can
+  get a fresh one downloaded and created with 'make ca-bundle' or you can get
+  one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
+  new one extracted from Mozilla's recent list of ca certs.
+
+  The configure option --with-ca-bundle now lets you specify what file to use
+  as default ca bundle for your build. If not specified, the configure script
+  will check a few known standard places for a global ca cert to use.
+
+Daniel S (17 Feb 2008)
+- Jerome Muffat-Meridol helped me fix Curl_done() to close the current
+  connection by force when it was called before the entire request is
+  completed, simply because we can't know if the connection really can be
+  re-used safely at that point.
+
+- Based on the same debugging logic, I've also made Curl_http_done() not
+  return CURLE_GOT_NOTHING if called "prematurely". This should have no real
+  effect to anything but the code makes more sense like this.
+  
+Daniel S (15 Feb 2008)
+- Made the gnutls code path not even try to get the server cert if no peer
+  verification is requested. Previously it would even return failure if gnutls
+  failed to get the server cert even though no verification was asked for.
+  Public server showing the problem: https://www.net222.caisse-epargne.fr
+
+- Fix my Curl_timeleft() leftover mistake in the gnutls code
+
+- Pooyan McSporran found and fixed a flaw where you first would do a normal
+  http request and then you'd reuse the handle and replace the Accept: header,
+  as then libcurl would send two Accept: headers!
+
+Daniel S (11 Feb 2008)
+- Yang Tse pointed out a few remaining quirks from my timeout refactoring from
+  Feb 7 that didn't abort properly on timeouts. These are actually old
+  problems but now they should be fixed.
+
+Yang Tse (10 Feb 2008)
+- Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) points out
+  and provides test program that demonstrates that libcurl might not set error
+  description message for error CURLE_COULDNT_RESOLVE_HOST for Windows threaded
+  name resolver builds. Fixed now.
+
+Daniel Fandrich (8 Feb 2007)
+- Added key words to all SSL-using tests so they can be skipped if necessary.
+  Removed a few unnecessary requires SSL statements.
+
+Daniel S (8 Feb 2008)
+- Mike Hommey filed and fixed bug report #1889856
+  (http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl
+  layer, cleaning-up and reinitializing curl ends up with https requests
+  failing with "ASN1 parser: Element was not found" errors. Obviously a
+  regression added in 7.16.3.
+
+Yang Tse (8 Feb 2008)
+- Improved test harness SCP/SFTP start up server verification, doing a real
+  connection to the sftp server, authenticating and running a simple sftp
+  pwd command using the test harness generated configuration and key files.
+
+Daniel S (8 Feb 2008)
+- G<>nter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle and
+  creates a suitable ca-bundle.crt file in PEM format for use with curl. The
+  recommended way to run it is to use 'make ca-bundle' in the build tree root.
+
+Daniel Fandrich (7 Feb 2007)
+- Added tests 1022 and 1023 to validate output of curl-config --version and
+  --vernum
+
+Daniel S (7 Feb 2008)
+- Refactored a lot of timeout code into a few functions in an attempt to make
+  them all use the same (hopefully correct) logic to make it less error-prone
+  and easier to introduce library-wide where it should be used.
+
+Yang Tse (6 Feb 2008)
+- Fix an issue in strdup replacement function when dealing with absolutely
+  huge strings. Only systems without a standard strdup would be affected.
+
+Daniel S (3 Feb 2008)
+- Dmitry Kurochkin cleaned up the pipelining code and removed the need for and
+  use of the "is_in_pipeline" struct field.
+
+- I wrote up and added the threaded-ssl.c example source code that shows how
+  to do multi-threaded downloads of HTTPS files with a libcurl that is built
+  with OpenSSL. It uses pthreads for the threading.
+
+Daniel S (31 Jan 2008)
+- Niklas Angebrand made the cookie support in libcurl properly deal with the
+  "HttpOnly" feature introduced by Microsoft and apparently also supported by
+  Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
+  is now supported when received from servers in HTTP headers, when written to
+  cookie jars and when read from existing cookie jars.
+
+  I modified test case 31 and 46 to also do some basic HttpOnly testing.
+
+- Dmitry Kurochkin moved several struct fields from the connectdata struct to
+  the SingleRequest one to make pipelining better. It is a bit tricky to keep
+  them in the right place, to keep things related to the actual request or to
+  the actual connection in the right place.
+
+Daniel S (29 Jan 2008)
+- Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previously
+  crash!
+
+- Michal Marek fixed minor mistake in test case 553 that prevented it from
+  working on other IP-addresses or port numbers.
+
+Version 7.18.0 (28 January 2008)
+
+Daniel S (27 Jan 2008)
+- Dmitry Kurochkin: In "real world" testing I found more bugs in
+  pipelining. Broken connection is not restored and we get into infinite
+  loop. It happens because of wrong is_in_pipeline values.
+
+Daniel S (26 Jan 2008)
+- Kevin Reed filed bug report #1879375
+  (http://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl
+  got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any
+  proxy authentication and the proxy replies with an auth (like NTLM) and then
+  closes the connection after that initial informational response.
+
+  libcurl would not properly re-initialize the connection to the proxy and
+  continue the auth negotiation like supposed. It does now however, as it will
+  now detect if one or more authentication methods were available and asked
+  for, and will thus retry the connection and continue from there.
+
+- I made the progress callback get called properly during proxy CONNECT.
+
+Daniel S (23 Jan 2008)
+- Igor Franchuk pointed out that CURLOPT_COOKIELIST set to "ALL" leaked
+  memory, and so did "SESS". Fixed now.
+
+Yang Tse (22 Jan 2008)
+- Check poll.h at configuration time, and use it when sys/poll.h unavailable
+
+Daniel S (22 Jan 2008)
+- Dmitry Kurochkin removed the cancelled state for pipelining, as we agreed
+  that it is bad anyway. Starting now, removing a handle that is in used in a
+  pipeline will break the pipeline - it'll be set back up again but still...
+
+Yang Tse (21 Jan 2008)
+- Disable ldap support for cygwin builds, since it breaks whole build process.
+  Fixing it will affect other platforms, so it is postponed for another release.
+
+Daniel S (18 Jan 2008)
+- Lau Hang Kin found and fixed a problem with the multi interface when doing
+  CONNECT over a proxy. curl_multi_fdset() didn't report back the socket
+  properly during that state, due to a missing case in the switch in the
+  multi_getsock() function.
+
+Yang Tse (17 Jan 2008)
+- Don't abort tests 518 and 537 when unable to raise the open-file soft limit.
+
+Daniel S (16 Jan 2008)
+- Nathan Coulter's patch that makes runtests.pl respect the PATH when figuring
+  out what valgrind to run.
+
+Yang Tse (16 Jan 2008)
+- Improved handling of out of memory in the command line tool that afected
+  data url encoded HTTP POSTs when reading it from a file.
+
+Daniel S (16 Jan 2008)
+- Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support that
+  previously had a number of flaws, perhaps most notably when an application
+  fired up N transfers at once as then they wouldn't pipeline at all that
+  nicely as anyone would think... Test case 530 was also updated to take the
+  improved functionality into account.
+
+- Calls to Curl_failf() are not supposed to provide a trailing newline as the
+  function itself adds that. Fixed on 50 or something strings!
+
+Daniel S (15 Jan 2008)
+- I made the torture test on test 530 go through. This was actually due to
+  silly code left from when we switched to let the multi handle "hold" the dns
+  cache when using the multi interface... Of course this only triggered when a
+  certain function call returned error at the correct moment.
+
+Daniel S (14 Jan 2008)
+- Joe Malicki filed bug report #1871269
+  (http://curl.haxx.se/bug/view.cgi?id=1871269) and we could fix his hang-
+  problem that occurred when doing a large HTTP POST request with the
+  response-body read from a callback.
+
+Daniel S (12 Jan 2008)
+- I re-arranged the curl --help output. All the options are now sorted on
+  their long option names and all descriptions are one-liners.
+
+- Eric Landes provided the patch (edited by me) that introduces the
+  --keepalive-time to curl to set the keepalive probe interval. I also took
+  the opportunity to rename the recently added no-keep-alive option to
+  no-keepalive to keep a consistent naming and to avoid getting two dashes in
+  these option names. Eric also provided an update to the man page for the new
+  option.
+
+Daniel S (11 Jan 2008)
+- Daniel Egger made CURLOPT_RANGE work on file:// URLs the very same way it
+  already worked for FTP:// URLs.
+
+- I made the curl tool switch from using CURLOPT_IOCTLFUNCTION to now use the
+  spanking new CURLOPT_SEEKFUNCTION simply to take advantage of the improved
+  performance for the upload resume cases where you want to upload the last
+  few bytes of a very large file. To implement this decently, I had to switch
+  the client code for uploading from fopen()/fread() to plain open()/read() so
+  that we can use lseek() to do >32bit seeks (as fseek() doesn't allow that)
+  on systems that offer support for that.
+
+Daniel S (10 Jan 2008)
+- Michal Marek made curl-config --libs not include /usr/lib64 in the output
+  (it already before skipped /usr/lib).  /usr/lib64 is the default library
+  directory on many 64bit systems and it's unlikely that anyone would use the
+  path privately on systems where it's not.
+
+- Georg Lippitsch brought CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA to allow
+  libcurl to seek in a given input stream. This is particularly important when
+  doing upload resumes when there's already a huge part of the file present
+  remotely. Before, and still if this callback isn't used, libcurl will read
+  and through away the entire file up to the point to where the resuming
+  begins (which of course can be a slow opereration depending on file size,
+  I/O bandwidth and more). This new function will also be preferred to get
+  used instead of the CURLOPT_IOCTLFUNCTION for seeking back in a stream when
+  doing multi-stage HTTP auth with POST/PUT.
+
+- Nikitinskit Dmitriy filed bug report #1868255
+  (http://curl.haxx.se/bug/view.cgi?id=1868255) with a patch. It identifies
+  and fixes a problem with parsing WWW-Authenticate: headers with additional
+  spaces in the line that the parser wasn't written to deal with.
+
+Daniel S (8 Jan 2008)
+- Introducing curl_easy_pause() and new magic return codes for both the read
+  and the write callbacks that now can make a connection's reading and/or
+  writing get paused.
+
+Daniel S (6 Jan 2008)
+- Jeff Johnson filed bug report #1863171
+  (http://curl.haxx.se/bug/view.cgi?id=1863171) where he pointed out that
+  libcurl's date parser didn't accept a +1300 time zone which actually is used
+  fairly often (like New Zealand's Dailight Savings Time), so I modified the
+  parser to now accept up to and including -1400 to +1400.
+
+Daniel S (5 Jan 2008)
+- Based on further discussion on curl-library, I reverted yesterday's SOCKS5
+  code to instead introduce support for a new proxy type called
+  CURLPROXY_SOCKS5_HOSTNAME that is used to send the host name to the proxy
+  instead of IP address and there's thus no longer any need for a new
+  curl_easy_setopt() option.
+
+  The default SOCKS5 proxy is again back to sending the IP address to the
+  proxy.  The new curl command line option for enabling sending host name to a
+  SOCKS5 proxy is now --socks5-hostname.
+
+Daniel S (4 Jan 2008)
+- Based on Maxim Perenesenko's patch, we now do SOCKS5 operations and let the
+  proxy do the host name resolving and only if --socks5ip (or
+  CURLOPT_SOCKS5_RESOLVE_LOCAL) is used we resolve the host name locally and
+  pass on the IP address only to the proxy.
+
+Yang Tse (3 Jan 2008)
+- Modified test harness to allow SCP, SFTP and SOCKS4 tests to run with
+  OpenSSH 2.9.9, SunSSH 1.0 or later versions. SOCKS5 tests need OpenSSH
+  3.7, SunSSH 1.0 or later.
+
+Daniel S (2 Jan 2008)
+- I fixed two cases of missing return code checks when handling chunked
+  decoding where a write error (or abort return from a callback) didn't stop
+  libcurl's processing.
+
+- I removed the socklen_t use from the public curl/curl.h header and instead
+  made it an unsigned int. The type was only used in the curl_sockaddr struct
+  definition (only used by the curl_opensocket_callback). On all platforms I
+  could find information about, socklen_t is 32 unsigned bits large so I don't
+  think this will break the API or ABI. The main reason for this change is of
+  course for all the platforms that don't have a socklen_t definition in their
+  headers to build fine again. Providing our own configure magic and custom
+  definition of socklen_t on those systems proved to work but was a lot of
+  cruft, code and extra magic needed - when this very small change of type
+  seems harmless and still solves the missing socklen_t problem.
+
+- Richard Atterer brought a patch that added support for SOCKS4a proxies,
+  which is an inofficial PROXY4 variant that sends the hostname to the proxy
+  instead of the resolved address (which is already supported by SOCKS5).
+  --socks4a is the curl command line option for it and CURLOPT_PROXYTYPE can
+  now be set to CURLPROXY_SOCKS4A as well.
+
+Daniel S (1 Jan 2008)
+- Mohun Biswas pointed out that --libcurl generated a source code with an int
+  function but without a return statement. While fixing that, I also took care
+  about adding some better comments for the generated code.
+
+Daniel S (27 Dec 2007)
+- Dmitry Kurochkin mentioned a flaw
+  (http://curl.haxx.se/mail/lib-2007-12/0252.html) in detect_proxy() which
+  failed to set the bits.proxy variable properly when an environment variable
+  told libcurl to use a http proxy.
+
+Daniel S (26 Dec 2007)
+- In an attempt to repeat the problem in bug report #1850730
+  (http://curl.haxx.se/bug/view.cgi?id=1850730) I wrote up test case 552. The
+  test is doing a 70K POST with a read callback and an ioctl callback over a
+  proxy requiring Digest auth. The test case code is more or less identical to
+  the test recipe code provided by Spacen Jasset (who submitted the bug
+  report).
+
+Daniel S (25 Dec 2007)
+- Gary Maxwell filed bug report #1856628
+  (http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the
+  (small) memory leak in the SSL session ID caching code. It happened when a
+  previous entry in the cache was re-used.
+
+Daniel Fandrich (19 Dec 2007)
+- Ensure that nroff doesn't put anything but ASCII characters into the
+  --manual text.
+
+Yang Tse (18 Dec 2007)
+- MSVC 9.0 (VS2008) does not support Windows build targets prior to WinXP,
+  and makes wrong asumptions of build target when it isn't specified. So,
+  if no build target has been defined we will target WinXP when building
+  curl/libcurl with MSVC 9.0 (VS2008).
+
+- (http://curl.haxx.se/mail/archive-2007-12/0039.html) reported and fixed
+  a file truncation problem on Windows build targets triggered when retrying
+  a download with curl.
+
+Daniel S (17 Dec 2007)
+- Mateusz Loskot pointed out that MSVC 9.0 (VS2008) has the pollfd struct and
+  defines in winsock2.h somehow differently than previous versions and that
+  curl 7.17.1 would fail to compile out of the box.
+
+Daniel S (13 Dec 2007)
+- David Wright filed bug report #1849764
+  (http://curl.haxx.se/bug/view.cgi?id=1849764) with an included fix. He
+  identified a problem for re-used connections that previously had sent
+  Expect: 100-continue and in some situations the subsequent POST (that didn't
+  use Expect:) still had the internal flag set for its use. David's fix (that
+  makes the setting of the flag in every single request unconditionally) is
+  fine and is now used!
+
+Daniel S (12 Dec 2007)
+- Gilles Blanc made the curl tool enable SO_KEEPALIVE for the connections and
+  added the --no-keep-alive option that can disable that on demand.
+
+Daniel S (9 Dec 2007)
+- Andrew Moise filed bug report #1847501
+  (http://curl.haxx.se/bug/view.cgi?id=1847501) and pointed out a memcpy()
+  that should be memmove() in the convert_lineends() function.
+
+Daniel S (8 Dec 2007)
+- Renamed all internal static functions that had Curl_ prefixes to no longer
+  have them. The Curl_ prefix is exclusively used for library internal global
+  symbols. Static functions can be named anything, except for using Curl_ or
+  curl_ prefixes. This is for consistency and for easier maintainance and
+  overview.
+
+- Cleaned up and reformatted the TODO document to look like the FAQ and
+  CONTRIBUTE, which makes nicer web pages
+
+- Added test cases 549 and 550 that test CURLOPT_PROXY_TRANSFER_MODE.
+
+- Added keywords on a bunch of test cases
+
+- Fixed an OOM problem in the curl code that would lead to fclose on a bad
+  handle and crash
+
+Daniel S (5 Dec 2007)
+- Spacen Jasset reported a problem with doing POST (with data read with a
+  callback) over a proxy when NTLM is used as auth with the proxy. The bug
+  also concerned Digest and was limited to using callback only. Spacen worked
+  with us to provide a useful patch. I added the test case 547 and 548 to
+  verify two variations of POST over proxy with NTLM.
+
+Daniel S (3 Dec 2007)
+- Ray Pekowski filed bug report #1842029
+  (http://curl.haxx.se/bug/view.cgi?id=1842029) in which he identified a
+  problem with SSL session caching that prevent it from working, and provided
+  the associated fix!
+
+- Now libcurl (built with OpenSSL) doesn't return error anymore if the remote
+  SSL-based server doesn't present a certificate when the request is told to
+  ignore certificate verification anyway.
+
+- Michal Marek introduced CURLOPT_PROXY_TRANSFER_MODE which is used to control
+  the appending of the "type=" thing on FTP URLs when they are passed to a
+  HTTP proxy. Some proxies just don't like that appending (which is done
+  unconditionally in 7.17.1), and some proxies treat binary/ascii transfers
+  better with the appending done!
+
+Daniel S (29 Nov 2007)
+- A bug report on the curl-library list showed a HTTP Digest session going on
+  with a 700+ letter nonce. Previously libcurl only support 127 letter ones
+  and now I bumped it to 1023.
+
+- Fixed the resumed FTP upload loop to not require that the read callback
+  returns a full buffer on each invoke.
+
+Daniel S (25 Nov 2007)
+- Added test case 1015 that tests --data-urlencode in multiple ways
+
+- Fixed --data-urlencode for when no @ or = are used
+
+- Extended the user-agent buffer curl uses, since we can hit the 128 byte
+  border with plenty development libraries used. Like my current set: "curl
+  7.17.2-CVS (i686-pc-linux-gnu) libcurl/7.17.2-CVS OpenSSL/0.9.8g
+  zlib/1.2.3.3 c-ares/1.5.2-CVS libidn/1.1 libssh2/0.19.0-CVS"
+
+Daniel S (24 Nov 2007)
+- Internal rearrangements, so that the previous struct HandleData is no more.
+  It is now known as SingleRequest and the Curl_transfer_keeper struct within
+  that was remove entirely. This has the upside that there are less duplicate
+  struct members that made it hard to see and remember what struct that was
+  used to store what data. The transfer_keeper thing was once stored on a
+  per-connection basis and then it made sense to have the duplicate info but
+  since it was moved to the SessionHandle (in 7.16.0) it just added weirdness.
+  The SingleRequest struct is used by data that only is valid for this single
+  request.
+
+Yang Tse (22 Nov 2007)
+- Provide a socklen_t definition in curl.h for Win32 API build targets
+  which don't have one.
+
+Daniel S (22 Nov 2007)
+- Alessandro Vesely helped me improve the --data-urlencode's syntax, parser
+  and documentation.
+
+Daniel S (21 Nov 2007)
+- While inspecting the Negotiate code, I noticed how the proxy auth was using
+  the same state struct as the host auth, so both could never be used at the
+  same time! I fixed it (without being able to check) to use two separate
+  structs to allow authentication using Negotiate on host and proxy
+  simultaneously.
+
+Daniel S (20 Nov 2007)
+- Emil Romanus pointed out a bug that made an easy handle get the cookie
+  engine activated when set to use a share (even if the share doesn't share
+  cookies). I fixed it.
+
+- Fixed a very long-lasting mprintf() bug that occurred when we did "%.*s%s",
+  since the second %s would then wrongly used the numerical precision argument
+  instead and crash.
+
+- Introduced --data-urlencode to the curl tool for easier url encoding of the
+  data sent in a post.
+
+Daniel S (18 Nov 2007)
+- Rob Crittenden fixed SSL connections with NSS done with the multi-interface
+
+Daniel S (17 Nov 2007)
+- Michal Marek made the test suite remember what test servers that fail to
+  start so that subsequent tries are simply skipped.
+
+- Andres Garcia made the examples build fine on Windows (mingw + msys) when
+  the lib was built staticly.
+
+Daniel S (16 Nov 2007)
+- Ates Goral identified a problem in http.c:add_buffer_send() when a debug
+  callback was used, as it could wrongly pass on a bad size for the outgoing
+  HTTP header. The bad size would be a very large value as it was a wrapped
+  size_t content. This happened when the whole HTTP request failed to get sent
+  in one single send.  http://curl.haxx.se/mail/lib-2007-11/0165.html
+
+Daniel S (15 Nov 2007)
+- Fixed yet another remaining problem with doing SFTP directory listings on a
+  re-used persistent connection. Mentioned by Immanuel Gregoire on the mailing
+  list.
+
+- Michal Marek fixed the test suite to better deal with the case when the HTTP
+  ipv6 server can't run.
+
+Yang Tse (14 Nov 2007)
+- Fix a variable potential wrapping in add_buffer() when using absolutely
+  huge send buffer sizes.
+
+Daniel S (13 Nov 2007)
+- Fixed a remaining problem with doing SFTP directory listings on a re-used
+  persistent connection. Mentioned by Immanuel Gregoire on the mailing list.
+
+Daniel S (12 Nov 2007)
+- Bug report #1830637 (http://curl.haxx.se/bug/view.cgi?id=1830637), which was
+  forwarded from the Gentoo bug tracker by Daniel Black and was originally
+  submitted by Robin Johnson, pointed out that libcurl would do bad memory
+  references when it failed and bailed out before the handler thing was
+  setup. My fix is not done like the provided patch does it, but instead I
+  make sure that there's never any chance for a NULL pointer in that struct
+  member.
+
+Yang Tse (10 Nov 2007)
+- Vikram Saxena (http://curl.haxx.se/mail/lib-2007-11/0096.html) pointed out
+  that the pollfd struct was being multi defined when using VS2008. This is
+  now fixed in /curl/lib/select.h
+
+Daniel S (8 Nov 2007)
+- Bug report #1823487 (http://curl.haxx.se/bug/view.cgi?id=1823487) pointed
+  out that SFTP requests didn't use persistent connections. Neither did SCP
+  ones.  I gave the SSH code a good beating and now both SCP and SFTP should
+  use persistent connections fine. I also did a bunch of indent changes as
+  well as a bug fix for the "keyboard interactive" auth.
+
+Dan F (6 Nov 2007)
+- Improved telnet support by drastically reducing the number of write
+  callbacks needed to pass a buffer to the user.  Instead one per byte it
+  is now as little as one per segment.
+
+Yang Tse (6 Nov 2007)
+- Bug report #1824894 (http://curl.haxx.se/bug/view.cgi?id=1824894) pointed
+  out a problem in curl.h when building C++ apps with MSVC. To fix it, the
+  inclusion of header files in curl.h is moved outside of the C++ extern "C"
+  linkage block.
+
+Daniel S (1 Nov 2007)
+- Toby Peterson patched a memory problem in the command line tool that
+  happened when a user had a home dir as an empty string. curl would then do
+  free() on a wrong area.
+
+Dan F (1 Nov 2007)
+- Fixed curl-config --features to not display libz when it wasn't used
+  due to a missing header file.
+
+Dan F (31 October 2007)
+- Fixed the output of curl-config --protocols which showed SCP and SFTP
+  always, except when --without-libssh2 was given
+
+- Added test cases 1013 and 1014 to check that curl-config --protocols and
+  curl-config --features matches the output of curl --version
+
+Dan F (30 October 2007)
+- Fixed an OOM problem with file: URLs
+
+- Moved Curl_file_connect into the protocol handler struct
+
+Dan F (29 October 2007)
+- Added test case 546 to check that subsequent FTP transfers work after a
+  failed one using the multi interface
+
+Daniel S (29 October 2007)
+- Based on one of those bug reports that are intercepted by a distro's bug
+  tracker (https://bugzilla.redhat.com/show_bug.cgi?id=316191), I now made
+  curl-config --features and --protocols show the correct output when built
+  with NSS.
+
 Version 7.17.1 (29 October 2007)
 
 Dan F (25 October 2007)

CHANGES.0

@@ -10864,7 +10864,7 @@ Version 6.2
    the configure script to leave SSL alone. The previous functionality has
    been retained. Troy Engel helped test this new one.
 
-Version 6.1
+Version 6.1 (October 17 1999)
 
  Daniel (17 October 1999):
  - I ifdef'ed or commented all the zlib stuff in the sources and configure
@@ -10939,7 +10939,7 @@ Version 6.1beta
  - Made the -F option allow stdin when specifying files. By using '-' instead
    of file name, the data will be read from stdin.
 
-Version 6.0
+Version 6.0 (September 14 1999)
 
  Daniel (13 September 1999)
  - Added -X/--http-request <request> to enable any HTTP command to be sent.
@@ -11201,7 +11201,7 @@ Version 5.9.1
    with form posting where the variable shouldn't have any content, as in curl
    -F "form=" www.site.com. It was now fixed.
 
-Version 5.9
+Version 5.9 (May 22 1999)
 
  Daniel (22 May 1999)
  - I've got a bug report from Aaron Scarisbrick in which he states he has some
@@ -11939,7 +11939,7 @@ Version 4.8.1
    had nothing but header. Appearantly Solaris deals with negative sizes in
    fwrite() calls a lot better than Linux does... =B-]
 
-Version 4.8
+Version 4.8 (Aug 31, 1998)
  Daniel Stenberg
  - Continue FTP file transfer. -c is the switch. Note that you need to
    specify a file name if you wanna resume a download (you can't resume a

COPYING

@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE
 
-Copyright (c) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>.
+Copyright (c) 1996 - 2008, Daniel Stenberg, <daniel@haxx.se>.
 
 All rights reserved.
 

CVS-INFO

@@ -12,8 +12,8 @@ inner sanctum.
 
 Compile and build instructions follow below.
 
-  CHANGES.0     contains ancient changes.
-  CHANGES.$year contains changes for the particular year.
+  CHANGES.0     contains ancient changes
+  CHANGES       contains the most recent changes
 
   Makefile.dist is included as the root Makefile in distribution archives
 
@@ -49,9 +49,8 @@ installed:
 
    If you don't have nroff and perl and you for some reason don't want to
    install them, you can rename the source file src/hugehelp.c.cvs to
-   src/hugehelp.c and avoid having to generate this file. This will of course
-   give you an older version of the file that isn't up-to-date. That file was
-   checked in once and won't be updated very regularly.
+   src/hugehelp.c and avoid having to generate this file. This will give you
+   a stubbed version of the file that doesn't contain actual content.
 
 MAC OS X
 

Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -131,3 +131,7 @@ install-data-hook:
 uninstall-hook:
 	cd include && $(MAKE) uninstall
 	cd docs && $(MAKE) uninstall
+
+ca-bundle: lib/mk-ca-bundle.pl
+	@echo "generate a fresh ca-bundle.crt"
+	@perl $< -b -l -u lib/ca-bundle.crt

Makefile.dist

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -128,6 +128,12 @@ vc:
 	cd ..\src
 	nmake /f Makefile.$(VC)
 
+vc-x64:
+	cd lib
+	MACHINE=x64 nmake /f Makefile.$(VC) cfg=release
+	cd ..\src
+	MACHINE=x64 nmake /f Makefile.$(VC)
+
 vc-zlib:
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib
@@ -251,6 +257,12 @@ linux: all
 linux-ssl: ssl
 
 vc8:
-	echo "generate VC8 makefiles"
-	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" lib/Makefile.vc6 > lib/Makefile.vc8
-	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" src/Makefile.vc6 > src/Makefile.vc8
+	@echo "generate VC8 makefiles"
+	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" lib/Makefile.vc6 > lib/Makefile.vc8
+	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" src/Makefile.vc6 > src/Makefile.vc8
+
+ca-bundle: lib/mk-ca-bundle.pl
+	@echo "generate a fresh ca-bundle.crt"
+	@perl $< -b -l -u lib/ca-bundle.crt
+
+

RELEASE-NOTES

@@ -1,53 +1,59 @@
-Curl and libcurl 7.17.1
+Curl and libcurl 7.18.1
 
- Public curl release number:               102
- Releases counted from the very beginning: 128
- Available command line options:           121
- Available curl_easy_setopt() options:     147
- Number of public functions in libcurl:    55
- Amount of public web site mirrors:        43
- Number of known libcurl bindings:         36
- Number of contributors:                   588
+ Public curl releases:         104
+ Command line options:         126
+ curl_easy_setopt() options:   150
+ Public functions in libcurl:  56
+ Public web site mirrors:      39
+ Known libcurl bindings:       36
+ Contributors:                 621
 
 This release includes the following changes:
  
- o automatically append ";type=<a|i>" when using HTTP proxies for FTP urls
- o improved NSS support
- o added --proxy-negotiate
- o added --post301 and CURLOPT_POST301
- o builds with c-ares 1.5.0
- o added CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5
- o renamed CURLE_SSL_PEER_CERTIFICATE to CURLE_PEER_FAILED_VERIFICATION
- o added CURLOPT_OPENSOCKETFUNCTION and CURLOPT_OPENSOCKETDATA
- o CULROPT_COOKIELIST supports "FLUSH"
- o added CURLOPT_COPYPOSTFIELDS
- o added --static-libs to curl-config
+ o added support for HttpOnly cookies
+ o 'make ca-bundle' downloads and generates an updated ca bundle file
+ o we no longer distribute or install a ca cert bundle
+ o SSLv2 is now disabled by default for SSL operations
+ o the test509-style setting URL in callback is officially no longer supported
+ o support a full chain of certificates in a given PKCS12 certificate
+ o resumed transfers work with SFTP
+ o added type checking macros for curl_easy_setopt() and curl_easy_getinfo(),
+   watch out for new warnings in code using libcurl (needs gcc-4.3 and
+   currently only works in C mode)
+ o curl_easy_setopt(), curl_easy_getinfo(), curl_share_setopt() and
+   curl_multi_setopt() uses are now checked to use exactly three arguments
+ o --with-ca-path=DIR configure option allows to set an openSSL CApath instead
+   of a default ca bundle.
 
 This release includes the following bugfixes:
 
- o curl-config --protocols now properly reports LDAPS, SCP and SFTP
- o ldapv3 support on Windows
- o ldap builds with the MSVC makefiles
- o no HOME and no key given caused SSH auth failure
- o Negotiate authentication over proxy
- o --ftp-method nocwd on directory listings
- o FTP, CURLOPT_NOBODY enabled and CURLOPT_HEADER disabled now does TYPE
-   before SIZE
- o re-used handle transfers with SFTP
- o curl_easy_escape() problem with byte values >= 128
- o handles chunked-encoded CONNECT responses
- o misuse of ares_timeout() result
- o --local-port on TFTP transfers
- o CURLOPT_POSTFIELDS could fail to send binary data
- o specifying a proxy with a trailing slash didn't work (unless it also
-   contained a port number)
- o redirect from HTTP to FTP or TFTP memory problems and leaks
- o re-used connections a bit too much when using non-SSL protocols tunneled
-   over a HTTP proxy
- o embed the manifest in VC8 builds
- o use valgrind in the tests even when the lib is built shared with libtool
- o libcurl built with NSS can now ignore the peer verification even when the
-   ca cert bundle is absent
+ o improved pipelining
+ o improved strdup replacement
+ o GnuTLS-built libcurl failed when doing global cleanup and reinit
+ o error message problem when unable to resolve a host on Windows
+ o Accept: header replacing
+ o not verifying server certs with GnuTLS still failed if gnutls had
+   problems with the cert
+ o when using the multi interface and a handle is removed while still having
+   a transfer going on, the connection is now closed by force
+ o bad re-use of SSL connections in non-complete state
+ o test case 405 failures with GnuTLS builds
+ o crash when connection cache size is 1 and Curl_do() failed
+ o GnuTLS-built libcurl can now be forced to prefer SSLv3
+ o crash when doing Negotiate again on a re-used connection
+ o select/poll regression
+ o better MIT kerberos configure check
+ o curl_easy_reset() + SFTP re-used connection download crash
+ o SFTP non-existing file + SFTP existing file error
+ o sharing DNS cache between easy handles running in multiple threads could
+   lead to crash
+ o SFTP upload with CURLOPT_FTP_CREATE_MISSING_DIRS on re-used connection
+ o SFTP infinite loop when given an invalid quote command
+ o curl-config erroneously reported LDAPS support with missing LDAP libraries
+ o SCP infinite loop when downloading a zero byte file
+ o setting the CURLOPT_SSL_CTX_FUNCTION with libcurl built without OpenSSL
+   now makes curl_easy_setopt() properly return failure
+ o configure --with-libssh2 (with no given path)
 
 This release includes the following known bugs:
 
@@ -59,14 +65,15 @@ Other curl-related news:
 
 New curl mirrors:
 
- o http://curl.wetzlmayr.at/ is a new web mirror in Nuremberg, Germany
+ o http://curl.cuendet.com/ is a new mirror in Atlanta, USA
 
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Dan Fandrich, Michal Marek, G<>nter Knauf, Rob Crittenden, Immanuel Gregoire,
- Mark Davies, Max Katsev, Philip Langdale, Alex Fishman, Johnny Luong,
- Alexey Pesternikov, Yang Tse, Kim Rinnewitz, Michael Wallner,
- Patrick Monnerat, Vladimir Lazarenko
+ Michal Marek, Dmitry Kurochkin, Niklas Angebrand, G<>nter Knauf, Yang Tse,
+ Dan Fandrich, Mike Hommey, Pooyan McSporran, Jerome Muffat-Meridol,
+ Kaspar Brand, Gautam Kachroo, Zmey Petroff, Georg Lippitsch, Sam Listopad,
+ Anatoli Tubman, Mike Protts, Michael Calmer, Brian Ulm, Dmitry Popov,
+ Jes Badwal, Dan Petitt, Stephen Collyer
 
         Thanks! (and sorry if I forgot to mention someone)

TODO-RELEASE

@@ -1,4 +1,17 @@
-To be addressed before 7.17.1 (planned release: late October 2007)
+To be addressed before 7.18.2 (planned release: June 2008)
 =============================
 
-106 - 
+128 - Phil Blundell's ares and ipv6 fix (feedback lacking)
+
+129 - Pierre Reiss' libcurl + https + multi = lost information (awaiting
+     better example/clarification on how to figure out when the claimed
+     problem occurs)
+
+130 - Vincent Le Normand's SFTP patch for touch
+
+131 - Scott Barrett's Support for CURLOPT_NOBODY with SFTP
+
+132 - Xponaut's CURLFORM_STREAM option to curl_formadd()
+
+133 - 
+

acinclude.m4

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -2491,3 +2491,106 @@ AC_DEFUN([CURL_CHECK_NATIVE_WINDOWS], [
   esac
 ])
 
+
+dnl CURL_CHECK_CA_BUNDLE
+dnl -------------------------------------------------
+dnl Check if a default ca-bundle should be used
+dnl
+dnl regarding the paths this will scan:
+dnl /etc/ssl/certs/ca-certificates.crt Debian systems
+dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva
+dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat
+dnl /etc/ssl/certs/ (ca path) SUSE
+
+AC_DEFUN([CURL_CHECK_CA_BUNDLE], [
+
+  AC_MSG_CHECKING([default CA cert bundle/path])
+
+  AC_ARG_WITH(ca-bundle,
+AC_HELP_STRING([--with-ca-bundle=FILE], [File name to use as CA bundle])
+AC_HELP_STRING([--without-ca-bundle], [Don't use a default CA bundle]),
+  [
+    want_ca="$withval"
+    if test "x$want_ca" = "xyes"; then
+      AC_MSG_ERROR([--with-ca-bundle=FILE requires a path to the CA bundle])
+    fi
+  ],
+  [ want_ca="unset" ])
+  AC_ARG_WITH(ca-path,
+AC_HELP_STRING([--with-ca-path=DIRECTORY], [Directory to use as CA path])
+AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
+  [
+    want_capath="$withval"
+    if test "x$want_capath" = "xyes"; then
+      AC_MSG_ERROR([--with-ca-path=DIRECTORY requires a path to the CA path directory])
+    fi
+  ],
+  [ want_capath="unset"])
+
+  if test "x$want_ca" != "xno" -a "x$want_ca" != "xunset" -a \
+          "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
+    dnl both given
+    AC_MSG_ERROR([Can't specify both --with-ca-bundle and --with-ca-path.])
+  elif test "x$want_ca" != "xno" -a "x$want_ca" != "xunset"; then
+    dnl --with-ca-bundle given
+    ca="$want_ca"
+    capath="no"
+  elif test "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
+    dnl --with-ca-path given
+    if test "x$OPENSSL_ENABLED" != "x1"; then
+      AC_MSG_ERROR([--with-ca-path only works with openSSL])
+    fi
+    capath="$want_capath"
+    ca="no"
+  else
+    dnl neither of --with-ca-* given
+    dnl first try autodetecting a CA bundle , then a CA path
+    dnl both autodetections can be skipped by --without-ca-*
+    ca="no"
+    capath="no"
+    if test "x$want_ca" = "xunset"; then
+      dnl the path we previously would have installed the curl ca bundle
+      dnl to, and thus we now check for an already existing cert in that place
+      dnl in case we find no other
+      if test "x$prefix" != xNONE; then
+        cac="${prefix}/share/curl/curl-ca-bundle.crt"
+      else
+        cac="$ac_default_prefix/share/curl/curl-ca-bundle.crt"
+      fi
+
+      for a in /etc/ssl/certs/ca-certificates.crt \
+               /etc/pki/tls/certs/ca-bundle.crt \
+               /usr/share/ssl/certs/ca-bundle.crt \
+               "$cac"; do
+        if test -f "$a"; then
+          ca="$a"
+          break
+        fi
+      done
+    fi
+    if test "x$want_capath" = "xunset" -a "x$ca" = "xno" -a \
+            "x$OPENSSL_ENABLED" = "x1"; then
+      for a in /etc/ssl/certs/; do
+        if test -d "$a" && ls "$a"/[[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]].0 >/dev/null 2>/dev/null; then
+          capath="$a"
+          break
+        fi
+      done
+    fi
+  fi
+        
+    
+
+  if test "x$ca" != "xno"; then
+    CURL_CA_BUNDLE='"'$ca'"'
+    AC_SUBST(CURL_CA_BUNDLE)
+    AC_MSG_RESULT([$ca])
+  elif test "x$capath" != "xno"; then
+    CURL_CA_PATH="\"$capath\""
+    AC_SUBST(CURL_CA_PATH)
+    AC_MSG_RESULT([$capath (capath)])
+  else
+    AC_MSG_RESULT([no])
+  fi
+])
+

ares/CHANGES

@@ -1,5 +1,28 @@
   Changelog for the c-ares project
 
+* December 11 2007 (Gisle Vanem)
+
+- Added another sample application; acountry.c which converts an
+  IPv4-address(es) and/or host-name(s) to country-name and country-code.
+  This uses the service of the DNSBL at countries.nerd.dk.
+
+* December 3 2007 (Daniel Stenberg)
+
+- Brad Spencer fixed the configure script to assume that there's no
+  /dev/urandom when built cross-compiled as then the script cannot check for
+  it.
+
+- Erik Kline cleaned up ares_gethostbyaddr.c:next_lookup() somewhat
+
+Version 1.5.1 (Nov 21, 2007)
+
+* November 21 2007 (Daniel Stenberg)
+
+- Robin Cornelius pointed out that ares_llist.h was missing in the release
+  archive for 1.5.0
+
+Version 1.5.0 (Nov 21, 2007)
+
 * October 2 2007 (Daniel Stenberg)
 
 - ares_strerror() segfaulted if the input error number was out of the currently

ares/Makefile.am

@@ -8,11 +8,22 @@ MSVCFILES = vc/adig/adig.dep vc/adig/adig.dsp vc/vc.dsw vc/ahost/ahost.dep \
  vc/ahost/ahost.dsp vc/areslib/areslib.dep vc/areslib/areslib.dsp	   \
  vc/areslib/areslib.dsw
 
+if DEBUGBUILD
+PROGS =
+else
+PROGS = ahost adig acountry
+endif
+
+noinst_PROGRAMS =$(PROGS)
+
 # adig and ahost are just sample programs and thus not mentioned with the
 # regular sources and headers
-EXTRA_DIST = CHANGES README.cares Makefile.inc adig.c ahost.c $(man_MANS) \
- $(MSVCFILES) AUTHORS config-win32.h RELEASE-NOTES libcares.pc.in
+EXTRA_DIST = AUTHORS CHANGES README.cares Makefile.inc Makefile.dj \
+ Makefile.m32 Makefile.netware Makefile.vc6 adig.c ahost.c $(man_MANS) \
+ $(MSVCFILES) config-win32.h RELEASE-NOTES libcares.pc.in
 
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = libcares.pc
 
 VER=-version-info 2:0:0
 # This flag accepts an argument of the form current[:revision[:age]]. So,
@@ -61,6 +72,15 @@ libcares_ladir = $(includedir)
 # what headers to install on 'make install':
 libcares_la_HEADERS = ares.h ares_version.h ares_dns.h
 
+ahost_SOURCES = ahost.c ares_getopt.c
+ahost_LDADD = $(top_builddir)/$(lib_LTLIBRARIES)
+
+adig_SOURCES = adig.c ares_getopt.c
+adig_LDADD = $(top_builddir)/$(lib_LTLIBRARIES)
+
+acountry_SOURCES = acountry.c ares_getopt.c
+acountry_LDADD = $(top_builddir)/$(lib_LTLIBRARIES)
+
 # Make files named *.dist replace the file without .dist extension
 dist-hook:
 	find $(distdir) -name "*.dist" -exec rm {} \;

ares/Makefile.dj

@@ -22,7 +22,7 @@ CFLAGS += -DWATT32 -DHAVE_AF_INET6 -DHAVE_PF_INET6 -DHAVE_FIONBIO \
           -DRECV_TYPE_ARG1='int'   -DRECV_TYPE_ARG2='void*' \
           -DRECV_TYPE_ARG3='int'   -DRECV_TYPE_ARG4='int' \
           -DRECV_TYPE_RETV='int'   -DHAVE_STRUCT_TIMEVAL \
-          -Dselect=select_s        -UHAVE_CONFIG_H
+          -Dselect=select_s        -Dsocklen_t=int -UHAVE_CONFIG_H
 
 LDFLAGS = -s
 
@@ -49,7 +49,7 @@ EX_LIBS += $(WATT32_ROOT)/lib/libwatt.a
 
 OBJECTS = $(addprefix $(OBJ_DIR)/, $(CSOURCES:.c=.o))
 
-all: $(OBJ_DIR) libcares.a ahost.exe adig.exe
+all: $(OBJ_DIR) libcares.a ahost.exe adig.exe acountry.exe
 	@echo Welcome to c-ares.
 
 libcares.a: $(OBJECTS)
@@ -61,11 +61,14 @@ ahost.exe: ahost.c $(OBJ_DIR)/ares_getopt.o $(OBJ_HACK)
 adig.exe: adig.c $(OBJ_DIR)/ares_getopt.o $(OBJ_HACK)
 	$(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^ $(EX_LIBS)
 
+acountry.exe: acountry.c $(OBJ_DIR)/ares_getopt.o $(OBJ_HACK)
+	$(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^ $(EX_LIBS)
+
 clean:
 	rm -f $(OBJECTS) libcares.a
 
 vclean realclean: clean
-	rm -f ahost.exe adig.exe depend.dj
+	rm -f ahost.exe adig.exe acountry.exe depend.dj
 	- rmdir $(OBJ_DIR)
 
 -include depend.dj

ares/Makefile.inc

@@ -10,7 +10,7 @@ ares_parse_ns_reply.c ares_llist.c
 
 HHEADERS = ares.h ares_private.h setup.h ares_dns.h ares_version.h          \
            nameser.h inet_net_pton.h inet_ntop.h ares_ipv6.h bitncmp.h      \
-           setup_once.h 
+           setup_once.h ares_llist.h
 
 MANPAGES= ares_destroy.3 ares_expand_name.3 ares_expand_string.3 ares_fds.3 \
  ares_free_hostent.3 ares_free_string.3 ares_gethostbyaddr.3		    \

ares/Makefile.m32

@@ -32,7 +32,7 @@ $(LIB): $(OBJLIB)
 
 all: $(LIB) demos
 
-demos: adig.exe ahost.exe
+demos: adig.exe ahost.exe acountry.exe
 
 tags:
 	etags *.[ch]
@@ -61,7 +61,7 @@ install:
 	done)
 
 clean:
-	$(RM) ares_getopt.o $(OBJLIB) $(LIB) adig.exe ahost.exe
+	$(RM) ares_getopt.o $(OBJLIB) $(LIB) adig.exe ahost.exe acountry.exe
 
 distclean: clean
 	$(RM) config.cache config.log config.status Makefile

ares/Makefile.netware

@@ -14,14 +14,14 @@ NDKBASE	= c:/novell
 endif
 
 ifndef INSTDIR
-INSTDIR	= ../curl-$(LIBCURL_VERSION_STR)-bin-nw
+INSTDIR	= ../ares-$(LIBCARES_VERSION_STR)-bin-nw
 endif
 
 # Edit the vars below to change NLM target settings.
-TARGETS = adig.nlm ahost.nlm
+TARGETS = adig.nlm ahost.nlm acountry.nlm
 LTARGET = libcares.$(LIBEXT)
 VERSION	= $(LIBCARES_VERSION)
-COPYR	= Copyright (C) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>
+COPYR	= Copyright (C) 1996 - 2008, Daniel Stenberg, <daniel@haxx.se>
 DESCR	= cURL $(subst .def,,$(notdir $@)) $(LIBCARES_VERSION_STR) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
@@ -63,14 +63,15 @@ else
 	CC = gcc
 endif
 # a native win32 awk can be downloaded from here:
-# http://www.gknw.net/development/prgtools/awk-20050424.zip
+# http://www.gknw.net/development/prgtools/awk-20070501.zip
 AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
+MKDIR	= mkdir
 # RM	= rm -f
 # if you want to mark the target as MTSAFE you will need a tool for
 # generating the xdc data for the linker; here's a minimal tool:
-# http://www.gknw.com/development/prgtools/mkxdc.zip
+# http://www.gknw.net/development/prgtools/mkxdc.zip
 MPKXDC	= mkxdc
 
 # Global flags for all compilers
@@ -161,10 +162,6 @@ nlm: prebuild $(TARGETS)
 
 prebuild: $(OBJDIR) $(OBJDIR)/version.inc config.h arpa/nameser.h
 
-dist: all
-	-$(RM) $(OBJLIB) $(OBJDIR)/*.map $(OBJDIR)/*.ncv
-	-$(RM) $(OBJDIR)/*.def $(OBJDIR)/*.xdc $(OBJDIR)/version.inc
-
 install: $(INSTDIR) all
 	@$(CP) *.nlm $(INSTDIR)
 	@$(CP) ../CHANGES $(INSTDIR)
@@ -190,11 +187,8 @@ endif
 	@-$(RM) $@
 	@$(LD) $(LDFLAGS) $<
 
-$(INSTDIR):
-	@mkdir $(INSTDIR)
-
-$(OBJDIR):
-	@mkdir $(OBJDIR)
+$(OBJDIR) $(INSTDIR):
+	@$(MKDIR) $@
 
 $(OBJDIR)/%.o: %.c
 #	@echo Compiling $<
@@ -202,7 +196,7 @@ $(OBJDIR)/%.o: %.c
 
 $(OBJDIR)/version.inc: ares_version.h $(OBJDIR)
 	@echo Creating $@
-	@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
+	@$(AWK) -f get_ver.awk $< > $@
 
 $(OBJDIR)/%.xdc: Makefile.netware
 	@echo Creating $@
@@ -269,8 +263,9 @@ ifdef IMPORTS
 	@echo $(DL)import $(IMPORTS)$(DL) >> $@
 endif
 ifeq ($(LD),nlmconv)
-	@echo $(DL)input $(OBJEXE)$(DL) >> $@
 	@echo $(DL)input $(PRELUDE)$(DL) >> $@
+	@echo $(DL)input $(OBJEXE)$(DL) >> $@
+	@echo $(DL)input $(@:.def=.o)$(DL) >> $@
 	@echo $(DL)output $(notdir $(@:.def=.nlm))$(DL) >> $@
 endif
 
@@ -300,7 +295,6 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
-	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
 	@echo $(DL)#define socklen_t int$(DL) >> $@
 	@echo $(DL)#define strncasecmp strnicmp$(DL) >> $@
 	@echo $(DL)#define strcasecmp stricmp$(DL) >> $@
@@ -338,7 +332,6 @@ else
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
-	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
 endif
 	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_ARPA_NAMESER_H 1$(DL) >> $@

ares/Makefile.vc6

@@ -76,7 +76,7 @@ OBJECTS = $(OBJ_DIR)\ares_fds.obj              \
           $(OBJ_DIR)\inet_net_pton.obj         \
           $(OBJ_DIR)\inet_ntop.obj
 
-all: $(OBJ_DIR) cares.lib cares.dll cares_imp.lib ahost.exe adig.exe
+all: $(OBJ_DIR) cares.lib cares.dll cares_imp.lib ahost.exe adig.exe acountry.exe
        @echo Welcome to c-ares library and examples
 
 $(OBJ_DIR):
@@ -131,6 +131,9 @@ ahost.exe: $(OBJ_DIR) $(OBJ_DIR)\ahost.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.
 adig.exe: $(OBJ_DIR) $(OBJ_DIR)\adig.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib
        link $(LDFLAGS) -out:$@ $(OBJ_DIR)\adig.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib $(EX_LIBS)
 
+acountry.exe: $(OBJ_DIR) $(OBJ_DIR)\acountry.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib
+       link $(LDFLAGS) -out:$@ $(OBJ_DIR)\acountry.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib $(EX_LIBS)
+
 clean:
        - del $(OBJ_DIR)\*.obj *.ilk *.pdb *.pbt *.pbi *.pbo *._xe *.map
 

ares/RELEASE-NOTES

@@ -1,4 +1,4 @@
-This is what's new and changed in the c-ares 1.4.1 release:
+This is what's new and changed in the c-ares 1.5.2 release:
 
  o 
 

ares/acountry.c

@@ -0,0 +1,589 @@
+/*
+ * $Id$
+ *
+ * IP-address/hostname to country converter.
+ *
+ * Problem; you want to know where IP a.b.c.d is located.
+ *
+ * Use ares_gethostbyname ("d.c.b.a.zz.countries.nerd.dk")
+ * and get the CNAME (host->h_name). Result will be:
+ *   CNAME = zz<CC>.countries.nerd.dk with address 127.0.x.y (ver 1) or
+ *   CNAME = <a.b.c.d>.zz.countries.nerd.dk with address 127.0.x.y (ver 2)
+ *
+ * The 2 letter country code in <CC> and the ISO-3166 country
+ * number in x.y (number = x*256 + y). Version 2 of the protocol is missing
+ * the <CC> number.
+ *
+ * Ref: http://countries.nerd.dk/more.html
+ *
+ * Written by G. Vanem <gvanem@broadpark.no> 2006, 2007
+ *
+ * NB! This program may not be big-endian aware.
+ *
+ * Permission to use, copy, modify, and distribute this
+ * software and its documentation for any purpose and without
+ * fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright
+ * notice and this permission notice appear in supporting
+ * documentation, and that the name of M.I.T. not be used in
+ * advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is"
+ * without express or implied warranty.
+ */
+
+#include "setup.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <ctype.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+#if defined(WIN32)
+  #include <winsock.h>
+#else
+  #include <arpa/inet.h>
+  #include <netinet/in.h>
+  #include <netdb.h>
+#endif
+
+#include "ares.h"
+#include "ares_getopt.h"
+#include "inet_net_pton.h"
+#include "inet_ntop.h"
+
+static const char *usage      = "acountry [-vh?] {host|addr} ...\n";
+static const char  nerd_fmt[] = "%u.%u.%u.%u.zz.countries.nerd.dk";
+static const char *nerd_ver1  = nerd_fmt + 14;
+static const char *nerd_ver2  = nerd_fmt + 11;
+static int         verbose    = 0;
+
+#define TRACE(fmt) do {               \
+                     if (verbose > 0) \
+                       printf fmt ;   \
+                   } while (0)
+
+static void wait_ares(ares_channel channel);
+static void callback(void *arg, int status, int timeouts, struct hostent *host);
+static void callback2(void *arg, int status, int timeouts, struct hostent *host);
+static void find_country_from_cname(const char *cname, struct in_addr addr);
+
+static void Abort(const char *fmt, ...)
+{
+  va_list args;
+  va_start(args, fmt);
+  vfprintf(stderr, fmt, args);
+  va_end(args);
+  exit(1);
+}
+
+int main(int argc, char **argv)
+{
+  ares_channel channel;
+  int    ch, status;
+
+#ifdef WIN32
+  WORD wVersionRequested = MAKEWORD(USE_WINSOCK,USE_WINSOCK);
+  WSADATA wsaData;
+  WSAStartup(wVersionRequested, &wsaData);
+#endif
+
+  while ((ch = ares_getopt(argc, argv, "dvh?")) != -1)
+    switch (ch)
+      {
+      case 'd':
+#ifdef WATT32
+        dbug_init();
+#endif
+        break;
+      case 'v':
+        verbose++;
+        break;
+      case 'h':
+      case '?':
+      default:
+        Abort(usage);
+      }
+
+  argc -= optind;
+  argv += optind;
+  if (argc < 1)
+     Abort(usage);
+
+  status = ares_init(&channel);
+  if (status != ARES_SUCCESS)
+    {
+      fprintf(stderr, "ares_init: %s\n", ares_strerror(status));
+      return 1;
+    }
+
+  /* Initiate the queries, one per command-line argument. */
+  for ( ; *argv; argv++)
+    {
+      struct in_addr addr;
+      char buf[100];
+
+      /* If this fails, assume '*argv' is a host-name that
+       * must be resolved first
+       */
+      if (ares_inet_pton(AF_INET, *argv, &addr) != 1)
+        {
+          ares_gethostbyname(channel, *argv, AF_INET, callback2, &addr);
+          wait_ares(channel);
+          if (addr.s_addr == INADDR_NONE)
+            {
+              printf("Failed to lookup %s\n", *argv);
+              continue;
+            }
+        }
+
+      sprintf(buf, nerd_fmt,
+              (unsigned int)(addr.s_addr >> 24),
+              (unsigned int)((addr.s_addr >> 16) & 255),
+              (unsigned int)((addr.s_addr >> 8) & 255),
+              (unsigned int)(addr.s_addr & 255));
+      TRACE(("Looking up %s...", buf));
+      fflush(stdout);
+      ares_gethostbyname(channel, buf, AF_INET, callback, buf);
+    }
+
+  wait_ares(channel);
+  ares_destroy(channel);
+
+#ifdef WIN32
+  WSACleanup();
+#endif
+
+  return 0;
+}
+
+/*
+ * Wait for the queries to complete.
+ */
+static void wait_ares(ares_channel channel)
+{
+  while (1)
+    {
+      struct timeval *tvp, tv;
+      fd_set read_fds, write_fds;
+      int nfds;
+
+      FD_ZERO(&read_fds);
+      FD_ZERO(&write_fds);
+      nfds = ares_fds(channel, &read_fds, &write_fds);
+      if (nfds == 0)
+        break;
+      tvp = ares_timeout(channel, NULL, &tv);
+      select(nfds, &read_fds, &write_fds, NULL, tvp);
+      ares_process(channel, &read_fds, &write_fds);
+    }
+}
+
+/*
+ * This is the callback used when we have the IP-address of interest.
+ * Extract the CNAME and figure out the country-code from it.
+ */
+static void callback(void *arg, int status, int timeouts, struct hostent *host)
+{
+  const char *name = (const char*)arg;
+  const char *cname;
+  char buf[20];
+
+  (void)timeouts;
+
+  if (!host || status != ARES_SUCCESS)
+    {
+      printf("Failed to lookup %s: %s\n", name, ares_strerror(status));
+      return;
+    }
+
+  TRACE(("\nFound address %s, name %s\n",
+         ares_inet_ntop(AF_INET,(const char*)host->h_addr,buf,sizeof(buf)),
+         host->h_name));
+
+  cname = host->h_name;  /* CNAME gets put here */
+  if (!cname)
+    printf("Failed to get CNAME for %s\n", name);
+  else
+    find_country_from_cname(cname, *(struct in_addr*)host->h_addr);
+}
+
+/*
+ * This is the callback used to obtain the IP-address of the host of interest.
+ */
+static void callback2(void *arg, int status, int timeouts, struct hostent *host)
+{
+  struct in_addr *addr = (struct in_addr*) arg;
+
+  (void)timeouts;
+  if (!host || status != ARES_SUCCESS)
+    memset(addr, INADDR_NONE, sizeof(*addr));
+  else
+    memcpy(addr, host->h_addr, sizeof(*addr));
+}
+
+struct search_list {
+       int         country_number; /* ISO-3166 country number */
+       char        short_name[3];  /* A2 short country code */
+       const char *long_name;      /* normal country name */
+     };
+
+const struct search_list *list_lookup(int number, const struct search_list *list, int num)
+{
+  while (num > 0 && list->long_name)
+    {
+      if (list->country_number == number)
+        return (list);
+      num--;
+      list++;
+    }
+  return (NULL);
+}
+
+/*
+ * Ref: ftp://ftp.ripe.net/iso3166-countrycodes.txt
+ */
+static const struct search_list country_list[] = {
+       {   4, "af", "Afghanistan"                          },
+       { 248, "ax", "<EFBFBD>land Island"                         },
+       {   8, "al", "Albania"                              },
+       {  12, "dz", "Algeria"                              },
+       {  16, "as", "American Samoa"                       },
+       {  20, "ad", "Andorra"                              },
+       {  24, "ao", "Angola"                               },
+       { 660, "ai", "Anguilla"                             },
+       {  10, "aq", "Antarctica"                           },
+       {  28, "ag", "Antigua & Barbuda"                    },
+       {  32, "ar", "Argentina"                            },
+       {  51, "am", "Armenia"                              },
+       { 533, "aw", "Aruba"                                },
+       {  36, "au", "Australia"                            },
+       {  40, "at", "Austria"                              },
+       {  31, "az", "Azerbaijan"                           },
+       {  44, "bs", "Bahamas"                              },
+       {  48, "bh", "Bahrain"                              },
+       {  50, "bd", "Bangladesh"                           },
+       {  52, "bb", "Barbados"                             },
+       { 112, "by", "Belarus"                              },
+       {  56, "be", "Belgium"                              },
+       {  84, "bz", "Belize"                               },
+       { 204, "bj", "Benin"                                },
+       {  60, "bm", "Bermuda"                              },
+       {  64, "bt", "Bhutan"                               },
+       {  68, "bo", "Bolivia"                              },
+       {  70, "ba", "Bosnia & Herzegowina"                 },
+       {  72, "bw", "Botswana"                             },
+       {  74, "bv", "Bouvet Island"                        },
+       {  76, "br", "Brazil"                               },
+       {  86, "io", "British Indian Ocean Territory"       },
+       {  96, "bn", "Brunei Darussalam"                    },
+       { 100, "bg", "Bulgaria"                             },
+       { 854, "bf", "Burkina Faso"                         },
+       { 108, "bi", "Burundi"                              },
+       { 116, "kh", "Cambodia"                             },
+       { 120, "cm", "Cameroon"                             },
+       { 124, "ca", "Canada"                               },
+       { 132, "cv", "Cape Verde"                           },
+       { 136, "ky", "Cayman Islands"                       },
+       { 140, "cf", "Central African Republic"             },
+       { 148, "td", "Chad"                                 },
+       { 152, "cl", "Chile"                                },
+       { 156, "cn", "China"                                },
+       { 162, "cx", "Christmas Island"                     },
+       { 166, "cc", "Cocos Islands"                        },
+       { 170, "co", "Colombia"                             },
+       { 174, "km", "Comoros"                              },
+       { 178, "cg", "Congo"                                },
+       { 180, "cd", "Congo"                                },
+       { 184, "ck", "Cook Islands"                         },
+       { 188, "cr", "Costa Rica"                           },
+       { 384, "ci", "Cote d'Ivoire"                        },
+       { 191, "hr", "Croatia"                              },
+       { 192, "cu", "Cuba"                                 },
+       { 196, "cy", "Cyprus"                               },
+       { 203, "cz", "Czech Republic"                       },
+       { 208, "dk", "Denmark"                              },
+       { 262, "dj", "Djibouti"                             },
+       { 212, "dm", "Dominica"                             },
+       { 214, "do", "Dominican Republic"                   },
+       { 218, "ec", "Ecuador"                              },
+       { 818, "eg", "Egypt"                                },
+       { 222, "sv", "El Salvador"                          },
+       { 226, "gq", "Equatorial Guinea"                    },
+       { 232, "er", "Eritrea"                              },
+       { 233, "ee", "Estonia"                              },
+       { 231, "et", "Ethiopia"                             },
+       { 238, "fk", "Falkland Islands"                     },
+       { 234, "fo", "Faroe Islands"                        },
+       { 242, "fj", "Fiji"                                 },
+       { 246, "fi", "Finland"                              },
+       { 250, "fr", "France"                               },
+       { 249, "fx", "France, Metropolitan"                 },
+       { 254, "gf", "French Guiana"                        },
+       { 258, "pf", "French Polynesia"                     },
+       { 260, "tf", "French Southern Territories"          },
+       { 266, "ga", "Gabon"                                },
+       { 270, "gm", "Gambia"                               },
+       { 268, "ge", "Georgia"                              },
+       { 276, "de", "Germany"                              },
+       { 288, "gh", "Ghana"                                },
+       { 292, "gi", "Gibraltar"                            },
+       { 300, "gr", "Greece"                               },
+       { 304, "gl", "Greenland"                            },
+       { 308, "gd", "Grenada"                              },
+       { 312, "gp", "Guadeloupe"                           },
+       { 316, "gu", "Guam"                                 },
+       { 320, "gt", "Guatemala"                            },
+       { 324, "gn", "Guinea"                               },
+       { 624, "gw", "Guinea-Bissau"                        },
+       { 328, "gy", "Guyana"                               },
+       { 332, "ht", "Haiti"                                },
+       { 334, "hm", "Heard & Mc Donald Islands"            },
+       { 336, "va", "Vatican City"                         },
+       { 340, "hn", "Honduras"                             },
+       { 344, "hk", "Hong kong"                            },
+       { 348, "hu", "Hungary"                              },
+       { 352, "is", "Iceland"                              },
+       { 356, "in", "India"                                },
+       { 360, "id", "Indonesia"                            },
+       { 364, "ir", "Iran"                                 },
+       { 368, "iq", "Iraq"                                 },
+       { 372, "ie", "Ireland"                              },
+       { 376, "il", "Israel"                               },
+       { 380, "it", "Italy"                                },
+       { 388, "jm", "Jamaica"                              },
+       { 392, "jp", "Japan"                                },
+       { 400, "jo", "Jordan"                               },
+       { 398, "kz", "Kazakhstan"                           },
+       { 404, "ke", "Kenya"                                },
+       { 296, "ki", "Kiribati"                             },
+       { 408, "kp", "Korea (north)"                        },
+       { 410, "kr", "Korea (south)"                        },
+       { 414, "kw", "Kuwait"                               },
+       { 417, "kg", "Kyrgyzstan"                           },
+       { 418, "la", "Laos"                                 },
+       { 428, "lv", "Latvia"                               },
+       { 422, "lb", "Lebanon"                              },
+       { 426, "ls", "Lesotho"                              },
+       { 430, "lr", "Liberia"                              },
+       { 434, "ly", "Libya"                                },
+       { 438, "li", "Liechtenstein"                        },
+       { 440, "lt", "Lithuania"                            },
+       { 442, "lu", "Luxembourg"                           },
+       { 446, "mo", "Macao"                                },
+       { 807, "mk", "Macedonia"                            },
+       { 450, "mg", "Madagascar"                           },
+       { 454, "mw", "Malawi"                               },
+       { 458, "my", "Malaysia"                             },
+       { 462, "mv", "Maldives"                             },
+       { 466, "ml", "Mali"                                 },
+       { 470, "mt", "Malta"                                },
+       { 584, "mh", "Marshall Islands"                     },
+       { 474, "mq", "Martinique"                           },
+       { 478, "mr", "Mauritania"                           },
+       { 480, "mu", "Mauritius"                            },
+       { 175, "yt", "Mayotte"                              },
+       { 484, "mx", "Mexico"                               },
+       { 583, "fm", "Micronesia"                           },
+       { 498, "md", "Moldova"                              },
+       { 492, "mc", "Monaco"                               },
+       { 496, "mn", "Mongolia"                             },
+       { 500, "ms", "Montserrat"                           },
+       { 504, "ma", "Morocco"                              },
+       { 508, "mz", "Mozambique"                           },
+       { 104, "mm", "Myanmar"                              },
+       { 516, "na", "Namibia"                              },
+       { 520, "nr", "Nauru"                                },
+       { 524, "np", "Nepal"                                },
+       { 528, "nl", "Netherlands"                          },
+       { 530, "an", "Netherlands Antilles"                 },
+       { 540, "nc", "New Caledonia"                        },
+       { 554, "nz", "New Zealand"                          },
+       { 558, "ni", "Nicaragua"                            },
+       { 562, "ne", "Niger"                                },
+       { 566, "ng", "Nigeria"                              },
+       { 570, "nu", "Niue"                                 },
+       { 574, "nf", "Norfolk Island"                       },
+       { 580, "mp", "Northern Mariana Islands"             },
+       { 578, "no", "Norway"                               },
+       { 512, "om", "Oman"                                 },
+       { 586, "pk", "Pakistan"                             },
+       { 585, "pw", "Palau"                                },
+       { 275, "ps", "Palestinian Territory"                },
+       { 591, "pa", "Panama"                               },
+       { 598, "pg", "Papua New Guinea"                     },
+       { 600, "py", "Paraguay"                             },
+       { 604, "pe", "Peru"                                 },
+       { 608, "ph", "Philippines"                          },
+       { 612, "pn", "Pitcairn"                             },
+       { 616, "pl", "Poland"                               },
+       { 620, "pt", "Portugal"                             },
+       { 630, "pr", "Puerto Rico"                          },
+       { 634, "qa", "Qatar"                                },
+       { 638, "re", "Reunion"                              },
+       { 642, "ro", "Romania"                              },
+       { 643, "ru", "Russia"                               },
+       { 646, "rw", "Rwanda"                               },
+       { 659, "kn", "Saint Kitts & Nevis"                  },
+       { 662, "lc", "Saint Lucia"                          },
+       { 670, "vc", "Saint Vincent"                        },
+       { 882, "ws", "Samoa"                                },
+       { 674, "sm", "San Marino"                           },
+       { 678, "st", "Sao Tome & Principe"                  },
+       { 682, "sa", "Saudi Arabia"                         },
+       { 686, "sn", "Senegal"                              },
+       { 891, "cs", "Serbia and Montenegro"                },
+       { 690, "sc", "Seychelles"                           },
+       { 694, "sl", "Sierra Leone"                         },
+       { 702, "sg", "Singapore"                            },
+       { 703, "sk", "Slovakia"                             },
+       { 705, "si", "Slovenia"                             },
+       {  90, "sb", "Solomon Islands"                      },
+       { 706, "so", "Somalia"                              },
+       { 710, "za", "South Africa"                         },
+       { 239, "gs", "South Georgia"                        },
+       { 724, "es", "Spain"                                },
+       { 144, "lk", "Sri Lanka"                            },
+       { 654, "sh", "St. Helena"                           },
+       { 666, "pm", "St. Pierre & Miquelon"                },
+       { 736, "sd", "Sudan"                                },
+       { 740, "sr", "Suriname"                             },
+       { 744, "sj", "Svalbard & Jan Mayen Islands"         },
+       { 748, "sz", "Swaziland"                            },
+       { 752, "se", "Sweden"                               },
+       { 756, "ch", "Switzerland"                          },
+       { 760, "sy", "Syrian Arab Republic"                 },
+       { 626, "tl", "Timor-Leste"                          },
+       { 158, "tw", "Taiwan"                               },
+       { 762, "tj", "Tajikistan"                           },
+       { 834, "tz", "Tanzania"                             },
+       { 764, "th", "Thailand"                             },
+       { 768, "tg", "Togo"                                 },
+       { 772, "tk", "Tokelau"                              },
+       { 776, "to", "Tonga"                                },
+       { 780, "tt", "Trinidad & Tobago"                    },
+       { 788, "tn", "Tunisia"                              },
+       { 792, "tr", "Turkey"                               },
+       { 795, "tm", "Turkmenistan"                         },
+       { 796, "tc", "Turks & Caicos Islands"               },
+       { 798, "tv", "Tuvalu"                               },
+       { 800, "ug", "Uganda"                               },
+       { 804, "ua", "Ukraine"                              },
+       { 784, "ae", "United Arab Emirates"                 },
+       { 826, "gb", "United Kingdom"                       },
+       { 840, "us", "United States"                        },
+       { 581, "um", "United States Minor Outlying Islands" },
+       { 858, "uy", "Uruguay"                              },
+       { 860, "uz", "Uzbekistan"                           },
+       { 548, "vu", "Vanuatu"                              },
+       { 862, "ve", "Venezuela"                            },
+       { 704, "vn", "Vietnam"                              },
+       {  92, "vg", "Virgin Islands (British)"             },
+       { 850, "vi", "Virgin Islands (US)"                  },
+       { 876, "wf", "Wallis & Futuna Islands"              },
+       { 732, "eh", "Western Sahara"                       },
+       { 887, "ye", "Yemen"                                },
+       { 894, "zm", "Zambia"                               },
+       { 716, "zw", "Zimbabwe"                             }
+     };
+
+/*
+ * Check if start of 'str' is simply an IPv4 address.
+ */
+#define BYTE_OK(x) ((x) >= 0 && (x) <= 255)
+
+static int is_addr(char *str, char **end)
+{
+  int a0, a1, a2, a3, num, rc = 0, length = 0;
+
+  if ((num = sscanf(str,"%3d.%3d.%3d.%3d%n",&a0,&a1,&a2,&a3,&length)) == 4 &&
+      BYTE_OK(a0) && BYTE_OK(a1) && BYTE_OK(a2) && BYTE_OK(a3) &&
+      length >= (3+4))
+    {
+      rc = 1;
+      *end = str + length;
+    }
+  return rc;
+}
+
+/*
+ * Find the country-code and name from the CNAME. E.g.:
+ *   version 1: CNAME = zzno.countries.nerd.dk with address 127.0.2.66
+ *              yields ccode_A" = "no" and cnumber 578 (2.66).
+ *   version 2: CNAME = <a.b.c.d>.zz.countries.nerd.dk with address 127.0.2.66
+ *              yields cnumber 578 (2.66). ccode_A is "";
+ */
+static void find_country_from_cname(const char *cname, struct in_addr addr)
+{
+  const struct search_list *country;
+  char  ccode_A2[3], *ccopy, *dot_4;
+  int   cnumber, z0, z1, ver_1, ver_2;
+  u_long ip;
+
+  ip = ntohl(addr.s_addr);
+  z0 = tolower(cname[0]);
+  z1 = tolower(cname[1]);
+  ccopy = strdup(cname);
+
+  ver_1 = (z0 == 'z' && z1 == 'z' && !strcasecmp(cname+4,nerd_ver1));
+  ver_2 = (is_addr(ccopy,&dot_4) && !strcasecmp(dot_4,nerd_ver2));
+
+  if (ver_1)
+    {
+      const char *dot = strchr(cname, '.');
+      if ((z0 != 'z' && z1 != 'z') || dot != cname+4)
+        {
+          printf("Unexpected CNAME %s (ver_1)\n", cname);
+          return;
+        }
+    }
+  else if (ver_2)
+    {
+      z0 = tolower(dot_4[1]);
+      z1 = tolower(dot_4[2]);
+      if (z0 != 'z' && z1 != 'z')
+        {
+          printf("Unexpected CNAME %s (ver_2)\n", cname);
+          return;
+        }
+    }
+  else
+    {
+      printf("Unexpected CNAME %s (ver?)\n", cname);
+      return;
+    }
+
+  if (ver_1)
+    {
+      ccode_A2[0] = tolower(cname[2]);
+      ccode_A2[1] = tolower(cname[3]);
+      ccode_A2[2] = '\0';
+    }
+  else
+    ccode_A2[0] = '\0';
+
+  cnumber = ip & 0xFFFF;
+
+  TRACE(("Found country-code `%s', number %d\n",
+         ver_1 ? ccode_A2 : "<n/a>", cnumber));
+
+  country = list_lookup(cnumber, country_list,
+                        sizeof(country_list) / sizeof(country_list[0]));
+  if (!country)
+    printf("Name for country-number %d not found.\n", cnumber);
+  else
+    {
+      if (ver_1 && *(unsigned short*)&country->short_name != *(unsigned*)&ccode_A2)
+        printf("short-name mismatch; %s vs %s\n", country->short_name, ccode_A2);
+
+      printf("%s (%s), number %d.\n",
+             country->long_name, country->short_name, cnumber);
+    }
+  free(ccopy);
+}
+

ares/ahost.c

@@ -40,13 +40,6 @@
 #include "inet_net_pton.h"
 #include "ares_getopt.h"
 
-#ifndef HAVE_STRUCT_IN6_ADDR
-struct in6_addr
-{
-  unsigned char s6_addr[16];
-};
-#endif
-
 static void callback(void *arg, int status, int timeouts, struct hostent *host);
 static void usage(void);
 

ares/ares.h

@@ -18,6 +18,14 @@
 #ifndef ARES__H
 #define ARES__H
 
+/*
+ * Define WIN32 when build target is Win32 API
+ */
+
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
+#define WIN32
+#endif
+
 #include <sys/types.h>
 
 #if defined(_AIX) || (defined(NETWARE) && defined(__NOVELL_LIBC__))
@@ -35,8 +43,12 @@
   #include <sys/socket.h>
   #include <tcp.h>
 #elif defined(WIN32)
-  #include <winsock2.h>
+#  ifndef WIN32_LEAN_AND_MEAN
+#    define WIN32_LEAN_AND_MEAN
+#  endif
 #  include <windows.h>
+#  include <winsock2.h>
+#  include <ws2tcpip.h>
 #else
   #include <netinet/in.h>
   #include <sys/socket.h>
@@ -232,10 +244,38 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
                      int alen, char **s, long *enclen);
 int ares_expand_string(const unsigned char *encoded, const unsigned char *abuf,
                      int alen, unsigned char **s, long *enclen);
+
+#if !defined(HAVE_STRUCT_IN6_ADDR) && !defined(s6_addr)
+struct in6_addr {
+  union {
+    unsigned char _S6_u8[16];
+  } _S6_un;
+};
+#define s6_addr _S6_un._S6_u8
+#endif
+
+struct addrttl {
+  struct in_addr ipaddr;
+  int            ttl;
+};
+struct addr6ttl {
+  struct in6_addr ip6addr;
+  int             ttl;
+};
+
+/*
+** Parse the buffer, starting at *abuf and of length alen bytes, previously
+** obtained from an ares_search call.  Put the results in *host, if nonnull.
+** Also, if addrttls is nonnull, put up to *naddrttls IPv4 addresses along with
+** their TTLs in that array, and set *naddrttls to the number of addresses
+** so written.
+*/
 int ares_parse_a_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host);
+                       struct hostent **host,
+                       struct addrttl *addrttls, int *naddrttls);
 int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host);
+                       struct hostent **host,
+                       struct addr6ttl *addrttls, int *naddrttls);
 int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr,
                          int addrlen, int family, struct hostent **host);
 int ares_parse_ns_reply(const unsigned char *abuf, int alen,

ares/ares_gethostbyaddr.c

@@ -58,6 +58,7 @@ static void addr_callback(void *arg, int status, int timeouts,
 static void end_aquery(struct addr_query *aquery, int status,
                        struct hostent *host);
 static int file_lookup(union ares_addr *addr, int family, struct hostent **host);
+static void ptr_rr_name(char *name, int family, union ares_addr *addr);
 
 void ares_gethostbyaddr(ares_channel channel, const void *addr, int addrlen,
                         int family, ares_host_callback callback, void *arg)
@@ -101,48 +102,26 @@ static void next_lookup(struct addr_query *aquery)
 {
   const char *p;
   char name[128];
-  int a1, a2, a3, a4, status;
+  int status;
   struct hostent *host;
-  unsigned long addr;
 
   for (p = aquery->remaining_lookups; *p; p++)
     {
       switch (*p)
         {
         case 'b':
-          if (aquery->family == AF_INET)
-            {
-              addr = ntohl(aquery->addr.addr4.s_addr);
-              a1 = (int)((addr >> 24) & 0xff);
-              a2 = (int)((addr >> 16) & 0xff);
-              a3 = (int)((addr >> 8) & 0xff);
-              a4 = (int)(addr & 0xff);
-              sprintf(name, "%d.%d.%d.%d.in-addr.arpa", a4, a3, a2, a1);
+          ptr_rr_name(name, aquery->family, &aquery->addr);
           aquery->remaining_lookups = p + 1;
           ares_query(aquery->channel, name, C_IN, T_PTR, addr_callback,
                      aquery);
-            }
-          else
-            {
-              unsigned char *bytes;
-              bytes = (unsigned char *)&aquery->addr.addr6.s6_addr;
-              sprintf(name, "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.ip6.arpa",
-                      bytes[15]&0xf, bytes[15] >> 4, bytes[14]&0xf, bytes[14] >> 4,
-                      bytes[13]&0xf, bytes[13] >> 4, bytes[12]&0xf, bytes[12] >> 4,
-                      bytes[11]&0xf, bytes[11] >> 4, bytes[10]&0xf, bytes[10] >> 4,
-                      bytes[9]&0xf, bytes[9] >> 4, bytes[8]&0xf, bytes[8] >> 4,
-                      bytes[7]&0xf, bytes[7] >> 4, bytes[6]&0xf, bytes[6] >> 4,
-                      bytes[5]&0xf, bytes[5] >> 4, bytes[4]&0xf, bytes[4] >> 4,
-                      bytes[3]&0xf, bytes[3] >> 4, bytes[2]&0xf, bytes[2] >> 4,
-                      bytes[1]&0xf, bytes[1] >> 4, bytes[0]&0xf, bytes[0] >> 4);
-              aquery->remaining_lookups = p + 1;
-              ares_query(aquery->channel, name, C_IN, T_PTR, addr_callback,
-                         aquery);
-            }
           return;
         case 'f':
           status = file_lookup(&aquery->addr, aquery->family, &host);
-          if (status != ARES_ENOTFOUND)
+
+          /* this status check below previously checked for !ARES_ENOTFOUND,
+             but we should not assume that this single error code is the one
+             that can occur, as that is in fact no longer the case */
+          if (status == ARES_SUCCESS)
             {
               end_aquery(aquery, status, host);
               return;
@@ -264,3 +243,31 @@ static int file_lookup(union ares_addr *addr, int family, struct hostent **host)
     *host = NULL;
   return status;
 }
+
+static void ptr_rr_name(char *name, int family, union ares_addr *addr)
+{
+  if (family == AF_INET)
+    {
+       unsigned long laddr = ntohl(addr->addr4.s_addr);
+       int a1 = (int)((laddr >> 24) & 0xff);
+       int a2 = (int)((laddr >> 16) & 0xff);
+       int a3 = (int)((laddr >> 8) & 0xff);
+       int a4 = (int)(laddr & 0xff);
+       sprintf(name, "%d.%d.%d.%d.in-addr.arpa", a4, a3, a2, a1);
+    }
+  else
+    {
+       unsigned char *bytes = (unsigned char *)&addr->addr6.s6_addr;
+       sprintf(name,
+                "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x."
+                "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.ip6.arpa",
+                bytes[15]&0xf, bytes[15] >> 4, bytes[14]&0xf, bytes[14] >> 4,
+                bytes[13]&0xf, bytes[13] >> 4, bytes[12]&0xf, bytes[12] >> 4,
+                bytes[11]&0xf, bytes[11] >> 4, bytes[10]&0xf, bytes[10] >> 4,
+                bytes[9]&0xf, bytes[9] >> 4, bytes[8]&0xf, bytes[8] >> 4,
+                bytes[7]&0xf, bytes[7] >> 4, bytes[6]&0xf, bytes[6] >> 4,
+                bytes[5]&0xf, bytes[5] >> 4, bytes[4]&0xf, bytes[4] >> 4,
+                bytes[3]&0xf, bytes[3] >> 4, bytes[2]&0xf, bytes[2] >> 4,
+                bytes[1]&0xf, bytes[1] >> 4, bytes[0]&0xf, bytes[0] >> 4);
+    }
+}

ares/ares_gethostbyname.c

@@ -57,7 +57,7 @@ struct host_query {
   int timeouts;
 };
 
-static void next_lookup(struct host_query *hquery, int status);
+static void next_lookup(struct host_query *hquery, int status_code);
 static void host_callback(void *arg, int status, int timeouts,
                           unsigned char *abuf, int alen);
 static void end_hquery(struct host_query *hquery, int status,
@@ -111,13 +111,14 @@ void ares_gethostbyname(ares_channel channel, const char *name, int family,
   hquery->timeouts = 0;
 
   /* Start performing lookups according to channel->lookups. */
-  next_lookup(hquery, ARES_SUCCESS);
+  next_lookup(hquery, ARES_ECONNREFUSED /* initial error code */);
 }
 
-static void next_lookup(struct host_query *hquery, int status)
+static void next_lookup(struct host_query *hquery, int status_code)
 {
   const char *p;
   struct hostent *host;
+  int status = status_code;
 
   for (p = hquery->remaining_lookups; *p; p++)
     {
@@ -137,11 +138,16 @@ static void next_lookup(struct host_query *hquery, int status)
         case 'f':
           /* Host file lookup */
           status = file_lookup(hquery->name, hquery->family, &host);
-          if (status != ARES_ENOTFOUND)
+
+          /* this status check below previously checked for !ARES_ENOTFOUND,
+             but we should not assume that this single error code is the one
+             that can occur, as that is in fact no longer the case */
+          if (status == ARES_SUCCESS)
             {
               end_hquery(hquery, status, host);
               return;
             }
+          status = status_code;   /* Use original status code */
           break;
         }
     }
@@ -160,13 +166,13 @@ static void host_callback(void *arg, int status, int timeouts,
     {
       if (hquery->family == AF_INET)
         {
-          status = ares_parse_a_reply(abuf, alen, &host);
+          status = ares_parse_a_reply(abuf, alen, &host, NULL, NULL);
           if (host && channel->nsort)
             sort_addresses(host, channel->sortlist, channel->nsort);
         }
       else if (hquery->family == AF_INET6)
         {
-          status = ares_parse_aaaa_reply(abuf, alen, &host);
+          status = ares_parse_aaaa_reply(abuf, alen, &host, NULL, NULL);
           if (host && channel->nsort)
             sort6_addresses(host, channel->sortlist, channel->nsort);
         }

ares/ares_ipv6.h

@@ -1,6 +1,7 @@
 /* $Id$ */
 
-/*
+/* Copyright (C) 2005 by Dominick Meglio
+ *
  * Permission to use, copy, modify, and distribute this
  * software and its documentation for any purpose and without
  * fee is hereby granted, provided that the above copyright
@@ -21,11 +22,13 @@
 #define PF_INET6 AF_INET6
 #endif
 
-#ifndef HAVE_STRUCT_IN6_ADDR
-struct in6_addr
-{
-  unsigned char s6_addr[16];
+#if !defined(HAVE_STRUCT_IN6_ADDR) && !defined(s6_addr)
+struct in6_addr {
+  union {
+    unsigned char _S6_u8[16];
+  } _S6_un;
 };
+#define s6_addr _S6_un._S6_u8
 #endif
 
 #ifndef HAVE_STRUCT_SOCKADDR_IN6

ares/ares_parse_a_reply.3

@@ -22,24 +22,39 @@ ares_parse_a_reply \- Parse a reply to a DNS query of type A into a hostent
 .B #include <ares.h>
 .PP
 .B int ares_parse_a_reply(const unsigned char *\fIabuf\fP, int \fIalen\fP,
-.B 	struct hostent **\fIhost\fP);
+.B 	struct hostent **\fIhost\fP,
+.B      struct addrttl *\fIaddrttls\fB, int *\fInaddrttls\fB);
 .fi
 .SH DESCRIPTION
 The
 .B ares_parse_a_reply
 function parses the response to a query of type A into a
-.BR "struct hostent" .
+.BR "struct hostent"
+and/or an array of
+.BR "struct addrttls" . 
 The parameters
 .I abuf
 and
 .I alen
 give the contents of the response.  The result is stored in allocated
 memory and a pointer to it stored into the variable pointed to by
-.IR host .
+.IR host ,
+if host is nonnull.
 It is the caller's responsibility to free the resulting host structure
 using
 .BR ares_free_hostent (3)
 when it is no longer needed.
+.PP
+If
+.IR addrttls
+and
+.IR naddrttls
+are both nonnull,
+then up to *naddrttls
+.BR "struct addrttl"
+records are stored in the array pointed to by addrttls,
+and then *naddrttls is set to the number of records so stored.
+Note that the memory for these records is supplied by the caller.
 .SH RETURN VALUES
 .B ares_parse_a_reply
 can return any of the following values:

ares/ares_parse_a_reply.c

@@ -32,24 +32,32 @@
 
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 #include "ares.h"
 #include "ares_dns.h"
 #include "ares_private.h"
 
 int ares_parse_a_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host)
+                       struct hostent **host,
+                       struct addrttl *addrttls, int *naddrttls)
 {
   unsigned int qdcount, ancount;
-  int status, i, rr_type, rr_class, rr_len, naddrs;
+  int status, i, rr_type, rr_class, rr_len, rr_ttl, naddrs;
+  int cname_ttl = INT_MAX;  /* the TTL imposed by the CNAME chain */
   int naliases;
   long len;
   const unsigned char *aptr;
   char *hostname, *rr_name, *rr_data, **aliases;
   struct in_addr *addrs;
   struct hostent *hostent;
+  const int max_addr_ttls = (addrttls && naddrttls) ? *naddrttls : 0;
 
   /* Set *host to NULL for all failure cases. */
+  if (host)
     *host = NULL;
+  /* Same with *naddrttls. */
+  if (naddrttls)
+    *naddrttls = 0;
 
   /* Give up if abuf doesn't have room for a header. */
   if (alen < HFIXEDSZ)
@@ -73,6 +81,8 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
     }
   aptr += len + QFIXEDSZ;
 
+  if (host)
+    {
       /* Allocate addresses and aliases; ancount gives an upper bound for both. */
       addrs = malloc(ancount * sizeof(struct in_addr));
       if (!addrs)
@@ -87,6 +97,13 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
           free(addrs);
           return ARES_ENOMEM;
         }
+    }
+  else
+    {
+      addrs = NULL;
+      aliases = NULL;
+    }
+  
   naddrs = 0;
   naliases = 0;
 
@@ -106,13 +123,33 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
       rr_type = DNS_RR_TYPE(aptr);
       rr_class = DNS_RR_CLASS(aptr);
       rr_len = DNS_RR_LEN(aptr);
+      rr_ttl = DNS_RR_TTL(aptr);
       aptr += RRFIXEDSZ;
 
       if (rr_class == C_IN && rr_type == T_A
           && rr_len == sizeof(struct in_addr)
           && strcasecmp(rr_name, hostname) == 0)
         {
+          if (addrs)
+            {
+              if (aptr + sizeof(struct in_addr) > abuf + alen)
+              {
+                status = ARES_EBADRESP;
+                break;
+              }
               memcpy(&addrs[naddrs], aptr, sizeof(struct in_addr));
+            }
+          if (naddrs < max_addr_ttls)
+            {
+              struct addrttl * const at = &addrttls[naddrs];
+              if (aptr + sizeof(struct in_addr) > abuf + alen)
+              {
+                status = ARES_EBADRESP;
+                break;
+              }
+              memcpy(&at->ipaddr, aptr,  sizeof(struct in_addr));
+              at->ttl = rr_ttl;
+            }
           naddrs++;
           status = ARES_SUCCESS;
         }
@@ -120,7 +157,10 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
       if (rr_class == C_IN && rr_type == T_CNAME)
         {
           /* Record the RR name as an alias. */
+          if (aliases)
             aliases[naliases] = rr_name;
+          else
+            free(rr_name);
           naliases++;
 
           /* Decode the RR data and replace the hostname with it. */
@@ -129,6 +169,10 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
             break;
           free(hostname);
           hostname = rr_data;
+
+          /* Take the min of the TTLs we see in the CNAME chain. */
+          if (cname_ttl > rr_ttl)
+            cname_ttl = rr_ttl;
         }
       else
         free(rr_name);
@@ -145,8 +189,23 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
     status = ARES_ENODATA;
   if (status == ARES_SUCCESS)
     {
-      /* We got our answer.  Allocate memory to build the host entry. */
+      /* We got our answer. */
+      if (naddrttls)
+        {
+          const int n = naddrs < max_addr_ttls ? naddrs : max_addr_ttls;
+          for (i = 0; i < n; i++)
+            {
+              /* Ensure that each A TTL is no larger than the CNAME TTL. */
+              if (addrttls[i].ttl > cname_ttl)
+                addrttls[i].ttl = cname_ttl;
+            }
+          *naddrttls = n;
+        }
+      if (aliases)
         aliases[naliases] = NULL;
+      if (host)
+        {
+          /* Allocate memory to build the host entry. */
           hostent = malloc(sizeof(struct hostent));
           if (hostent)
             {
@@ -168,9 +227,13 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
             }
           status = ARES_ENOMEM;
         }
+     }
+  if (aliases)
+    {
       for (i = 0; i < naliases; i++)
         free(aliases[i]);
       free(aliases);
+    }
   free(addrs);
   free(hostname);
   return status;

ares/ares_parse_aaaa_reply.3

@@ -22,24 +22,39 @@ ares_parse_aaaa_reply \- Parse a reply to a DNS query of type AAAA into a hosten
 .B #include <ares.h>
 .PP
 .B int ares_parse_aaaa_reply(const unsigned char *\fIabuf\fP, int \fIalen\fP,
-.B 	struct hostent **\fIhost\fP);
+.B 	struct hostent **\fIhost\fP,         
+.B      struct addrttl *\fIaddrttls\fB, int *\fInaddrttls\fB);
 .fi
 .SH DESCRIPTION
 The
 .B ares_parse_aaaa_reply
 function parses the response to a query of type AAAA into a
-.BR "struct hostent" .
+.BR "struct hostent"
+and/or an array of
+.BR "struct addrttls" . 
 The parameters
 .I abuf
 and
 .I alen
 give the contents of the response.  The result is stored in allocated
 memory and a pointer to it stored into the variable pointed to by
-.IR host .
+.IR host ,
+if host is nonnull.
 It is the caller's responsibility to free the resulting host structure
 using
 .BR ares_free_hostent (3)
 when it is no longer needed.
+.PP
+If
+.IR addrttls
+and
+.IR naddrttls
+are both nonnull,
+then up to *naddrttls
+.BR "struct addr6ttl"
+records are stored in the array pointed to by addrttls,
+and then *naddrttls is set to the number of records so stored.
+Note that the memory for these records is supplied by the caller.
 .SH RETURN VALUES
 .B ares_parse_aaaa_reply
 can return any of the following values:

ares/ares_parse_aaaa_reply.c

@@ -34,25 +34,33 @@
 
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 #include "ares.h"
 #include "ares_dns.h"
 #include "inet_net_pton.h"
 #include "ares_private.h"
 
 int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host)
+                          struct hostent **host, struct addr6ttl *addrttls,
+                          int *naddrttls)
 {
   unsigned int qdcount, ancount;
-  int status, i, rr_type, rr_class, rr_len, naddrs;
+  int status, i, rr_type, rr_class, rr_len, rr_ttl, naddrs;
+  int cname_ttl = INT_MAX;  /* the TTL imposed by the CNAME chain */
   int naliases;
   long len;
   const unsigned char *aptr;
   char *hostname, *rr_name, *rr_data, **aliases;
   struct in6_addr *addrs;
   struct hostent *hostent;
+  const int max_addr_ttls = (addrttls && naddrttls) ? *naddrttls : 0;
 
   /* Set *host to NULL for all failure cases. */
+  if (host)
     *host = NULL;
+  /* Same with *naddrttls. */
+  if (naddrttls)
+    *naddrttls = 0;
 
   /* Give up if abuf doesn't have room for a header. */
   if (alen < HFIXEDSZ)
@@ -77,6 +85,8 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
   aptr += len + QFIXEDSZ;
 
   /* Allocate addresses and aliases; ancount gives an upper bound for both. */
+  if (host)
+    {
       addrs = malloc(ancount * sizeof(struct in6_addr));
       if (!addrs)
         {
@@ -90,6 +100,12 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
           free(addrs);
           return ARES_ENOMEM;
         }
+    }
+  else
+    {
+      addrs = NULL;
+      aliases = NULL;
+    }
   naddrs = 0;
   naliases = 0;
 
@@ -109,13 +125,33 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
       rr_type = DNS_RR_TYPE(aptr);
       rr_class = DNS_RR_CLASS(aptr);
       rr_len = DNS_RR_LEN(aptr);
+      rr_ttl = DNS_RR_TTL(aptr);
       aptr += RRFIXEDSZ;
 
       if (rr_class == C_IN && rr_type == T_AAAA
           && rr_len == sizeof(struct in6_addr)
           && strcasecmp(rr_name, hostname) == 0)
         {
+          if (addrs)
+            {
+              if (aptr + sizeof(struct in6_addr) > abuf + alen)
+              {
+                status = ARES_EBADRESP;
+                break;
+              }
               memcpy(&addrs[naddrs], aptr, sizeof(struct in6_addr));
+            }
+          if (naddrs < max_addr_ttls)
+            {
+              struct addr6ttl * const at = &addrttls[naddrs];
+              if (aptr + sizeof(struct in6_addr) > abuf + alen)
+              {
+                status = ARES_EBADRESP;
+                break;
+              }
+              memcpy(&at->ip6addr, aptr,  sizeof(struct in6_addr));
+              at->ttl = rr_ttl;
+            }
           naddrs++;
           status = ARES_SUCCESS;
         }
@@ -123,7 +159,10 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
       if (rr_class == C_IN && rr_type == T_CNAME)
         {
           /* Record the RR name as an alias. */
+          if (aliases)
             aliases[naliases] = rr_name;
+          else
+            free(rr_name);
           naliases++;
 
           /* Decode the RR data and replace the hostname with it. */
@@ -132,6 +171,10 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
             break;
           free(hostname);
           hostname = rr_data;
+
+          /* Take the min of the TTLs we see in the CNAME chain. */
+          if (cname_ttl > rr_ttl)
+            cname_ttl = rr_ttl;
         }
       else
         free(rr_name);
@@ -148,8 +191,23 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
     status = ARES_ENODATA;
   if (status == ARES_SUCCESS)
     {
-      /* We got our answer.  Allocate memory to build the host entry. */
+      /* We got our answer. */
+      if (naddrttls)
+        {
+          const int n = naddrs < max_addr_ttls ? naddrs : max_addr_ttls;
+          for (i = 0; i < n; i++)
+            {
+              /* Ensure that each A TTL is no larger than the CNAME TTL. */
+              if (addrttls[i].ttl > cname_ttl)
+                addrttls[i].ttl = cname_ttl;
+            }
+          *naddrttls = n;
+        }
+      if (aliases)
         aliases[naliases] = NULL;
+      if (host)
+        {
+          /* Allocate memory to build the host entry. */
           hostent = malloc(sizeof(struct hostent));
           if (hostent)
             {
@@ -171,9 +229,13 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
             }
           status = ARES_ENOMEM;
         }
+    }
+  if (aliases)
+    {
       for (i = 0; i < naliases; i++)
         free(aliases[i]);
       free(aliases);
+    }
   free(addrs);
   free(hostname);
   return status;

ares/ares_private.h

@@ -18,6 +18,14 @@
  * without express or implied warranty.
  */
 
+/*
+ * Define WIN32 when build target is Win32 API
+ */
+
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
+#define WIN32
+#endif
+
 #include <stdio.h>
 #include <sys/types.h>
 

ares/ares_version.h

@@ -5,11 +5,11 @@
 
 #define ARES_VERSION_MAJOR 1
 #define ARES_VERSION_MINOR 5
-#define ARES_VERSION_PATCH 0
+#define ARES_VERSION_PATCH 2
 #define ARES_VERSION ((ARES_VERSION_MAJOR<<16)|\
                        (ARES_VERSION_MINOR<<8)|\
                        (ARES_VERSION_PATCH))
-#define ARES_VERSION_STR "1.5.0-CVS"
+#define ARES_VERSION_STR "1.5.2-CVS"
 
 #ifdef  __cplusplus
 extern "C" {

ares/bitncmp.h

@@ -3,7 +3,8 @@
 
 /* $Id$ */
 
-/*
+/* Copyright (C) 2005 by Dominick Meglio
+ *
  * Permission to use, copy, modify, and distribute this
  * software and its documentation for any purpose and without
  * fee is hereby granted, provided that the above copyright

ares/config-win32.h

@@ -159,24 +159,58 @@
 /* Define this if you have struct timeval */
 #define HAVE_STRUCT_TIMEVAL 1
 
+/* ---------------------------------------------------------------- */
+/*                        COMPILER SPECIFIC                         */
+/* ---------------------------------------------------------------- */
+
+/* Define to avoid VS2005 complaining about portable C functions */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#define _CRT_NONSTDC_NO_DEPRECATE 1
+#endif
+
+/* VS2008 does not support Windows build targets prior to WinXP, */
+/* so, if no build target has been defined we will target WinXP. */
+#if defined(_MSC_VER) && (_MSC_VER >= 1500)
+#  ifndef _WIN32_WINNT
+#    define _WIN32_WINNT 0x0501
+#  endif
+#  ifndef WINVER
+#    define WINVER 0x0501
+#  endif
+#  if (_WIN32_WINNT < 0x0501) || (WINVER < 0x0501)
+#    error VS2008 does not support Windows build targets prior to WinXP
+#  endif
+#endif
+
 /* ---------------------------------------------------------------- */
 /*                         IPV6 COMPATIBILITY                       */
 /* ---------------------------------------------------------------- */
 
 /* Define this if you have address family AF_INET6 */
+#ifdef HAVE_WINSOCK2_H
 #define HAVE_AF_INET6 1
+#endif
 
 /* Define this if you have protocol family PF_INET6 */
+#ifdef HAVE_WINSOCK2_H
 #define HAVE_PF_INET6 1
+#endif
 
 /* Define this if you have struct in6_addr */
+#ifdef HAVE_WS2TCPIP_H
 #define HAVE_STRUCT_IN6_ADDR 1
+#endif
 
 /* Define this if you have struct sockaddr_in6 */
+#ifdef HAVE_WS2TCPIP_H
 #define HAVE_STRUCT_SOCKADDR_IN6 1
+#endif
 
 /* Define this if you have sockaddr_in6 with scopeid */
+#ifdef HAVE_WS2TCPIP_H
 #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
+#endif
 
 
 #endif  /* __ARES_CONFIG_WIN32_H */

ares/configure.ac

@@ -46,6 +46,8 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
     dnl when doing the debug stuff, use static library only
     AC_DISABLE_SHARED
 
+    debugbuild="yes"
+
     dnl the entire --enable-debug is a hack that lives and runs on top of
     dnl libcurl stuff so this BUILDING_LIBCURL is not THAT much uglier
     AC_DEFINE(BUILDING_LIBCURL, 1, [when building as static part of libcurl])
@@ -70,6 +72,7 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
   esac ],
        AC_MSG_RESULT(no)
 )
+AM_CONDITIONAL(DEBUGBUILD, test x$debugbuild = xyes)
 
 dnl skip libtool C++ and Fortran compiler checks
 m4_ifdef([AC_PROG_CXX], [m4_undefine([AC_PROG_CXX])])
@@ -258,9 +261,6 @@ fi
 dnl socket lib?
 AC_CHECK_FUNC(connect, , [ AC_CHECK_LIB(socket, connect) ])
 
-dnl dl lib?
-AC_CHECK_FUNC(dlclose, , [ AC_CHECK_LIB(dl, dlopen) ])
-
 AC_MSG_CHECKING([whether to use libgcc])
 AC_ARG_ENABLE(libgcc,
 AC_HELP_STRING([--enable-libgcc],[use libgcc when linking]),
@@ -342,6 +342,9 @@ if test "x$RECENTAIX" = "xyes"; then
          dnl the optimizer assumes that pointers can only point to
          dnl an object of the same type.
          CFLAGS="$CFLAGS -qnoansialias"
+         dnl Force AIX xlc to stop after the compilation phase, and not
+         dnl generate object code, when the source compiles with errors.
+         CFLAGS="$CFLAGS -qhalt=e"
        )
 fi
 
@@ -831,8 +834,15 @@ AC_HELP_STRING([--with-random=FILE],
                [read randomness from FILE (default=/dev/urandom)]),
     [ RANDOM_FILE="$withval" ],
     [
-        dnl Check for random device
+        dnl Check for random device.  If we're cross compiling, we can't
+        dnl check, and it's better to assume it doesn't exist than it is
+        dnl to fail on AC_CHECK_FILE or later.
+        if test "$cross_compiling" = "no"; then
           AC_CHECK_FILE("/dev/urandom", [ RANDOM_FILE="/dev/urandom"] )
+        else
+          AC_MSG_WARN([cannot check for /dev/urandom while cross compiling; assuming none])
+        fi
+        
     ]
 )
 if test -n "$RANDOM_FILE" && test X"$RANDOM_FILE" != Xno ; then

ares/get_ver.awk

@@ -0,0 +1,36 @@
+# ***************************************************************************
+# *  Project: c-ares
+# *
+# * $Id$
+# ***************************************************************************
+# awk script which fetches c-ares version number and string from input
+# file and writes them to STDOUT. Here you can get an awk version for Win32:
+# http://www.gknw.net/development/prgtools/awk-20070501.zip
+#
+BEGIN {
+  if (match (ARGV[1], /ares_version.h/)) {
+    while ((getline < ARGV[1]) > 0) {
+      if (match ($0, /^#define ARES_COPYRIGHT "[^"]+"$/)) {
+        libcares_copyright_str = substr($0, 25, length($0)-25);
+      }
+      else if (match ($0, /^#define ARES_VERSION_STR "[^"]+"$/)) {
+        libcares_ver_str = substr($3, 2, length($3)-2);
+      }
+      else if (match ($0, /^#define ARES_VERSION_MAJOR [0-9]+$/)) {
+        libcares_ver_major = substr($3, 1, length($3));
+      }
+      else if (match ($0, /^#define ARES_VERSION_MINOR [0-9]+$/)) {
+        libcares_ver_minor = substr($3, 1, length($3));
+      }
+      else if (match ($0, /^#define ARES_VERSION_PATCH [0-9]+$/)) {
+        libcares_ver_patch = substr($3, 1, length($3));
+      }
+    }
+    libcares_ver = libcares_ver_major "," libcares_ver_minor "," libcares_ver_patch;
+    print "LIBCARES_VERSION = " libcares_ver "";
+    print "LIBCARES_VERSION_STR = " libcares_ver_str "";
+    print "LIBCARES_COPYRIGHT_STR = " libcares_copyright_str "";
+  }
+}
+
+

ares/inet_net_pton.h

@@ -3,7 +3,8 @@
 
 /* $Id$ */
 
-/*
+/* Copyright (C) 2005 by Daniel Stenberg
+ *
  * Permission to use, copy, modify, and distribute this
  * software and its documentation for any purpose and without
  * fee is hereby granted, provided that the above copyright

ares/inet_ntop.h

@@ -3,7 +3,8 @@
 
 /* $Id$ */
 
-/*
+/* Copyright (C) 2005 by Dominick Meglio
+ *
  * Permission to use, copy, modify, and distribute this
  * software and its documentation for any purpose and without
  * fee is hereby granted, provided that the above copyright

ares/libcares.pc.in

@@ -12,7 +12,7 @@ includedir=@includedir@
 
 Name: c-ares
 URL: http://daniel.haxx.se/projects/c-ares/
-Description: asyncronous DNS lookup library
+Description: asynchronous DNS lookup library
 Version: @VERSION@
 Requires: 
 Requires.private: 

ares/nameser.h

@@ -7,9 +7,6 @@
    port build */
 
 #ifndef NETWARE
-#ifndef __CYGWIN__
-#include <windows.h>
-#endif
 #include <process.h> /* for the _getpid() proto */
 #endif  /* !NETWARE */
 #include <sys/types.h>

ares/setup.h

@@ -16,13 +16,11 @@
  * without express or implied warranty.
  */
 
-#if !defined(WIN32) && defined(__WIN32__)
-/* Borland fix */
-#define WIN32
-#endif
+/*
+ * Define WIN32 when build target is Win32 API
+ */
 
-#if !defined(WIN32) && defined(_WIN32)
-/* VS2005 on x64 fix */
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
 #define WIN32
 #endif
 

ares/vc/adig/adig.dsp

@@ -49,8 +49,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
 
 !ELSEIF  "$(CFG)" == "adig - Win32 Debug"
 
@@ -73,8 +73,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
 
 !ENDIF 
 

ares/vc/ahost/ahost.dsp

@@ -39,6 +39,7 @@ RSC=rc.exe
 # PROP Use_Debug_Libraries 0
 # PROP Output_Dir "Release"
 # PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
 # PROP Target_Dir ""
 # ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
 # ADD CPP /nologo /MD /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
@@ -48,8 +49,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
 
 !ELSEIF  "$(CFG)" == "ahost - Win32 Debug"
 
@@ -62,6 +63,7 @@ LINK32=link.exe
 # PROP Use_Debug_Libraries 1
 # PROP Output_Dir "Debug"
 # PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
 # PROP Target_Dir ""
 # ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
 # ADD CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
@@ -71,8 +73,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
 
 !ENDIF 
 

configure.ac

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -24,11 +24,11 @@ dnl Process this file with autoconf to produce a configure script.
 
 AC_PREREQ(2.57)
 
-dnl We don't know the version number "staticly" so we use a dash here
+dnl We don't know the version number "statically" so we use a dash here
 AC_INIT(curl, [-], [a suitable curl mailing list => http://curl.haxx.se/mail/])
 
 dnl configure script copyright
-AC_COPYRIGHT([Copyright (c) 1998 - 2006 Daniel Stenberg, <daniel@haxx.se>
+AC_COPYRIGHT([Copyright (c) 1998 - 2008 Daniel Stenberg, <daniel@haxx.se>
 This configure script may be copied, distributed and modified under the
 terms of the curl license; see COPYING for more details])
 
@@ -174,6 +174,7 @@ case $host in
 esac
 AC_MSG_RESULT($mimpure)
 AM_CONDITIONAL(MIMPURE, test x$mimpure = xyes)
+AM_CONDITIONAL(STATICLIB, false)
 
 AC_MSG_CHECKING([if we need BUILDING_LIBCURL])
 case $host in
@@ -185,6 +186,7 @@ case $host in
     then
       AC_DEFINE(CURL_STATICLIB, 1, [when not building a shared library])
       AC_MSG_RESULT(yes)
+      AM_CONDITIONAL(STATICLIB, true)
     else
       AC_MSG_RESULT(no)
     fi
@@ -321,10 +323,29 @@ AC_HELP_STRING([--disable-ldap],[Disable LDAP support]),
        AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
        AC_SUBST(CURL_DISABLE_LDAP, [1])
        ;;
-  *)   AC_MSG_RESULT(yes)
+  *)
+       case $host in
+         *-*-cygwin*)
+           # Force no ldap. config/build process is broken for cygwin
+           AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
+           AC_SUBST(CURL_DISABLE_LDAP, [1])
+           AC_MSG_RESULT(no)
            ;;
-  esac ],
+         *)
            AC_MSG_RESULT(yes)
+       esac
+       ;;
+  esac ],[
+       case $host in
+         *-*-cygwin*)
+           # Force no ldap. config/build process is broken for cygwin
+           AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
+           AC_SUBST(CURL_DISABLE_LDAP, [1])
+           AC_MSG_RESULT(no)
+           ;;
+         *)
+           AC_MSG_RESULT(yes)
+       esac ]
 )
 AC_MSG_CHECKING([whether to support ldaps])
 AC_ARG_ENABLE(ldaps,
@@ -604,6 +625,8 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
       AC_MSG_WARN(["$LDAPLIBNAME" is not an LDAP library: LDAP disabled])
       AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
       AC_SUBST(CURL_DISABLE_LDAP, [1])])
+      AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
+      AC_SUBST(CURL_DISABLE_LDAPS, [1])
   else
     dnl Try to find the right ldap libraries for this system
     CURL_CHECK_LIBS_LDAP
@@ -612,6 +635,8 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
         AC_MSG_WARN([Cannot find libraries for LDAP support: LDAP disabled])
         AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
         AC_SUBST(CURL_DISABLE_LDAP, [1])
+        AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
+        AC_SUBST(CURL_DISABLE_LDAPS, [1])
         ;;
     esac
   fi
@@ -627,6 +652,8 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
         AC_MSG_WARN(["$LBERLIBNAME" is not an LBER library: LDAP disabled])
         AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
         AC_SUBST(CURL_DISABLE_LDAP, [1])])
+        AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
+        AC_SUBST(CURL_DISABLE_LDAPS, [1])
     fi
   fi
 fi
@@ -901,6 +928,9 @@ dnl **********************************************************************
 dnl Check for GSS-API libraries
 dnl **********************************************************************
 
+dnl check for gss stuff in the /usr as default
+
+GSSAPI_ROOT="/usr"
 AC_ARG_WITH(gssapi-includes,
   AC_HELP_STRING([--with-gssapi-includes=DIR],
                  [Specify location of GSSAPI header]),
@@ -921,6 +951,10 @@ AC_ARG_WITH(gssapi,
   GSSAPI_ROOT="$withval"
   if test x"$GSSAPI_ROOT" != xno; then
     want_gss="yes"
+    if test x"$GSSAPI_ROOT" = xyes; then
+      dnl if yes, then use default root
+      GSSAPI_ROOT="/usr"
+    fi
   fi
 ])
 
@@ -932,11 +966,15 @@ if test x"$want_gss" = xyes; then
   if test -z "$GSSAPI_INCS"; then
      if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
         GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
+        GSSAPI_LIBS=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
      elif test "$GSSAPI_ROOT" != "yes"; then
         GSSAPI_INCS="-I$GSSAPI_ROOT/include"
+        GSSAPI_LIBS="-lgssapi"
      fi
   fi
+
   CPPFLAGS="$CPPFLAGS $GSSAPI_INCS"
+  LIBS="$LIBS $GSSAPI_LIBS"
 
   AC_CHECK_HEADER(gss.h,
     [
@@ -945,19 +983,19 @@ if test x"$want_gss" = xyes; then
       gnu_gss=yes
     ],
     [
-      dnl not found, check Heimdal
-      AC_CHECK_HEADER(gssapi.h,
-        [
-          dnl found in the given dirs
-          AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have the Heimdal gssapi libraries])
-        ],
-        [
-          dnl not found, check in gssapi/ subdir
+      dnl not found, check MIT
       AC_CHECK_HEADER(gssapi/gssapi.h,
         [
-              dnl found
+          dnl found in the given dirs
           AC_DEFINE(HAVE_GSSMIT, 1, [if you have the MIT gssapi libraries])
         ],
+        [
+          dnl not found, check for Heimdal
+          AC_CHECK_HEADER(gssapi.h,
+            [
+              dnl found
+              AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have the Heimdal gssapi libraries])
+            ],
             [
               dnl no header found, disabling GSS
               want_gss=no
@@ -978,18 +1016,23 @@ if test x"$want_gss" = xyes; then
 
   if test -n "$gnu_gss"; then
     curl_gss_msg="enabled (GNU GSS)"
-    LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR -lgss"
+    LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
+    LIBS="$LIBS -lgss"
   elif test -z "$GSSAPI_LIB_DIR"; then
      if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
-        gss_ldflags=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
-        LDFLAGS="$LDFLAGS $gss_ldflags"
+        dnl krb5-config doesn't have --libs-only-L or similar, put everything
+        dnl into LIBS
+        gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
+        LIBS="$LIBS $gss_libs"
      elif test "$GSSAPI_ROOT" != "yes"; then
-        LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff -lgssapi"
+        LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
+        LIBS="$LIBS -lgssapi"
      else
-        LDFLAGS="$LDFLAGS -lgssapi"
+        LIBS="$LIBS -lgssapi"
      fi
   else
-     LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR -lgssapi"
+     LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
+     LIBS="$LIBS -lgssapi"
   fi
 else
   CPPFLAGS="$save_CPPFLAGS"
@@ -1292,6 +1335,7 @@ else
   if test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" != "1"
   then
     AC_MSG_WARN([configure found only the libz lib, not the header file!])
+    HAVE_LIBZ=""
   elif test "$HAVE_LIBZ" != "1" && test "$HAVE_ZLIB_H" = "1"
   then
     AC_MSG_WARN([configure found only the libz header file, not the lib!])
@@ -1336,7 +1380,7 @@ if test X"$OPT_LIBSSH2" != Xno; then
   yes)
     dnl --with-libssh2 (without path) used
     PREFIX_LIBSSH2=/usr/local/lib
-    LIB_LIBSSH2="$PREFIX_LIBSSH2/lib$libsuff"
+    LIB_LIBSSH2="$PREFIX_LIBSSH2$libsuff"
     ;;
   off)
     dnl no --with-libssh2 option given, just check default places
@@ -1356,8 +1400,9 @@ if test X"$OPT_LIBSSH2" != Xno; then
   AC_CHECK_HEADERS(libssh2.h,
     curl_ssh_msg="enabled (libSSH2)"
     LIBSSH2_ENABLED=1
-    AC_DEFINE(USE_LIBSSH2, 1, [if libSSH2 is in use]))
+    AC_DEFINE(USE_LIBSSH2, 1, [if libSSH2 is in use])
     AC_SUBST(USE_LIBSSH2, [1])
+  )
 
   if test X"$OPT_LIBSSH2" != Xoff &&
      test "$LIBSSH2_ENABLED" != "1"; then
@@ -1516,7 +1561,7 @@ if test "$OPENSSL_ENABLED" != "1" -a "$GNUTLS_ENABLED" != "1"; then
 
     dnl Check for functionPK11_CreateGenericObject
     dnl this is needed for using the PEM PKCS#11 module
-    AC_CHECK_LIB(nss3, PK11_CreateGenericObject-d,
+    AC_CHECK_LIB(nss3, PK11_CreateGenericObject,
      [
      AC_DEFINE(HAVE_PK11_CREATEGENERICOBJECT, 1, [if you have the function PK11_CreateGenericObject])
      AC_SUBST(HAVE_PK11_CREATEGENERICOBJECT, [1])
@@ -1566,36 +1611,20 @@ fi dnl OPENSSL != 1 -a GNUTLS_ENABLED != 1
 if test "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED" = "x"; then
   AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.])
   AC_MSG_WARN([Use --with-ssl, --with-gnutls or --with-nss to address this.])
+else
+  # SSL is enabled, genericly
+  AC_SUBST(SSL_ENABLED)
+  SSL_ENABLED="1"
 fi
 
 dnl **********************************************************************
 dnl Check for the CA bundle
 dnl **********************************************************************
 
-if test X"$USE_NSS$USE_GNUTLS$OPENSSL_ENABLED" != "X"; then
-
-  AC_MSG_CHECKING([CA cert bundle install path])
-
-  AC_ARG_WITH(ca-bundle,
-AC_HELP_STRING([--with-ca-bundle=FILE], [File name to install the CA bundle as])
-AC_HELP_STRING([--without-ca-bundle], [Don't install the CA bundle]),
-    [ ca="$withval" ],
-    [
-      if test "x$prefix" != xNONE; then
-        ca="\${prefix}/share/curl/curl-ca-bundle.crt"
-      else
-        ca="$ac_default_prefix/share/curl/curl-ca-bundle.crt"
-      fi
-    ] )
-
-    if test "x$ca" != "xno"; then
-      CURL_CA_BUNDLE='"'$ca'"'
-      AC_SUBST(CURL_CA_BUNDLE)
-    fi
-    AC_MSG_RESULT([$ca])
-fi dnl only done if some kind of SSL was enabled
+CURL_CHECK_CA_BUNDLE
 
 AM_CONDITIONAL(CABUNDLE, test x$ca != xno)
+AM_CONDITIONAL(CAPATH, test x$capath != xno)
 
 dnl **********************************************************************
 dnl Check for the presence of IDN libraries and headers
@@ -1733,6 +1762,9 @@ if test "x$RECENTAIX" = "xyes"; then
          dnl the optimizer assumes that pointers can only point to
          dnl an object of the same type.
          CFLAGS="$CFLAGS -qnoansialias"
+         dnl Force AIX xlc to stop after the compilation phase, and not
+         dnl generate object code, when the source compiles with errors.
+         CFLAGS="$CFLAGS -qhalt=e"
        )
 
 
@@ -1782,7 +1814,7 @@ if test x$cross_compiling != xyes; then
     )
   fi
 else
-  dnl and for crosscompilings
+  dnl and for crosscompiling
   AC_CHECK_FUNCS(gmtime_r)
 fi
 
@@ -1827,6 +1859,7 @@ AC_CHECK_HEADERS(
         utime.h \
         sys/utime.h \
         sys/poll.h \
+        poll.h \
         sys/resource.h \
         libgen.h \
         locale.h \
@@ -1874,6 +1907,7 @@ AC_CHECK_SIZEOF(curl_off_t, ,[
 AC_CHECK_SIZEOF(size_t)
 AC_CHECK_SIZEOF(long)
 AC_CHECK_SIZEOF(time_t)
+AC_CHECK_SIZEOF(off_t)
 
 AC_CHECK_TYPE(long long,
    [AC_DEFINE(HAVE_LONGLONG, 1, [if your compiler supports long long])]
@@ -1962,6 +1996,7 @@ AC_CHECK_FUNCS( strtoll \
                 strlcat \
                 getpwuid \
                 geteuid \
+                getppid \
                 utime \
                 sigsetjmp \
                 basename \
@@ -2088,6 +2123,8 @@ if test "$disable_poll" = "no"; then
     AC_RUN_IFELSE([
 #ifdef HAVE_SYS_POLL_H
 #include <sys/poll.h>
+#elif defined(HAVE_POLL_H)
+#include <poll.h>
 #endif
 
   int main(void)
@@ -2458,7 +2495,8 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
   Built-in manual: ${curl_manual_msg}
   Verbose errors:  ${curl_verbose_msg}
   SSPI support:    ${curl_sspi_msg}
-  ca cert path:    ${ca}
+  ca cert bundle:  ${ca}
+  ca cert path:    ${capath}
   LDAP support:    ${curl_ldap_msg}
   LDAPS support:   ${curl_ldaps_msg}
 ])

curl-config.in

@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 2001 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 2001 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -83,7 +83,7 @@ while test $# -gt 0; do
 	if test "@USE_SSLEAY@" = "1"; then
           echo "SSL"
           NTLM=1 # OpenSSL implies NTLM
-        elif test -n "@USE_GNUTLS@"; then
+        elif test -n "@SSL_ENABLED@"; then
           echo "SSL"
         fi
 	if test "@KRB4_ENABLED@" = "1"; then
@@ -113,13 +113,13 @@ while test $# -gt 0; do
     --protocols)
 	if test "@CURL_DISABLE_HTTP@" != "1"; then
           echo "HTTP"
-	  if test "@USE_SSLEAY@" = "1"; then
+	  if test "@SSL_ENABLED@" = "1"; then
             echo "HTTPS"
           fi
         fi
 	if test "@CURL_DISABLE_FTP@" != "1"; then
           echo "FTP"
-	  if test "@USE_SSLEAY@" = "1"; then
+	  if test "@SSL_ENABLED@" = "1"; then
             echo "FTPS"
           fi
         fi
@@ -189,7 +189,7 @@ while test $# -gt 0; do
        	;;
 
     --libs)
-	if test "X@libdir@" != "X/usr/lib"; then
+	if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
 	   CURLLIBDIR="-L@libdir@ "
 	else
 	   CURLLIBDIR=""

docs/BINDINGS

@@ -72,7 +72,7 @@ glib/GTK+
 
 Java
 
-  Maintained by Vic Hanson
+  Maintained by [blank]
   http://curl.haxx.se/libcurl/java/
 
 Lisp
@@ -143,11 +143,20 @@ Rexx
   Written Mark Hessling
   http://rexxcurl.sourceforge.net/
 
+RPG
+
+  Support for ILE/RPG on OS/400 is included in source distribution
+  http://curl.haxx.se/libcurl/
+  See packages/OS400/README.OS400 and packages/OS400/curl.inc.in
+
 Ruby
 
-  Written by Ross Bamford
+  curb - written by Ross Bamford
   http://curb.rubyforge.org/
 
+  ruby-curl-multi - written by Kristjan Petursson and Keith Rarick
+  http://curl-multi.rubyforge.org/
+
 Scheme
 
   Bigloo binding by Kirill Lisovsky

docs/CONTRIBUTE

@@ -102,6 +102,8 @@
  using spaces only (no tabs) and having the opening brace ({) on the same line
  as the if() or while().
 
+ Also note that we use if() and while() with no space before the parenthesis.
+
 2.3 Commenting
 
  Comment your source code extensively using C comments (/* comment */), DO NOT

docs/FAQ

@@ -1,4 +1,4 @@
-Updated: July 30, 2007 (http://curl.haxx.se/docs/faq.html)
+Updated: Feb 18, 2008 (http://curl.haxx.se/docs/faq.html)
                                   _   _ ____  _
                               ___| | | |  _ \| |
                              / __| | | | |_) | |
@@ -18,6 +18,7 @@ FAQ
   1.8 I have a problem who do I mail?
   1.9 Where do I buy commercial support for curl?
   1.10 How many are using curl?
+  1.11 Why don't you update ca-bundle.crt
 
  2. Install Related Problems
   2.1 configure doesn't find OpenSSL even when it is installed
@@ -83,6 +84,7 @@ FAQ
   5.10 How do I prevent libcurl from writing the response to stdout?
   5.11 How do I make libcurl not receive the whole HTTP response?
   5.12 Can I make libcurl fake or hide my real IP address?
+  5.13 How do I stop an ongoing transfer?
 
  6. License Issues
   6.1 I have a GPL program, can I use the libcurl library?
@@ -214,8 +216,7 @@ FAQ
   improvements and have them inserted in the main sources (of course on the
   condition that developers agree on that the fixes are good).
 
-  The full list of the more than 530 contributors is found in the docs/THANKS
-  file.
+  The full list of all contributors is found in the docs/THANKS file.
 
   curl is developed by a community, with Daniel at the wheel.
 
@@ -296,7 +297,7 @@ FAQ
   as used by numerous applications that include libcurl binaries in their
   distribution packages (like Adobe Acrobat Reader and Google Earth).
 
-  More than 70 known named companies use curl in commercial environments and
+  More than 80 known named companies use curl in commercial environments and
   products. More than 100 known named open source projects depend on
   (lib)curl.
 
@@ -317,6 +318,29 @@ FAQ
   http://counter.li.org/estimates.php
   http://news.netcraft.com/archives/2005/03/14/fedora_makes_rapid_progress.html
 
+  1.11 Why don't you update ca-bundle.crt
+
+  The ca-bundle.crt file that used to be bundled with curl was very outdated
+  (it being last modified year 2000 should tell) and must be replaced with a
+  much more modern and up-to-date version by anyone who wants to verify peers
+  anyway. It is no longer provided, the last curl release that shipped it was
+  curl 7.18.0.
+
+  In the cURL project we've decided not to attempt to keep this file updated
+  (or even present anymore) since deciding what to add to a ca cert bundle is
+  an undertaking we've not been ready to accept, and the one we can get from
+  Mozilla is perfectly fine so there's no need to duplicate that work.
+
+  Today, with many services performed over HTTPS, every operating system
+  should come with a default ca cert bundle that can be deemed somewhat
+  trustworthy and that collection (if reasonably updated) should be deemed to
+  be a lot better than a private curl version.
+
+  If you want the most recent collection of ca certs that Mozilla Firefox
+  uses, we recommend that you extract the collection yourself from Mozilla
+  Firefox (by running 'make ca-bundle), or by using our online service setup
+  for this purpose: http://curl.haxx.se/docs/caextract.html
+
 
 2. Install Related Problems
 
@@ -1033,6 +1057,18 @@ FAQ
   that makes you see and use a different IP address locally than what the
   remote server will see you coming from.
 
+  5.13 How do I stop an ongoing transfer?
+
+  There are several ways, but none of them are instant. There is no function
+  you can call from another thread or similar that will stop it immediately.
+  Instead you need to make sure that one of the callbacks you use return an
+  appropriate value that will stop the transfer.
+
+  Suitable callbacks that you can do this with include the progress callback,
+  the read callback and the write callback.
+
+  If you're using the multi interface, you also stop a transfer by removing
+  the particular easy handle from the multi stack.
 
 6. License Issues
 

docs/INSTALL

@@ -188,7 +188,7 @@ Win32
    environment variables, for example:
 
      set ZLIB_PATH=c:\zlib-1.2.3
-     set OPENSSL_PATH=c:\openssl-0.9.8e
+     set OPENSSL_PATH=c:\openssl-0.9.8g
      set LIBSSH2_PATH=c:\libssh2-0.17
 
    ATTENTION: if you want to build with libssh2 support you have to use latest
@@ -257,7 +257,7 @@ Win32
    Before running nmake define the OPENSSL_PATH environment variable with
    the root/base directory of OpenSSL, for example:
 
-     set OPENSSL_PATH=c:\openssl-0.9.8e
+     set OPENSSL_PATH=c:\openssl-0.9.8g
 
    Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root
    directory.  'nmake vc-ssl' will create a libcurl static and dynamic
@@ -521,7 +521,7 @@ NetWare
      http://www.gknw.net/development/ossl/netware/
      for CLIB-based builds OpenSSL needs to be patched to build with BSD
      sockets (currently only a winsock-based CLIB build is supported):
-     http://www.gknw.net/development/ossl/netware/patches/v_0.9.8e/openssl-0.9.8e.diff
+     http://www.gknw.net/development/ossl/netware/patches/v_0.9.8g/openssl-0.9.8g.diff
    - optional SSH2 sources (version 0.17 or later);
 
    Set a search path to your compiler, linker and tools; on Linux make
@@ -808,10 +808,12 @@ PORTS
         - ia64 Linux 2.3.99
         - m68k AmigaOS 3
         - m68k Linux
+        - m68k uClinux
         - m68k OpenBSD
         - m88k dg-dgux5.4R3.00
         - s390 Linux
         - XScale/PXA250 Linux 2.4
+        - Nios II uClinux
 
 Useful URLs
 ===========

docs/INTERNALS

@@ -97,7 +97,9 @@ Library
 
    ... analyzes the URL, it separates the different components and connects to
    the remote host. This may involve using a proxy and/or using SSL. The
-   Curl_gethost() function in lib/hostip.c is used for looking up host names.
+   Curl_resolv() function in lib/hostip.c is used for looking up host names
+   (it does then use the proper underlying method, which may vary between
+   platforms and builds).
 
    When Curl_connect is done, we are connected to the remote site. Then it is
    time to tell the server to get a document/file. Curl_do() arranges this.
@@ -122,17 +124,20 @@ Library
    Curl_Transfer() function (in lib/transfer.c) to setup the transfer and
    returns.
 
-   Starting in 7.9.1, if this DO function fails and the connection is being
-   re-used, libcurl will then close this connection, setup a new connection
-   and re-issue the DO request on that. This is because there is no way to be
-   perfectly sure that we have discovered a dead connection before the DO
-   function and thus we might wrongly be re-using a connection that was closed
-   by the remote peer.
+   If this DO function fails and the connection is being re-used, libcurl will
+   then close this connection, setup a new connection and re-issue the DO
+   request on that. This is because there is no way to be perfectly sure that
+   we have discovered a dead connection before the DO function and thus we
+   might wrongly be re-using a connection that was closed by the remote peer.
+
+   Some time during the DO function, the Curl_setup_transfer() function must
+   be called with some basic info about the upcoming transfer: what socket(s)
+   to read/write and the expected file tranfer sizes (if known).
 
  o Transfer()
 
-   Curl_perform() then calls Transfer() in lib/transfer.c that performs
-   the entire file transfer.
+   Curl_perform() then calls Transfer() in lib/transfer.c that performs the
+   entire file transfer.
 
    During transfer, the progress functions in lib/progress.c are called at a
    frequent interval (or at the user's choice, a specified callback might get
@@ -236,9 +241,8 @@ Library
  URL encoding and decoding, called escaping and unescaping in the source code,
  is found in lib/escape.c.
 
- While transfering data in Transfer() a few functions might get
- used. curl_getdate() in lib/getdate.c is for HTTP date comparisons (and
- more).
+ While transfering data in Transfer() a few functions might get used.
+ curl_getdate() in lib/parsedate.c is for HTTP date comparisons (and more).
 
  lib/getenv.c offers curl_getenv() which is for reading environment variables
  in a neat platform independent way. That's used in the client, but also in
@@ -254,10 +258,6 @@ Library
  A function named curl_version() that returns the full curl version string is
  found in lib/version.c.
 
- If authentication is requested but no password is given, a getpass_r() clone
- exists in lib/getpass.c. libcurl offers a custom callback that can be used
- instead of this, but it doesn't change much to us.
-
 Persistent Connections
 ======================
 
@@ -269,9 +269,11 @@ Persistent Connections
    all the options etc that the library-user may choose.
  o The 'SessionHandle' struct holds the "connection cache" (an array of
    pointers to 'connectdata' structs). There's one connectdata struct
-   allocated for each connection that libcurl knows about.
- o This also enables the 'curl handle' to be reused on subsequent transfers,
-   something that was illegal before libcurl 7.7.
+   allocated for each connection that libcurl knows about. Note that when you
+   use the multi interface, the multi handle will hold the connection cache
+   and not the particular easy handle. This of course to allow all easy handles
+   in a multi stack to be able to share and re-use connections.
+ o This enables the 'curl handle' to be reused on subsequent transfers.
  o When we are about to perform a transfer with curl_easy_perform(), we first
    check for an already existing connection in the cache that we can use,
    otherwise we create a new one and add to the cache. If the cache is full
@@ -281,11 +283,46 @@ Persistent Connections
  o When the transfer operation is complete, we try to leave the connection
    open. Particular options may tell us not to, and protocols may signal
    closure on connections and then we don't keep it open of course.
- o When curl_easy_cleanup() is called, we close all still opened connections.
+ o When curl_easy_cleanup() is called, we close all still opened connections,
+   unless of course the multi interface "owns" the connections.
 
  You do realize that the curl handle must be re-used in order for the
  persistent connections to work.
 
+multi interface/non-blocking
+============================
+
+ We make an effort to provide a non-blocking interface to the library, the
+ multi interface. To make that interface work as good as possible, no
+ low-level functions within libcurl must be written to work in a blocking
+ manner.
+
+ One of the primary reasons we introduced c-ares support was to allow the name
+ resolve phase to be perfectly non-blocking as well.
+
+ The ultimate goal is to provide the easy interface simply by wrapping the
+ multi interface functions and thus treat everything internally as the multi
+ interface is the single interface we have.
+
+ The FTP and the SFTP/SCP protocols are thus perfect examples of how we adapt
+ and adjust the code to allow non-blocking operations even on multi-stage
+ protocols. The DICT, TELNET and TFTP are crappy examples and they are subject
+ for rewrite in the future to better fit the libcurl protocol family.
+
+SSL libraries
+=============
+
+ Originally libcurl supported SSLeay for SSL/TLS transports, but that was then
+ extended to its successor OpenSSL but has since also been extended to several
+ other SSL/TLS libraries and we expect and hope to further extend the support
+ in future libcurl versions.
+
+ To deal with this internally in the best way possible, we have a generic SSL
+ function API as provided by the sslgen.[ch] system, and they are the only SSL
+ functions we must use from within libcurl. sslgen is then crafted to use the
+ appropriate lower-level function calls to whatever SSL library that is in
+ use.
+
 Library Symbols
 ===============
  
@@ -309,6 +346,13 @@ Return Codes and Informationals
  them. They are best used when revealing information that isn't otherwise
  obvious.
 
+API/ABI
+=======
+
+ We make an effort to not export or show internals or how internals work, as
+ that makes it easier to keep a solid API/ABI over time. See docs/libcurl/ABI
+ for our promise to users.
+
 Client
 ======
 

docs/KNOWN_BUGS

@@ -3,6 +3,17 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!
 
+52. Gautam Kachroo's issue that identifies a problem with the multi interface
+  where a connection can be re-used without actually being properly
+  SSL-negoatiated:
+  http://curl.haxx.se/mail/lib-2008-01/0277.html
+
+49. If using --retry and the transfer timeouts (possibly due to using -m or
+  -y/-Y) the next attempt doesn't resume the transfer properly from what was
+  downloaded in the previous attempt but will truncate and restart at the
+  original position where it was at before the previous failed attempt. See
+  http://curl.haxx.se/mail/lib-2008-01/0080.html
+
 48. If a CONNECT response-headers are larger than BUFSIZE (16KB) when the
   connection is meant to be kept alive (like for NTLM proxy auth), the
   function will return prematurely and will confuse the rest of the HTTP
@@ -43,23 +54,9 @@ may have been fixed since this was written!
   Also see #12. According to bug #1556528, even the SOCKS5 connect code does
   not do it right: http://curl.haxx.se/bug/view.cgi?id=1556528,
 
-33. Doing multi-pass HTTP authentication on a non-default port does not work.
-  This happens because the multi-pass code abuses the redirect following code
-  for doing multiple requests, and when we following redirects to an absolute
-  URL we must use the newly specified port and not the one specified in the
-  original URL. A proper fix to this would need to separate the negotiation
-  "redirect" from an actual redirect.
-
-32. (At least on Windows) If libcurl is built with c-ares and there's no DNS
-  server configured in the system, the ares_init() call fails and thus
-  curl_easy_init() fails as well. This causes weird effects for people who use
-  numerical IP addresses only.
-
 31. "curl-config --libs" will include details set in LDFLAGS when configure is
-  run that might be needed only for building libcurl. Similarly, it might
-  include options that perhaps aren't suitable both for static and dynamic
-  linking. Further, curl-config --cflags suffers from the same effects with
-  CFLAGS/CPPFLAGS.
+  run that might be needed only for building libcurl. Further, curl-config
+  --cflags suffers from the same effects with CFLAGS/CPPFLAGS.
 
 30. You need to use -g to the command line tool in order to use RFC2732-style
   IPv6 numerical addresses in URLs.

docs/SSLCERTS

@@ -1,21 +1,25 @@
                       Peer SSL Certificate Verification
                       =================================
 
-libcurl performs peer SSL certificate verification by default. This is done by
-installing a default CA cert bundle on 'make install' (or similar), that CA
-bundle package is used by default on operations against SSL servers.
+libcurl performs peer SSL certificate verification by default.  This is done
+by using CA cert bundle that the SSL library can use to make sure the peer's
+server certificate is valid.
 
 If you communicate with HTTPS or FTPS servers using certificates that are
 signed by CAs present in the bundle, you can be sure that the remote server
 really is the one it claims to be.
 
-If the remote server uses a self-signed certificate, if you don't install
-curl's CA cert bundle, if the server uses a certificate signed by a CA that
-isn't included in the bundle or if the remote host is an impostor
+Until 7.18.0, curl bundled a severely outdated ca bundle file that was
+installed by default. These days, the curl archives include no ca certs at
+all. You need to get them elsewhere. See below for example.
+
+If the remote server uses a self-signed certificate, if you don't install a CA
+cert bundle, if the server uses a certificate signed by a CA that isn't
+included in the bundle you use or if the remote host is an impostor
 impersonating your favorite site, and you want to transfer files from this
 server, do one of the following:
 
- 1. Tell libcurl to *not* verify the peer. With libcurl you disable with with
+ 1. Tell libcurl to *not* verify the peer. With libcurl you disable this with
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
 
     With the curl command line tool, you disable this with -k/--insecure.
@@ -27,10 +31,8 @@ server, do one of the following:
     With the curl command line tool: --cacert [file]
 
  3. Add the CA cert for your server to the existing default CA cert bundle.
-    The default path of the CA bundle installed with the curl package is:
-    /usr/local/share/curl/curl-ca-bundle.crt, which can be changed by running
-    configure with the --with-ca-bundle option pointing out the path of your
-    choice.
+    The default path of the CA bundle used can be changed by running configure
+    with the --with-ca-bundle option pointing out the path of your choice.
 
     To do this, you need to get the CA cert for your server in PEM format and
     then append that to your CA cert bundle.
@@ -48,8 +50,6 @@ server, do one of the following:
      o Append the 'outcert.pem' to the CA cert bundle or use it stand-alone
        as described below.
 
-     (Thanks to Frankie V for this description)
-
     If you use the 'openssl' tool, this is one way to get extract the CA cert
     for a particular server:
 
@@ -64,8 +64,6 @@ server, do one of the following:
        cert_bundle or use it stand-alone as described. Just remember that the
        security is no better than the way you obtained the certificate.
 
-     (Thanks to Doug Kaufman for this description)
-
  4. If you're using the curl command line tool, you can specify your own CA
     cert path by setting the environment variable CURL_CA_BUNDLE to the path
     of your choice.
@@ -80,8 +78,9 @@ server, do one of the following:
       5. all directories along %PATH%
 
  5. Get a better/different/newer CA cert bundle! One option is to extract the
-    one a recent Mozilla browser uses, by following the instruction found
-    here:
+    one a recent Mozilla browser uses by running 'make ca-bundle' in the curl
+    build tree root, or possibly download a version that was generated this
+    way for you:
 
         http://curl.haxx.se/docs/caextract.html
 

docs/THANKS

@@ -12,6 +12,8 @@ Albert Chin-A-Young
 Albert Choy
 Ale Vesely
 Aleksandar Milivojevic
+Alessandro Vesely
+Alex Fishman
 Alex Neblett
 Alex Suykov
 Alex aka WindEagle
@@ -19,6 +21,7 @@ Alexander Kourakos
 Alexander Krasnostavsky
 Alexander Lazic
 Alexander Zhuravlev
+Alexey Pesternikov
 Alexey Simak
 Alexis Carvalho
 Allen Pulsifer
@@ -36,6 +39,7 @@ Andrew Biggs
 Andrew Bushnell
 Andrew Francis
 Andrew Fuller
+Andrew Moise
 Andrew Wansink
 Andr<EFBFBD>s Garc<72>a
 Andy Cedilnik
@@ -103,6 +107,7 @@ Dan Torop
 Dan Zitter
 Daniel Black
 Daniel Cater
+Daniel Egger
 Daniel Johnson
 Daniel Stenberg
 Daniel at touchtunes
@@ -128,6 +133,7 @@ David Phillips
 David Shaw
 David Tarendash
 David Thiel
+David Wright
 David Yan
 Detlef Schmier
 Diego Casorran
@@ -138,6 +144,7 @@ Dirk Eddelbuettel
 Dirk Manske
 Dmitriy Sergeyev
 Dmitry Bartsevich
+Dmitry Kurochkin
 Dmitry Rechkin
 Dolbneff A.V
 Domenico Andreoli
@@ -155,10 +162,12 @@ Dylan Salisbury
 Early Ehlinger
 Edin Kadribasic
 Ellis Pritchard
+Emil Romanus
 Emiliano Ida
 Enrico Scholz
 Enrik Berkhan
 Eric Cooper
+Eric Landes
 Eric Lavigne
 Eric Melville
 Eric Rautman
@@ -183,11 +192,13 @@ Frank Ticheler
 Fred New
 Fred Noz
 Frederic Lepied
+Gary Maxwell
 Gautam Mani
 Gavrie Philipson
 Gaz Iqbal
 Georg Horn
 Georg Huettenegger
+Georg Lippitsch
 Georg Wicherski
 Gerd v. Egidy
 Gerhard Herre
@@ -196,6 +207,7 @@ Giancarlo Formicuccia
 Giaslas Georgios
 Gilad
 Gilbert Ramirez Jr.
+Gilles Blanc
 Gisle Vanem
 Giuseppe Attardi
 Giuseppe D'Ambrosio
@@ -226,9 +238,11 @@ Ian Gulliver
 Ian Turner
 Ian Wilkes
 Ignacio Vazquez-Abrams
+Igor Franchuk
 Igor Polyakov
 Ilguiz Latypov
 Ilja van Sprundel
+Immanuel Gregoire
 Ingmar Runge
 Ingo Ralf Blum
 Ingo Wilken
@@ -256,6 +270,7 @@ Jean-Claude Chauve
 Jean-Louis Lemaire
 Jean-Marc Ranger
 Jean-Philippe Barrette-LaPierre
+Jeff Johnson
 Jeff Lawson
 Jeff Phillips
 Jeff Pohlmeyer
@@ -265,6 +280,7 @@ Jesper Jensen
 Jesse Noller
 Jim Drash
 Joe Halpin
+Joe Malicki
 Joel Chen
 Jofell Gallardo
 Johan Anderson
@@ -274,6 +290,7 @@ John Janssen
 John Kelly
 John Lask
 John McGowan
+Johnny Luong
 Jon Grubbs
 Jon Travis
 Jon Turner
@@ -285,6 +302,7 @@ Jose Kahan
 Josh Kapell
 Juan F. Codagnone
 Juan Ignacio Herv<72>s
+Judson Bishop
 Juergen Wilke
 Jukka Pihl
 Julian Noble
@@ -307,7 +325,9 @@ Ken Rastatter
 Kent Boortz
 Kevin Fisk
 Kevin Lussier
+Kevin Reed
 Kevin Roth
+Kim Rinnewitz
 Kimmo Kinnunen
 Kjell Ericson
 Kjetil Jacobsen
@@ -324,6 +344,7 @@ Lars Gustafsson
 Lars J. Aas
 Lars Nilsson
 Lars Torben Wilson
+Lau Hang Kin
 Legoff Vincent
 Lehel Bernadt
 Len Krause
@@ -348,6 +369,7 @@ Marco G. Salvagno
 Marcus Webster
 Mario Schroeder
 Mark Butler
+Mark Davies
 Mark Eichin
 Mark Lentczner
 Markus Koetter
@@ -360,6 +382,7 @@ Martin Skinner
 Marty Kuhrt
 Maruko
 Massimiliano Ziccardi
+Mateusz Loskot
 Mathias Axelsson
 Mats Lidell
 Matt Kraai
@@ -368,6 +391,8 @@ Matt Witherspoon
 Matthew Blain
 Matthew Clarke
 Maurice Barnum
+Max Katsev
+Maxim Perenesenko
 Mekonikum
 Mettgut Jamalla
 Michael Benedict
@@ -389,6 +414,7 @@ Mitz Wark
 Mohamed Lrhazi
 Mohun Biswas
 Moonesamy
+Nathan Coulter
 Nathan O'Sullivan
 Nathanael Nerode
 Naveen Noel
@@ -404,6 +430,7 @@ Nicolas Croiset
 Nicolas Fran<61>ois
 Niels van Tongeren
 Nikita Schmidt
+Nikitinskit Dmitriy
 Nir Soffer
 Nis Jorgensen
 Nodak Sodak
@@ -440,6 +467,7 @@ Peter Wullinger
 Peteris Krumins
 Phil Karn
 Philip Gladstone
+Philip Langdale
 Philippe Hameau
 Philippe Raoult
 Philippe Vaucher
@@ -453,6 +481,7 @@ Ralph Mitchell
 Ramana Mokkapati
 Randy McMurchy
 Ravi Pratap
+Ray Pekowski
 Reinout van Schouwen
 Renaud Chaillat
 Renaud Duhaut
@@ -479,6 +508,7 @@ Robert Foreman
 Robert Iakobashvili
 Robert Olson
 Robert Weaver
+Robin Johnson
 Robin Kay
 Robson Braga Araujo
 Rodney Simmons
@@ -514,6 +544,7 @@ Simon Josefsson
 Simon Liu
 Song Ma
 Sonia Subramanian
+Spacen Jasset
 Spiridonoff A.V
 Stadler Stephan
 Stefan Esser
@@ -571,10 +602,12 @@ Ulf H
 Ulrich Zadow
 Venkat Akella
 Victor Snezhko
+Vikram Saxena
 Vilmos Nebehaj
 Vincent Bronner
 Vincent Penquerc'h
 Vincent Sanders
+Vladimir Lazarenko
 Vojtech Janota
 Vojtech Minarik
 Walter J. Mack

docs/TODO

@@ -4,257 +4,445 @@
                             | (__| |_| |  _ <| |___ 
                              \___|\___/|_| \_\_____|
 
-TODO
+                Things that could be nice to do in the future
 
  Things to do in project cURL. Please tell us what you think, contribute and
- send us patches that improve things! Also check the http://curl.haxx.se/dev
- web section for various technical development notes.
+ send us patches that improve things!
 
  All bugs documented in the KNOWN_BUGS document are subject for fixing!
 
- LIBCURL
+ 1. libcurl
+ 1.1 Zero-copy interface
+ 1.2 More data sharing
+ 1.3 struct lifreq
+ 1.4 Get IP address
+ 1.5 c-ares ipv6
+ 1.6 configure-based info in public headers
 
- * Introduce another callback interface for upload/download that makes one
-   less copy of data and thus a faster operation.
+ 2. libcurl - multi interface
+ 2.1 More non-blocking
+ 2.2 Pause transfers
+ 2.3 Remove easy interface internally
+ 2.4 Avoid having to remove/readd handles
+
+ 3. Documentation
+ 3.1  More and better
+
+ 4. FTP
+ 4.1 PRET
+ 4.2 Alter passive/active on failure and retry
+ 4.3 Earlier bad letter detection
+ 4.4 REST for large files
+ 4.5 FTP proxy support
+ 4.6 PORT port range
+ 4.7 ASCII support
+
+ 5. HTTP
+ 5.1 Other HTTP versions with CONNECT
+ 5.2 Better persistancy for HTTP 1.0
+ 5.3 support FF3 sqlite cookie files
+
+ 6. TELNET
+ 6.1 ditch stdin
+ 6.2 ditch telnet-specific select
+
+ 7. SSL
+ 7.1 Disable specific versions
+ 7.2 Provide mytex locking API
+ 7.3 dumpcert
+ 7.4 Evaluate SSL patches
+ 7.5 Cache OpenSSL contexts
+ 7.6 Export session ids
+ 7.7 Provide callback for cert verfication
+ 7.8 Support other SSL libraries
+ 7.9  Support SRP on the TLS layer
+ 7.10 improve configure --with-ssl
+
+ 8. GnuTLS
+ 8.1 Make NTLM work without OpenSSL functions
+ 8.2 SSl engine stuff
+ 8.3 SRP
+ 8.4 non-blocking
+ 8.5 check connection
+
+ 9. LDAP
+ 9.1 ditch ldap-specific select
+
+ 10. New protocols
+ 10.1 RTSP
+ 10.2 RSYNC
+ 10.3 RTMP
+
+ 11. Client
+ 11.1 Content-Disposition
+ 11.2 sync
+ 11.3 glob posts
+ 11.4 prevent file overwriting
+ 11.5 ftp wildcard download
+ 11.6 simultaneous parallel transfers
+ 11.7 provide formpost headers
+ 11.8 url-specific options
+
+ 12. Build
+ 12.1 roffit
+
+ 13. Test suite
+ 13.1 SSL tunnel
+ 13.2 nicer lacking perl message
+ 13.3 more protocols supported
+ 13.4 more platforms supported
+
+ 14. Next SONAME bump
+ 14.1 http-style HEAD output for ftp
+ 14.2 combine error codes
+ 14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
+
+ 15. Next major release
+ 15.1 cleanup return codes
+ 15.2 remove obsolete defines
+ 15.3 size_t
+ 15.4 remove several functions
+ 15.5 remove CURLOPT_FAILONERROR
+ 15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+
+==============================================================================
+
+1. libcurl
+
+1.1 Zero-copy interface
+
+ Introdue another callback interface for upload/download that makes one less
+ copy of data and thus a faster operation.
  [http://curl.haxx.se/dev/no_copy_callbacks.txt]
 
- * More data sharing. curl_share_* functions already exist and work, and they
-   can be extended to share more. For example, enable sharing of the ares
-   channel and the connection cache.
+1.2 More data sharing
 
- * Introduce a new error code indicating authentication problems (for proxy
-   CONNECT error 407 for example). This cannot be an error code, we must not
-   return informational stuff as errors, consider a new info returned by
-   curl_easy_getinfo() http://curl.haxx.se/bug/view.cgi?id=845941
+ curl_share_* functions already exist and work, and they can be extended to
+ share more. For example, enable sharing of the ares channel and the
+ connection cache.
 
- * Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
+1.3 struct lifreq
+
+ Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
  SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
-   To support ipv6 interface addresses properly.
+ To support ipv6 interface addresses for network interfaces properly.
 
- * Add the following to curl_easy_getinfo(): GET_HTTP_IP, GET_FTP_IP and
-   GET_FTP_DATA_IP. Return a string with the used IP. Suggested by Alan.
+1.4 Get IP address
 
- * Add option that changes the interval in which the progress callback is
-   called at most.
+ Add the following to curl_easy_getinfo(): GET_HTTP_IP, GET_FTP_IP and
+ GET_FTP_DATA_IP. Return a string with the used IP.
 
- * Make libcurl built with c-ares use c-ares' IPv6 abilities. They weren't
+1.5 c-ares ipv6
+
+ Make libcurl built with c-ares use c-ares' IPv6 abilities. They weren't
  present when we first added c-ares support but they have been added since!
  When this is done and works, we can actually start considering making c-ares
  powered libcurl the default build (which of course would require that we'd
  bundle the c-ares source code in the libcurl source code releases).
 
- * Make the curl/*.h headers include the proper system includes based on what
-   was present at the time when configure was run. Currently, the sys/select.h
-   header is for example included by curl/multi.h only on specific platforms
-   we know MUST have it. This is error-prone. We therefore want the header
-   files to adapt to configure results. Those results must be stored in a new
-   header and they must use a curl name space, i.e not be HAVE_* prefix (as
-   that would risk collide with other apps that use libcurl and that runs
-   configure).
+1.6 configure-based info in public headers
 
-   Work on this has been started but hasn't been finished, and the initial
-   patch and some details are found here:
+ Make the public headers include the proper system includes based on what was
+ present at the time when configure was run. Currently, the sys/select.h
+ header is for example included by curl/multi.h only on specific platforms we
+ know MUST have it. This is error-prone. We therefore want the header files to
+ adapt to configure results. Those results must be stored in a new header and
+ they must use a curl name space, i.e not be HAVE_* prefix (as that would risk
+ collide with other apps that use libcurl and that runs configure).
+
+ Work on this has been started but hasn't been finished, and the initial patch
+ and some details are found here:
  http://curl.haxx.se/mail/lib-2006-12/0084.html
 
- LIBCURL - multi interface
+ The remaining problems to solve involve the platforms that can't run
+ configure.
 
- * Make sure we don't ever loop because of non-blocking sockets return
+2. libcurl - multi interface
+
+2.1 More non-blocking
+
+ Make sure we don't ever loop because of non-blocking sockets return
  EWOULDBLOCK or similar. The GnuTLS connection etc.
 
- * Make transfers treated more carefully. We need a way to tell libcurl we
-   have data to write, as the current system expects us to upload data each
-   time the socket is writable and there is no way to say that we want to
-   upload data soon just not right now, without that aborting the upload. The
-   opposite situation should be possible as well, that we tell libcurl we're
-   ready to accept read data. Today libcurl feeds the data as soon as it is
-   available for reading, no matter what.
+2.2 Pause transfers
 
- * Make curl_easy_perform() a wrapper-function that simply creates a multi
+ Make transfers treated more carefully. We need a way to tell libcurl we have
+ data to write, as the current system expects us to upload data each time the
+ socket is writable and there is no way to say that we want to upload data
+ soon just not right now, without that aborting the upload. The opposite
+ situation should be possible as well, that we tell libcurl we're ready to
+ accept read data. Today libcurl feeds the data as soon as it is available for
+ reading, no matter what.
+
+2.3 Remove easy interface internally
+
+ Make curl_easy_perform() a wrapper-function that simply creates a multi
  handle, adds the easy handle to it, runs curl_multi_perform() until the
  transfer is done, then detach the easy handle, destroy the multi handle and
  return the easy handle's return code. This will thus make everything
  internally use and assume the multi interface. The select()-loop should use
  curl_multi_socket().
 
- * curl_multi_handle_control() - this can control the easy handle (while)
-   added to a multi handle in various ways:
+2.4 Avoid having to remove/readd handles
+
+ curl_multi_handle_control() - this can control the easy handle (while) added
+ to a multi handle in various ways:
+
  o RESTART, unconditionally restart this easy handle's transfer from the
    start, re-init the state
+
  o RESTART_COMPLETED, restart this easy handle's transfer but only if the
    existing transfer has already completed and it is in a "finished state".
+
  o STOP, just stop this transfer and consider it completed
+
  o PAUSE?
+
  o RESUME?
 
- DOCUMENTATION
+3. Documentation
 
- * More and better
+3.1  More and better
 
- FTP
+ Exactly
 
- * PRET is a command that primarily "drftpd" supports, which could be useful
+4. FTP
+
+4.1 PRET
+
+ PRET is a command that primarily "drftpd" supports, which could be useful
  when using libcurl against such a server. It is a non-standard and a rather
  oddly designed command, but...
  http://curl.haxx.se/bug/feature.cgi?id=1729967
 
- * When trying to connect passively to a server which only supports active
+4.2 Alter passive/active on failure and retry
+
+ When trying to connect passively to a server which only supports active
  connections, libcurl returns CURLE_FTP_WEIRD_PASV_REPLY and closes the
  connection. There could be a way to fallback to an active connection (and
  vice versa). http://curl.haxx.se/bug/feature.cgi?id=1754793
 
- * Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in
-   the process to avoid doing a resolve and connect in vain.
+4.3 Earlier bad letter detection
 
- * REST fix for servers not behaving well on >2GB requests. This should fail
-   if the server doesn't set the pointer to the requested index. The tricky
-   (impossible?) part is to figure out if the server did the right thing or
-   not.
+ Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in the
+ process to avoid doing a resolve and connect in vain.
 
- * Support the most common FTP proxies, Philip Newton provided a list
-   allegedly from ncftp:
-   http://curl.haxx.se/mail/archive-2003-04/0126.html
+4.4 REST for large files
 
- * Make CURLOPT_FTPPORT support an additional port number on the IP/if/name,
+ REST fix for servers not behaving well on >2GB requests. This should fail if
+ the server doesn't set the pointer to the requested index. The tricky
+ (impossible?) part is to figure out if the server did the right thing or not.
+
+4.5 FTP proxy support
+
+ Support the most common FTP proxies, Philip Newton provided a list allegedly
+ from ncftp. This is not a subject without debate, and is probably not really
+ suitable for libcurl.  http://curl.haxx.se/mail/archive-2003-04/0126.html
+
+4.6 PORT port range
+
+ Make CURLOPT_FTPPORT support an additional port number on the IP/if/name,
  like "blabla:[port]" or possibly even "blabla:[portfirst]-[portsecond]".
  http://curl.haxx.se/bug/feature.cgi?id=1505166
 
- * FTP ASCII transfers do not follow RFC959. They don't convert the data
+4.7 ASCII support
+
+ FTP ASCII transfers do not follow RFC959. They don't convert the data
  accordingly.
 
- * Since USERPWD always override the user and password specified in URLs, we
-   might need another way to specify user+password for anonymous ftp logins.
+5. HTTP
 
- * The FTP code should get a way of returning errors that is known to still
-   have the control connection alive and sound. Currently, a returned error
-   from within ftp-functions does not tell if the control connection is still
-   OK to use or not. This causes libcurl to fail to re-use connections
-   slightly too often.
+5.1 Other HTTP versions with CONNECT
 
- HTTP
+ When doing CONNECT to a HTTP proxy, libcurl always uses HTTP/1.0. This has
+ never been reported as causing trouble to anyone, but should be considered to
+ use the HTTP version the user has chosen.
 
- * When doing CONNECT to a HTTP proxy, libcurl always uses HTTP/1.0. This has
-   never been reported as causing trouble to anyone, but should be considered
-   to use the HTTP version the user has chosen.
+5.2 Better persistancy for HTTP 1.0
 
- * "Better" support for persistent connections over HTTP 1.0
+ "Better" support for persistent connections over HTTP 1.0
  http://curl.haxx.se/bug/feature.cgi?id=1089001
 
- TELNET
+5.3 support FF3 sqlite cookie files
 
- * Reading input (to send to the remote server) on stdin is a crappy solution
-   for library purposes. We need to invent a good way for the application to
-   be able to provide the data to send.
+ Firefox 3 is changing from its former format to a a sqlite database instead.
+ We should consider how (lib)curl can/should support this.
+ http://curl.haxx.se/bug/feature.cgi?id=1871388
 
- * Move the telnet support's network select() loop go away and merge the code
+6. TELNET
+
+6.1 ditch stdin
+
+Reading input (to send to the remote server) on stdin is a crappy solution for
+library purposes. We need to invent a good way for the application to be able
+to provide the data to send.
+
+6.2 ditch telnet-specific select
+
+ Move the telnet support's network select() loop go away and merge the code
  into the main transfer loop. Until this is done, the multi interface won't
  work for telnet.
 
- SSL
+7. SSL
 
- * Provide an option that allows for disabling specific SSL versions, such as
+7.1 Disable specific versions
+
+ Provide an option that allows for disabling specific SSL versions, such as
  SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276
 
- * Provide a libcurl API for setting mutex callbacks in the underlying SSL
+7.2 Provide mytex locking API
+
+ Provide a libcurl API for setting mutex callbacks in the underlying SSL
  library, so that the same application code can use mutex-locking
  independently of OpenSSL or GnutTLS being used.
 
- * Anton Fedorov's "dumpcert" patch:
+7.3 dumpcert
+
+ Anton Fedorov's "dumpcert" patch:
  http://curl.haxx.se/mail/lib-2004-03/0088.html
 
- * Evaluate/apply Gertjan van Wingerde's SSL patches:
+7.4 Evaluate SSL patches
+
+ Evaluate/apply Gertjan van Wingerde's SSL patches:
  http://curl.haxx.se/mail/lib-2004-03/0087.html
 
- * "Look at SSL cafile - quick traces look to me like these are done on every
-   request as well, when they should only be necessary once per ssl context
-   (or once per handle)". The major improvement we can rather easily do is to
-   make sure we don't create and kill a new SSL "context" for every request,
-   but instead make one for every connection and re-use that SSL context in
-   the same style connections are re-used. It will make us use slightly more
-   memory but it will libcurl do less creations and deletions of SSL contexts.
+7.5 Cache OpenSSL contexts
 
- * Add an interface to libcurl that enables "session IDs" to get
+ "Look at SSL cafile - quick traces look to me like these are done on every
+ request as well, when they should only be necessary once per ssl context (or
+ once per handle)". The major improvement we can rather easily do is to make
+ sure we don't create and kill a new SSL "context" for every request, but
+ instead make one for every connection and re-use that SSL context in the same
+ style connections are re-used. It will make us use slightly more memory but
+ it will libcurl do less creations and deletions of SSL contexts.
+
+7.6 Export session ids
+
+ Add an interface to libcurl that enables "session IDs" to get
  exported/imported. Cris Bailiff said: "OpenSSL has functions which can
-   serialise the current SSL state to a buffer of your choice, and
-   recover/reset the state from such a buffer at a later date - this is used
-   by mod_ssl for apache to implement and SSL session ID cache".
+ serialise the current SSL state to a buffer of your choice, and recover/reset
+ the state from such a buffer at a later date - this is used by mod_ssl for
+ apache to implement and SSL session ID cache".
 
- * OpenSSL supports a callback for customised verification of the peer
+7.7 Provide callback for cert verfication
+
+ OpenSSL supports a callback for customised verification of the peer
  certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
-   it be? There's so much that could be done if it were! (brought by Chris
-   Clark)
+ it be? There's so much that could be done if it were!
 
- * Make curl's SSL layer capable of using other free SSL libraries.  Such as
+7.8 Support other SSL libraries
+
+ Make curl's SSL layer capable of using other free SSL libraries.  Such as
  MatrixSSL (http://www.matrixssl.org/).
 
- * Peter Sylvester's patch for SRP on the TLS layer.
-   Awaits OpenSSL support for this, no need to support this in libcurl before
-   there's an OpenSSL release that does it.
+7.9  Support SRP on the TLS layer
 
- * make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
+ Peter Sylvester's patch for SRP on the TLS layer.  Awaits OpenSSL support for
+ this, no need to support this in libcurl before there's an OpenSSL release
+ that does it.
+
+7.10 improve configure --with-ssl
+
+ make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
  then NSS...
 
- GnuTLS
+8. GnuTLS
 
- * Get NTLM working using the functions provided by libgcrypt, since GnuTLS
+8.1 Make NTLM work without OpenSSL functions
+
+ Get NTLM working using the functions provided by libgcrypt, since GnuTLS
  already depends on that to function. Not strictly SSL/TLS related, but
  hey... Another option is to get available DES and MD4 source code from the
  cryptopp library. They are fine license-wise, but are C++.
 
- * SSL engine stuff?
+8.2 SSl engine stuff
 
- * Work out a common method with Peter Sylvester's OpenSSL-patch for SRP
-   on the TLS to provide name and password
+ Is this even possible?
 
- * Fix the connection phase to be non-blocking when multi interface is used
+8.3 SRP
 
- * Add a way to check if the connection seems to be alive, to correspond to
-   the SSL_peak() way we use with OpenSSL.
+ Work out a common method with Peter Sylvester's OpenSSL-patch for SRP on the
+ TLS to provide name and password. GnuTLS already supports it...
 
- LDAP
+8.4 non-blocking
+
+ Fix the connection phase to be non-blocking when multi interface is used
+
+8.5 check connection
+
+ Add a way to check if the connection seems to be alive, to correspond to the
+ SSL_peak() way we use with OpenSSL.
+
+9. LDAP
+
+9.1 ditch ldap-specific select
 
  * Look over the implementation. The looping will have to "go away" from the
    lib/ldap.c source file and get moved to the main network code so that the
    multi interface and friends will work for LDAP as well.
 
- NEW PROTOCOLS
+10. New protocols
 
- * RTSP - RFC2326 (protocol - very HTTP-like, also contains URL description)
+10.1 RTSP
 
- * RSYNC (no RFCs for protocol nor URI/URL format).  An implementation should
+ RFC2326 (protocol - very HTTP-like, also contains URL description)
+
+10.2 RSYNC
+
+ There's no RFC for protocol nor URI/URL format.  An implementation should
  most probably use an existing rsync library, such as librsync.
 
- CLIENT
+10.3 RTMP
 
- * Add option that is similar to -O but that takes the output file name from
-   the Content-Disposition: header, and/or uses the local file name used in
+ There exists a patch that claims to introduce this protocol:
+ http://osdir.com/ml/gnu.gnash.devel2/2006-11/msg00278.html, further details
+ in the feature-request: http://curl.haxx.se/bug/feature.cgi?id=1843469
+
+11. Client
+
+11.1 Content-Disposition
+
+ Add option that is similar to -O but that takes the output file name from the
+ Content-Disposition: header, and/or uses the local file name used in
  redirections for the cases the server bounces the request further to a
  different file (name): http://curl.haxx.se/bug/feature.cgi?id=1364676
 
- * "curl --sync http://example.com/feed[1-100].rss" or
+11.2 sync
+
+ "curl --sync http://example.com/feed[1-100].rss" or
  "curl --sync http://example.net/{index,calendar,history}.html"
 
  Downloads a range or set of URLs using the remote name, but only if the
  remote file is newer than the local file. A Last-Modified HTTP date header
  should also be used to set the mod date on the downloaded file.
-   (idea from "Brianiac")
 
- * Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
-   Requested by Dane Jensen and others. This is easily scripted though.
+11.3 glob posts
 
- * Add an option that prevents cURL from overwriting existing local files. When
+ Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
+ This is easily scripted though.
+
+11.4 prevent file overwriting
+
+ Add an option that prevents cURL from overwriting existing local files. When
  used, and there already is an existing file with the target file name
  (either -O or -o), a number should be appended (and increased if already
  existing). So that index.html becomes first index.html.1 and then
-   index.html.2 etc. Jeff Pohlmeyer suggested.
+ index.html.2 etc.
 
- * "curl ftp://site.com/*.txt"
+11.5 ftp wildcard download
 
- * The client could be told to use maximum N simultaneous parallel transfers
-   and then just make sure that happens. It should of course not make more
-   than one connection to the same remote host. This would require the client
-   to use the multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
+ "curl ftp://site.com/*.txt"
 
- * Extending the capabilities of the multipart formposting. How about leaving
+11.6 simultaneous parallel transfers
+
+ The client could be told to use maximum N simultaneous parallel transfers and
+ then just make sure that happens. It should of course not make more than one
+ connection to the same remote host. This would require the client to use the
+ multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
+
+11.7 provide formpost headers
+
+ Extending the capabilities of the multipart formposting. How about leaving
  the ';type=foo' syntax as it is and adding an extra tag (headers) which
  works like this: curl -F "coolfiles=@fil1.txt;headers=@fil1.hdr" where
  fil1.hdr contains extra headers like
@@ -264,17 +452,11 @@ TODO
    X-User-Comment: Please don't use browser specific HTML code
 
  which should overwrite the program reasonable defaults (plain/text,
-   8bit...) (Idea brough to us by kromJx)
+ 8bit...)
 
- * ability to specify the classic computing suffixes on the range
-   specifications. For example, to download the first 500 Kilobytes of a file,
-   be able to specify the following for the -r option: "-r 0-500K" or for the
-   first 2 Megabytes of a file: "-r 0-2M". (Mark Smith suggested)
+11.8 url-specific options
 
- * --data-encode that URL encodes the data before posting
-   http://curl.haxx.se/mail/archive-2003-11/0091.html (Kevin Roth suggested)
-
- * Provide a way to make options bound to a specific URL among several on the
+ Provide a way to make options bound to a specific URL among several on the
  command line. Possibly by letting ':' separate options between URLs,
  similar to this:
 
@@ -286,32 +468,46 @@ TODO
 
  The example would do a POST-GET-POST combination on a single command line.
 
- BUILD
+12. Build
 
- * Consider extending 'roffit' to produce decent ASCII output, and use that
+12.1 roffit
+
+ Consider extending 'roffit' to produce decent ASCII output, and use that
  instead of (g)nroff when building src/hugehelp.c
 
- TEST SUITE
+13. Test suite
 
- * Make our own version of stunnel for simple port forwarding to enable HTTPS
+13.1 SSL tunnel
+
+ Make our own version of stunnel for simple port forwarding to enable HTTPS
  and FTP-SSL tests without the stunnel dependency, and it could allow us to
  provide test tools built with either OpenSSL or GnuTLS
 
- * If perl wasn't found by the configure script, don't attempt to run the
-   tests but explain something nice why it doesn't.
+13.2 nicer lacking perl message
 
- * Extend the test suite to include more protocols. The telnet could just do
-   ftp or http operations (for which we have test servers).
+ If perl wasn't found by the configure script, don't attempt to run the tests
+ but explain something nice why it doesn't.
 
- * Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
+13.3 more protocols supported
+
+ Extend the test suite to include more protocols. The telnet could just do ftp
+ or http operations (for which we have test servers).
+
+13.4 more platforms supported
+
+ Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
  fork()s and it should become even more portable.
 
- NEXT soname bump
+14. Next SONAME bump
 
- * #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
+14.1 http-style HEAD output for ftp
+
+ #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
  from being output in NOBODY requests over ftp
 
- * Combine some of the error codes to remove duplicates.  The original
+14.2 combine error codes
+
+ Combine some of the error codes to remove duplicates.  The original
  numbering should not be changed, and the old identifiers would be
  macroed to the new ones in an CURL_NO_OLDIES section to help with
  backward compatibility.
@@ -327,23 +523,50 @@ TODO
     CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND
     CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED
 
- NEXT MAJOR RELEASE
+14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
 
- * curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
+ The current prototype only provides 'purpose' that tells what the
+ connection/socket is for, but not any protocol or similar. It makes it hard
+ for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
+ similar.
+
+15. Next major release
+
+15.1 cleanup return codes
+
+ curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
  CURLMcode. These should be changed to be the same.
 
- * remove obsolete defines from curl/curl.h
+15.2 remove obsolete defines
 
- * make several functions use size_t instead of int in their APIs
+ remove obsolete defines from curl/curl.h
+
+15.3 size_t
+
+ make several functions use size_t instead of int in their APIs
+
+15.4 remove several functions
+
+ remove the following functions from the public API:
 
- * remove the following functions from the public API:
  curl_getenv
+
  curl_mprintf (and variations)
+
  curl_strequal
+
  curl_strnequal
 
  They will instead become curlx_ - alternatives. That makes the curl app
  still capable of building with them from source.
 
- * Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
+15.5 remove CURLOPT_FAILONERROR
+
+ Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
  internally. Let the app judge success or not for itself.
+
+15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+
+ Remove support for a global DNS cache. Anything global is silly, and we
+ already offer the share interface for the same functionality but done
+ "right".

docs/curl.1

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH curl 1 "21 Sep 2007" "Curl 7.17.1" "Curl Manual"
+.TH curl 1 "5 Jan 2008" "Curl 7.18.0" "Curl Manual"
 .SH NAME
 curl \- transfer a URL
 .SH SYNOPSIS
@@ -82,7 +82,7 @@ specified on a single command line and cannot be used between separate curl
 invokes.
 .SH "PROGRESS METER"
 curl normally displays a progress meter during operations, indicating amount
-of transfered data, transfer speeds and estimated time left etc.
+of transferred data, transfer speeds and estimated time left etc.
 
 However, since curl displays data to the terminal by default, if you invoke
 curl to do an operation and it is about to write data to the terminal, it
@@ -115,10 +115,10 @@ used.
 .IP "--anyauth"
 (HTTP) Tells curl to figure out authentication method by itself, and use the
 most secure one the remote site claims it supports. This is done by first
-doing a request and checking the response-headers, thus inducing an extra
-network round-trip. This is used instead of setting a specific authentication
-method, which you can do with \fI--basic\fP, \fI--digest\fP, \fI--ntlm\fP, and
-\fI--negotiate\fP.
+doing a request and checking the response-headers, thus possibly inducing an
+extra network round-trip. This is used instead of setting a specific
+authentication method, which you can do with \fI--basic\fP, \fI--digest\fP,
+\fI--ntlm\fP, and \fI--negotiate\fP.
 
 Note that using --anyauth is not recommended if you do uploads from stdin,
 since it may require data to be sent twice and then the client must be able to
@@ -224,43 +224,63 @@ To create remote directories when using FTP or SFTP, try
 If this option is used several times, the following occurrences make no
 difference.
 .IP "-d/--data <data>"
-(HTTP) Sends the specified data in a POST request to the HTTP server, in a way
-that can emulate as if a user has filled in a HTML form and pressed the submit
-button. Note that the data is sent exactly as specified with no extra
-processing (with all newlines cut off).  The data is expected to be
-\&"url-encoded". This will cause curl to pass the data to the server using the
-content-type application/x-www-form-urlencoded. Compare to \fI-F/--form\fP. If
-this option is used more than once on the same command line, the data pieces
-specified will be merged together with a separating &-letter. Thus, using '-d
-name=daniel -d skill=lousy' would generate a post chunk that looks like
-\&'name=daniel&skill=lousy'.
+(HTTP) Sends the specified data in a POST request to the HTTP server, in the
+same way that a browser does when a user has filled in an HTML form and
+presses the submit button. This will cause curl to pass the data to the server
+using the content-type application/x-www-form-urlencoded.  Compare to
+\fI-F/--form\fP.
+
+\fI-d/--data\fP is the same as \fI--data-ascii\fP. To post data purely binary,
+you should instead use the \fI--data-binary\fP option. To URL encode the value
+of a form field you may use \fI--data-urlencode\fP.
+
+If any of these options is used more than once on the same command line, the
+data pieces specified will be merged together with a separating
+&-letter. Thus, using '-d name=daniel -d skill=lousy' would generate a post
+chunk that looks like \&'name=daniel&skill=lousy'.
 
 If you start the data with the letter @, the rest should be a file name to
 read the data from, or - if you want curl to read the data from stdin.  The
 contents of the file must already be url-encoded. Multiple files can also be
 specified. Posting data from a file named 'foobar' would thus be done with
-\fI--data\fP @foobar".
-
-To post data purely binary, you should instead use the \fI--data-binary\fP
-option.
-
-\fI-d/--data\fP is the same as \fI--data-ascii\fP.
-
-If this option is used several times, the ones following the first will
-append data.
-.IP "--data-ascii <data>"
-(HTTP) This is an alias for the \fI-d/--data\fP option.
-
-If this option is used several times, the ones following the first will
-append data.
+\fI--data @foobar\fP.
 .IP "--data-binary <data>"
-(HTTP) This posts data in a similar manner as \fI--data-ascii\fP does,
-although when using this option the entire context of the posted data is kept
-as-is. If you want to post a binary file without the strip-newlines feature of
-the \fI--data-ascii\fP option, this is for you.
+(HTTP) This posts data exactly as specified with no extra processing
+whatsoever.
 
-If this option is used several times, the ones following the first will
-append data.
+If you start the data with the letter @, the rest should be a filename.  Data
+is posted in a similar manner as \fI--data-ascii\fP does, except that newlines
+are preserved and conversions are never done.
+
+If this option is used several times, the ones following the first will append
+data. As described in \fI-d/--data\fP.
+.IP "--data-urlencode <data>"
+(HTTP) This posts data, similar to the other --data options with the exception
+that this performs URL encoding. (Added in 7.18.0)
+
+To be CGI compliant, the <data> part should begin with a \fIname\fP followed
+by a separator and a content specification. The <data> part can be passed to
+curl using one of the following syntaxes:
+.RS
+.IP "content"
+This will make curl URL encode the content and pass that on. Just be careful
+so that the content doesn't contain any = or @ letters, as that will then make
+the syntax match one of the other cases below!
+.IP "=content"
+This will make curl URL encode the content and pass that on. The preceding =
+letter is not included in the data.
+.IP "name=content"
+This will make curl URL encode the content part and pass that on. Note that
+the name part is expected to be URL encoded already.
+.IP "@filename"
+This will make curl load data from the given file (including any newlines),
+URL encode that data and pass it on in the POST.
+.IP "name@filename"
+This will make curl load data from the given file (including any newlines),
+URL encode that data and pass it on in the POST. The name part gets an equal
+sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
+name is expected to be URL encoded already.
+.RE
 .IP "--digest"
 (HTTP) Enables HTTP Digest authentication. This is a authentication that
 prevents the password from being sent over the wire in clear text. Use this in
@@ -341,9 +361,10 @@ DER and ENG are recognized types.  If not specified, PEM is assumed.
 
 If this option is used several times, the last one will be used.
 .IP "--cacert <CA certificate>"
-(SSL) Tells curl to use the specified certificate file to verify the
-peer. The file may contain multiple CA certificates. The certificate(s) must
-be in PEM format.
+(SSL) Tells curl to use the specified certificate file to verify the peer. The
+file may contain multiple CA certificates. The certificate(s) must be in PEM
+format. Normally curl is built to use a default file for this, so this option
+is typically used to alter that default file.
 
 curl recognizes the environment variable named 'CURL_CA_BUNDLE' if that is
 set, and uses the given path as a path to a CA cert bundle. This option
@@ -388,9 +409,10 @@ has been provided, this data is sent off using the ACCT command. (Added in
 
 If this option is used twice, the second will override the previous use.
 .IP "--ftp-create-dirs"
-(FTP) When an FTP or SFTP URL/operation uses a path that doesn't currently exist on
-the server, the standard behavior of curl is to fail. Using this option, curl
-will instead attempt to create missing directories.
+(FTP/SFTP) When an FTP or SFTP URL/operation uses a path that doesn't
+currently exist on the server, the standard behavior of curl is to
+fail. Using this option, curl will instead attempt to create missing
+directories.
 
 If this option is used twice, the second will again disable directory creation.
 .IP "--ftp-method [method]"
@@ -546,7 +568,7 @@ See also the \fI-A/--user-agent\fP and \fI-e/--referer\fP options.
 This option can be used multiple times to add/replace/remove multiple headers.
 .IP "--hostpubmd5"
 Pass a string containing 32 hexadecimal digits. The string should be the 128
-bit MD5 cheksum of the remote host's public key, curl will refuse the
+bit MD5 checksum of the remote host's public key, curl will refuse the
 connection with the host unless the md5sums match. This option is only for SCP
 and SFTP transfers. (Added in 7.17.1)
 .IP "--ignore-content-length"
@@ -592,6 +614,14 @@ See this online resource for further details:
 \fBhttp://curl.haxx.se/docs/sslcerts.html\fP
 
 If this option is used twice, the second time will again disable it.
+.IP "--keepalive-time <seconds>"
+This option sets the time a connection needs to remain idle before sending
+keepalive probes and the time between individual keepalive probes. It is
+currently effective on operating systems offering the TCP_KEEPIDLE and
+TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This
+option has no effect if \fI--no-keepalive\fP is used. (Added in 7.18.0)
+
+If this option is used multiple times, the last occurrence sets the amount.
 .IP "--key <key>"
 (SSL/SSH) Private key file name. Allows you to provide your private key in this
 separate file.
@@ -617,8 +647,12 @@ If this option is used several times, the last one will be used.
 Specify which config file to read curl arguments from. The config file is a
 text file in which command line arguments can be written which then will be
 used as if they were written on the actual command line. Options and their
-parameters must be specified on the same config file line. If the parameter is
-to contain white spaces, the parameter must be enclosed within quotes.  If the
+parameters must be specified on the same config file line, separated by
+white space, colon, the equals sign or any combination thereof (however,
+the preferred separator is the equals sign). If the parameter is to contain
+white spaces, the parameter must be enclosed within quotes. Within double
+quotes, the following escape sequences are available: \\\\, \\", \\t, \\n,
+\\r and \\v. A backlash preceding any other letter is  ignored. If the
 first column of a config line is a '#' character, the rest of the line will be
 treated as a comment. Only write one option per physical line in the config
 file.
@@ -673,7 +707,8 @@ NOTE: this does not properly support -F and the sending of multipart
 formposts, so in those cases the output program will be missing necessary
 calls to \fIcurl_formadd(3)\fP, and possibly more.
 
-If this option is used several times, the last given file name will be used.
+If this option is used several times, the last given file name will be
+used. (Added in 7.16.1)
 .IP "--limit-rate <speed>"
 Specify the maximum transfer rate you want curl to use. This feature is useful
 if you have a limited pipe and you'd like your transfer not use your entire
@@ -799,6 +834,11 @@ will output the data in chunks, not necessarily exactly when the data arrives.
 Using this option will disable that buffering.
 
 If this option is used twice, the second will again switch on buffering.
+.IP "--no-keepalive"
+Disables the use of keepalive messages on the TCP connection, as by default
+curl enables them.
+
+If this option is used twice, the second will again enable keepalive.
 .IP "--no-sessionid"
 (SSL) Disable curl's use of SSL session-ID caching.  By default all transfers
 are done using the cache. Note that while nothing ever should get hurt by
@@ -861,7 +901,7 @@ a redirection. This option is meaningful only when using \fI-L/--location\fP
 (Added in 7.17.1)
 .IP "--proxy-anyauth"
 Tells curl to pick a suitable authentication method when communicating with
-the given proxy. This will cause an extra request/response round-trip. (Added
+the given proxy. This might cause an extra request/response round-trip. (Added
 in 7.13.2)
 
 If this option is used twice, the second will again disable the proxy use-any
@@ -948,9 +988,9 @@ This option can be used multiple times.
 random data. The data is used to seed the random engine for SSL connections.
 See also the \fI--egd-file\fP option.
 .IP "-r/--range <range>"
-(HTTP/FTP)
-Retrieve a byte range (i.e a partial document) from a HTTP/1.1 or FTP
-server. Ranges can be specified in a number of ways.
+(HTTP/FTP/FILE) Retrieve a byte range (i.e a partial document) from a
+HTTP/1.1, FTP server or a local FILE. Ranges can be specified in a number of
+ways.
 .RS
 .TP 10
 .B 0-499
@@ -1049,9 +1089,28 @@ This option overrides any previous use of \fI-x/--proxy\fP, as they are
 mutually exclusive.
 
 If this option is used several times, the last one will be used.
+.IP "--socks4a <host[:port]>"
+Use the specified SOCKS4a proxy. If the port number is not specified, it is
+assumed at port 1080. (Added in 7.18.0)
+
+This option overrides any previous use of \fI-x/--proxy\fP, as they are
+mutually exclusive.
+
+If this option is used several times, the last one will be used.
+.IP "--socks5-hostname <host[:port]>"
+Use the specified SOCKS5 proxy (and let the proxy resolve the host name). If
+the port number is not specified, it is assumed at port 1080. (Added in
+7.18.0)
+
+This option overrides any previous use of \fI-x/--proxy\fP, as they are
+mutually exclusive.
+
+If this option is used several times, the last one will be used. (This option
+was previously wrongly documented and used as --socks without the number
+appended.)
 .IP "--socks5 <host[:port]>"
-Use the specified SOCKS5 proxy. If the port number is not specified, it is
-assumed at port 1080. (Added in 7.11.1)
+Use the specified SOCKS5 proxy - but resolve the host name locally. If the
+port number is not specified, it is assumed at port 1080.
 
 This option overrides any previous use of \fI-x/--proxy\fP, as they are
 mutually exclusive.
@@ -1128,6 +1187,9 @@ If this option is used several times, each occurrence will toggle it on/off.
 Specify user and password to use for server authentication. Overrides
 \fI-n/--netrc\fP and \fI--netrc-optional\fP.
 
+If you just give the user name (without entering a colon) curl will prompt for
+a password.
+
 If you use an SSPI-enabled curl binary and do NTLM authentication, you can
 force curl to pick up the user name and password from your environment by
 simply specifying a single colon with this option: "-u :".

docs/examples/10-at-a-time.c

@@ -18,6 +18,9 @@
 #include <string.h>
 #include <unistd.h>
 #include <curl/multi.h>
+#ifdef WIN32
+#include <windows.h>
+#endif
 
 static const char *urls[] = {
   "http://www.microsoft.com",
@@ -74,7 +77,7 @@ static const char *urls[] = {
 #define MAX 10 /* number of simultaneous transfers */
 #define CNT sizeof(urls)/sizeof(char*) /* total number of transfers to do */
 
-static int cb(char *d, size_t n, size_t l, void *p)
+static size_t cb(char *d, size_t n, size_t l, void *p)
 {
   /* take care of the data here, ignored in this example */
   (void)d;
@@ -138,7 +141,11 @@ int main(void)
         L = 100;
 
       if (M == -1) {
+#ifdef WIN32
+        Sleep(L);
+#else
         sleep(L / 1000);
+#endif
       } else {
         T.tv_sec = L/1000;
         T.tv_usec = (L%1000)*1000;

docs/examples/Makefile.am

@@ -4,28 +4,24 @@
 
 AUTOMAKE_OPTIONS = foreign nostdinc
 
-EXTRA_DIST = README Makefile.example makefile.dj $(COMPLICATED_EXAMPLES)
+EXTRA_DIST = README Makefile.example Makefile.inc Makefile.m32 \
+	makefile.dj $(COMPLICATED_EXAMPLES)
 
 INCLUDES = -I$(top_srcdir)/include
 
 LIBDIR = $(top_builddir)/lib
-CPPFLAGS = -DCURL_NO_OLDIES
+
+if STATICLIB
+# we need this define when building with a static lib on Windows
+STATICCPPFLAGS = -DCURL_STATICLIB
+endif
+
+CPPFLAGS = -DCURL_NO_OLDIES $(STATICCPPFLAGS)
 
 # Dependencies
 LDADD = $(LIBDIR)/libcurl.la
 
-# These are all libcurl example programs to be test compiled
-noinst_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
-  debug fileupload fopen ftpget ftpgetresp ftpupload \
-  getinfo getinmemory http-post httpput \
-  https multi-app multi-debugcallback multi-double \
-  multi-post multi-single persistant post-callback \
-  postit2 sepheaders simple simplepost simplessl
+# Makefile.inc provides the noinst_PROGRAMS and COMPLICATED_EXAMPLES defines
+include Makefile.inc
 
-# These examples require external dependencies that may not be commonly
-# available on POSIX systems, so don't bother attempting to compile them here.
-COMPLICATED_EXAMPLES = \
- curlgtk.c curlx.c htmltitle.cc cacertinmem.c ftpuploadresume.c \
- ghiper.c hiperfifo.c htmltidy.c multithread.c \
- opensslthreadlock.c sampleconv.c synctime.c
 

docs/examples/Makefile.inc

@@ -0,0 +1,16 @@
+# These are all libcurl example programs to be test compiled
+noinst_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
+  debug fileupload fopen ftpget ftpgetresp ftpupload \
+  getinfo getinmemory http-post httpput \
+  https multi-app multi-debugcallback multi-double \
+  multi-post multi-single persistant post-callback \
+  postit2 sepheaders simple simplepost simplessl
+
+# These examples require external dependencies that may not be commonly
+# available on POSIX systems, so don't bother attempting to compile them here.
+COMPLICATED_EXAMPLES = \
+ curlgtk.c curlx.c htmltitle.cc cacertinmem.c ftpuploadresume.c \
+ ghiper.c hiperfifo.c htmltidy.c multithread.c \
+ opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c
+
+

docs/examples/Makefile.m32

@@ -0,0 +1,135 @@
+#########################################################################
+# $Id$
+#
+## Makefile for building curl examples with MingW32
+## and optionally OpenSSL (0.9.8), libssh2 (0.18), zlib (1.2.3)
+##
+## Usage:
+## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
+##
+## Hint: you can also set environment vars to control the build, f.e.:
+## set ZLIB_PATH=c:/zlib-1.2.3
+## set ZLIB=1
+##
+#########################################################################
+
+# Edit the path below to point to the base of your Zlib sources.
+ifndef ZLIB_PATH
+ZLIB_PATH = ../../zlib-1.2.3
+endif
+# Edit the path below to point to the base of your OpenSSL package.
+ifndef OPENSSL_PATH
+OPENSSL_PATH = ../../openssl-0.9.8g
+endif
+# Edit the path below to point to the base of your LibSSH2 package.
+ifndef LIBSSH2_PATH
+LIBSSH2_PATH = ../../libssh2-0.18
+endif
+# Edit the path below to point to the base of your Novell LDAP NDK.
+ifndef LDAP_SDK
+LDAP_SDK = c:/novell/ndk/cldapsdk/win32
+endif
+
+PROOT = ../..
+ARES_LIB = $(PROOT)/ares
+
+SSL = 1
+ZLIB = 1
+
+CC = gcc
+CFLAGS = -g -O2 -Wall
+# comment LDFLAGS below to keep debug info
+LDFLAGS = -s
+RC = windres
+RCFLAGS = --include-dir=$(PROOT)/include -O COFF -i
+RM = del /q /f > NUL 2>&1
+CP = copy
+
+########################################################
+## Nothing more to do below this line!
+
+INCLUDES = -I. -I$(PROOT) -I$(PROOT)/include -I$(PROOT)/lib
+LINK = $(CC) $(LDFLAGS) -o $@
+
+curl_PROGRAMS = curl.exe
+ifdef DYN
+  curl_DEPENDENCIES = $(PROOT)/lib/libcurldll.a $(PROOT)/lib/libcurl.dll
+  curl_LDADD = -L$(PROOT)/lib -lcurldll
+else
+  curl_DEPENDENCIES = $(PROOT)/lib/libcurl.a
+  curl_LDADD = -L$(PROOT)/lib -lcurl
+  CFLAGS += -DCURL_STATICLIB
+endif
+ifdef ARES
+  ifndef DYN
+    curl_DEPENDENCIES += $(ARES_LIB)/libcares.a
+  endif
+  CFLAGS += -DUSE_ARES
+  curl_LDADD += -L$(ARES_LIB) -lcares
+endif
+ifdef SSH2
+  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
+  curl_LDADD += -L$(LIBSSH2_PATH)/win32 -lssh2
+endif
+ifdef SSL
+  INCLUDES += -I"$(OPENSSL_PATH)/outinc"
+  CFLAGS += -DUSE_SSLEAY -DHAVE_OPENSSL_ENGINE_H
+  ifdef DYN
+    curl_LDADD += -L$(OPENSSL_PATH)/out -leay32 -lssl32
+  else
+    curl_LDADD += -L$(OPENSSL_PATH)/out -lssl -lcrypto -lgdi32
+  endif
+endif
+ifdef ZLIB
+  INCLUDES += -I"$(ZLIB_PATH)"
+  CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H
+  curl_LDADD += -L$(ZLIB_PATH) -lz
+endif
+ifdef SSPI
+  CFLAGS += -DUSE_WINDOWS_SSPI
+endif
+ifdef IPV6
+  CFLAGS += -DENABLE_IPV6
+endif
+ifdef LDAPS
+  CFLAGS += -DHAVE_LDAP_SSL
+endif
+ifdef USE_LDAP_NOVELL
+  CFLAGS += -DCURL_HAS_NOVELL_LDAPSDK
+  curl_LDADD += -L"$(LDAP_SDK)/lib/mscvc" -lldapsdk -lldapssl -lldapx
+endif
+ifdef USE_LDAP_OPENLDAP
+  CFLAGS += -DCURL_HAS_OPENLDAP_LDAPSDK
+  curl_LDADD += -L"$(LDAP_SDK)/lib" -lldap -llber
+endif
+ifndef USE_LDAP_NOVELL
+ifndef USE_LDAP_OPENLDAP
+curl_LDADD += -lwldap32
+endif
+endif
+curl_LDADD += -lws2_32 -lwinmm
+COMPILE = $(CC) $(INCLUDES) $(CFLAGS)
+
+# Makefile.inc provides the noinst_PROGRAMS and COMPLICATED_EXAMPLES defines
+include Makefile.inc
+
+example_PROGRAMS := $(patsubst %,%.exe,$(strip $(noinst_PROGRAMS)))
+
+.SUFFIXES: .rc .res .o .exe
+
+
+all: $(example_PROGRAMS)
+
+.o.exe: $(curl_DEPENDENCIES)
+	$(LINK) $< $(curl_LDADD)
+
+.c.o:
+	$(COMPILE) -c $<
+
+.rc.res:
+	$(RC) $(RCFLAGS) $< -o $@
+
+clean:
+	$(RM) $(example_PROGRAMS)
+
+

docs/examples/anyauthput.c

@@ -37,7 +37,7 @@
 /* ioctl callback function */
 static curlioerr my_ioctl(CURL *handle, curliocmd cmd, void *userp)
 {
-  int fd = (int)userp;
+  intptr_t fd = (intptr_t)userp;
 
   (void)handle; /* not used in here */
 
@@ -61,7 +61,7 @@ static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
 {
   size_t retcode;
 
-  int fd = (int)stream;
+  intptr_t fd = (intptr_t)stream;
 
   retcode = read(fd, ptr, size * nmemb);
 
@@ -74,7 +74,7 @@ int main(int argc, char **argv)
 {
   CURL *curl;
   CURLcode res;
-  int hd ;
+  intptr_t hd ;
   struct stat file_info;
 
   char *file;
@@ -100,13 +100,13 @@ int main(int argc, char **argv)
     curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
 
     /* which file to upload */
-    curl_easy_setopt(curl, CURLOPT_READDATA, hd);
+    curl_easy_setopt(curl, CURLOPT_READDATA, (void*)hd);
 
     /* set the ioctl function */
     curl_easy_setopt(curl, CURLOPT_IOCTLFUNCTION, my_ioctl);
 
     /* pass the file descriptor to the ioctl callback as well */
-    curl_easy_setopt(curl, CURLOPT_IOCTLDATA, hd);
+    curl_easy_setopt(curl, CURLOPT_IOCTLDATA, (void*)hd);
 
     /* enable "uploading" (which means PUT when doing HTTP) */
     curl_easy_setopt(curl, CURLOPT_UPLOAD, TRUE) ;

docs/examples/debug.c

@@ -65,7 +65,7 @@ void dump(const char *text,
 
 static
 int my_trace(CURL *handle, curl_infotype type,
-             unsigned char *data, size_t size,
+             char *data, size_t size,
              void *userp)
 {
   struct data *config = (struct data *)userp;
@@ -98,7 +98,7 @@ int my_trace(CURL *handle, curl_infotype type,
     break;
   }
 
-  dump(text, stderr, data, size, config->trace_ascii);
+  dump(text, stderr, (unsigned char *)data, size, config->trace_ascii);
   return 0;
 }
 

docs/examples/ftpget.c

@@ -26,7 +26,7 @@ struct FtpFile {
   FILE *stream;
 };
 
-static int my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream)
+static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream)
 {
   struct FtpFile *out=(struct FtpFile *)stream;
   if(out && !out->stream) {

docs/examples/ftpupload.c

@@ -14,7 +14,12 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
+#include <errno.h>
+#ifdef WIN32
+#include <io.h>
+#else
 #include <unistd.h>
+#endif
 
 /*
  * This example shows an FTP upload, with a rename of the file just after
@@ -28,12 +33,26 @@
 #define REMOTE_URL      "ftp://localhost/"  UPLOAD_FILE_AS
 #define RENAME_FILE_TO  "renamed-and-fine.txt"
 
+/* NOTE: if you want this example to work on Windows with libcurl as a
+   DLL, you MUST also provide a read callback with CURLOPT_READFUNCTION.
+   Failing to do so will give you a crash since a DLL may not use the
+   variable's memory when passed in to it from an app like this. */
+static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
+{
+  /* in real-world cases, this would probably get this data differently
+     as this fread() stuff is exactly what the library already would do
+     by default internally */
+  size_t retcode = fread(ptr, size, nmemb, stream);
+
+  fprintf(stderr, "*** We read %d bytes from file\n", retcode);
+  return retcode;
+}
+
 int main(int argc, char **argv)
 {
   CURL *curl;
   CURLcode res;
   FILE *hd_src;
-  int hd ;
   struct stat file_info;
 
   struct curl_slist *headerlist=NULL;
@@ -41,13 +60,13 @@ int main(int argc, char **argv)
   static const char buf_2 [] = "RNTO " RENAME_FILE_TO;
 
   /* get the file size of the local file */
-  hd = open(LOCAL_FILE, O_RDONLY) ;
-  fstat(hd, &file_info);
-  close(hd) ;
+  if(stat(LOCAL_FILE, &file_info)) {
+    printf("Couldnt open '%s': %s\n", LOCAL_FILE, strerror(errno));
+    return 1;
+  }
+  printf("Local file size: %ld bytes.\n", file_info.st_size);
 
-  /* get a FILE * of the same file, could also be made with
-     fdopen() from the previous descriptor, but hey this is just
-     an example! */
+  /* get a FILE * of the same file */
   hd_src = fopen(LOCAL_FILE, "rb");
 
   /* In windows, this will init the winsock stuff */
@@ -60,6 +79,9 @@ int main(int argc, char **argv)
     headerlist = curl_slist_append(headerlist, buf_1);
     headerlist = curl_slist_append(headerlist, buf_2);
 
+    /* we want to use our own read function */
+    curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
+
     /* enable uploading */
     curl_easy_setopt(curl, CURLOPT_UPLOAD, 1) ;
 
@@ -72,12 +94,6 @@ int main(int argc, char **argv)
     /* now specify which file to upload */
     curl_easy_setopt(curl, CURLOPT_READDATA, hd_src);
 
-    /* NOTE: if you want this example to work on Windows with libcurl as a
-       DLL, you MUST also provide a read callback with
-       CURLOPT_READFUNCTION. Failing to do so will give you a crash since a
-       DLL may not use the variable's memory when passed in to it from an app
-       like this. */
-
     /* Set the size of the file to upload (optional).  If you give a *_LARGE
        option you MUST make sure that the type of the passed-in argument is a
        curl_off_t. If you use CURLOPT_INFILESIZE (without _LARGE) you must

docs/examples/getinmemory.c

@@ -98,5 +98,8 @@ int main(int argc, char **argv)
   if(chunk.memory)
     free(chunk.memory);
 
+  /* we're done with libcurl, so clean it up */
+  curl_global_cleanup();
+
   return 0;
 }

docs/examples/multi-debugcallback.c

@@ -74,7 +74,7 @@ void dump(const char *text,
 
 static
 int my_trace(CURL *handle, curl_infotype type,
-             unsigned char *data, size_t size,
+             char *data, size_t size,
              void *userp)
 {
   const char *text;

docs/examples/post-callback.c

@@ -75,7 +75,7 @@ int main(void)
     */
 #ifdef USE_CHUNKED
     {
-      curl_slist *chunk = NULL;
+      struct curl_slist *chunk = NULL;
 
       chunk = curl_slist_append(chunk, "Transfer-Encoding: chunked");
       res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
@@ -98,7 +98,7 @@ int main(void)
     /* A less good option would be to enforce HTTP 1.0, but that might also
        have other implications. */
     {
-      curl_slist *chunk = NULL;
+      struct curl_slist *chunk = NULL;
 
       chunk = curl_slist_append(chunk, "Expect:");
       res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);

docs/examples/smooth-gtk-thread.c

@@ -0,0 +1,217 @@
+/*****************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * $Id$
+ *
+ * This is a multi threaded application that uses a progress bar to show
+ * status.  It uses Gtk+ to make a smooth pulse.
+ *
+ * Written by Jud Bishop after studying the other examples provided with
+ * libcurl.
+ *
+ * To compile (on a single line):
+ * gcc -ggdb `pkg-config --cflags  --libs gtk+-2.0` -lcurl -lssl -lcrypto
+ *   -lgthread-2.0 -dl  smooth-gtk-thread.c -o smooth-gtk-thread
+ */
+
+#include <stdio.h>
+#include <gtk/gtk.h>
+#include <glib.h>
+#include <unistd.h>
+#include <pthread.h>
+
+#include <curl/curl.h>
+#include <curl/types.h> /* new for v7 */
+#include <curl/easy.h> /* new for v7 */
+
+#define NUMT 4
+
+pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
+int j = 0;
+gint num_urls = 9; /* Just make sure this is less than urls[]*/
+char *urls[]= {
+  "90022",
+  "90023",
+  "90024",
+  "90025",
+  "90026",
+  "90027",
+  "90028",
+  "90029",
+  "90030"
+};
+
+size_t write_file(void *ptr, size_t size, size_t nmemb, FILE *stream)
+{
+  /* printf("write_file\n"); */
+  return fwrite(ptr, size, nmemb, stream);
+}
+
+/* http://xoap.weather.com/weather/local/46214?cc=*&dayf=5&unit=i */
+void *pull_one_url(void *NaN)
+{
+  CURL *curl;
+  CURLcode res;
+  gchar *http;
+  FILE *outfile;
+  gint i;
+
+  /* Stop threads from entering unless j is incremented */
+  pthread_mutex_lock(&lock);
+  while ( j < num_urls )
+  {
+    printf("j = %d\n", j);
+
+    http =
+      g_strdup_printf("xoap.weather.com/weather/local/%s?cc=*&dayf=5&unit=i\n",
+                      urls[j]);
+
+    printf( "http %s", http );
+
+    curl = curl_easy_init();
+    if(curl)
+    {
+
+      outfile = fopen(urls[j], "w");
+      /* printf("fopen\n"); */
+
+      /* Set the URL and transfer type */
+      curl_easy_setopt(curl, CURLOPT_URL, http);
+
+      /* Write to the file */
+      curl_easy_setopt(curl, CURLOPT_WRITEDATA, outfile);
+      curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_file);
+
+      j++;  /* critical line */
+      pthread_mutex_unlock(&lock);
+
+      res = curl_easy_perform(curl);
+
+      fclose(outfile);
+      printf("fclose\n");
+
+      curl_easy_cleanup(curl);
+    }
+    g_free (http);
+
+    /* Adds more latency, testing the mutex.*/
+    sleep(1);
+
+  } /* end while */
+  return NULL;
+}
+
+
+gboolean pulse_bar(gpointer data)
+{
+  gdk_threads_enter();
+  gtk_progress_bar_pulse (GTK_PROGRESS_BAR (data));
+  gdk_threads_leave();
+
+  /* Return true so the function will be called again;
+   * returning false removes this timeout function.
+   */
+  return TRUE;
+}
+
+void *create_thread(void *progress_bar)
+{
+  pthread_t tid[NUMT];
+  int i;
+  int error;
+
+  /* Make sure I don't create more threads than urls. */
+  for(i=0; i < NUMT && i < num_urls ; i++) {
+    error = pthread_create(&tid[i],
+                           NULL, /* default attributes please */
+                           pull_one_url,
+                           NULL);
+    if(0 != error)
+      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
+    else
+      fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]);
+  }
+
+  /* Wait for all threads to terminate. */
+  for(i=0; i < NUMT && i < num_urls; i++) {
+    error = pthread_join(tid[i], NULL);
+    fprintf(stderr, "Thread %d terminated\n", i);
+  }
+
+  /* This stops the pulsing if you have it turned on in the progress bar
+     section */
+  g_source_remove(GPOINTER_TO_INT(g_object_get_data(G_OBJECT(progress_bar),
+                                                    "pulse_id")));
+
+  /* This destroys the progress bar */
+  gtk_widget_destroy(progress_bar);
+
+  /* [Un]Comment this out to kill the program rather than pushing close. */
+  /* gtk_main_quit(); */
+
+
+  return NULL;
+
+}
+
+static gboolean cb_delete(GtkWidget *window, gpointer data)
+{
+  gtk_main_quit();
+  return FALSE;
+}
+
+int main(int argc, char **argv)
+{
+  GtkWidget *top_window, *outside_frame, *inside_frame, *progress_bar;
+  GtkAdjustment *adj;
+
+  /* Init thread */
+  g_thread_init(NULL);
+  gdk_threads_init ();
+  gdk_threads_enter ();
+
+  gtk_init(&argc, &argv);
+
+  /* Base window */
+  top_window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
+
+  /* Frame */
+  outside_frame = gtk_frame_new(NULL);
+  gtk_frame_set_shadow_type(GTK_FRAME(outside_frame), GTK_SHADOW_OUT);
+  gtk_container_add(GTK_CONTAINER(top_window), outside_frame);
+
+  /* Frame */
+  inside_frame = gtk_frame_new(NULL);
+  gtk_frame_set_shadow_type(GTK_FRAME(inside_frame), GTK_SHADOW_IN);
+  gtk_container_set_border_width(GTK_CONTAINER(inside_frame), 5);
+  gtk_container_add(GTK_CONTAINER(outside_frame), inside_frame);
+
+  /* Progress bar */
+  progress_bar = gtk_progress_bar_new();
+  gtk_progress_bar_pulse (GTK_PROGRESS_BAR (progress_bar));
+  /* Make uniform pulsing */
+  gint pulse_ref = g_timeout_add (300, pulse_bar, progress_bar);
+  g_object_set_data(G_OBJECT(progress_bar), "pulse_id",
+                    GINT_TO_POINTER(pulse_ref));
+  gtk_container_add(GTK_CONTAINER(inside_frame), progress_bar);
+
+  gtk_widget_show_all(top_window);
+  printf("gtk_widget_show_all\n");
+
+  g_signal_connect(G_OBJECT (top_window), "delete-event",
+                   G_CALLBACK(cb_delete), NULL);
+
+  if (!g_thread_create(&create_thread, progress_bar, FALSE, NULL) != 0)
+    g_warning("can't create the thread");
+
+  gtk_main();
+  gdk_threads_leave();
+  printf("gdk_threads_leave\n");
+
+  return 0;
+}
+

docs/examples/threaded-ssl.c

@@ -0,0 +1,145 @@
+/*****************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * $Id$
+ *
+ * A multi-threaded example that uses pthreads and fetches 4 remote files at
+ * once over HTTPS. The lock callbacks and stuff assume OpenSSL or GnuTLS
+ * (libgcrypt) so far.
+ *
+ * OpenSSL docs for this:
+ *   http://www.openssl.org/docs/crypto/threads.html
+ * gcrypt docs for this:
+ *   http://gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
+ */
+
+#define USE_OPENSSL /* or USE_GNUTLS accordingly */
+
+#include <stdio.h>
+#include <pthread.h>
+#include <curl/curl.h>
+
+/* we have this global to let the callback get easy access to it */
+static pthread_mutex_t *lockarray;
+
+#ifdef USE_OPENSSL
+#include <openssl/crypto.h>
+static void lock_callback(int mode, int type, char *file, int line)
+{
+  (void)file;
+  (void)line;
+  if (mode & CRYPTO_LOCK) {
+    pthread_mutex_lock(&(lockarray[type]));
+  }
+  else {
+    pthread_mutex_unlock(&(lockarray[type]));
+  }
+}
+
+static unsigned long thread_id(void)
+{
+  unsigned long ret;
+
+  ret=(unsigned long)pthread_self();
+  return(ret);
+}
+
+static void init_locks(void)
+{
+  int i;
+
+  lockarray=(pthread_mutex_t *)OPENSSL_malloc(CRYPTO_num_locks() *
+                                            sizeof(pthread_mutex_t));
+  for (i=0; i<CRYPTO_num_locks(); i++) {
+    pthread_mutex_init(&(lockarray[i]),NULL);
+  }
+
+  CRYPTO_set_id_callback((unsigned long (*)())thread_id);
+  CRYPTO_set_locking_callback((void (*)())lock_callback);
+}
+
+static void kill_locks(void)
+{
+  int i;
+
+  CRYPTO_set_locking_callback(NULL);
+  for (i=0; i<CRYPTO_num_locks(); i++)
+    pthread_mutex_destroy(&(lockarray[i]));
+
+  OPENSSL_free(lockarray);
+}
+#endif
+
+#ifdef USE_GNUTLS
+#include <gcrypt.h>
+#include <errno.h>
+
+GCRY_THREAD_OPTION_PTHREAD_IMPL;
+
+void init_locks(void)
+{
+  gcry_control(GCRYCTL_SET_THREAD_CBS);
+}
+
+#define kill_locks()
+#endif
+
+/* List of URLs to fetch.*/
+const char *urls[]= {
+  "https://www.sf.net/",
+  "https://www.openssl.org/",
+  "https://www.sf.net/",
+  "https://www.openssl.org/",
+};
+
+static void *pull_one_url(void *url)
+{
+  CURL *curl;
+
+  curl = curl_easy_init();
+  curl_easy_setopt(curl, CURLOPT_URL, url);
+  /* this example doesn't verify the server's certificate, which means we
+     might be downloading stuff from an impostor */
+  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+  curl_easy_perform(curl); /* ignores error */
+  curl_easy_cleanup(curl);
+
+  return NULL;
+}
+
+int main(int argc, char **argv)
+{
+  pthread_t tid[4];
+  int i;
+  int error;
+  (void)argc; /* we don't use any arguments in this example */
+  (void)argv;
+
+  init_locks();
+
+  for(i=0; i< 4; i++) {
+    error = pthread_create(&tid[i],
+                           NULL, /* default attributes please */
+                           pull_one_url,
+                           (void *)urls[i]);
+    if(0 != error)
+      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
+    else
+      fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]);
+  }
+
+  /* now wait for all threads to terminate */
+  for(i=0; i< 4; i++) {
+    error = pthread_join(tid[i], NULL);
+    fprintf(stderr, "Thread %d terminated\n", i);
+  }
+
+  kill_locks();
+
+  return 0;
+}

docs/libcurl/Makefile.am

@@ -18,7 +18,8 @@ man_MANS = curl_easy_cleanup.3 curl_easy_getinfo.3 curl_easy_init.3	 \
  curl_multi_strerror.3 curl_share_strerror.3 curl_global_init_mem.3	 \
  libcurl-tutorial.3 curl_easy_reset.3 curl_easy_escape.3		 \
  curl_easy_unescape.3 curl_multi_setopt.3 curl_multi_socket.3		 \
- curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3
+ curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3		 \
+ curl_easy_pause.3
 
 HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html		  \
  curl_easy_init.html curl_easy_perform.html curl_easy_setopt.html	  \
@@ -36,7 +37,7 @@ HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html		  \
  curl_share_strerror.html curl_global_init_mem.html libcurl-tutorial.html \
  curl_easy_reset.html curl_easy_escape.html curl_easy_unescape.html	  \
  curl_multi_setopt.html curl_multi_socket.html curl_multi_timeout.html	  \
- curl_formget.html curl_multi_assign.html
+ curl_formget.html curl_multi_assign.html curl_easy_pause.html
 
 PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf curl_easy_init.pdf \
  curl_easy_perform.pdf curl_easy_setopt.pdf curl_easy_duphandle.pdf	  \
@@ -53,7 +54,7 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf curl_easy_init.pdf \
  curl_share_strerror.pdf curl_global_init_mem.pdf libcurl-tutorial.pdf	  \
  curl_easy_reset.pdf curl_easy_escape.pdf curl_easy_unescape.pdf	  \
  curl_multi_setopt.pdf curl_multi_socket.pdf curl_multi_timeout.pdf	  \
- curl_formget.pdf curl_multi_assign.pdf
+ curl_formget.pdf curl_multi_assign.pdf curl_easy_pause.pdf
 
 CLEANFILES = $(HTMLPAGES) $(PDFPAGES)
 

docs/libcurl/curl_easy_pause.3

@@ -0,0 +1,63 @@
+.\" $Id$
+.\"
+.TH curl_easy_pause 3 "17 Dec 2007" "libcurl 7.18.0" "libcurl Manual"
+.SH NAME
+curl_easy_pause - pause and unpause a connection
+.SH SYNOPSIS
+.B #include <curl/curl.h>
+
+.BI "CURLcode curl_easy_pause(CURL *"handle ", int "bitmask " );"
+
+.SH DESCRIPTION
+Using this function, you can explicitly mark a running connection to get
+paused, and you can unpause a connection that was previously paused.
+
+A connection can made to pause by using this function or by letting the read
+or the write callbacks return the proper magic return code
+(\fICURL_READFUNC_PAUSE\fP and \fICURL_WRITEFUNC_PAUSE\fP).
+
+NOTE: while it may feel tempting, take care and notice that you cannot call
+this function from another thread.
+
+When this function is called to unpause reading, the chance is high that you
+will get your write callback called before this function returns.
+
+The \fBhandle\fP argument is of course identifying the handle that operates on
+the connection you want to pause or unpause.
+
+The \fBbitmask\fP argument is a set of bits that sets the new state of the
+connection. The following bits can be used:
+.IP CURLPAUSE_RECV
+Pause receiving data. There will be no data received on this conneciton until
+this function is called again without this bit set. Thus, the write callback
+(\fICURLOPT_WRITEFUNCTION\fP) won't be called.
+.IP CURLPAUSE_SEND
+Pause sending data. There will be no data sent on this connection until this
+function is called again without this bit set. Thus, the read callback
+(\fICURLOPT_READFUNCTION\fP) won't be called.
+.IP CURLPAUSE_ALL
+Convenience define that pauses both directions.
+.IP CURLPAUSE_CONT
+Convenience define that unpauses both directions
+.SH RETURN VALUE
+CURLE_OK (zero) means that the option was set properly, and a non-zero return
+code means something wrong occurred after the new state was set.  See the
+\fIlibcurl-errors(3)\fP man page for the full list with descriptions.
+.SH AVAILABILITY
+This function was added in libcurl 7.18.0. Before this version, there was no
+explicit support for pausing transfers.
+.SH "MEMORY USE"
+When pausing a read by returning the magic return code from a write callback,
+the read data is already in libcurl's internal buffers so it'll have to keep
+it in an allocated buffer until the reading is again unpaused using this
+function.
+
+If the downloaded data is compressed and is asked to get uncompressed
+automatially on download, libcurl will continue to uncompress the entire
+downloaded chunk and it will cache the data uncompressed. This has the side-
+effect that if you download something that is compressed a lot, it can result
+in a very large data amount needing to be allocated to save the data during
+the pause. This said, you should probably consider not using paused reading if
+you allow libcurl to uncompress data automatically.
+.SH "SEE ALSO"
+.BR curl_easy_cleanup "(3), " curl_easy_reset "(3)"

docs/libcurl/curl_easy_setopt.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH curl_easy_setopt 3 "30 Aug 2007" "libcurl 7.17.0" "libcurl Manual"
+.TH curl_easy_setopt 3 "5 Jan 2008" "libcurl 7.18.0" "libcurl Manual"
 .SH NAME
 curl_easy_setopt \- set options for a curl easy handle
 .SH SYNOPSIS
@@ -95,6 +95,10 @@ of bytes actually taken care of. If that amount differs from the amount passed
 to your function, it'll signal an error to the library and it will abort the
 transfer and return \fICURLE_WRITE_ERROR\fP.
 
+From 7.18.0, the function can return CURL_WRITEFUNC_PAUSE which then will
+cause writing to this connection to become paused. See
+\fIcurl_easy_pause(3)\fP for further details.
+
 This function may be called with zero bytes data if the transfered file is
 empty.
 
@@ -142,6 +146,10 @@ The read callback may return \fICURL_READFUNC_ABORT\fP to stop the current
 operation immediately, resulting in a \fICURLE_ABORTED_BY_CALLBACK\fP error
 code from the transfer (Added in 7.12.1)
 
+From 7.18.0, the function can return CURL_READFUNC_PAUSE which then will cause
+reading from this connection to become paused. See \fIcurl_easy_pause(3)\fP
+for further details.
+
 If you set the callback pointer to NULL, or doesn't set it at all, the default
 internal read function will be used. It is simply doing an fread() on the FILE
 * stream set with \fICURLOPT_READDATA\fP.
@@ -163,11 +171,32 @@ something special I/O-related needs to be done that the library can't do by
 itself. For now, rewinding the read data stream is the only action it can
 request. The rewinding of the read data stream may be necessary when doing a
 HTTP PUT or POST with a multi-pass authentication method.  (Option added in
-7.12.3)
+7.12.3).
+
+Use \fICURLOPT_SEEKFUNCTION\fP instead to provide seeking!
 .IP CURLOPT_IOCTLDATA
 Pass a pointer that will be untouched by libcurl and passed as the 3rd
 argument in the ioctl callback set with \fICURLOPT_IOCTLFUNCTION\fP.  (Option
 added in 7.12.3)
+.IP CURLOPT_SEEKFUNCTION
+Function pointer that should match the following prototype: \fIint
+function(void *instream, curl_off_t offset, int origin);\fP This function gets
+called by libcurl to seek to a certain position in the input stream and can be
+used to fast forward a file in a resumed upload (instead of reading all
+uploaded bytes with the normal read function/callback). It is also called to
+rewind a stream when doing a HTTP PUT or POST with a multi-pass authentication
+method. The function shall work like "fseek" or "lseek" and accepted SEEK_SET,
+SEEK_CUR and SEEK_END as argument for origin, although (in 7.18.0) libcurl
+only passes SEEK_SET. The callback must return 0 on success as returning
+non-zero will cause the upload operation to fail.
+
+If you forward the input arguments directly to "fseek" or "lseek", note that
+the data type for \fIoffset\fP is not the same as defined for curl_off_t on
+many systems! (Option added in 7.18.0)
+.IP CURLOPT_SEEKDATA
+Data pointer to pass to the file read function. If you use the
+\fICURLOPT_SEEKFUNCTION\fP option, this is the pointer you'll get as input. If
+you don't specify a seek callback, NULL is passed. (Option added in 7.18.0)
 .IP CURLOPT_SOCKOPTFUNCTION
 Function pointer that should match the \fIcurl_sockopt_callback\fP prototype
 found in \fI<curl/curl.h>\fP. This function gets called by libcurl after the
@@ -281,6 +310,9 @@ Pass a pointer to whatever you want passed in to your
 \fICURLOPT_DEBUGFUNCTION\fP in the last void * argument. This pointer is not
 used by libcurl, it is only passed to the callback.
 .IP CURLOPT_SSL_CTX_FUNCTION
+This option does only function for libcurl powered by OpenSSL. If libcurl was
+built against another SSL library, this functionality is absent.
+
 Function pointer that should match the following prototype: \fBCURLcode
 sslctxfun(CURL *curl, void *sslctx, void *parm);\fP This function gets called
 by libcurl just before the initialization of an SSL connection after having
@@ -430,13 +462,21 @@ Pass a long with this option to set the proxy port to connect to unless it is
 specified in the proxy string \fICURLOPT_PROXY\fP.
 .IP CURLOPT_PROXYTYPE
 Pass a long with this option to set type of the proxy. Available options for
-this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_SOCKS4\fP (added in 7.15.2)
-\fICURLPROXY_SOCKS5\fP. The HTTP type is default. (Added in 7.10)
+this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_SOCKS4\fP (added in 7.15.2),
+\fICURLPROXY_SOCKS5\fP, \fICURLPROXY_SOCKS4A\fP (added in 7.18.0) and
+\fICURLPROXY_SOCKS5_HOSTNAME\fP (added in 7.18.0). The HTTP type is
+default. (Added in 7.10)
 .IP CURLOPT_HTTPPROXYTUNNEL
 Set the parameter to non-zero to get the library to tunnel all operations
 through a given HTTP proxy. There is a big difference between using a proxy
 and to tunnel through it. If you don't know what this means, you probably
 don't want this tunneling option.
+.IP CURLOPT_SOCKS5_RESOLVE_LOCAL
+Set the parameter to 1 to get the library to resolve the host name locally
+instead of passing it to the proxy to resolve, when using a SOCKS5 proxy.
+
+Note that libcurl before 7.18.0 always resolved the host name locally even
+when SOCKS5 was used. (Added in 7.18.0)
 .IP CURLOPT_INTERFACE
 Pass a char * as parameter. This set the interface name to use as outgoing
 network interface. The name can be an interface name, an IP address or a host
@@ -670,7 +710,9 @@ and \fICURLOPT_READDATA\fP options but then you must make sure to not set
 \fICURLOPT_POSTFIELDS\fP to anything but NULL. When providing data with a
 callback, you must transmit it using chunked transfer-encoding or you must set
 the size of the data with the \fICURLOPT_POSTFIELDSIZE\fP or
-\fICURLOPT_POSTFIELDSIZE_LARGE\fP option.
+\fICURLOPT_POSTFIELDSIZE_LARGE\fP option. To enable chunked encoding, you
+simply pass in the appropriate Transfer-Encoding header, see the
+post-callback.c example.
 
 You can override the default POST Content-Type: header by setting your own
 with \fICURLOPT_HTTPHEADER\fP.
@@ -1064,6 +1106,13 @@ or similar.
 libcurl does not do a complete ASCII conversion when doing ASCII transfers
 over FTP. This is a known limitation/flaw that nobody has rectified. libcurl
 simply sets the mode to ascii and performs a standard transfer.
+.IP CURLOPT_PROXY_TRANSFER_MODE
+Pass a long. If the value is set to 1 (one), it tells libcurl to set the
+transfer mode (binary or ASCII) for FTP transfers done via an HTTP proxy, by
+appending ;type=a or ;type=i to the URL. Without this setting, or it being
+set to 0 (zero, the default), \fICURLOPT_TRANSFERTEXT\fP has no effect when
+doing FTP via a proxy. Beware that not all proxies support this feature.
+(Added in 7.18.0)
 .IP CURLOPT_CRLF
 Convert Unix newlines to CRLF newlines on transfers.
 .IP CURLOPT_RANGE
@@ -1073,6 +1122,8 @@ transfers also support several intervals, separated with commas as in
 \fI"X-Y,N-M"\fP. Using this kind of multiple intervals will cause the HTTP
 server to send the response document in pieces (using standard MIME separation
 techniques). Pass a NULL to this option to disable the use of ranges.
+
+Ranges work on HTTP, FTP and FILE (since 7.18.0) transfers only.
 .IP CURLOPT_RESUME_FROM
 Pass a long as parameter. It contains the offset in number of bytes that you
 want the transfer to start from. Set this option to 0 to make the transfer
@@ -1326,15 +1377,19 @@ operations.
 
 If the crypto device cannot be set, \fICURLE_SSL_ENGINE_SETFAILED\fP is
 returned.
+
+Note that even though this option doesn't need any parameter, in some
+configurations \fIcurl_easy_setopt\fP might be defined as a macro taking
+exactly three arguments. Therefore, it's recommended to pass 1 as parameter to
+this option.
 .IP CURLOPT_SSLVERSION
 Pass a long as parameter to control what version of SSL/TLS to attempt to use.
 The available options are:
 .RS
 .IP CURL_SSLVERSION_DEFAULT
-The default action. When libcurl built with OpenSSL or NSS, this will attempt
-to figure out the remote SSL protocol version. Unfortunately there are a lot of
-ancient and broken servers in use which cannot handle this technique and will
-fail to connect. When libcurl is built with GnuTLS, this will mean SSLv3.
+The default action. This will attempt to figure out the remote SSL protocol
+version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled
+by default with 7.18.1).
 .IP CURL_SSLVERSION_TLSv1
 Force TLSv1
 .IP CURL_SSLVERSION_SSLv2
@@ -1491,6 +1546,14 @@ this curl handle use the data from the shared handle instead of keeping the
 data to itself. This enables several curl handles to share data. If the curl
 handles are used simultaneously, you \fBMUST\fP use the locking methods in the
 share handle. See \fIcurl_share_setopt(3)\fP for details.
+
+If you add a share that is set to share cookies, your easy handle will use
+that cookie cache and get the cookie engine enabled. If you unshare an object
+that were using cookies (or change to another object that doesn't share
+cookies), the easy handle will get its cookie engine disabled.
+
+Data that the share object is not set to share will be dealt with the usual
+way, as if no share was used.
 .IP CURLOPT_NEW_FILE_PERMS
 Pass a long as a parameter, containing the value of the permissions that will
 be assigned to newly created files on the remote server.  The default value is

docs/libcurl/curl_multi_setopt.3

@@ -47,10 +47,11 @@ changes. The timeout value is at what latest time the application should call
 one of the \&"performing" functions of the multi interface
 (\fIcurl_multi_socket(3)\fP, \fIcurl_multi_socket_all(3)\fP and
 \fIcurl_multi_perform(3)\fP) - to allow libcurl to keep timeouts and retries
-etc to work. Libcurl attempts to limit calling this only when the fixed future
-timeout time actually change. See also \fICURLMOPT_TIMERDATA\fP. This callback
-can be used instead of, or in addition to, \fIcurl_multi_timeout(3)\fP. (Added
-in 7.16.0)
+etc to work. A timeout value of -1 means that there is no timeout at all, and
+0 means that the timeout is already reached. Libcurl attempts to limit calling
+this only when the fixed future timeout time actually change. See also
+\fICURLMOPT_TIMERDATA\fP. This callback can be used instead of, or in addition
+to, \fIcurl_multi_timeout(3)\fP. (Added in 7.16.0)
 .IP CURLMOPT_TIMERDATA
 Pass a pointer to whatever you want passed to the
 \fBcurl_multi_timer_callback\fP's third argument, the userp pointer.  This is

docs/libcurl/curl_multi_socket.3

@@ -27,7 +27,7 @@ application has detected action on a socket handled by libcurl, it should call
 socket with the action. When the events on a socket are known, they can be
 passed as an events bitmask \fBev_bitmask\fP by first setting \fBev_bitmask\fP
 to 0, and then adding using bitwise OR (|) any combination of events to be
-choosen from CURL_CSELECT_IN, CURL_CSELECT_OUT or CURL_CSELECT_ERR. When the
+chosen from CURL_CSELECT_IN, CURL_CSELECT_OUT or CURL_CSELECT_ERR. When the
 events on a socket are unknown, pass 0 instead, and libcurl will test the
 descriptor internally.
 
@@ -45,17 +45,20 @@ socket callback function set with the CURLMOPT_SOCKETFUNCTION option to
 \fIcurl_multi_setopt(3)\fP. They update the status with changes since the
 previous time this function was called.
 
-To force libcurl to (re-)check all its internal sockets and transfers instead
-of just a single one, you call \fBcurl_multi_socket_all(3)\fP. This is
-typically done as the first function call before the application has any
-knowledge about what sockets libcurl uses.
+Force libcurl to (re-)check all its internal sockets and transfers instead of
+just a single one by calling \fBcurl_multi_socket_all(3)\fP. This is typically
+done as the first function call before the application has any knowledge about
+what sockets libcurl uses.
 
-Applications should call \fBcurl_multi_timeout(3)\fP to figure out how long to
-wait for socket actions \- at most \- before doing the timeout action: call
-the \fBcurl_multi_socket(3)\fP function with the \fBsockfd\fP argument set to
-CURL_SOCKET_TIMEOUT.
+Get the timeout time - how long to wait for socket actions at most before
+doing the timeout action: call the \fBcurl_multi_socket(3)\fP function with
+the \fBsockfd\fP argument set to CURL_SOCKET_TIMEOUT, by setting the
+\fICURLMOPT_TIMERFUNCTION\fP option with \fIcurl_multi_setopt(3)\fP. You can
+also use the \fIcurl_multi_timeout(3)\fP function to poll the value at any
+given time, but for an event-based system using the callback is far better
+than relying on polling the timeout value.
 
-Usage of \fIcurl_multi_socket(3)\fP is depricated, whereas the function is
+Usage of \fIcurl_multi_socket(3)\fP is deprecated, whereas the function is
 equivalent to \fIcurl_multi_socket_action(3)\fP, when \fBev_bitmask\fP is set 
 to 0.
 
@@ -91,7 +94,7 @@ register, interested in write readiness
 .IP "CURL_POLL_INOUT (3)"
 register, interested in both read and write readiness
 .IP "CURL_POLL_REMOVE (4)"
-deregister
+unregister
 .RE
 
 The \fIsocketp\fP argument is a private pointer you have previously set with
@@ -131,7 +134,7 @@ them for activity. This can be done through your application code, or by way
 of an external library such as libevent or glib.
 
 7. Wait for activity on any of libcurl's sockets, use the timeout value your
-calback has been told
+callback has been told
 
 8, When activity is detected, call curl_multi_socket_action() for the
 socket(s) that got action. If no activity is detected and the timeout expires,

docs/libcurl/curl_multi_timeout.3

@@ -23,6 +23,10 @@ The timeout value returned in the long \fBtimeout\fP points to, is in number
 of milliseconds at this very moment. If 0, it means you should proceed
 immediately without waiting for anything. If it returns -1, there's no timeout
 at all set.
+
+Note: if libcurl returns a -1 timeout here, it just means that libcurl
+currently has no stored timeout value. You must not wait too long (more than a
+few seconds perhaps) before you call curl_multi_perform() again.
 .SH "RETURN VALUE"
 The standard CURLMcode for multi interface error codes.
 .SH "TYPICAL USAGE"
@@ -30,7 +34,7 @@ Call \fBcurl_multi_timeout(3)\fP, then wait for action on the sockets. You
 figure out which sockets to wait for by calling \fBcurl_multi_fdset(3)\fP or
 by a previous call to \fBcurl_multi_socket(3)\fP.
 .SH AVAILABILITY
-This function was added in libcurl 7.15.4, although not deemed stable yet.
+This function was added in libcurl 7.15.4.
 .SH "SEE ALSO"
 .BR curl_multi_cleanup "(3), " curl_multi_init "(3), "
 .BR curl_multi_fdset "(3), " curl_multi_info_read "(3), "

include/curl/Makefile.am

@@ -1,5 +1,6 @@
 pkginclude_HEADERS = \
-	curl.h curlver.h easy.h mprintf.h stdcheaders.h types.h multi.h
+	curl.h curlver.h easy.h mprintf.h stdcheaders.h types.h multi.h \
+	typecheck-gcc.h
 pkgincludedir= $(includedir)/curl
 
 CLEANFILES = *dist

include/curl/curl.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -29,6 +29,14 @@
 
 #include "curlver.h" /* the libcurl version defines */
 
+/*
+ * Define WIN32 when build target is Win32 API
+ */
+
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
+#define WIN32
+#endif
+
 #include <stdio.h>
 #include <limits.h>
 
@@ -41,12 +49,42 @@
 # include <time.h>
 #endif /* defined (vms) */
 
-typedef void CURL;
+#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__GNUC__) && \
+  !defined(__CYGWIN__) || defined(__MINGW32__)
+#if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H))
+/* The check above prevents the winsock2 inclusion if winsock.h already was
+   included, since they can't co-exist without problems */
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#endif
+#else
+
+/* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
+   libc5-based Linux systems. Only include it on system that are known to
+   require it! */
+#if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || defined(__minix)
+#include <sys/select.h>
+#endif
+
+#ifndef _WIN32_WCE
+#include <sys/socket.h>
+#endif
+#ifndef __WATCOMC__
+#include <sys/time.h>
+#endif
+#include <sys/types.h>
+#endif
+
+#ifdef __BEOS__
+#include <support/SupportDefs.h>
+#endif
 
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
+typedef void CURL;
+
 /*
  * Decorate exportable functions for Win32 DLL linking.
  * This avoids using a .def file for building libcurl.dll.
@@ -139,38 +177,6 @@ extern "C" {
 #undef FILESIZEBITS
 #endif
 
-#if defined(_WIN32) && !defined(WIN32)
-/* Chris Lewis mentioned that he doesn't get WIN32 defined, only _WIN32 so we
-   make this adjustment to catch this. */
-#define WIN32 1
-#endif
-
-#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__GNUC__) && \
-  !defined(__CYGWIN__) || defined(__MINGW32__)
-#if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H))
-/* The check above prevents the winsock2 inclusion if winsock.h already was
-   included, since they can't co-exist without problems */
-#include <winsock2.h>
-#include <ws2tcpip.h>
-#endif
-#else
-
-/* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
-   libc5-based Linux systems. Only include it on system that are known to
-   require it! */
-#if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || defined(__minix)
-#include <sys/select.h>
-#endif
-
-#ifndef _WIN32_WCE
-#include <sys/socket.h>
-#endif
-#ifndef __WATCOMC__
-#include <sys/time.h>
-#endif
-#include <sys/types.h>
-#endif
-
 #ifndef curl_socket_typedef
 /* socket typedef */
 #ifdef WIN32
@@ -224,7 +230,9 @@ typedef int (*curl_progress_callback)(void *clientp,
      time for those who feel adventurous. */
 #define CURL_MAX_WRITE_SIZE 16384
 #endif
-
+/* This is a magic return code for the write callback that, when returned,
+   will signal libcurl to pause receving on the current transfer. */
+#define CURL_WRITEFUNC_PAUSE 0x10000001
 typedef size_t (*curl_write_callback)(char *buffer,
                                       size_t size,
                                       size_t nitems,
@@ -233,6 +241,13 @@ typedef size_t (*curl_write_callback)(char *buffer,
 /* This is a return code for the read callback that, when returned, will
    signal libcurl to immediately abort the current transfer. */
 #define CURL_READFUNC_ABORT 0x10000000
+/* This is a return code for the read callback that, when returned, will
+   signal libcurl to pause sending data on the current transfer. */
+#define CURL_READFUNC_PAUSE 0x10000001
+typedef int (*curl_seek_callback)(void *instream,
+                                  curl_off_t offset,
+				  int origin); /* 'whence' */
+
 typedef size_t (*curl_read_callback)(char *buffer,
                                       size_t size,
                                       size_t nitems,
@@ -251,7 +266,9 @@ struct curl_sockaddr {
   int family;
   int socktype;
   int protocol;
-  socklen_t addrlen;
+  unsigned int addrlen; /* addrlen was a socklen_t type before 7.18.0 but it
+                           turned really ugly and painful on the systems that
+                           lack this type */
   struct sockaddr addr;
 };
 
@@ -487,10 +504,15 @@ typedef CURLcode (*curl_ssl_ctx_callback)(CURL *curl,    /* easy handle */
                                           void *userptr);
 
 typedef enum {
-  CURLPROXY_HTTP = 0,
-  CURLPROXY_SOCKS4 = 4,
-  CURLPROXY_SOCKS5 = 5
-} curl_proxytype;
+  CURLPROXY_HTTP = 0,   /* added in 7.10 */
+  CURLPROXY_SOCKS4 = 4, /* support added in 7.15.2, enum existed already
+                           in 7.10 */
+  CURLPROXY_SOCKS5 = 5, /* added in 7.10 */
+  CURLPROXY_SOCKS4A = 6, /* added in 7.18.0 */
+  CURLPROXY_SOCKS5_HOSTNAME = 7 /* Use the SOCKS5 protocol but pass along the
+                                   host name rather than the IP address. added
+                                   in 7.18.0 */
+} curl_proxytype;  /* this enum was added in 7.10 */
 
 #define CURLAUTH_NONE         0       /* nothing */
 #define CURLAUTH_BASIC        (1<<0)  /* Basic (default) */
@@ -935,7 +957,7 @@ typedef enum {
   CINIT(SHARE, OBJECTPOINT, 100),
 
   /* indicates type of proxy. accepted values are CURLPROXY_HTTP (default),
-     CURLPROXY_SOCKS4 and CURLPROXY_SOCKS5. */
+     CURLPROXY_SOCKS4, CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5. */
   CINIT(PROXYTYPE, LONG, 101),
 
   /* Set the Accept-Encoding string. Use this to tell a server you would like
@@ -1159,6 +1181,13 @@ typedef enum {
   /* POST volatile input fields. */
   CINIT(COPYPOSTFIELDS, OBJECTPOINT, 165),
 
+  /* set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy */
+  CINIT(PROXY_TRANSFER_MODE, LONG, 166),
+
+  /* Callback function for seeking in the input stream */
+  CINIT(SEEKFUNCTION, FUNCTIONPOINT, 167),
+  CINIT(SEEKDATA, OBJECTPOINT, 168),
+
   CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;
 
@@ -1241,10 +1270,6 @@ typedef enum {
   CURL_TIMECOND_LAST
 } curl_TimeCond;
 
-#ifdef __BEOS__
-#include <support/SupportDefs.h>
-#endif
-
 
 /* curl_strequal() and curl_strnequal() are subject for removal in a future
    libcurl, see lib/README.curlx for details */
@@ -1737,6 +1762,26 @@ CURL_EXTERN const char *curl_easy_strerror(CURLcode);
  */
 CURL_EXTERN const char *curl_share_strerror(CURLSHcode);
 
+/*
+ * NAME curl_easy_pause()
+ *
+ * DESCRIPTION
+ *
+ * The curl_easy_pause function pauses or unpauses transfers. Select the new
+ * state by setting the bitmask, use the convenience defines below.
+ *
+ */
+CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int bitmask);
+
+#define CURLPAUSE_RECV      (1<<0)
+#define CURLPAUSE_RECV_CONT (0)
+
+#define CURLPAUSE_SEND      (1<<2)
+#define CURLPAUSE_SEND_CONT (0)
+
+#define CURLPAUSE_ALL       (CURLPAUSE_RECV|CURLPAUSE_SEND)
+#define CURLPAUSE_CONT      (CURLPAUSE_RECV_CONT|CURLPAUSE_SEND_CONT)
+
 #ifdef  __cplusplus
 }
 #endif
@@ -1746,4 +1791,20 @@ CURL_EXTERN const char *curl_share_strerror(CURLSHcode);
 #include "easy.h" /* nothing in curl is fun without the easy stuff */
 #include "multi.h"
 
+/* the typechecker doesn't work in C++ (yet) */
+#if (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3)) && \
+    !defined(__cplusplus)
+#include "typecheck-gcc.h"
+#else
+#if defined(__STDC__) && (__STDC__ >= 1) 
+/* This preprocessor magic that replaces a call with the exact same call is
+   only done to make sure application authors pass exactly three arguments
+   to these functions. */
+#define curl_easy_setopt(handle,opt,param) curl_easy_setopt(handle,opt,param)
+#define curl_easy_getinfo(handle,info,arg) curl_easy_getinfo(handle,info,arg)
+#define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
+#define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
+#endif /* __STDC__ >= 1 */
+#endif /* gcc >= 4.3 && !__cplusplus */
+
 #endif /* __CURL_CURL_H */

include/curl/curlver.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -26,14 +26,17 @@
 /* This header file contains nothing but libcurl version info, generated by
    a script at release-time. This was made its own header file in 7.11.2 */
 
+/* This is the global package copyright */
+#define LIBCURL_COPYRIGHT "1996 - 2008 Daniel Stenberg, <daniel@haxx.se>."
+
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "7.17.1-CVS"
+#define LIBCURL_VERSION "7.18.1-CVS"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 7
-#define LIBCURL_VERSION_MINOR 17
+#define LIBCURL_VERSION_MINOR 18
 #define LIBCURL_VERSION_PATCH 1
 
 /* This is the numeric version of the libcurl version number, meant for easier
@@ -51,7 +54,7 @@
    and it is always a greater number in a more recent release. It makes
    comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071101
+#define LIBCURL_VERSION_NUM 0x071201
 
 /*
  * This is the date and time when the full source package was created. The

include/curl/typecheck-gcc.h

@@ -0,0 +1,539 @@
+#ifndef __CURL_TYPECHECK_GCC_H
+#define __CURL_TYPECHECK_GCC_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * $Id$
+ ***************************************************************************/
+
+/* wraps curl_easy_setopt() with typechecking */
+
+/* To add a new kind of warning, add an
+ *   if(_curl_is_sometype_option(_curl_opt) && ! _curl_is_sometype(value))
+ *     _curl_easy_setopt_err_sometype();
+ * block and define _curl_is_sometype_option, _curl_is_sometype and
+ * _curl_easy_setopt_err_sometype below
+ *
+ * To add an option that uses the same type as an existing option, you'll just
+ * need to extend the appropriate _curl_*_option macro
+ */
+#define curl_easy_setopt(handle, option, value)                               \
+__extension__ ({                                                              \
+  __typeof__ (option) _curl_opt = option;                                     \
+  if (__builtin_constant_p(_curl_opt)) {                                      \
+    if (_curl_is_long_option(_curl_opt) && !_curl_is_long(value))             \
+      _curl_easy_setopt_err_long();                                           \
+    if (_curl_is_off_t_option(_curl_opt) && !_curl_is_off_t(value))           \
+      _curl_easy_setopt_err_curl_off_t();                                     \
+    if (_curl_is_string_option(_curl_opt) && !_curl_is_string(value))         \
+      _curl_easy_setopt_err_string();                                         \
+    if (_curl_is_write_cb_option(_curl_opt) && !_curl_is_write_cb(value))     \
+      _curl_easy_setopt_err_write_callback();                                 \
+    if ((_curl_opt) == CURLOPT_READFUNCTION && !_curl_is_read_cb(value))      \
+      _curl_easy_setopt_err_read_cb();                                        \
+    if ((_curl_opt) == CURLOPT_IOCTLFUNCTION && !_curl_is_ioctl_cb(value))    \
+      _curl_easy_setopt_err_ioctl_cb();                                       \
+    if ((_curl_opt) == CURLOPT_SOCKOPTFUNCTION && !_curl_is_sockopt_cb(value))\
+      _curl_easy_setopt_err_sockopt_cb();                                     \
+    if ((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION &&                          \
+            !_curl_is_opensocket_cb(value))                                   \
+      _curl_easy_setopt_err_opensocket_cb();                                  \
+    if ((_curl_opt) == CURLOPT_PROGRESSFUNCTION &&                            \
+            !_curl_is_progress_cb(value))                                     \
+      _curl_easy_setopt_err_progress_cb();                                    \
+    if ((_curl_opt) == CURLOPT_DEBUGFUNCTION && !_curl_is_debug_cb(value))    \
+      _curl_easy_setopt_err_debug_cb();                                       \
+    if ((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION &&                            \
+            !_curl_is_ssl_ctx_cb(value))                                      \
+      _curl_easy_setopt_err_ssl_ctx_cb();                                     \
+    if (_curl_is_conv_cb_option(_curl_opt) && !_curl_is_conv_cb(value))       \
+      _curl_easy_setopt_err_conv_cb();                                        \
+    if ((_curl_opt) == CURLOPT_SEEKFUNCTION && !_curl_is_seek_cb(value))      \
+      _curl_easy_setopt_err_seek_cb();                                        \
+    if (_curl_is_cb_data_option(_curl_opt) && !_curl_is_cb_data(value))       \
+      _curl_easy_setopt_err_cb_data();                                        \
+    if ((_curl_opt) == CURLOPT_ERRORBUFFER && !_curl_is_error_buffer(value))  \
+      _curl_easy_setopt_err_error_buffer();                                   \
+    if ((_curl_opt) == CURLOPT_STDERR && !_curl_is_FILE(value))               \
+      _curl_easy_setopt_err_FILE();                                           \
+    if (_curl_is_postfields_option(_curl_opt) && !_curl_is_postfields(value)) \
+      _curl_easy_setopt_err_postfields();                                     \
+    if ((_curl_opt) == CURLOPT_HTTPPOST &&                                    \
+            !_curl_is_arr((value), struct curl_httppost))                     \
+      _curl_easy_setopt_err_curl_httpost();                                   \
+    if (_curl_is_slist_option(_curl_opt) &&                                   \
+            !_curl_is_arr((value), struct curl_slist))                        \
+      _curl_easy_setopt_err_curl_slist();                                     \
+    if ((_curl_opt) == CURLOPT_SHARE && !_curl_is_ptr((value), CURLSH))       \
+      _curl_easy_setopt_err_CURLSH();                                         \
+  }                                                                           \
+  curl_easy_setopt(handle, _curl_opt, value);                                 \
+})
+
+/* wraps curl_easy_getinfo() with typechecking */
+/* FIXME: don't allow const pointers */
+#define curl_easy_getinfo(handle, info, arg)                                  \
+__extension__ ({                                                              \
+  __typeof__ (info) _curl_info = info;                                        \
+  if (__builtin_constant_p(_curl_info)) {                                     \
+    if (_curl_is_string_info(_curl_info) && !_curl_is_arr((arg), char *))     \
+      _curl_easy_getinfo_err_string();                                        \
+    if (_curl_is_long_info(_curl_info) && !_curl_is_arr((arg), long))         \
+      _curl_easy_getinfo_err_long();                                          \
+    if (_curl_is_double_info(_curl_info) && !_curl_is_arr((arg), double))     \
+      _curl_easy_getinfo_err_double();                                        \
+    if (_curl_is_slist_info(_curl_info) &&                                    \
+           !_curl_is_arr((arg), struct curl_slist *))                         \
+      _curl_easy_getinfo_err_curl_slist();                                    \
+  }                                                                           \
+  curl_easy_getinfo(handle, _curl_info, arg);                                 \
+})
+
+/* TODO: typechecking for curl_share_setopt() and curl_multi_setopt(),
+ * for now just make sure that the functions are called with three
+ * arguments
+ */
+#define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
+#define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
+
+
+/* the actual warnings, triggered by calling the _curl_easy_setopt_err*
+ * functions */
+
+/* To define a new warning, use _CURL_WARNING(identifier, "message") */
+#define _CURL_WARNING(id, message)                                            \
+  static void __attribute__((warning(message))) __attribute__((unused))       \
+  __attribute__((noinline)) id(void) { __asm__(""); }
+
+_CURL_WARNING(_curl_easy_setopt_err_long,
+  "curl_easy_setopt expects a long argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_curl_off_t,
+  "curl_easy_setopt expects a curl_off_t argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_string,
+  "curl_easy_setopt expects a string (char* or char[]) argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_write_callback,
+  "curl_easy_setopt expects a curl_write_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_read_cb,
+  "curl_easy_setopt expects a curl_read_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_ioctl_cb,
+  "curl_easy_setopt expects a curl_ioctl_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_sockopt_cb,
+  "curl_easy_setopt expects a curl_sockopt_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_opensocket_cb,
+  "curl_easy_setopt expects a curl_opensocket_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_progress_cb,
+  "curl_easy_setopt expects a curl_progress_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_debug_cb,
+  "curl_easy_setopt expects a curl_debug_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_ssl_ctx_cb,
+  "curl_easy_setopt expects a curl_ssl_ctx_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_conv_cb,
+  "curl_easy_setopt expects a curl_conv_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_seek_cb,
+  "curl_easy_setopt expects a curl_seek_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_cb_data,
+  "curl_easy_setopt expects a private data pointer as argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_error_buffer,
+  "curl_easy_setopt expects a char buffer of CURL_ERROR_SIZE as argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_FILE,
+  "curl_easy_setopt expects a FILE* argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_postfields,
+  "curl_easy_setopt expects a void* or char* argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_curl_httpost,
+  "curl_easy_setopt expects a struct curl_httppost* argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_curl_slist,
+  "curl_easy_setopt expects a struct curl_slist* argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_CURLSH,
+  "curl_easy_setopt expects a CURLSH* argument for this option")
+
+_CURL_WARNING(_curl_easy_getinfo_err_string,
+  "curl_easy_getinfo expects a pointer to char * for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_long,
+  "curl_easy_getinfo expects a pointer to long for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_double,
+  "curl_easy_getinfo expects a pointer to double for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
+  "curl_easy_getinfo expects a pointer to struct curl_slist * for this info")
+
+/* groups of curl_easy_setops options that take the same type of argument */
+
+/* To add a new option to one of the groups, just add
+ *   (option) == CURLOPT_SOMETHING
+ * to the or-expression. If the option takes a long or curl_off_t, you don't
+ * have to do anything
+ */
+
+/* evaluates to true if option takes a long argument */
+#define _curl_is_long_option(option)                                          \
+  (0 < (option) && (option) < CURLOPTTYPE_OBJECTPOINT)
+
+#define _curl_is_off_t_option(option)                                         \
+  ((option) > CURLOPTTYPE_OFF_T)
+
+/* evaluates to true if option takes a char* argument */
+#define _curl_is_string_option(option)                                        \
+  ((option) == CURLOPT_URL ||                                                 \
+   (option) == CURLOPT_PROXY ||                                               \
+   (option) == CURLOPT_INTERFACE ||                                           \
+   (option) == CURLOPT_NETRC_FILE ||                                          \
+   (option) == CURLOPT_USERPWD ||                                             \
+   (option) == CURLOPT_PROXYUSERPWD ||                                        \
+   (option) == CURLOPT_ENCODING ||                                            \
+   (option) == CURLOPT_REFERER ||                                             \
+   (option) == CURLOPT_USERAGENT ||                                           \
+   (option) == CURLOPT_COOKIE ||                                              \
+   (option) == CURLOPT_COOKIEFILE ||                                          \
+   (option) == CURLOPT_COOKIEJAR ||                                           \
+   (option) == CURLOPT_COOKIELIST ||                                          \
+   (option) == CURLOPT_FTPPORT ||                                             \
+   (option) == CURLOPT_FTP_ALTERNATIVE_TO_USER ||                             \
+   (option) == CURLOPT_FTP_ACCOUNT ||                                         \
+   (option) == CURLOPT_RANGE ||                                               \
+   (option) == CURLOPT_CUSTOMREQUEST ||                                       \
+   (option) == CURLOPT_SSLCERT ||                                             \
+   (option) == CURLOPT_SSLCERTTYPE ||                                         \
+   (option) == CURLOPT_SSLKEY ||                                              \
+   (option) == CURLOPT_SSLKEYTYPE ||                                          \
+   (option) == CURLOPT_KEYPASSWD ||                                           \
+   (option) == CURLOPT_SSLENGINE ||                                           \
+   (option) == CURLOPT_CAINFO ||                                              \
+   (option) == CURLOPT_CAPATH ||                                              \
+   (option) == CURLOPT_RANDOM_FILE ||                                         \
+   (option) == CURLOPT_EGDSOCKET ||                                           \
+   (option) == CURLOPT_SSL_CIPHER_LIST ||                                     \
+   (option) == CURLOPT_KRBLEVEL ||                                            \
+   (option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 ||                             \
+   (option) == CURLOPT_SSH_PUBLIC_KEYFILE ||                                  \
+   (option) == CURLOPT_SSH_PRIVATE_KEYFILE ||                                 \
+   0)
+
+/* evaluates to true if option takes a curl_write_callback argument */
+#define _curl_is_write_cb_option(option)                                      \
+  ((option) == CURLOPT_HEADERFUNCTION ||                                      \
+   (option) == CURLOPT_WRITEFUNCTION)
+
+/* evaluates to true if option takes a curl_conv_callback argument */
+#define _curl_is_conv_cb_option(option)                                       \
+  ((option) == CURLOPT_CONV_TO_NETWORK_FUNCTION ||                            \
+   (option) == CURLOPT_CONV_FROM_NETWORK_FUNCTION ||                          \
+   (option) == CURLOPT_CONV_FROM_UTF8_FUNCTION)
+
+/* evaluates to true if option takes a data argument to pass to a callback */
+#define _curl_is_cb_data_option(option)                                       \
+  ((option) == CURLOPT_WRITEDATA ||                                           \
+   (option) == CURLOPT_READDATA ||                                            \
+   (option) == CURLOPT_IOCTLDATA ||                                           \
+   (option) == CURLOPT_SOCKOPTDATA ||                                         \
+   (option) == CURLOPT_OPENSOCKETDATA ||                                      \
+   (option) == CURLOPT_PROGRESSDATA ||                                        \
+   (option) == CURLOPT_WRITEHEADER ||                                         \
+   (option) == CURLOPT_DEBUGDATA ||                                           \
+   (option) == CURLOPT_SSL_CTX_DATA ||                                        \
+   (option) == CURLOPT_SEEKDATA ||                                            \
+   (option) == CURLOPT_PRIVATE ||                                             \
+   0)
+
+/* evaluates to true if option takes a POST data argument (void* or char*) */
+#define _curl_is_postfields_option(option)                                    \
+  ((option) == CURLOPT_POSTFIELDS ||                                          \
+   (option) == CURLOPT_COPYPOSTFIELDS ||                                      \
+   0)
+
+/* evaluates to true if option takes a struct curl_slist * argument */
+#define _curl_is_slist_option(option)                                         \
+  ((option) == CURLOPT_HTTPHEADER ||                                          \
+   (option) == CURLOPT_HTTP200ALIASES ||                                      \
+   (option) == CURLOPT_QUOTE ||                                               \
+   (option) == CURLOPT_POSTQUOTE ||                                           \
+   (option) == CURLOPT_PREQUOTE ||                                            \
+   (option) == CURLOPT_TELNETOPTIONS ||                                       \
+   0)
+
+/* groups of curl_easy_getinfo infos that take the same type of argument */
+
+/* evaluates to true if info expects a pointer to char * argument */
+#define _curl_is_string_info(info)                                            \
+  (CURLINFO_STRING < (info) && (info) < CURLINFO_LONG)
+
+/* evaluates to true if info expects a pointer to long argument */
+#define _curl_is_long_info(info)                                              \
+  (CURLINFO_LONG < (info) && (info) < CURLINFO_DOUBLE)
+
+/* evaluates to true if info expects a pointer to double argument */
+#define _curl_is_double_info(info)                                            \
+  (CURLINFO_DOUBLE < (info) && (info) < CURLINFO_SLIST)
+
+/* evaluates to true if info expects a pointer to struct curl_slist * argument */
+#define _curl_is_slist_info(info)                                             \
+  (CURLINFO_SLIST < (info))
+
+
+/* typecheck helpers -- check whether given expression has requested type*/
+
+/* For pointers, you can use the _curl_is_ptr/_curl_is_arr macros,
+ * otherwise define a new macro. Search for __builtin_types_compatible_p
+ * in the GCC manual.
+ * NOTE: these macros MUST NOT EVALUATE their arguments! The argument is
+ * the actual expression passed to the curl_easy_setopt macro. This
+ * means that you can only apply the sizeof and __typeof__ operators, no
+ * == or whatsoever.
+ */
+
+/* XXX: should evaluate to true iff expr is a pointer */
+#define _curl_is_any_ptr(expr)                                                \
+  (sizeof(expr) == sizeof(void*))
+
+/* evaluates to true if expr is NULL */
+/* XXX: must not evaluate expr, so this check is not accurate */
+#define _curl_is_NULL(expr)                                                   \
+  (__builtin_types_compatible_p(__typeof__(expr), __typeof__(NULL)))
+
+/* evaluates to true if expr is type*, const type* or NULL */
+#define _curl_is_ptr(expr, type)                                              \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), type *) ||                  \
+   __builtin_types_compatible_p(__typeof__(expr), const type *))
+
+/* evaluates to true if expr is one of type[], type*, NULL or const type* */
+#define _curl_is_arr(expr, type)                                              \
+  (_curl_is_ptr((expr), type) ||                                              \
+   __builtin_types_compatible_p(__typeof__(expr), type []))
+
+/* evaluates to true if expr is a string */
+#define _curl_is_string(expr)                                                 \
+  (_curl_is_arr((expr), char) ||                                              \
+   _curl_is_arr((expr), signed char) ||                                       \
+   _curl_is_arr((expr), unsigned char))
+
+/* evaluates to true if expr is a long (no matter the signedness)
+ * XXX: for now, int is also accepted (and therefore short and char, which
+ * are promoted to int when passed to a variadic function) */
+#define _curl_is_long(expr)                                                   \
+  (__builtin_types_compatible_p(__typeof__(expr), long) ||                    \
+   __builtin_types_compatible_p(__typeof__(expr), signed long) ||             \
+   __builtin_types_compatible_p(__typeof__(expr), unsigned long) ||           \
+   __builtin_types_compatible_p(__typeof__(expr), int) ||                     \
+   __builtin_types_compatible_p(__typeof__(expr), signed int) ||              \
+   __builtin_types_compatible_p(__typeof__(expr), unsigned int) ||            \
+   __builtin_types_compatible_p(__typeof__(expr), short) ||                   \
+   __builtin_types_compatible_p(__typeof__(expr), signed short) ||            \
+   __builtin_types_compatible_p(__typeof__(expr), unsigned short) ||          \
+   __builtin_types_compatible_p(__typeof__(expr), char) ||                    \
+   __builtin_types_compatible_p(__typeof__(expr), signed char) ||             \
+   __builtin_types_compatible_p(__typeof__(expr), unsigned char))
+
+/* evaluates to true if expr is of type curl_off_t */
+#define _curl_is_off_t(expr)                                                  \
+  (__builtin_types_compatible_p(__typeof__(expr), curl_off_t))
+
+/* evaluates to true if expr is abuffer suitable for CURLOPT_ERRORBUFFER */
+/* XXX: also check size of an char[] array? */
+#define _curl_is_error_buffer(expr)                                           \
+  (__builtin_types_compatible_p(__typeof__(expr), char *) ||                  \
+   __builtin_types_compatible_p(__typeof__(expr), char[]))
+
+/* evaluates to true if expr is of type (const) void* or (const) FILE* */
+#if 0
+#define _curl_is_cb_data(expr)                                                \
+  (_curl_is_ptr((expr), void) ||                                              \
+   _curl_is_ptr((expr), FILE))
+#else /* be less strict */
+#define _curl_is_cb_data(expr)                                                \
+  _curl_is_any_ptr(expr)
+#endif
+
+/* evaluates to true if expr is of type FILE* */
+#define _curl_is_FILE(expr)                                                   \
+  (__builtin_types_compatible_p(__typeof__(expr), FILE *))
+
+/* evaluates to true if expr can be passed as POST data (void* or char*) */
+#define _curl_is_postfields(expr)                                             \
+  (_curl_is_ptr((expr), void) ||                                              \
+   _curl_is_arr((expr), char))
+
+/* FIXME: the whole callback checking is messy...
+ * The idea is to tolerate char vs. void and const vs. not const
+ * pointers in arguments at least
+ */
+/* helper: __builtin_types_compatible_p distinguishes between functions and
+ * function pointers, hide it */
+#define _curl_callback_compatible(func, type)                                 \
+  (__builtin_types_compatible_p(__typeof__(func), type) ||                    \
+   __builtin_types_compatible_p(__typeof__(func), type*))
+
+/* evaluates to true if expr is of type curl_read_callback or "similar" */
+#define _curl_is_read_cb(expr)                                          \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), __typeof__(fread)) ||       \
+   __builtin_types_compatible_p(__typeof__(expr), curl_read_callback) ||      \
+   _curl_callback_compatible((expr), _curl_read_callback1) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback2) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback3) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback4) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback5) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback6))
+typedef size_t (_curl_read_callback1)(char *, size_t, size_t, void*);
+typedef size_t (_curl_read_callback2)(char *, size_t, size_t, const void*);
+typedef size_t (_curl_read_callback3)(char *, size_t, size_t, FILE*);
+typedef size_t (_curl_read_callback4)(void *, size_t, size_t, void*);
+typedef size_t (_curl_read_callback5)(void *, size_t, size_t, const void*);
+typedef size_t (_curl_read_callback6)(void *, size_t, size_t, FILE*);
+
+/* evaluates to true if expr is of type curl_write_callback or "similar" */
+#define _curl_is_write_cb(expr)                                               \
+  (_curl_is_read_cb(expr) ||                                            \
+   __builtin_types_compatible_p(__typeof__(expr), __typeof__(fwrite)) ||      \
+   __builtin_types_compatible_p(__typeof__(expr), curl_write_callback) ||     \
+   _curl_callback_compatible((expr), _curl_write_callback1) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback2) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback3) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback4) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback5) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback6))
+typedef size_t (_curl_write_callback1)(const char *, size_t, size_t, void*);
+typedef size_t (_curl_write_callback2)(const char *, size_t, size_t, const void*);
+typedef size_t (_curl_write_callback3)(const char *, size_t, size_t, FILE*);
+typedef size_t (_curl_write_callback4)(const void *, size_t, size_t, void*);
+typedef size_t (_curl_write_callback5)(const void *, size_t, size_t, const void*);
+typedef size_t (_curl_write_callback6)(const void *, size_t, size_t, FILE*);
+
+/* evaluates to true if expr is of type curl_ioctl_callback or "similar" */
+#define _curl_is_ioctl_cb(expr)                                         \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_ioctl_callback) ||     \
+   _curl_callback_compatible((expr), _curl_ioctl_callback1) ||                \
+   _curl_callback_compatible((expr), _curl_ioctl_callback2) ||                \
+   _curl_callback_compatible((expr), _curl_ioctl_callback3) ||                \
+   _curl_callback_compatible((expr), _curl_ioctl_callback4))
+typedef curlioerr (_curl_ioctl_callback1)(CURL *, int, void*);
+typedef curlioerr (_curl_ioctl_callback2)(CURL *, int, const void*);
+typedef curlioerr (_curl_ioctl_callback3)(CURL *, curliocmd, void*);
+typedef curlioerr (_curl_ioctl_callback4)(CURL *, curliocmd, const void*);
+
+/* evaluates to true if expr is of type curl_sockopt_callback or "similar" */
+#define _curl_is_sockopt_cb(expr)                                       \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_sockopt_callback) ||   \
+   _curl_callback_compatible((expr), _curl_sockopt_callback1) ||              \
+   _curl_callback_compatible((expr), _curl_sockopt_callback2))
+typedef int (_curl_sockopt_callback1)(void *, curl_socket_t, curlsocktype);
+typedef int (_curl_sockopt_callback2)(const void *, curl_socket_t, curlsocktype);
+
+/* evaluates to true if expr is of type curl_opensocket_callback or "similar" */
+#define _curl_is_opensocket_cb(expr)                                    \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_opensocket_callback) ||\
+   _curl_callback_compatible((expr), _curl_opensocket_callback1) ||           \
+   _curl_callback_compatible((expr), _curl_opensocket_callback2) ||           \
+   _curl_callback_compatible((expr), _curl_opensocket_callback3) ||           \
+   _curl_callback_compatible((expr), _curl_opensocket_callback4))
+typedef curl_socket_t (_curl_opensocket_callback1)
+  (void *, curlsocktype, struct curl_sockaddr *);
+typedef curl_socket_t (_curl_opensocket_callback2)
+  (void *, curlsocktype, const struct curl_sockaddr *);
+typedef curl_socket_t (_curl_opensocket_callback3)
+  (const void *, curlsocktype, struct curl_sockaddr *);
+typedef curl_socket_t (_curl_opensocket_callback4)
+  (const void *, curlsocktype, const struct curl_sockaddr *);
+
+/* evaluates to true if expr is of type curl_progress_callback or "similar" */
+#define _curl_is_progress_cb(expr)                                      \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_progress_callback) ||  \
+   _curl_callback_compatible((expr), _curl_progress_callback1) ||             \
+   _curl_callback_compatible((expr), _curl_progress_callback2))
+typedef int (_curl_progress_callback1)(void *,
+    double, double, double, double);
+typedef int (_curl_progress_callback2)(const void *,
+    double, double, double, double);
+
+/* evaluates to true if expr is of type curl_debug_callback or "similar" */
+#define _curl_is_debug_cb(expr)                                         \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_debug_callback) ||     \
+   _curl_callback_compatible((expr), _curl_debug_callback1) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback2) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback3) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback4))
+typedef int (_curl_debug_callback1) (CURL *,
+    curl_infotype, char *, size_t, void *);
+typedef int (_curl_debug_callback2) (CURL *,
+    curl_infotype, char *, size_t, const void *);
+typedef int (_curl_debug_callback3) (CURL *,
+    curl_infotype, const char *, size_t, void *);
+typedef int (_curl_debug_callback4) (CURL *,
+    curl_infotype, const char *, size_t, const void *);
+
+/* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */
+/* this is getting even messier... */
+#define _curl_is_ssl_ctx_cb(expr)                                       \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_ssl_ctx_callback) ||   \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback1) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback2) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback3) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback4) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback5) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback6) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback7) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback8))
+typedef CURLcode (_curl_ssl_ctx_callback1)(CURL *, void *, void *);
+typedef CURLcode (_curl_ssl_ctx_callback2)(CURL *, void *, const void *);
+typedef CURLcode (_curl_ssl_ctx_callback3)(CURL *, const void *, void *);
+typedef CURLcode (_curl_ssl_ctx_callback4)(CURL *, const void *, const void *);
+#ifdef HEADER_SSL_H
+/* hack: if we included OpenSSL's ssl.h, we know about SSL_CTX
+ * this will of course break if we're included before OpenSSL headers...
+ */
+typedef CURLcode (_curl_ssl_ctx_callback5)(CURL *, SSL_CTX, void *);
+typedef CURLcode (_curl_ssl_ctx_callback6)(CURL *, SSL_CTX, const void *);
+typedef CURLcode (_curl_ssl_ctx_callback7)(CURL *, const SSL_CTX, void *);
+typedef CURLcode (_curl_ssl_ctx_callback8)(CURL *, const SSL_CTX, const void *);
+#else
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback5;
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback6;
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback7;
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback8;
+#endif
+
+/* evaluates to true if expr is of type curl_conv_callback or "similar" */
+#define _curl_is_conv_cb(expr)                                          \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_conv_callback) ||      \
+   _curl_callback_compatible((expr), _curl_conv_callback1) ||                 \
+   _curl_callback_compatible((expr), _curl_conv_callback2) ||                 \
+   _curl_callback_compatible((expr), _curl_conv_callback3) ||                 \
+   _curl_callback_compatible((expr), _curl_conv_callback4))
+typedef CURLcode (*_curl_conv_callback1)(char *, size_t length);
+typedef CURLcode (*_curl_conv_callback2)(const char *, size_t length);
+typedef CURLcode (*_curl_conv_callback3)(void *, size_t length);
+typedef CURLcode (*_curl_conv_callback4)(const void *, size_t length);
+
+/* evaluates to true if expr is of type curl_seek_callback or "similar" */
+#define _curl_is_seek_cb(expr)                                          \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_seek_callback) ||      \
+   _curl_callback_compatible((expr), _curl_seek_callback1) ||                 \
+   _curl_callback_compatible((expr), _curl_seek_callback2))
+typedef CURLcode (*_curl_seek_callback1)(void *, curl_off_t, int);
+typedef CURLcode (*_curl_seek_callback2)(const void *, curl_off_t, int);
+
+
+#endif /* __CURL_TYPECHECK_GCC_H */

lib/Makefile.Watcom

@@ -1,21 +1,32 @@
 #
 #  Watcom / OpenWatcom / Win32 makefile for libcurl.
-#  G. Vanem <giva@bgnett.no>
+#  G. Vanem <gvanem@broadpark.no>
 #
 # $Id$
 
-TARGETS = ca-bundle.h libcurl_wc.lib libcurl_wc.dll libcurl_wc_imp.lib
+TARGETS = ca-bundle.h libcurl_wc.dll libcurl_wc_imp.lib
 
 CC = wcc386
 
-CFLAGS = -3r -mf -d3 -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm -bt=nt -bd &
-         -d+ -dWIN32 -dCURL_CA_BUNDLE=getenv("CURL_CA_BUNDLE")                     &
+CFLAGS = -3r -mf -d3 -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm -bt=nt &
+         -bd -d+ -dWIN32 -dCURL_CA_BUNDLE=getenv("CURL_CA_BUNDLE")                 &
          -dBUILDING_LIBCURL -dWITHOUT_MM_LIB -dHAVE_SPNEGO=1 -dENABLE_IPV6         &
          -dDEBUG_THREADING_GETADDRINFO -dDEBUG=1 -dCURLDEBUG -d_WIN32_WINNT=0x0501 &
-         -I. -I..\include -dCURL_DISABLE_LDAP
+         -dWINBERAPI=__declspec(cdecl) -dWINLDAPAPI=__declspec(cdecl)              &
+         -I. -I..\include
 
-OBJ_DIR  = Watcom_obj
-LIB_ARG  = $(OBJ_DIR)\wlib.arg
+#
+# Change to suite.
+#
+ZLIB_ROOT = ..\..\..\zlib-1.2.3
+USE_ZLIB  = 0
+
+!ifeq USE_ZLIB 1
+CFLAGS += -dHAVE_ZLIB_H -dHAVE_LIBZ -I$(ZLIB_ROOT)
+!endif
+
+OBJ_DIR  = WC_Win32.obj
+C_ARG    = $(OBJ_DIR)\wcc386.arg
 LINK_ARG = $(OBJ_DIR)\wlink.arg
 
 OBJS = $(OBJ_DIR)\base64.obj           $(OBJ_DIR)\connect.obj     &
@@ -50,7 +61,7 @@ OBJS = $(OBJ_DIR)\base64.obj           $(OBJ_DIR)\connect.obj     &
 
 RESOURCE = $(OBJ_DIR)\libcurl.res
 
-all: $(OBJ_DIR) $(TARGETS) .SYMBOLIC
+all: $(OBJ_DIR) $(C_ARG) $(TARGETS) .SYMBOLIC
 	@echo Welcome to libcurl
 
 $(OBJ_DIR):
@@ -59,17 +70,14 @@ $(OBJ_DIR):
 ca-bundle.h:
 	@echo /* dummy ca-bundle.h. Not used */ > $@
 
-libcurl_wc.lib: $(OBJS) $(LIB_ARG)
-	wlib -q -b -c $@ @$(LIB_ARG)
-
-libcurl_wc.dll: $(OBJS) $(RESOURCE) $(LINK_ARG)
+libcurl_wc.dll libcurl_wc_imp.lib: $(OBJS) $(RESOURCE) $(LINK_ARG)
 	wlink name libcurl_wc.dll @$(LINK_ARG)
 
 clean: .SYMBOLIC
 	- rm -f $(OBJS) $(RESOURCE)
 
 vclean realclean: clean .SYMBOLIC
-	- rm -f $(TARGETS) $(LIB_ARG) $(LINK_ARG) libcurl_wc.map
+	- rm -f $(TARGETS) $(C_ARG) $(LINK_ARG) libcurl_wc.map
 	- rmdir $(OBJ_DIR)
 
 .ERASE
@@ -78,12 +86,11 @@ $(RESOURCE): libcurl.rc
 
 .ERASE
 .c{$(OBJ_DIR)}.obj:
-	$(CC) $[@ $(CFLAGS) -fo=$@
-	@echo .
+	$(CC) $[@ @$(C_ARG) -fo=$@
 
-$(LIB_ARG): $(__MAKEFILES__)
+$(C_ARG): $(__MAKEFILES__)
 	%create $^@
-	for %f in ($(OBJS)) do @%append $^@ +- %f
+	%append $^@ $(CFLAGS)
 
 $(LINK_ARG): $(__MAKEFILES__)
 	%create $^@
@@ -91,7 +98,10 @@ $(LINK_ARG): $(__MAKEFILES__)
 	@%append $^@ file { $(OBJS) }
 	@%append $^@ option quiet, map, caseexact, eliminate, implib=libcurl_wc_imp.lib,
 	@%append $^@ res=$(RESOURCE) libpath $(%watcom)\lib386;$(%watcom)\lib386\nt
-	@%append $^@ library clib3r.lib, ws2_32.lib
+	@%append $^@ library clib3r.lib, wldap32.lib, ws2_32.lib
+!ifeq USE_ZLIB 1
+	@%append $^@ library $(ZLIB_ROOT)\zlib.lib
+!endif
 
 #
 # Dependencies based on "gcc -MM .."

lib/Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -30,12 +30,12 @@ DOCS = README.encoding README.memoryleak README.ares README.curlx	\
 
 EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 Makefile.riscos	\
  $(DSP) curllib.dsw config-win32.h config-win32ce.h config-riscos.h	\
- config-mac.h config.h.in ca-bundle.crt makefile.dj config.dos		\
+ config-mac.h config.h.in makefile.dj config.dos		\
  libcurl.framework.make libcurl.plist libcurl.rc config-amigaos.h	\
  amigaos.c amigaos.h makefile.amiga Makefile.netware nwlib.c nwos.c	\
  libcurl.imp msvcproj.head msvcproj.foot config-win32ce.h		\
  config-os400.h setup-os400.h \
- Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ)
+ Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ) mk-ca-bundle.pl
 
 CLEANFILES = $(DSP) $(VCPROJ)
 
@@ -111,14 +111,13 @@ $(top_builddir)/lib/ca-bundle.h: Makefile.in Makefile
 if CABUNDLE
 	echo '#define CURL_CA_BUNDLE @CURL_CA_BUNDLE@' >> $@
 else
-	echo '#undef CURL_CA_BUNDLE /* unknown */' >> $@
+	echo '#undef CURL_CA_BUNDLE /* unknown default path */' >> $@
+endif
+if CAPATH
+	echo '#define CURL_CA_PATH @CURL_CA_PATH@' >> $@
+else
+	echo '#undef CURL_CA_PATH /* unknown default path */' >>$@
 endif
-
-install-data-hook:
-	@if test -n "@CURL_CA_BUNDLE@"; then \
-	  $(mkinstalldirs) `dirname $(DESTDIR)@CURL_CA_BUNDLE@`; \
-	  @INSTALL_DATA@ $(srcdir)/ca-bundle.crt $(DESTDIR)@CURL_CA_BUNDLE@; \
-        fi
 
 # this hook is mainly for non-unix systems to build even if configure
 # isn't run

lib/Makefile.m32

@@ -1,8 +1,8 @@
 #########################################################################
 # $Id$
 #
-## Makefile for building libcurl.a with MingW32 (GCC-3.2) and
-## optionally OpenSSL (0.9.8), libssh2 (0.17), zlib (1.2.3)
+## Makefile for building libcurl.a with MingW32 (GCC-3.2)
+## and optionally OpenSSL (0.9.8), libssh2 (0.18), zlib (1.2.3)
 ##
 ## Usage:
 ## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
@@ -21,11 +21,11 @@ ZLIB_PATH = ../../zlib-1.2.3
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8e
+OPENSSL_PATH = ../../openssl-0.9.8g
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-0.17
+LIBSSH2_PATH = ../../libssh2-0.18
 endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
@@ -41,7 +41,7 @@ LDFLAGS = -s
 RANLIB = ranlib
 RC = windres
 RCFLAGS = --include-dir=../include -DCURLDEBUG=0 -O COFF -i
-RM = del /q /f
+RM = del /q /f > NUL 2>&1
 STRIP = strip -g
 
 ########################################################

lib/Makefile.netware

@@ -20,12 +20,12 @@ endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8e
+OPENSSL_PATH = ../../openssl-0.9.8g
 endif
 
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-0.16
+LIBSSH2_PATH = ../../libssh2-0.18
 endif
 
 ifndef INSTDIR
@@ -35,13 +35,16 @@ endif
 # Edit the vars below to change NLM target settings.
 TARGET  = libcurl
 VERSION	= $(LIBCURL_VERSION)
-COPYR	= Copyright (C) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>
+COPYR	= Copyright (C) $(LIBCURL_COPYRIGHT_STR)
 DESCR	= cURL libcurl $(LIBCURL_VERSION_STR) ($(LIBARCH)) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
 SCREEN	= none
 EXPORTS	= @libcurl.imp
 
+# Uncomment the next line to enable linking with POSIX semantics.
+# POSIXFL = 1
+
 # Edit the var below to point to your lib architecture.
 ifndef LIBARCH
 LIBARCH = LIBC
@@ -71,11 +74,13 @@ ifdef METROWERKS
 else
 	CC = gcc
 endif
+PERL	= perl
 # a native win32 awk can be downloaded from here:
-# http://www.gknw.net/development/prgtools/awk-20050424.zip
+# http://www.gknw.net/development/prgtools/awk-20070501.zip
 AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
+MKDIR	= mkdir
 # RM	= rm -f
 # if you want to mark the target as MTSAFE you will need a tool for
 # generating the xdc data for the linker; here's a minimal tool:
@@ -102,7 +107,11 @@ CFLAGS	+= -msgstyle gcc -gccinc -inline off -opt nointrinsics -proc 586
 CFLAGS	+= -relax_pointers
 #CFLAGS	+= -w on
 ifeq ($(LIBARCH),LIBC)
+ifeq ($(POSIXFL),1)
+	PRELUDE = $(SDK_LIBC)/imports/posixpre.o
+else
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.o
+endif
 	CFLAGS += -align 4
 else
 	# PRELUDE = $(SDK_CLIB)/imports/clibpre.o
@@ -121,7 +130,11 @@ RANLIB	= ranlib
 CFLAGS	+= -fno-builtin -fpcc-struct-return -fno-strict-aliasing
 CFLAGS	+= -Wall # -pedantic
 ifeq ($(LIBARCH),LIBC)
+ifeq ($(POSIXFL),1)
+	PRELUDE = $(SDK_LIBC)/imports/posixpre.gcc.o
+else
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
+endif
 else
 	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
 	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
@@ -159,6 +172,7 @@ ifdef WITH_SSL
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
 	IMPORTS += GetProcessSwitchCount RunningProcess
+	INSTDEP += ca-bundle.crt
 endif
 ifdef WITH_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
@@ -226,11 +240,7 @@ $(OBJDIR)/version.inc: ../include/curl/curlver.h $(OBJDIR)
 	@echo Creating $@
 	@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
 
-dist: all
-	-$(RM) $(OBJDIR)/*.o $(OBJDIR)/$(TARGET).map $(OBJDIR)/$(TARGET).ncv
-	-$(RM) $(OBJDIR)/$(TARGET).def $(OBJDIR)/version.inc $(XDCDATA)
-
-install: $(INSTDIR) all
+install: $(INSTDIR) all $(INSTDEP)
 	@$(CP) $(TARGET).nlm $(INSTDIR)
 	@$(CP) $(TARGET).$(LIBEXT) $(INSTDIR)
 	@$(CP) ../CHANGES $(INSTDIR)
@@ -238,7 +248,7 @@ install: $(INSTDIR) all
 	@$(CP) ../README $(INSTDIR)
 	@$(CP) ../RELEASE-NOTES $(INSTDIR)
 ifdef WITH_SSL
-	@$(CP) ca-bundle.crt $(INSTDIR)
+	@-$(CP) ca-bundle.crt $(INSTDIR)/ca-bundle.crt
 endif
 
 clean:
@@ -246,13 +256,11 @@ clean:
 	-$(RM) -r $(OBJDIR)
 
 distclean: clean
-	-$(RM) -r $(TARGET).$(LIBEXT) $(TARGET).nlm
+	-$(RM) $(TARGET).$(LIBEXT) $(TARGET).nlm
+	-$(RM) certdata.txt ca-bundle.crt
 
-$(INSTDIR):
-	@mkdir $(INSTDIR)
-
-$(OBJDIR):
-	@mkdir $(OBJDIR)
+$(OBJDIR) $(INSTDIR):
+	@$(MKDIR) $@
 
 $(TARGET).$(LIBEXT): $(OBJS)
 	@echo Creating $@
@@ -305,27 +313,36 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)import @$(SDK_CLIB)/imports/threads.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_CLIB)/imports/nlmlib.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_CLIB)/imports/socklib.imp$(DL) >> $@
+	@echo $(DL)module clib$(DL) >> $@
 ifndef DISABLE_LDAP
 	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapsdk.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapssl.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
-	@echo $(DL)module ldapsdk ldapssl ldapx$(DL) >> $@
+#	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
+	@echo $(DL)module ldapsdk ldapssl$(DL) >> $@
 endif
-	@echo $(DL)module clib$(DL) >> $@
 else
+ifeq ($(POSIXFL),1)
+	@echo $(DL)flag_on 4194304$(DL) >> $@
+endif
 	@echo $(DL)pseudopreemption$(DL) >> $@
+ifeq ($(findstring posixpre,$(PRELUDE)),posixpre)
+	@echo $(DL)start POSIX_Start$(DL) >> $@
+	@echo $(DL)exit POSIX_Stop$(DL) >> $@
+	@echo $(DL)check POSIX_CheckUnload$(DL) >> $@
+else
 	@echo $(DL)start _LibCPrelude$(DL) >> $@
 	@echo $(DL)exit _LibCPostlude$(DL) >> $@
 	@echo $(DL)check _LibCCheckUnload$(DL) >> $@
+endif
 	@echo $(DL)import @$(SDK_LIBC)/imports/libc.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LIBC)/imports/netware.imp$(DL) >> $@
+	@echo $(DL)module libc$(DL) >> $@
 ifndef DISABLE_LDAP
 	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapsdk.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapssl.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
-	@echo $(DL)module lldapsdk lldapssl lldapx$(DL) >> $@
+#	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
+	@echo $(DL)module lldapsdk lldapssl$(DL) >> $@
 endif
-	@echo $(DL)module libc$(DL) >> $@
 endif
 ifdef MODULES
 	@echo $(DL)module $(MODULES)$(DL) >> $@
@@ -336,9 +353,9 @@ endif
 ifdef IMPORTS
 	@echo $(DL)import $(IMPORTS)$(DL) >> $@
 endif
-ifeq ($(LD),nlmconv)
-	@echo $(DL)input $(OBJL)$(DL) >> $@
+ifeq ($(findstring nlmconv,$(LD)),nlmconv)
 	@echo $(DL)input $(PRELUDE)$(DL) >> $@
+	@echo $(DL)input $(OBJL)$(DL) >> $@
 #ifdef LDLIBS
 #	@echo $(DL)input $(LDLIBS)$(DL) >> $@
 #endif
@@ -372,7 +389,6 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define socklen_t int$(DL) >> $@
-	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
 else
 	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
 	@echo $(DL)#define HAVE_FTRUNCATE 1$(DL) >> $@
@@ -405,7 +421,6 @@ else
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
-	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
 ifdef ENABLE_IPV6
 	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
 endif
@@ -556,4 +571,8 @@ endif
 $(ARES_LIB)/libcares.$(LIBEXT):
 	$(MAKE) -C $(ARES_LIB) -f Makefile.netware lib
 
+ca-bundle.crt: mk-ca-bundle.pl
+	@echo Creating $@
+	@-$(PERL) $< -b -n $@
+
 

lib/Makefile.vc6

@@ -35,7 +35,7 @@ IMPLIB_NAME       = libcurl_imp
 IMPLIB_NAME_DEBUG = libcurld_imp
 
 !IFNDEF OPENSSL_PATH
-OPENSSL_PATH   = ../../openssl-0.9.8e
+OPENSSL_PATH   = ../../openssl-0.9.8g
 !ENDIF
 
 !IFNDEF ZLIB_PATH
@@ -58,7 +58,7 @@ MACHINE  = X86
 # It can be downloaded from:
 # http://www.microsoft.com/msdownload/platformsdk/sdkupdate/
 
-# USE_WINDOWS_SSPI = 1
+# WINDOWS_SSPI = 1
 
 !IFDEF WINDOWS_SSPI
 !IFNDEF WINDOWS_SDK_PATH

lib/config-win32.h

@@ -347,6 +347,36 @@
 #define HAVE_LONGLONG 1
 #endif
 
+/* Define to avoid VS2005 complaining about portable C functions */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#define _CRT_NONSTDC_NO_DEPRECATE 1
+#endif
+
+/* VS2005 and later dafault size for time_t is 64-bit, unless */
+/* _USE_32BIT_TIME_T has been defined to get a 32-bit time_t. */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#  ifndef _USE_32BIT_TIME_T
+#    define SIZEOF_TIME_T 8
+#  else
+#    define SIZEOF_TIME_T 4
+#  endif
+#endif
+
+/* VS2008 does not support Windows build targets prior to WinXP, */
+/* so, if no build target has been defined we will target WinXP. */
+#if defined(_MSC_VER) && (_MSC_VER >= 1500)
+#  ifndef _WIN32_WINNT
+#    define _WIN32_WINNT 0x0501
+#  endif
+#  ifndef WINVER
+#    define WINVER 0x0501
+#  endif
+#  if (_WIN32_WINNT < 0x0501) || (WINVER < 0x0501)
+#    error VS2008 does not support Windows build targets prior to WinXP
+#  endif
+#endif
+
 /* ---------------------------------------------------------------- */
 /*                           LDAP SUPPORT                           */
 /* ---------------------------------------------------------------- */
@@ -370,10 +400,6 @@
 /*                       ADDITIONAL DEFINITIONS                     */
 /* ---------------------------------------------------------------- */
 
-/* Defines set for VS2005 to _not_ deprecate a few functions we use. */
-#define _CRT_SECURE_NO_DEPRECATE 1
-#define _CRT_NONSTDC_NO_DEPRECATE 1
-
 /* Define cpu-machine-OS */
 #undef OS
 #if defined(_M_IX86) || defined(__i386__) /* x86 (MSVC or gcc) */

lib/config-win32ce.h

@@ -308,6 +308,22 @@
 /* Undef keyword 'const' if it does not work.  */
 /* #undef const */
 
+/* Define to avoid VS2005 complaining about portable C functions */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#define _CRT_NONSTDC_NO_DEPRECATE 1
+#endif
+
+/* VS2005 and later dafault size for time_t is 64-bit, unless */
+/* _USE_32BIT_TIME_T has been defined to get a 32-bit time_t. */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#  ifndef _USE_32BIT_TIME_T
+#    define SIZEOF_TIME_T 8
+#  else
+#    define SIZEOF_TIME_T 4
+#  endif
+#endif
+
 /* ---------------------------------------------------------------- */
 /*                           LDAP SUPPORT                           */
 /* ---------------------------------------------------------------- */
@@ -320,10 +336,6 @@
 /*                       ADDITIONAL DEFINITIONS                     */
 /* ---------------------------------------------------------------- */
 
-/* Defines set for VS2005 to _not_ deprecate a few functions we use. */
-#define _CRT_SECURE_NO_DEPRECATE 1
-#define _CRT_NONSTDC_NO_DEPRECATE 1
-
 /* Define cpu-machine-OS */
 #undef OS
 #define OS "i386-pc-win32ce"

lib/connect.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -101,6 +101,66 @@ singleipconnect(struct connectdata *conn,
                 long timeout_ms,
                 bool *connected);
 
+/*
+ * Curl_timeleft() returns the amount of milliseconds left allowed for the
+ * transfer/connection. If the value is negative, the timeout time has already
+ * elapsed.
+ *
+ * If 'nowp' is non-NULL, it points to the current time.
+ * 'duringconnect' is FALSE if not during a connect, as then of course the
+ * connect timeout is not taken into account!
+ */
+long Curl_timeleft(struct connectdata *conn,
+                   struct timeval *nowp,
+                   bool duringconnect)
+{
+  struct SessionHandle *data = conn->data;
+  int timeout_set = 0;
+  long timeout_ms = duringconnect?DEFAULT_CONNECT_TIMEOUT:0;
+  struct timeval now;
+
+  /* if a timeout is set, use the most restrictive one */
+
+  if(data->set.timeout > 0)
+    timeout_set |= 1;
+  if(duringconnect && (data->set.connecttimeout > 0))
+    timeout_set |= 2;
+
+  switch (timeout_set) {
+  case 1:
+    timeout_ms = data->set.timeout;
+    break;
+  case 2:
+    timeout_ms = data->set.connecttimeout;
+    break;
+  case 3:
+    if(data->set.timeout < data->set.connecttimeout)
+      timeout_ms = data->set.timeout;
+    else
+      timeout_ms = data->set.connecttimeout;
+    break;
+  default:
+    /* use the default */
+    if(!duringconnect)
+      /* if we're not during connect, there's no default timeout so if we're
+         at zero we better just return zero and not make it a negative number
+         by the math below */
+      return 0;
+    break;
+  }
+
+  if(!nowp) {
+    now = Curl_tvnow();
+    nowp = &now;
+  }
+
+  /* substract elapsed time */
+  timeout_ms -= Curl_tvdiff(*nowp, data->progress.t_startsingle);
+
+  return timeout_ms;
+}
+
+
 /*
  * Curl_nonblock() set the given socket to either blocking or non-blocking
  * mode based on the 'nonblock' boolean argument. This function is highly
@@ -533,42 +593,33 @@ CURLcode Curl_is_connected(struct connectdata *conn,
   CURLcode code = CURLE_OK;
   curl_socket_t sockfd = conn->sock[sockindex];
   long allow = DEFAULT_CONNECT_TIMEOUT;
-  long allow_total = 0;
-  long has_passed;
 
   DEBUGASSERT(sockindex >= FIRSTSOCKET && sockindex <= SECONDARYSOCKET);
 
   *connected = FALSE; /* a very negative world view is best */
 
-  /* Evaluate in milliseconds how much time that has passed */
-  has_passed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
-
-  /* subtract the most strict timeout of the ones */
-  if(data->set.timeout && data->set.connecttimeout) {
-    if (data->set.timeout < data->set.connecttimeout)
-      allow_total = allow = data->set.timeout;
-    else
-      allow = data->set.connecttimeout;
-  }
-  else if(data->set.timeout) {
-    allow_total = allow = data->set.timeout;
-  }
-  else if(data->set.connecttimeout) {
-    allow = data->set.connecttimeout;
-  }
-
-  if(has_passed > allow ) {
-    /* time-out, bail out, go home */
-    failf(data, "Connection time-out after %ld ms", has_passed);
-    return CURLE_OPERATION_TIMEDOUT;
-  }
   if(conn->bits.tcpconnect) {
     /* we are connected already! */
+    long allow_total = 0;
+
+    /* subtract the most strict timeout of the ones */
+    if(data->set.timeout)
+      allow_total = data->set.timeout;
+
     Curl_expire(data, allow_total);
     *connected = TRUE;
     return CURLE_OK;
   }
 
+  /* figure out how long time we have left to connect */
+  allow = Curl_timeleft(conn, NULL, TRUE);
+
+  if(allow < 0) {
+    /* time-out, bail out, go home */
+    failf(data, "Connection time-out");
+    return CURLE_OPERATION_TIMEDOUT;
+  }
+
   Curl_expire(data, allow);
 
   /* check for connect without timeout as we want to return immediately */
@@ -694,7 +745,7 @@ singleipconnect(struct connectdata *conn,
   addr->protocol=ai->ai_protocol;
   addr->addrlen =
     (ai->ai_addrlen < (socklen_t)sizeof(struct Curl_sockaddr_storage)) ?
-     ai->ai_addrlen : (socklen_t)sizeof(struct Curl_sockaddr_storage);
+     (unsigned int)ai->ai_addrlen : sizeof(struct Curl_sockaddr_storage);
   memcpy(&addr->addr, ai->ai_addr, addr->addrlen);
 
   /* If set, use opensocket callback to get the socket */
@@ -821,7 +872,6 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
   int num_addr;
   Curl_addrinfo *ai;
   Curl_addrinfo *curr_addr;
-  int timeout_set = 0;
 
   struct timeval after;
   struct timeval before = Curl_tvnow();
@@ -834,40 +884,14 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
 
   *connected = FALSE; /* default to not connected */
 
-  /* if a timeout is set, use the most restrictive one */
+  /* get the timeout left */
+  timeout_ms = Curl_timeleft(conn, &before, TRUE);
 
-  if (data->set.timeout > 0)
-    timeout_set += 1;
-  if (data->set.connecttimeout > 0)
-    timeout_set += 2;
-
-  switch (timeout_set) {
-  case 1:
-    timeout_ms = data->set.timeout;
-    break;
-  case 2:
-    timeout_ms = data->set.connecttimeout;
-    break;
-  case 3:
-    if (data->set.timeout < data->set.connecttimeout)
-      timeout_ms = data->set.timeout;
-    else
-      timeout_ms = data->set.connecttimeout;
-    break;
-  default:
-    timeout_ms = DEFAULT_CONNECT_TIMEOUT;
-    break;
-  }
-
-  if (timeout_set > 0) {
-    /* if a timeout was already set, substract elapsed time */
-    timeout_ms -= Curl_tvdiff(before, data->progress.t_startsingle);
   if(timeout_ms < 0) {
     /* a precaution, no need to continue if time already is up */
     failf(data, "Connection time-out");
     return CURLE_OPERATION_TIMEDOUT;
   }
-  }
   Curl_expire(data, timeout_ms);
 
   /* Max time for each address */

lib/connect.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -31,14 +31,20 @@ CURLcode Curl_is_connected(struct connectdata *conn,
                            bool *connected);
 
 CURLcode Curl_connecthost(struct connectdata *conn,
-                          const struct Curl_dns_entry *host, /* connect to this */
+                          const struct Curl_dns_entry *host, /* connect to
+                                                                this */
                           curl_socket_t *sockconn, /* not set if error */
                           Curl_addrinfo **addr, /* the one we used */
-                          bool *connected /* truly connected? */
-                          );
+                          bool *connected); /* truly connected? */
 
 CURLcode Curl_store_ip_addr(struct connectdata *conn);
 
+/* generic function that returns how much time there's left to run, according
+   to the timeouts set */
+long Curl_timeleft(struct connectdata *conn,
+                   struct timeval *nowp,
+                   bool duringconnect);
+
 #define DEFAULT_CONNECT_TIMEOUT 300000 /* milliseconds == five minutes */
 
 #endif

lib/content_encoding.c

@@ -77,7 +77,7 @@ exit_zlib(z_stream *z, zlibInitState *zlib_init, CURLcode result)
 
 static CURLcode
 inflate_stream(struct connectdata *conn,
-               struct Curl_transfer_keeper *k)
+               struct SingleRequest *k)
 {
   int allow_restart = 1;
   z_stream *z = &k->z;          /* zlib state structure */
@@ -152,7 +152,7 @@ inflate_stream(struct connectdata *conn,
 
 CURLcode
 Curl_unencode_deflate_write(struct connectdata *conn,
-                            struct Curl_transfer_keeper *k,
+                            struct SingleRequest *k,
                             ssize_t nread)
 {
   z_stream *z = &k->z;          /* zlib state structure */
@@ -265,7 +265,7 @@ static enum {
 
 CURLcode
 Curl_unencode_gzip_write(struct connectdata *conn,
-                         struct Curl_transfer_keeper *k,
+                         struct SingleRequest *k,
                          ssize_t nread)
 {
   z_stream *z = &k->z;          /* zlib state structure */

lib/content_encoding.h

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -32,10 +32,10 @@
 #endif
 
 CURLcode Curl_unencode_deflate_write(struct connectdata *conn,
-                                     struct Curl_transfer_keeper *k,
+                                     struct SingleRequest *req,
                                      ssize_t nread);
 
 CURLcode
 Curl_unencode_gzip_write(struct connectdata *conn,
-                         struct Curl_transfer_keeper *k,
+                         struct SingleRequest *k,
                          ssize_t nread);

lib/cookie.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -367,8 +367,12 @@ Curl_cookie_add(struct SessionHandle *data,
       else {
         if(sscanf(ptr, "%" MAX_COOKIE_LINE_TXT "[^;\r\n]",
                   what)) {
-          if(strequal("secure", what))
+          if(strequal("secure", what)) {
             co->secure = TRUE;
+          }
+          else if (strequal("httponly", what)) {
+            co->httponly = TRUE;
+          }
           /* else,
              unsupported keyword without assign! */
 
@@ -433,6 +437,19 @@ Curl_cookie_add(struct SessionHandle *data,
     char *tok_buf;
     int fields;
 
+    /* IE introduced HTTP-only cookies to prevent XSS attacks. Cookies 
+       marked with httpOnly after the domain name are not accessible  
+       from javascripts, but since curl does not operate at javascript  
+       level, we include them anyway. In Firefox's cookie files, these 
+       lines are preceeded with #HttpOnly_ and then everything is
+       as usual, so we skip 10 characters of the line..
+    */
+    if (strncmp(lineptr, "#HttpOnly_", 10) == 0) {
+      lineptr += 10;
+      co->httponly = TRUE;
+    }
+
+
     if(lineptr[0]=='#') {
       /* don't even try the comments */
       free(co);
@@ -812,7 +829,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
 void Curl_cookie_clearall(struct CookieInfo *cookies)
 {
   if(cookies) {
-    Curl_cookie_freelist(cookies->cookies);
+    Curl_cookie_freelist(cookies->cookies, TRUE);
     cookies->cookies = NULL;
     cookies->numcookies = 0;
   }
@@ -824,16 +841,22 @@ void Curl_cookie_clearall(struct CookieInfo *cookies)
  *
  * Free a list of cookies previously returned by Curl_cookie_getlist();
  *
+ * The 'cookiestoo' argument tells this function whether to just free the
+ * list or actually also free all cookies within the list as well.
+ *
  ****************************************************************************/
 
-void Curl_cookie_freelist(struct Cookie *co)
+void Curl_cookie_freelist(struct Cookie *co, bool cookiestoo)
 {
   struct Cookie *next;
   if(co) {
     while(co) {
       next = co->next;
-      free(co); /* we only free the struct since the "members" are all
-                      just copied! */
+      if(cookiestoo)
+        freecookie(co);
+      else
+        free(co); /* we only free the struct since the "members" are all just
+                     pointed out in the main cookie list! */
       co = next;
     }
   }
@@ -867,7 +890,7 @@ void Curl_cookie_clearsess(struct CookieInfo *cookies)
       else
         prev->next = next;
 
-      free(curr);
+      freecookie(curr);
       cookies->numcookies--;
     }
     else
@@ -912,6 +935,7 @@ void Curl_cookie_cleanup(struct CookieInfo *c)
 static char *get_netscape_format(const struct Cookie *co)
 {
   return aprintf(
+    "%s"     /* httponly preamble */
     "%s%s\t" /* domain */
     "%s\t"   /* tailmatch */
     "%s\t"   /* path */
@@ -919,6 +943,7 @@ static char *get_netscape_format(const struct Cookie *co)
     "%" FORMAT_OFF_T "\t"   /* expires */
     "%s\t"   /* name */
     "%s",    /* value */
+    co->httponly?"#HttpOnly_":"",
     /* Make sure all domains are prefixed with a dot if they allow
        tailmatching. This is Mozilla-style. */
     (co->tailmatch && co->domain && co->domain[0] != '.')? ".":"",

lib/cookie.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -50,6 +50,7 @@ struct Cookie {
 
   bool secure;       /* whether the 'secure' keyword was used */
   bool livecookie;   /* updated from a server, not a stored file */
+  bool httponly;     /* true if the httponly directive is present */
 };
 
 struct CookieInfo {
@@ -91,7 +92,7 @@ struct CookieInfo *Curl_cookie_init(struct SessionHandle *data,
                                     const char *, struct CookieInfo *, bool);
 struct Cookie *Curl_cookie_getlist(struct CookieInfo *, const char *,
 		                   const char *, bool);
-void Curl_cookie_freelist(struct Cookie *);
+void Curl_cookie_freelist(struct Cookie *cookies, bool cookiestoo);
 void Curl_cookie_clearall(struct CookieInfo *cookies);
 void Curl_cookie_clearsess(struct CookieInfo *cookies);
 void Curl_cookie_cleanup(struct CookieInfo *);

lib/dict.c

@@ -87,7 +87,7 @@
  * Forward declarations.
  */
 
-static CURLcode Curl_dict(struct connectdata *conn, bool *done);
+static CURLcode dict_do(struct connectdata *conn, bool *done);
 
 /*
  * DICT protocol handler.
@@ -96,7 +96,7 @@ static CURLcode Curl_dict(struct connectdata *conn, bool *done);
 const struct Curl_handler Curl_handler_dict = {
   "DICT",                               /* scheme */
   ZERO_NULL,                            /* setup_connection */
-  Curl_dict,                            /* do_it */
+  dict_do,                              /* do_it */
   ZERO_NULL,                            /* done */
   ZERO_NULL,                            /* do_more */
   ZERO_NULL,                            /* connect_it */
@@ -142,7 +142,7 @@ static char *unescape_word(struct SessionHandle *data, const char *inp)
   return dictp;
 }
 
-static CURLcode Curl_dict(struct connectdata *conn, bool *done)
+static CURLcode dict_do(struct connectdata *conn, bool *done)
 {
   char *word;
   char *eword;
@@ -155,8 +155,8 @@ static CURLcode Curl_dict(struct connectdata *conn, bool *done)
   struct SessionHandle *data=conn->data;
   curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
 
-  char *path = data->reqdata.path;
-  curl_off_t *bytecount = &data->reqdata.keep.bytecount;
+  char *path = data->state.path;
+  curl_off_t *bytecount = &data->req.bytecount;
 
   *done = TRUE; /* unconditionally */
 

lib/easy.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -348,6 +348,7 @@ CURL *curl_easy_init(void)
  * easy handle.
  */
 
+#undef curl_easy_setopt
 CURLcode curl_easy_setopt(CURL *curl, CURLoption tag, ...)
 {
   va_list arg;
@@ -466,14 +467,24 @@ CURLcode curl_easy_perform(CURL *curl)
     return CURLE_BAD_FUNCTION_ARGUMENT;
 
   if( ! (data->share && data->share->hostcache) ) {
+    /* this handle is not using a shared dns cache */
 
-    if (Curl_global_host_cache_use(data) &&
+    if(data->set.global_dns_cache &&
        (data->dns.hostcachetype != HCACHE_GLOBAL)) {
+      /* global dns cache was requested but still isn't */
+      struct curl_hash *ptr;
+
       if(data->dns.hostcachetype == HCACHE_PRIVATE)
+        /* if the current cache is private, kill it first */
         Curl_hash_destroy(data->dns.hostcache);
-      data->dns.hostcache = Curl_global_host_cache_get();
+
+      ptr = Curl_global_host_cache_init();
+      if(ptr) {
+        /* only do this if the global cache init works */
+        data->dns.hostcache = ptr;
         data->dns.hostcachetype = HCACHE_GLOBAL;
       }
+    }
 
     if(!data->dns.hostcache) {
       data->dns.hostcachetype = HCACHE_PRIVATE;
@@ -528,15 +539,16 @@ void Curl_easy_addmulti(struct SessionHandle *data,
 
 void Curl_easy_initHandleData(struct SessionHandle *data)
 {
-    memset(&data->reqdata, 0, sizeof(struct HandleData));
+    memset(&data->req, 0, sizeof(struct SingleRequest));
 
-    data->reqdata.maxdownload = -1;
+    data->req.maxdownload = -1;
 }
 
 /*
  * curl_easy_getinfo() is an external interface that allows an app to retrieve
  * information from a performed transfer and similar.
  */
+#undef curl_easy_getinfo
 CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...)
 {
   va_list arg;
@@ -676,11 +688,11 @@ void curl_easy_reset(CURL *curl)
 {
   struct SessionHandle *data = (struct SessionHandle *)curl;
 
-  Curl_safefree(data->reqdata.pathbuffer);
-  data->reqdata.pathbuffer=NULL;
+  Curl_safefree(data->state.pathbuffer);
+  data->state.pathbuffer=NULL;
 
-  Curl_safefree(data->reqdata.proto.generic);
-  data->reqdata.proto.generic=NULL;
+  Curl_safefree(data->state.proto.generic);
+  data->state.proto.generic=NULL;
 
   /* zero out UserDefined data: */
   Curl_freeset(data);
@@ -733,9 +745,11 @@ void curl_easy_reset(CURL *curl)
    */
   data->set.ssl.verifypeer = TRUE;
   data->set.ssl.verifyhost = 2;
-#ifdef CURL_CA_BUNDLE
-  /* This is our prefered CA cert bundle since install time */
+  /* This is our prefered CA cert bundle/path since install time */
+#if defined(CURL_CA_BUNDLE)
   (void) curl_easy_setopt(curl, CURLOPT_CAINFO, (char *) CURL_CA_BUNDLE);
+#elif defined(CURL_CA_PATH)
+  (void) curl_easy_setopt(curl, CURLOPT_CAPATH, (char *) CURL_CA_PATH);
 #endif
 
   data->set.ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
@@ -744,6 +758,107 @@ void curl_easy_reset(CURL *curl)
   data->set.new_directory_perms = 0755; /* Default permissions */
 }
 
+/*
+ * curl_easy_pause() allows an application to pause or unpause a specific
+ * transfer and direction. This function sets the full new state for the
+ * current connection this easy handle operates on.
+ *
+ * NOTE: if you have the receiving paused and you call this function to remove
+ * the pausing, you may get your write callback called at this point.
+ *
+ * Action is a bitmask consisting of CURLPAUSE_* bits in curl/curl.h
+ */
+CURLcode curl_easy_pause(CURL *curl, int action)
+{
+  struct SessionHandle *data = (struct SessionHandle *)curl;
+  struct SingleRequest *k = &data->req;
+  CURLcode result = CURLE_OK;
+
+  /* first switch off both pause bits */
+  int newstate = k->keepon &~ (KEEP_READ_PAUSE| KEEP_WRITE_PAUSE);
+
+  /* set the new desired pause bits */
+  newstate |= ((action & CURLPAUSE_RECV)?KEEP_READ_PAUSE:0) |
+    ((action & CURLPAUSE_SEND)?KEEP_WRITE_PAUSE:0);
+
+  /* put it back in the keepon */
+  k->keepon = newstate;
+
+  if(!(newstate & KEEP_READ_PAUSE) && data->state.tempwrite) {
+    /* we have a buffer for writing that we now seem to be able to deliver since
+       the receive pausing is lifted! */
+
+    /* get the pointer, type and length in local copies since the function may
+       return PAUSE again and then we'll get a new copy allocted and stored in
+       the tempwrite variables */
+    char *tempwrite = data->state.tempwrite;
+    size_t tempsize = data->state.tempwritesize;
+    int temptype = data->state.tempwritetype;
+    size_t chunklen;
+
+    /* clear tempwrite here just to make sure it gets cleared if there's no
+       further use of it, and make sure we don't clear it after the function
+       invoke as it may have been set to a new value by then */
+    data->state.tempwrite = NULL;
+
+    /* since the write callback API is define to never exceed
+       CURL_MAX_WRITE_SIZE bytes in a single call, and since we may in fact
+       have more data than that in our buffer here, we must loop sending the
+       data in multiple calls until there's no data left or we get another
+       pause returned.
+
+       A tricky part is that the function we call will "buffer" the data
+       itself when it pauses on a particular buffer, so we may need to do some
+       extra trickery if we get a pause return here.
+    */
+    do {
+      chunklen = (tempsize > CURL_MAX_WRITE_SIZE)?CURL_MAX_WRITE_SIZE:tempsize;
+
+      result = Curl_client_write(data->state.current_conn,
+                                 temptype, tempwrite, chunklen);
+      if(!result)
+        /* failures abort the loop at once */
+        break;
+
+      if(data->state.tempwrite && (tempsize - chunklen)) {
+        /* Ouch, the reading is again paused and the block we send is now
+           "cached". If this is the final chunk we can leave it like this, but
+           if we have more chunks that is cached after this, we need to free
+           the newly cached one and put back a version that is truly the entire
+           contents that is saved for later
+        */
+        char *newptr;
+
+        free(data->state.tempwrite); /* free the one just cached as it isn't
+                                        enough */
+
+        /* note that tempsize is still the size as before the callback was
+           used, and thus the whole piece of data to keep */
+        newptr = malloc(tempsize);
+        if(!newptr) {
+          result = CURLE_OUT_OF_MEMORY;
+          /* tempwrite will be freed further down */
+          break;
+        }
+        data->state.tempwrite = newptr; /* store new pointer */
+        memcpy(newptr, tempwrite, tempsize);
+        data->state.tempwritesize = tempsize; /* store new size */
+        /* tempwrite will be freed further down */
+        break; /* go back to pausing until further notice */
+      }
+      else {
+        tempsize -= chunklen;  /* left after the call above */
+        tempwrite += chunklen; /* advance the pointer */
+      }
+
+    } while((result == CURLE_OK) && tempsize);
+
+    free(tempwrite); /* this is unconditionally no longer used */
+  }
+
+  return result;
+}
+
 #ifdef CURL_DOES_CONVERSIONS
 /*
  * Curl_convert_to_network() is an internal function

lib/file.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -70,6 +70,7 @@
 
 #endif
 
+#include "strtoofft.h"
 #include "urldata.h"
 #include <curl/curl.h>
 #include "progress.h"
@@ -94,9 +95,10 @@
  * Forward declarations.
  */
 
-static CURLcode Curl_file(struct connectdata *, bool *done);
-static CURLcode Curl_file_done(struct connectdata *conn,
+static CURLcode file_do(struct connectdata *, bool *done);
+static CURLcode file_done(struct connectdata *conn,
                           CURLcode status, bool premature);
+static CURLcode file_connect(struct connectdata *conn, bool *done);
 
 /*
  * FILE scheme handler.
@@ -105,10 +107,10 @@ static CURLcode Curl_file_done(struct connectdata *conn,
 const struct Curl_handler Curl_handler_file = {
   "FILE",                               /* scheme */
   ZERO_NULL,                            /* setup_connection */
-  Curl_file,                            /* do_it */
-  Curl_file_done,                       /* done */
+  file_do,                              /* do_it */
+  file_done,                            /* done */
   ZERO_NULL,                            /* do_more */
-  ZERO_NULL,                            /* connect_it */
+  file_connect,                         /* connect_it */
   ZERO_NULL,                            /* connecting */
   ZERO_NULL,                            /* doing */
   ZERO_NULL,                            /* proto_getsock */
@@ -118,15 +120,70 @@ const struct Curl_handler Curl_handler_file = {
   PROT_FILE                             /* protocol */
 };
 
+
  /*
- * Curl_file_connect() gets called from Curl_protocol_connect() to allow us to
+  Check if this is a range download, and if so, set the internal variables
+  properly. This code is copied from the FTP implementation and might as
+  well be factored out.
+ */
+static CURLcode file_range(struct connectdata *conn)
+{
+  curl_off_t from, to;
+  curl_off_t totalsize=-1;
+  char *ptr;
+  char *ptr2;
+  struct SessionHandle *data = conn->data;
+
+  if(data->state.use_range && data->state.range) {
+    from=curlx_strtoofft(data->state.range, &ptr, 0);
+    while(ptr && *ptr && (isspace((int)*ptr) || (*ptr=='-')))
+      ptr++;
+    to=curlx_strtoofft(ptr, &ptr2, 0);
+    if(ptr == ptr2) {
+      /* we didn't get any digit */
+      to=-1;
+    }
+    if((-1 == to) && (from>=0)) {
+      /* X - */
+      data->state.resume_from = from;
+      DEBUGF(infof(data, "RANGE %" FORMAT_OFF_T " to end of file\n",
+                   from));
+    }
+    else if(from < 0) {
+      /* -Y */
+      totalsize = -from;
+      data->req.maxdownload = -from;
+      data->state.resume_from = from;
+      DEBUGF(infof(data, "RANGE the last %" FORMAT_OFF_T " bytes\n",
+                   totalsize));
+    }
+    else {
+      /* X-Y */
+      totalsize = to-from;
+      data->req.maxdownload = totalsize+1; /* include last byte */
+      data->state.resume_from = from;
+      DEBUGF(infof(data, "RANGE from %" FORMAT_OFF_T
+                   " getting %" FORMAT_OFF_T " bytes\n",
+                   from, data->req.maxdownload));
+    }
+    DEBUGF(infof(data, "range-download from %" FORMAT_OFF_T
+                 " to %" FORMAT_OFF_T ", totally %" FORMAT_OFF_T " bytes\n",
+                 from, to, data->req.maxdownload));
+  }
+  else
+    data->req.maxdownload = -1;
+  return CURLE_OK;
+}
+
+/*
+ * file_connect() gets called from Curl_protocol_connect() to allow us to
  * do protocol-specific actions at connect-time.  We emulate a
  * connect-then-transfer protocol and "connect" to the file here
  */
-CURLcode Curl_file_connect(struct connectdata *conn)
+static CURLcode file_connect(struct connectdata *conn, bool *done)
 {
   struct SessionHandle *data = conn->data;
-  char *real_path = curl_easy_unescape(data, data->reqdata.path, 0, NULL);
+  char *real_path = curl_easy_unescape(data, data->state.path, 0, NULL);
   struct FILEPROTO *file;
   int fd;
 #if defined(WIN32) || defined(MSDOS) || defined(__EMX__)
@@ -141,17 +198,17 @@ CURLcode Curl_file_connect(struct connectdata *conn)
      sessionhandle, deal with it */
   Curl_reset_reqproto(conn);
 
-  if (!data->reqdata.proto.file) {
+  if(!data->state.proto.file) {
     file = (struct FILEPROTO *)calloc(sizeof(struct FILEPROTO), 1);
     if(!file) {
       free(real_path);
       return CURLE_OUT_OF_MEMORY;
     }
-    data->reqdata.proto.file = file;
+    data->state.proto.file = file;
   }
   else {
     /* file is not a protocol that can deal with "persistancy" */
-    file = data->reqdata.proto.file;
+    file = data->state.proto.file;
     Curl_safefree(file->freepath);
     if(file->fd != -1)
       close(file->fd);
@@ -199,18 +256,19 @@ CURLcode Curl_file_connect(struct connectdata *conn)
 
   file->fd = fd;
   if(!data->set.upload && (fd == -1)) {
-    failf(data, "Couldn't open file %s", data->reqdata.path);
-    Curl_file_done(conn, CURLE_FILE_COULDNT_READ_FILE, FALSE);
+    failf(data, "Couldn't open file %s", data->state.path);
+    file_done(conn, CURLE_FILE_COULDNT_READ_FILE, FALSE);
     return CURLE_FILE_COULDNT_READ_FILE;
   }
+  *done = TRUE;
 
   return CURLE_OK;
 }
 
-static CURLcode Curl_file_done(struct connectdata *conn,
+static CURLcode file_done(struct connectdata *conn,
                                CURLcode status, bool premature)
 {
-  struct FILEPROTO *file = conn->data->reqdata.proto.file;
+  struct FILEPROTO *file = conn->data->state.proto.file;
   (void)status; /* not used */
   (void)premature; /* not used */
   Curl_safefree(file->freepath);
@@ -218,9 +276,6 @@ static CURLcode Curl_file_done(struct connectdata *conn,
   if(file->fd != -1)
     close(file->fd);
 
-  free(file);
-  conn->data->reqdata.proto.file= NULL; /* clear it! */
-
   return CURLE_OK;
 }
 
@@ -232,7 +287,7 @@ static CURLcode Curl_file_done(struct connectdata *conn,
 
 static CURLcode file_upload(struct connectdata *conn)
 {
-  struct FILEPROTO *file = conn->data->reqdata.proto.file;
+  struct FILEPROTO *file = conn->data->state.proto.file;
   const char *dir = strchr(file->path, DIRSEP);
   FILE *fp;
   CURLcode res=CURLE_OK;
@@ -251,7 +306,7 @@ static CURLcode file_upload(struct connectdata *conn)
    */
   conn->fread_func = data->set.fread_func;
   conn->fread_in = data->set.in;
-  conn->data->reqdata.upload_fromhere = buf;
+  conn->data->req.upload_fromhere = buf;
 
   if(!dir)
     return CURLE_FILE_COULDNT_READ_FILE; /* fix: better error code */
@@ -259,7 +314,7 @@ static CURLcode file_upload(struct connectdata *conn)
   if(!dir[1])
      return CURLE_FILE_COULDNT_READ_FILE; /* fix: better error code */
 
-  if(data->reqdata.resume_from)
+  if(data->state.resume_from)
     fp = fopen( file->path, "ab" );
   else {
     int fd;
@@ -288,14 +343,14 @@ static CURLcode file_upload(struct connectdata *conn)
     Curl_pgrsSetUploadSize(data, data->set.infilesize);
 
   /* treat the negative resume offset value as the case of "-" */
-  if(data->reqdata.resume_from < 0){
+  if(data->state.resume_from < 0) {
     if(stat(file->path, &file_stat)) {
       fclose(fp);
       failf(data, "Can't get the size of %s", file->path);
       return CURLE_WRITE_ERROR;
     }
     else
-      data->reqdata.resume_from = (curl_off_t)file_stat.st_size;
+      data->state.resume_from = (curl_off_t)file_stat.st_size;
   }
 
   while(res == CURLE_OK) {
@@ -310,16 +365,16 @@ static CURLcode file_upload(struct connectdata *conn)
     nread = (size_t)readcount;
 
     /*skip bytes before resume point*/
-    if(data->reqdata.resume_from) {
-      if( (curl_off_t)nread <= data->reqdata.resume_from ) {
-        data->reqdata.resume_from -= nread;
+    if(data->state.resume_from) {
+      if( (curl_off_t)nread <= data->state.resume_from ) {
+        data->state.resume_from -= nread;
         nread = 0;
         buf2 = buf;
       }
       else {
-        buf2 = buf + data->reqdata.resume_from;
-        nread -= data->reqdata.resume_from;
-        data->reqdata.resume_from = 0;
+        buf2 = buf + data->state.resume_from;
+        nread -= (size_t)data->state.resume_from;
+        data->state.resume_from = 0;
       }
     }
     else
@@ -350,14 +405,14 @@ static CURLcode file_upload(struct connectdata *conn)
 }
 
 /*
- * Curl_file() is the protocol-specific function for the do-phase, separated
+ * file_do() is the protocol-specific function for the do-phase, separated
  * from the connect-phase above. Other protocols merely setup the transfer in
  * the do-phase, to have it done in the main transfer loop but since some
  * platforms we support don't allow select()ing etc on file handles (as
  * opposed to sockets) we instead perform the whole do-operation in this
  * function.
  */
-static CURLcode Curl_file(struct connectdata *conn, bool *done)
+static CURLcode file_do(struct connectdata *conn, bool *done)
 {
   /* This implementation ignores the host name in conformance with
      RFC 1738. Only local files (reachable via the standard file system)
@@ -371,6 +426,7 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
   curl_off_t expected_size=0;
   bool fstated=FALSE;
   ssize_t nread;
+  size_t bytestoread;
   struct SessionHandle *data = conn->data;
   char *buf = data->state.buffer;
   curl_off_t bytecount = 0;
@@ -379,7 +435,6 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
 
   *done = TRUE; /* unconditionally */
 
-  Curl_readwrite_init(conn);
   Curl_initinfo(data);
   Curl_pgrsStartNow(data);
 
@@ -387,7 +442,7 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
     return file_upload(conn);
 
   /* get the fd from the connection phase */
-  fd = conn->data->reqdata.proto.file->fd;
+  fd = conn->data->state.proto.file->fd;
 
   /* VMS: This only works reliable for STREAMLF files */
   if( -1 != fstat(fd, &statbuf)) {
@@ -399,7 +454,7 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
   /* If we have selected NOBODY and HEADER, it means that we only want file
      information. Which for FILE can't be much more than the file size and
      date. */
-  if(conn->bits.no_body && data->set.include_header && fstated) {
+  if(data->set.opt_no_body && data->set.include_header && fstated) {
     CURLcode result;
     snprintf(buf, sizeof(data->state.buffer),
              "Content-Length: %" FORMAT_OFF_T "\r\n", expected_size);
@@ -436,13 +491,31 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
     return result;
   }
 
-  if (data->reqdata.resume_from <= expected_size)
-    expected_size -= data->reqdata.resume_from;
+  /* Check whether file range has been specified */
+  file_range(conn);
+
+  /* Adjust the start offset in case we want to get the N last bytes
+   * of the stream iff the filesize could be determined */
+  if(data->state.resume_from < 0) {
+    if(!fstated) {
+      failf(data, "Can't get the size of file.");
+      return CURLE_READ_ERROR;
+    }
+    else
+      data->state.resume_from += (curl_off_t)statbuf.st_size;
+  }
+
+  if(data->state.resume_from <= expected_size)
+    expected_size -= data->state.resume_from;
   else {
     failf(data, "failed to resume file:// transfer");
     return CURLE_BAD_DOWNLOAD_RESUME;
   }
 
+  /* A high water mark has been specified so we obey... */
+  if (data->req.maxdownload > 0)
+    expected_size = data->req.maxdownload;
+
   if(fstated && (expected_size == 0))
     return CURLE_OK;
 
@@ -453,24 +526,27 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
   if(fstated)
     Curl_pgrsSetDownloadSize(data, expected_size);
 
-  if(data->reqdata.resume_from) {
-    if(data->reqdata.resume_from !=
-       lseek(fd, data->reqdata.resume_from, SEEK_SET))
+  if(data->state.resume_from) {
+    if(data->state.resume_from !=
+       lseek(fd, data->state.resume_from, SEEK_SET))
       return CURLE_BAD_DOWNLOAD_RESUME;
   }
 
   Curl_pgrsTime(data, TIMER_STARTTRANSFER);
 
   while(res == CURLE_OK) {
-    nread = read(fd, buf, BUFSIZE-1);
+    /* Don't fill a whole buffer if we want less than all data */
+    bytestoread = (expected_size < BUFSIZE-1)?(size_t)expected_size:BUFSIZE-1;
+    nread = read(fd, buf, bytestoread);
 
     if( nread > 0)
       buf[nread] = 0;
 
-    if (nread <= 0)
+    if (nread <= 0 || expected_size == 0)
       break;
 
     bytecount += nread;
+    expected_size -= nread;
 
     res = Curl_client_write(conn, CLIENTWRITE_BODY, buf, nread);
     if(res)

lib/file.h

@@ -25,7 +25,5 @@
  ***************************************************************************/
 #ifndef CURL_DISABLE_FILE
 extern const struct Curl_handler Curl_handler_file;
-
-CURLcode Curl_file_connect(struct connectdata *);
 #endif
 #endif

lib/ftp.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -134,21 +134,21 @@ static CURLcode ftp_nb_type(struct connectdata *conn,
                             bool ascii, ftpstate newstate);
 static int ftp_need_type(struct connectdata *conn,
                          bool ascii);
-static CURLcode Curl_ftp(struct connectdata *conn, bool *done);
-static CURLcode Curl_ftp_done(struct connectdata *conn,
+static CURLcode ftp_do(struct connectdata *conn, bool *done);
+static CURLcode ftp_done(struct connectdata *conn,
                               CURLcode, bool premature);
-static CURLcode Curl_ftp_connect(struct connectdata *conn, bool *done);
-static CURLcode Curl_ftp_disconnect(struct connectdata *conn);
-static CURLcode Curl_ftp_nextconnect(struct connectdata *conn);
-static CURLcode Curl_ftp_multi_statemach(struct connectdata *conn, bool *done);
-static int Curl_ftp_getsock(struct connectdata *conn,
+static CURLcode ftp_connect(struct connectdata *conn, bool *done);
+static CURLcode ftp_disconnect(struct connectdata *conn);
+static CURLcode ftp_nextconnect(struct connectdata *conn);
+static CURLcode ftp_multi_statemach(struct connectdata *conn, bool *done);
+static int ftp_getsock(struct connectdata *conn,
                             curl_socket_t *socks,
                             int numsocks);
-static CURLcode Curl_ftp_doing(struct connectdata *conn,
+static CURLcode ftp_doing(struct connectdata *conn,
                                bool *dophase_done);
-static CURLcode Curl_ftp_setup_connection(struct connectdata * conn);
+static CURLcode ftp_setup_connection(struct connectdata * conn);
 #ifdef USE_SSL
-static CURLcode Curl_ftps_setup_connection(struct connectdata * conn);
+static CURLcode ftps_setup_connection(struct connectdata * conn);
 #endif
 
 /* easy-to-use macro: */
@@ -164,16 +164,16 @@ static CURLcode Curl_ftps_setup_connection(struct connectdata * conn);
 
 const struct Curl_handler Curl_handler_ftp = {
   "FTP",                                /* scheme */
-  Curl_ftp_setup_connection,            /* setup_connection */
-  Curl_ftp,                             /* do_it */
-  Curl_ftp_done,                        /* done */
-  Curl_ftp_nextconnect,                 /* do_more */
-  Curl_ftp_connect,                     /* connect_it */
-  Curl_ftp_multi_statemach,             /* connecting */
-  Curl_ftp_doing,                       /* doing */
-  Curl_ftp_getsock,                     /* proto_getsock */
-  Curl_ftp_getsock,                     /* doing_getsock */
-  Curl_ftp_disconnect,                  /* disconnect */
+  ftp_setup_connection,            /* setup_connection */
+  ftp_do,                          /* do_it */
+  ftp_done,                        /* done */
+  ftp_nextconnect,                 /* do_more */
+  ftp_connect,                     /* connect_it */
+  ftp_multi_statemach,             /* connecting */
+  ftp_doing,                       /* doing */
+  ftp_getsock,                     /* proto_getsock */
+  ftp_getsock,                     /* doing_getsock */
+  ftp_disconnect,                  /* disconnect */
   PORT_FTP,                             /* defport */
   PROT_FTP                              /* protocol */
 };
@@ -186,16 +186,16 @@ const struct Curl_handler Curl_handler_ftp = {
 
 const struct Curl_handler Curl_handler_ftps = {
   "FTPS",                               /* scheme */
-  Curl_ftps_setup_connection,           /* setup_connection */
-  Curl_ftp,                             /* do_it */
-  Curl_ftp_done,                        /* done */
-  Curl_ftp_nextconnect,                 /* do_more */
-  Curl_ftp_connect,                     /* connect_it */
-  Curl_ftp_multi_statemach,             /* connecting */
-  Curl_ftp_doing,                       /* doing */
-  Curl_ftp_getsock,                     /* proto_getsock */
-  Curl_ftp_getsock,                     /* doing_getsock */
-  Curl_ftp_disconnect,                  /* disconnect */
+  ftps_setup_connection,           /* setup_connection */
+  ftp_do,                          /* do_it */
+  ftp_done,                        /* done */
+  ftp_nextconnect,                 /* do_more */
+  ftp_connect,                     /* connect_it */
+  ftp_multi_statemach,             /* connecting */
+  ftp_doing,                       /* doing */
+  ftp_getsock,                     /* proto_getsock */
+  ftp_getsock,                     /* doing_getsock */
+  ftp_disconnect,                  /* disconnect */
   PORT_FTPS,                            /* defport */
   PROT_FTP | PROT_FTPS | PROT_SSL       /* protocol */
 };
@@ -300,44 +300,15 @@ static bool isBadFtpString(const char *string)
  */
 static CURLcode AllowServerConnect(struct connectdata *conn)
 {
-  long timeout_ms;
   struct SessionHandle *data = conn->data;
   curl_socket_t sock = conn->sock[SECONDARYSOCKET];
-  int timeout_set = 0;
+  long timeout_ms = Curl_timeleft(conn, NULL, TRUE);
 
-  /* if a timeout is set, use the most restrictive one */
-
-  if (data->set.timeout > 0)
-    timeout_set += 1;
-  if (data->set.connecttimeout > 0)
-    timeout_set += 2;
-
-  switch (timeout_set) {
-  case 1:
-    timeout_ms = data->set.timeout;
-    break;
-  case 2:
-    timeout_ms = data->set.connecttimeout;
-    break;
-  case 3:
-    if (data->set.timeout < data->set.connecttimeout)
-      timeout_ms = data->set.timeout;
-    else
-      timeout_ms = data->set.connecttimeout;
-    break;
-  default:
-    timeout_ms = 60000; /* 60 seconds default timeout */
-    break;
-  }
-
-  if (timeout_set > 0) {
-    /* if a timeout was already set, substract elapsed time */
-    timeout_ms -= Curl_tvdiff(Curl_tvnow(), conn->now);
   if(timeout_ms < 0) {
+    /* if a timeout was already reached, bail out */
     failf(data, "Timed out before server could connect to us");
     return CURLE_OPERATION_TIMEDOUT;
   }
-  }
 
   switch (Curl_socket_ready(sock, CURL_SOCKET_BAD, (int)timeout_ms)) {
   case -1: /* error */
@@ -403,7 +374,7 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
                              int *ftpcode, /* return the ftp-code if done */
                              size_t *size) /* size of the response */
 {
-  int perline; /* count bytes per line */
+  ssize_t perline; /* count bytes per line */
   bool keepon=TRUE;
   ssize_t gotbytes;
   char *ptr;
@@ -418,8 +389,9 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
 
   ptr=buf + ftpc->nread_resp;
 
-  perline= (int)(ptr-ftpc->linestart_resp); /* number of bytes in the current
-                                              line, so far */
+  /* number of bytes in the current line, so far */
+  perline = (ssize_t)(ptr-ftpc->linestart_resp);
+
   keepon=TRUE;
 
   while((ftpc->nread_resp<BUFSIZE) && (keepon && !result)) {
@@ -479,10 +451,10 @@ static CURLcode ftp_readresp(curl_socket_t sockfd,
        * byte to a set of lines and possible just a piece of the last
        * line */
       ssize_t i;
-      int clipamount = 0;
+      ssize_t clipamount = 0;
       bool restart = FALSE;
 
-      data->reqdata.keep.headerbytecount += gotbytes;
+      data->req.headerbytecount += gotbytes;
 
       ftpc->nread_resp += gotbytes;
       for(i = 0; i < gotbytes; ptr++, i++) {
@@ -788,7 +760,7 @@ static void state(struct connectdata *conn,
 static CURLcode ftp_state_user(struct connectdata *conn)
 {
   CURLcode result;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
   /* send USER */
   NBFTPSENDF(conn, "USER %s", ftp->user?ftp->user:"");
 
@@ -810,7 +782,7 @@ static CURLcode ftp_state_pwd(struct connectdata *conn)
 }
 
 /* For the FTP "protocol connect" and "doing" phases only */
-static int Curl_ftp_getsock(struct connectdata *conn,
+static int ftp_getsock(struct connectdata *conn,
                             curl_socket_t *socks,
                             int numsocks)
 {
@@ -933,7 +905,7 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
     rc = getnameinfo((struct sockaddr *)&ss, sslen, hbuf, sizeof(hbuf), NULL,
                      0, NIFLAGS);
     if(rc) {
-      failf(data, "getnameinfo() returned %d \n", rc);
+      failf(data, "getnameinfo() returned %d", rc);
       return CURLE_FTP_PORT_FAILED;
     }
     host = hbuf; /* use this host name */
@@ -1313,7 +1285,7 @@ static CURLcode ftp_state_use_pasv(struct connectdata *conn)
 static CURLcode ftp_state_post_rest(struct connectdata *conn)
 {
   CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
   struct SessionHandle *data = conn->data;
 
   if(ftp->transfer != FTPTRANSFER_BODY) {
@@ -1337,7 +1309,7 @@ static CURLcode ftp_state_post_rest(struct connectdata *conn)
 static CURLcode ftp_state_post_size(struct connectdata *conn)
 {
   CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
 
   if((ftp->transfer != FTPTRANSFER_BODY) && ftpc->file) {
@@ -1358,7 +1330,7 @@ static CURLcode ftp_state_post_size(struct connectdata *conn)
 static CURLcode ftp_state_post_type(struct connectdata *conn)
 {
   CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
 
   if((ftp->transfer == FTPTRANSFER_INFO) && ftpc->file) {
@@ -1398,11 +1370,11 @@ static CURLcode ftp_state_post_listtype(struct connectdata *conn)
 
   lstArg = NULL;
   if((data->set.ftp_filemethod == FTPFILE_NOCWD) &&
-     data->reqdata.path &&
-     data->reqdata.path[0] &&
-     strchr(data->reqdata.path,'/')) {
+     data->state.path &&
+     data->state.path[0] &&
+     strchr(data->state.path,'/')) {
 
-    lstArg = strdup(data->reqdata.path);
+    lstArg = strdup(data->state.path);
     if(!lstArg)
       return CURLE_OUT_OF_MEMORY;
 
@@ -1465,14 +1437,14 @@ static CURLcode ftp_state_post_stortype(struct connectdata *conn)
 static CURLcode ftp_state_post_mdtm(struct connectdata *conn)
 {
   CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
   struct SessionHandle *data = conn->data;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
 
   /* If we have selected NOBODY and HEADER, it means that we only want file
      information. Which in FTP can't be much more than the file size and
      date. */
-  if(conn->bits.no_body && ftpc->file &&
+  if(data->set.opt_no_body && ftpc->file &&
      ftp_need_type(conn, data->set.prefer_ascii)) {
     /* The SIZE command is _not_ RFC 959 specified, and therefor many servers
        may not support it! It is however the only way we have to get a file's
@@ -1522,13 +1494,12 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
                                    bool sizechecked)
 {
   CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
   struct SessionHandle *data = conn->data;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
-  curl_off_t passed=0;
 
-  if((data->reqdata.resume_from && !sizechecked) ||
-     ((data->reqdata.resume_from > 0) && sizechecked)) {
+  if((data->state.resume_from && !sizechecked) ||
+     ((data->state.resume_from > 0) && sizechecked)) {
     /* we're about to continue the uploading of a file */
     /* 1. get already existing file's size. We use the SIZE command for this
        which may not exist in the server!  The SIZE command is not in
@@ -1542,7 +1513,7 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
     /* 4. lower the infilesize counter */
     /* => transfer as usual */
 
-    if(data->reqdata.resume_from < 0 ) {
+    if(data->state.resume_from < 0 ) {
       /* Got no given size to start from, figure it out */
       NBFTPSENDF(conn, "SIZE %s", ftpc->file);
       state(conn, FTP_STOR_SIZE);
@@ -1552,14 +1523,21 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
     /* enable append */
     data->set.ftp_append = TRUE;
 
-    /* Let's read off the proper amount of bytes from the input. If we knew it
-       was a proper file we could've just fseek()ed but we only have a stream
-       here */
+    /* Let's read off the proper amount of bytes from the input. */
+    if(conn->seek_func) {
+      curl_off_t readthisamountnow = data->state.resume_from;
 
-    /* TODO: allow the ioctlfunction to provide a fast forward function that
-       can be used here and use this method only as a fallback! */
+      if(conn->seek_func(conn->seek_client,
+			 readthisamountnow, SEEK_SET) != 0) {
+        failf(data, "Could not seek stream");
+        return CURLE_FTP_COULDNT_USE_REST;
+      }
+    }
+
+    else {
+      curl_off_t passed=0;
       do {
-      curl_off_t readthisamountnow = (data->reqdata.resume_from - passed);
+        curl_off_t readthisamountnow = (data->state.resume_from - passed);
         curl_off_t actuallyread;
 
         if(readthisamountnow > BUFSIZE)
@@ -1570,16 +1548,18 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
                       conn->fread_in);
 
         passed += actuallyread;
-      if(actuallyread != readthisamountnow) {
-        failf(data, "Could only read %" FORMAT_OFF_T
-              " bytes from the input", passed);
+        if((actuallyread <= 0) || (actuallyread > readthisamountnow)) {
+          /* this checks for greater-than only to make sure that the
+             CURL_READFUNC_ABORT return code still aborts */
+          failf(data, "Failed to read data");
           return CURLE_FTP_COULDNT_USE_REST;
         }
-    } while(passed != data->reqdata.resume_from);
+      } while(passed < data->state.resume_from);
+    }
 
     /* now, decrease the size of the read */
     if(data->set.infilesize>0) {
-      data->set.infilesize -= data->reqdata.resume_from;
+      data->set.infilesize -= data->state.resume_from;
 
       if(data->set.infilesize <= 0) {
         infof(data, "File already completely uploaded\n");
@@ -1588,7 +1568,7 @@ static CURLcode ftp_state_ul_setup(struct connectdata *conn,
         result=Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
 
         /* Set ->transfer so that we won't get any error in
-         * Curl_ftp_done() because we didn't transfer anything! */
+         * ftp_done() because we didn't transfer anything! */
         ftp->transfer = FTPTRANSFER_NONE;
 
         state(conn, FTP_STOP);
@@ -1612,7 +1592,7 @@ static CURLcode ftp_state_quote(struct connectdata *conn,
 {
   CURLcode result = CURLE_OK;
   struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
   bool quote=FALSE;
   struct curl_slist *item;
@@ -1726,7 +1706,9 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
 
           if(conn->bits.tunnel_proxy ||
              data->set.proxytype == CURLPROXY_SOCKS5 ||
-              data->set.proxytype == CURLPROXY_SOCKS4)
+             data->set.proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
+             data->set.proxytype == CURLPROXY_SOCKS4 ||
+             data->set.proxytype == CURLPROXY_SOCKS4A)
             /* proxy tunnel -> use other host info because ip_addr_str is the
                proxy address not the ftp host */
             snprintf(newhost, sizeof(newhost), "%s", conn->host.name);
@@ -1780,7 +1762,9 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
             conn->ip_addr_str);
       if(conn->bits.tunnel_proxy ||
           data->set.proxytype == CURLPROXY_SOCKS5 ||
-          data->set.proxytype == CURLPROXY_SOCKS4)
+          data->set.proxytype == CURLPROXY_SOCKS5_HOSTNAME ||
+          data->set.proxytype == CURLPROXY_SOCKS4 ||
+          data->set.proxytype == CURLPROXY_SOCKS4A)
         /* proxy tunnel -> use other host info because ip_addr_str is the
            proxy address not the ftp host */
         snprintf(newhost, sizeof(newhost), "%s", conn->host.name);
@@ -1877,6 +1861,7 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
 
   switch(data->set.proxytype) {
   case CURLPROXY_SOCKS5:
+  case CURLPROXY_SOCKS5_HOSTNAME:
     result = Curl_SOCKS5(conn->proxyuser, conn->proxypasswd, newhost, newport,
                          SECONDARYSOCKET, conn);
     break;
@@ -1885,7 +1870,11 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
     break;
   case CURLPROXY_SOCKS4:
     result = Curl_SOCKS4(conn->proxyuser, newhost, newport,
-                         SECONDARYSOCKET, conn);
+                         SECONDARYSOCKET, conn, FALSE);
+    break;
+  case CURLPROXY_SOCKS4A:
+    result = Curl_SOCKS4(conn->proxyuser, newhost, newport,
+                         SECONDARYSOCKET, conn, TRUE);
     break;
   default:
     failf(data, "unknown proxytype option given");
@@ -1907,13 +1896,13 @@ static CURLcode ftp_state_pasv_resp(struct connectdata *conn,
      * FTP pointer
      */
     struct HTTP http_proxy;
-    struct FTP *ftp_save = data->reqdata.proto.ftp;
+    struct FTP *ftp_save = data->state.proto.ftp;
     memset(&http_proxy, 0, sizeof(http_proxy));
-    data->reqdata.proto.http = &http_proxy;
+    data->state.proto.http = &http_proxy;
 
     result = Curl_proxyCONNECT(conn, SECONDARYSOCKET, newhost, newport);
 
-    data->reqdata.proto.ftp = ftp_save;
+    data->state.proto.ftp = ftp_save;
 
     if(CURLE_OK != result)
       return result;
@@ -1963,7 +1952,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata *conn,
 {
   CURLcode result = CURLE_OK;
   struct SessionHandle *data=conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
 
   switch(ftpcode) {
@@ -1989,7 +1978,7 @@ static CURLcode ftp_state_mdtm_resp(struct connectdata *conn,
       /* If we asked for a time of the file and we actually got one as well,
          we "emulate" a HTTP-style header in our output. */
 
-      if(conn->bits.no_body &&
+      if(data->set.opt_no_body &&
          ftpc->file &&
          data->set.get_filetime &&
          (data->info.filetime>=0) ) {
@@ -2095,7 +2084,7 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
 {
   CURLcode result = CURLE_OK;
   struct SessionHandle *data=conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
 
   if(data->set.max_filesize && (filesize > data->set.max_filesize)) {
@@ -2104,7 +2093,7 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
   }
   ftp->downloadsize = filesize;
 
-  if(data->reqdata.resume_from) {
+  if(data->state.resume_from) {
     /* We always (attempt to) get the size of downloads, so it is done before
        this even when not doing resumes. */
     if(filesize == -1) {
@@ -2117,28 +2106,28 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
     else {
       /* We got a file size report, so we check that there actually is a
          part of the file left to get, or else we go home.  */
-      if(data->reqdata.resume_from< 0) {
+      if(data->state.resume_from< 0) {
         /* We're supposed to download the last abs(from) bytes */
-        if(filesize < -data->reqdata.resume_from) {
+        if(filesize < -data->state.resume_from) {
           failf(data, "Offset (%" FORMAT_OFF_T
                 ") was beyond file size (%" FORMAT_OFF_T ")",
-                data->reqdata.resume_from, filesize);
+                data->state.resume_from, filesize);
           return CURLE_BAD_DOWNLOAD_RESUME;
         }
         /* convert to size to download */
-        ftp->downloadsize = -data->reqdata.resume_from;
+        ftp->downloadsize = -data->state.resume_from;
         /* download from where? */
-        data->reqdata.resume_from = filesize - ftp->downloadsize;
+        data->state.resume_from = filesize - ftp->downloadsize;
       }
       else {
-        if(filesize < data->reqdata.resume_from) {
+        if(filesize < data->state.resume_from) {
           failf(data, "Offset (%" FORMAT_OFF_T
                 ") was beyond file size (%" FORMAT_OFF_T ")",
-                data->reqdata.resume_from, filesize);
+                data->state.resume_from, filesize);
           return CURLE_BAD_DOWNLOAD_RESUME;
         }
         /* Now store the number of bytes we are expected to download */
-        ftp->downloadsize = filesize-data->reqdata.resume_from;
+        ftp->downloadsize = filesize-data->state.resume_from;
       }
     }
 
@@ -2147,7 +2136,7 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
       result = Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
       infof(data, "File already completely downloaded\n");
 
-      /* Set ->transfer so that we won't get any error in Curl_ftp_done()
+      /* Set ->transfer so that we won't get any error in ftp_done()
        * because we didn't transfer the any file */
       ftp->transfer = FTPTRANSFER_NONE;
       state(conn, FTP_STOP);
@@ -2156,9 +2145,9 @@ static CURLcode ftp_state_post_retr_size(struct connectdata *conn,
 
     /* Set resume file transfer offset */
     infof(data, "Instructs server to resume from offset %" FORMAT_OFF_T
-          "\n", data->reqdata.resume_from);
+          "\n", data->state.resume_from);
 
-    NBFTPSENDF(conn, "REST %" FORMAT_OFF_T, data->reqdata.resume_from);
+    NBFTPSENDF(conn, "REST %" FORMAT_OFF_T, data->state.resume_from);
 
     state(conn, FTP_RETR_REST);
 
@@ -2202,7 +2191,7 @@ static CURLcode ftp_state_size_resp(struct connectdata *conn,
     result = ftp_state_post_retr_size(conn, filesize);
   }
   else if(instate == FTP_STOR_SIZE) {
-    data->reqdata.resume_from = filesize;
+    data->state.resume_from = filesize;
     result = ftp_state_ul_setup(conn, TRUE);
   }
 
@@ -2250,7 +2239,7 @@ static CURLcode ftp_state_stor_resp(struct connectdata *conn,
 {
   CURLcode result = CURLE_OK;
   struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
 
   if(ftpcode>=400) {
     failf(data, "Failed FTP upload: %0d", ftpcode);
@@ -2297,7 +2286,7 @@ static CURLcode ftp_state_get_resp(struct connectdata *conn,
 {
   CURLcode result = CURLE_OK;
   struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
   char *buf = data->state.buffer;
 
   if((ftpcode == 150) || (ftpcode == 125)) {
@@ -2384,10 +2373,10 @@ static CURLcode ftp_state_get_resp(struct connectdata *conn,
         return result;
     }
 
-    if(size > data->reqdata.maxdownload && data->reqdata.maxdownload > 0)
-      size = data->reqdata.size = data->reqdata.maxdownload;
+    if(size > data->req.maxdownload && data->req.maxdownload > 0)
+      size = data->req.size = data->req.maxdownload;
 
-    infof(data, "Maxdownload = %" FORMAT_OFF_T "\n", data->reqdata.maxdownload);
+    infof(data, "Maxdownload = %" FORMAT_OFF_T "\n", data->req.maxdownload);
 
     if(instate != FTP_LIST)
       infof(data, "Getting file with size: %" FORMAT_OFF_T "\n", size);
@@ -2465,7 +2454,7 @@ static CURLcode ftp_state_user_resp(struct connectdata *conn,
 {
   CURLcode result = CURLE_OK;
   struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
   (void)instate; /* no use for this yet */
 
@@ -2612,7 +2601,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
           ftpc->count1 = 1;
           break;
         default:
-          failf(data, "unsupported parameter to CURLOPT_FTPSSLAUTH: %d\n",
+          failf(data, "unsupported parameter to CURLOPT_FTPSSLAUTH: %d",
                 data->set.ftpsslauth);
           return CURLE_FAILED_INIT; /* we don't know what to do */
         }
@@ -2929,7 +2918,7 @@ static long ftp_state_timeout(struct connectdata *conn)
 
 
 /* called repeatedly until done from multi.c */
-static CURLcode Curl_ftp_multi_statemach(struct connectdata *conn,
+static CURLcode ftp_multi_statemach(struct connectdata *conn,
                                          bool *done)
 {
   curl_socket_t sock = conn->sock[FIRSTSOCKET];
@@ -3009,17 +2998,17 @@ static CURLcode ftp_init(struct connectdata *conn)
 {
   struct SessionHandle *data = conn->data;
   struct FTP *ftp;
-  if(data->reqdata.proto.ftp)
+  if(data->state.proto.ftp)
     return CURLE_OK;
 
   ftp = (struct FTP *)calloc(sizeof(struct FTP), 1);
   if(!ftp)
     return CURLE_OUT_OF_MEMORY;
 
-  data->reqdata.proto.ftp = ftp;
+  data->state.proto.ftp = ftp;
 
   /* get some initial data into the ftp struct */
-  ftp->bytecountp = &data->reqdata.keep.bytecount;
+  ftp->bytecountp = &data->req.bytecount;
 
   /* no need to duplicate them, this connectdata struct won't change */
   ftp->user = conn->user;
@@ -3031,14 +3020,14 @@ static CURLcode ftp_init(struct connectdata *conn)
 }
 
 /*
- * Curl_ftp_connect() should do everything that is to be considered a part of
+ * ftp_connect() should do everything that is to be considered a part of
  * the connection phase.
  *
  * The variable 'done' points to will be TRUE if the protocol-layer connect
  * phase is done when this function returns, or FALSE is not. When called as
  * a part of the easy interface, it will always be TRUE.
  */
-static CURLcode Curl_ftp_connect(struct connectdata *conn,
+static CURLcode ftp_connect(struct connectdata *conn,
                                  bool *done) /* see description above */
 {
   CURLcode result;
@@ -3076,14 +3065,14 @@ static CURLcode Curl_ftp_connect(struct connectdata *conn,
      * Curl_proxyCONNECT we have to set back the member to the original struct
      * FTP pointer
      */
-    ftp_save = data->reqdata.proto.ftp;
+    ftp_save = data->state.proto.ftp;
     memset(&http_proxy, 0, sizeof(http_proxy));
-    data->reqdata.proto.http = &http_proxy;
+    data->state.proto.http = &http_proxy;
 
     result = Curl_proxyCONNECT(conn, FIRSTSOCKET,
                                conn->host.name, conn->remote_port);
 
-    data->reqdata.proto.ftp = ftp_save;
+    data->state.proto.ftp = ftp_save;
 
     if(CURLE_OK != result)
       return result;
@@ -3106,7 +3095,7 @@ static CURLcode Curl_ftp_connect(struct connectdata *conn,
   ftpc->response = Curl_tvnow(); /* start response time-out now! */
 
   if(data->state.used_interface == Curl_if_multi)
-    result = Curl_ftp_multi_statemach(conn, done);
+    result = ftp_multi_statemach(conn, done);
   else {
     result = ftp_easy_statemach(conn);
     if(!result)
@@ -3118,26 +3107,25 @@ static CURLcode Curl_ftp_connect(struct connectdata *conn,
 
 /***********************************************************************
  *
- * Curl_ftp_done()
+ * ftp_done()
  *
  * The DONE function. This does what needs to be done after a single DO has
  * performed.
  *
  * Input argument is already checked for validity.
  */
-static CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status,
+static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
                               bool premature)
 {
   struct SessionHandle *data = conn->data;
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
   ssize_t nread;
   int ftpcode;
   CURLcode result=CURLE_OK;
   bool was_ctl_valid = ftpc->ctl_valid;
   char *path;
-  char *path_to_use = data->reqdata.path;
-  struct Curl_transfer_keeper *k = &data->reqdata.keep;
+  char *path_to_use = data->state.path;
 
   if(!ftp)
     /* When the easy handle is removed from the multi while libcurl is still
@@ -3281,22 +3269,24 @@ static CURLcode Curl_ftp_done(struct connectdata *conn, CURLcode status,
     }
   }
   else {
-    if((-1 != k->size) && (k->size != *ftp->bytecountp) &&
+    if((-1 != data->req.size) &&
+       (data->req.size != *ftp->bytecountp) &&
 #ifdef CURL_DO_LINEEND_CONV
        /* Most FTP servers don't adjust their file SIZE response for CRLFs, so
         * we'll check to see if the discrepancy can be explained by the number
         * of CRLFs we've changed to LFs.
         */
-       ((k->size + data->state.crlf_conversions) != *ftp->bytecountp) &&
+       ((data->req.size + data->state.crlf_conversions) !=
+        *ftp->bytecountp) &&
 #endif /* CURL_DO_LINEEND_CONV */
-       (k->maxdownload != *ftp->bytecountp)) {
+       (data->req.maxdownload != *ftp->bytecountp)) {
       failf(data, "Received only partial file: %" FORMAT_OFF_T " bytes",
             *ftp->bytecountp);
       result = CURLE_PARTIAL_FILE;
     }
     else if(!ftpc->dont_check &&
             !*ftp->bytecountp &&
-            (k->size>0)) {
+            (data->req.size>0)) {
       failf(data, "No data was received!");
       result = CURLE_FTP_COULDNT_RETR_FILE;
     }
@@ -3426,8 +3416,8 @@ static CURLcode ftp_range(struct connectdata *conn)
   struct SessionHandle *data = conn->data;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
 
-  if(data->reqdata.use_range && data->reqdata.range) {
-    from=curlx_strtoofft(data->reqdata.range, &ptr, 0);
+  if(data->state.use_range && data->state.range) {
+    from=curlx_strtoofft(data->state.range, &ptr, 0);
     while(ptr && *ptr && (ISSPACE(*ptr) || (*ptr=='-')))
       ptr++;
     to=curlx_strtoofft(ptr, &ptr2, 0);
@@ -3437,53 +3427,53 @@ static CURLcode ftp_range(struct connectdata *conn)
     }
     if((-1 == to) && (from>=0)) {
       /* X - */
-      data->reqdata.resume_from = from;
+      data->state.resume_from = from;
       DEBUGF(infof(conn->data, "FTP RANGE %" FORMAT_OFF_T " to end of file\n",
                    from));
     }
     else if(from < 0) {
       /* -Y */
       totalsize = -from;
-      data->reqdata.maxdownload = -from;
-      data->reqdata.resume_from = from;
+      data->req.maxdownload = -from;
+      data->state.resume_from = from;
       DEBUGF(infof(conn->data, "FTP RANGE the last %" FORMAT_OFF_T " bytes\n",
                    totalsize));
     }
     else {
       /* X-Y */
       totalsize = to-from;
-      data->reqdata.maxdownload = totalsize+1; /* include last byte */
-      data->reqdata.resume_from = from;
+      data->req.maxdownload = totalsize+1; /* include last byte */
+      data->state.resume_from = from;
       DEBUGF(infof(conn->data, "FTP RANGE from %" FORMAT_OFF_T
                    " getting %" FORMAT_OFF_T " bytes\n",
-                   from, data->reqdata.maxdownload));
+                   from, data->req.maxdownload));
     }
     DEBUGF(infof(conn->data, "range-download from %" FORMAT_OFF_T
                  " to %" FORMAT_OFF_T ", totally %" FORMAT_OFF_T " bytes\n",
-                 from, to, data->reqdata.maxdownload));
+                 from, to, data->req.maxdownload));
     ftpc->dont_check = TRUE; /* dont check for successful transfer */
   }
   else
-    data->reqdata.maxdownload = -1;
+    data->req.maxdownload = -1;
   return CURLE_OK;
 }
 
 
 /*
- * Curl_ftp_nextconnect()
+ * ftp_nextconnect()
  *
  * This function shall be called when the second FTP (data) connection is
  * connected.
  */
 
-static CURLcode Curl_ftp_nextconnect(struct connectdata *conn)
+static CURLcode ftp_nextconnect(struct connectdata *conn)
 {
   struct SessionHandle *data=conn->data;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
   CURLcode result = CURLE_OK;
 
-  /* the ftp struct is inited in Curl_ftp_connect() */
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  /* the ftp struct is inited in ftp_connect() */
+  struct FTP *ftp = data->state.proto.ftp;
 
   DEBUGF(infof(data, "DO-MORE phase starts\n"));
 
@@ -3525,7 +3515,7 @@ static CURLcode Curl_ftp_nextconnect(struct connectdata *conn)
     result = ftp_easy_statemach(conn);
   }
 
-  if(ftp->transfer != FTPTRANSFER_BODY)
+  if((result == CURLE_OK) && (ftp->transfer != FTPTRANSFER_BODY))
     /* no data to transfer. FIX: it feels like a kludge to have this here
        too! */
     result = Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
@@ -3556,9 +3546,9 @@ CURLcode ftp_perform(struct connectdata *conn,
 
   DEBUGF(infof(conn->data, "DO phase starts\n"));
 
-  if(conn->bits.no_body) {
+  if(conn->data->set.opt_no_body) {
     /* requested no body means no transfer... */
-    struct FTP *ftp = conn->data->reqdata.proto.ftp;
+    struct FTP *ftp = conn->data->state.proto.ftp;
     ftp->transfer = FTPTRANSFER_INFO;
   }
 
@@ -3572,7 +3562,7 @@ CURLcode ftp_perform(struct connectdata *conn,
 
   /* run the state-machine */
   if(conn->data->state.used_interface == Curl_if_multi)
-    result = Curl_ftp_multi_statemach(conn, dophase_done);
+    result = ftp_multi_statemach(conn, dophase_done);
   else {
     result = ftp_easy_statemach(conn);
     *dophase_done = TRUE; /* with the easy interface we are done here */
@@ -3587,14 +3577,14 @@ CURLcode ftp_perform(struct connectdata *conn,
 
 /***********************************************************************
  *
- * Curl_ftp()
+ * ftp_do()
  *
  * This function is registered as 'curl_do' function. It decodes the path
  * parts etc as a wrapper to the actual DO function (ftp_perform).
  *
  * The input argument is already checked for validity.
  */
-static CURLcode Curl_ftp(struct connectdata *conn, bool *done)
+static CURLcode ftp_do(struct connectdata *conn, bool *done)
 {
   CURLcode retcode = CURLE_OK;
 
@@ -3604,7 +3594,7 @@ static CURLcode Curl_ftp(struct connectdata *conn, bool *done)
     Since connections can be re-used between SessionHandles, this might be a
     connection already existing but on a fresh SessionHandle struct so we must
     make sure we have a good 'struct FTP' to play with. For new connections,
-    the struct FTP is allocated and setup in the Curl_ftp_connect() function.
+    the struct FTP is allocated and setup in the ftp_connect() function.
   */
   Curl_reset_reqproto(conn);
   retcode = ftp_init(conn);
@@ -3787,12 +3777,12 @@ static CURLcode ftp_quit(struct connectdata *conn)
 
 /***********************************************************************
  *
- * Curl_ftp_disconnect()
+ * ftp_disconnect()
  *
  * Disconnect from an FTP server. Cleanup protocol-specific per-connection
  * resources. BLOCKING.
  */
-static CURLcode Curl_ftp_disconnect(struct connectdata *conn)
+static CURLcode ftp_disconnect(struct connectdata *conn)
 {
   struct ftp_conn *ftpc= &conn->proto.ftpc;
 
@@ -3840,11 +3830,11 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
 {
   struct SessionHandle *data = conn->data;
   /* the ftp struct is already inited in ftp_connect() */
-  struct FTP *ftp = data->reqdata.proto.ftp;
+  struct FTP *ftp = data->state.proto.ftp;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
   size_t dlen;
   char *slash_pos;  /* position of the first '/' char in curpos */
-  char *path_to_use = data->reqdata.path;
+  char *path_to_use = data->state.path;
   char *cur_pos;
 
   cur_pos = path_to_use; /* current position in path. point at the begin
@@ -3864,10 +3854,10 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
       the first condition in the if() right here, is there just in case
       someone decides to set path to NULL one day
    */
-    if(data->reqdata.path &&
-       data->reqdata.path[0] &&
-       (data->reqdata.path[strlen(data->reqdata.path) - 1] != '/') )
-      ftpc->file = data->reqdata.path;  /* this is a full file path */
+    if(data->state.path &&
+       data->state.path[0] &&
+       (data->state.path[strlen(data->state.path) - 1] != '/') )
+      ftpc->file = data->state.path;  /* this is a full file path */
     else
       ftpc->file = NULL;
       /*
@@ -3924,7 +3914,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
       /* parse the URL path into separate path components */
       while((slash_pos = strchr(cur_pos, '/')) != NULL) {
         /* 1 or 0 to indicate absolute directory */
-        bool absolute_dir = (bool)((cur_pos - data->reqdata.path > 0) &&
+        bool absolute_dir = (bool)((cur_pos - data->state.path > 0) &&
                                    (ftpc->dirdepth == 0));
 
         /* seek out the next path component */
@@ -3995,7 +3985,7 @@ CURLcode ftp_parse_url_path(struct connectdata *conn)
   if(ftpc->prevpath) {
     /* prevpath is "raw" so we convert the input path before we compare the
        strings */
-    char *path = curl_easy_unescape(conn->data, data->reqdata.path, 0, NULL);
+    char *path = curl_easy_unescape(conn->data, data->state.path, 0, NULL);
     if(!path) {
       freedirs(ftpc);
       return CURLE_OUT_OF_MEMORY;
@@ -4018,11 +4008,11 @@ static CURLcode ftp_dophase_done(struct connectdata *conn,
                                  bool connected)
 {
   CURLcode result = CURLE_OK;
-  struct FTP *ftp = conn->data->reqdata.proto.ftp;
+  struct FTP *ftp = conn->data->state.proto.ftp;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
 
   if(connected)
-    result = Curl_ftp_nextconnect(conn);
+    result = ftp_nextconnect(conn);
 
   if(result && (conn->sock[SECONDARYSOCKET] != CURL_SOCKET_BAD)) {
     /* Failure detected, close the second socket if it was created already */
@@ -4044,11 +4034,11 @@ static CURLcode ftp_dophase_done(struct connectdata *conn,
 }
 
 /* called from multi.c while DOing */
-static CURLcode Curl_ftp_doing(struct connectdata *conn,
+static CURLcode ftp_doing(struct connectdata *conn,
                                bool *dophase_done)
 {
   CURLcode result;
-  result = Curl_ftp_multi_statemach(conn, dophase_done);
+  result = ftp_multi_statemach(conn, dophase_done);
 
   if(*dophase_done) {
     result = ftp_dophase_done(conn, FALSE /* not connected */);
@@ -4068,7 +4058,7 @@ static CURLcode Curl_ftp_doing(struct connectdata *conn,
  * remote host.
  *
  * ftp->ctl_valid starts out as FALSE, and gets set to TRUE if we reach the
- * Curl_ftp_done() function without finding any major problem.
+ * ftp_done() function without finding any major problem.
  */
 static
 CURLcode ftp_regular_transfer(struct connectdata *conn,
@@ -4078,7 +4068,7 @@ CURLcode ftp_regular_transfer(struct connectdata *conn,
   bool connected=0;
   struct SessionHandle *data = conn->data;
   struct ftp_conn *ftpc = &conn->proto.ftpc;
-  data->reqdata.size = -1; /* make sure this is unknown at this point */
+  data->req.size = -1; /* make sure this is unknown at this point */
 
   Curl_pgrsSetUploadCounter(data, 0);
   Curl_pgrsSetDownloadCounter(data, 0);
@@ -4107,7 +4097,7 @@ CURLcode ftp_regular_transfer(struct connectdata *conn,
   return result;
 }
 
-static CURLcode Curl_ftp_setup_connection(struct connectdata * conn)
+static CURLcode ftp_setup_connection(struct connectdata * conn)
 {
   struct SessionHandle *data = conn->data;
   char * type;
@@ -4134,11 +4124,11 @@ static CURLcode Curl_ftp_setup_connection(struct connectdata * conn)
 #endif
   }
 
-  data->reqdata.path++;   /* don't include the initial slash */
+  data->state.path++;   /* don't include the initial slash */
 
   /* FTP URLs support an extension like ";type=<typecode>" that
    * we'll try to get now! */
-  type = strstr(data->reqdata.path, ";type=");
+  type = strstr(data->state.path, ";type=");
 
   if(!type)
     type = strstr(conn->host.rawalloc, ";type=");
@@ -4168,12 +4158,12 @@ static CURLcode Curl_ftp_setup_connection(struct connectdata * conn)
 }
 
 #ifdef USE_SSL
-static CURLcode Curl_ftps_setup_connection(struct connectdata * conn)
+static CURLcode ftps_setup_connection(struct connectdata * conn)
 {
   struct SessionHandle *data = conn->data;
 
   conn->ssl[SECONDARYSOCKET].use = data->set.ftp_ssl != CURLUSESSL_CONTROL;
-  return Curl_ftp_setup_connection(conn);
+  return ftp_setup_connection(conn);
 }
 #endif
 

lib/gtls.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -43,6 +43,7 @@
 
 #include "urldata.h"
 #include "sendf.h"
+#include "inet_pton.h"
 #include "gtls.h"
 #include "sslgen.h"
 #include "parsedate.h"
@@ -110,8 +111,10 @@ static int _Curl_gtls_init(void)
 
 int Curl_gtls_cleanup(void)
 {
-  if (gtls_inited)
+  if(gtls_inited) {
     gnutls_global_deinit();
+    gtls_inited = FALSE;
+  }
   return 1;
 }
 
@@ -154,23 +157,7 @@ static CURLcode handshake(struct connectdata *conn,
     rc = gnutls_handshake(session);
 
     if((rc == GNUTLS_E_AGAIN) || (rc == GNUTLS_E_INTERRUPTED)) {
-      long timeout_ms = DEFAULT_CONNECT_TIMEOUT;
-      long has_passed;
-
-      if(duringconnect && data->set.connecttimeout)
-        timeout_ms = data->set.connecttimeout;
-
-      if(data->set.timeout) {
-        /* get the strictest timeout of the ones converted to milliseconds */
-        if(data->set.timeout < timeout_ms)
-          timeout_ms = data->set.timeout;
-      }
-
-      /* Evaluate in milliseconds how much time that has passed */
-      has_passed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
-
-      /* subtract the passed time */
-      timeout_ms -= has_passed;
+      long timeout_ms = Curl_timeleft(conn, NULL, duringconnect);
 
       if(timeout_ms < 0) {
         /* a precaution, no need to continue if time already is up */
@@ -239,13 +226,20 @@ Curl_gtls_connect(struct connectdata *conn,
   size_t size;
   unsigned int algo;
   unsigned int bits;
-  time_t clock;
+  time_t certclock;
   const char *ptr;
   void *ssl_sessionid;
   size_t ssl_idsize;
+#ifdef ENABLE_IPV6
+  struct in6_addr addr;
+#else
+  struct in_addr addr;
+#endif
 
-  if (!gtls_inited) _Curl_gtls_init();
-  /* GnuTLS only supports TLSv1 (and SSLv3?) */
+  if(!gtls_inited)
+    _Curl_gtls_init();
+
+  /* GnuTLS only supports SSLv3 and TLSv1 */
   if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
     failf(data, "GnuTLS does not support SSLv2");
     return CURLE_SSL_CONNECT_ERROR;
@@ -287,11 +281,27 @@ Curl_gtls_connect(struct connectdata *conn,
   /* convenient assign */
   session = conn->ssl[sockindex].session;
 
+  if ((0 == Curl_inet_pton(AF_INET, conn->host.name, &addr)) &&
+#ifdef ENABLE_IPV6
+      (0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr)) &&
+#endif
+      (gnutls_server_name_set(session, GNUTLS_NAME_DNS, conn->host.name,
+                              strlen(conn->host.name)) < 0))
+    infof(data, "WARNING: failed to configure server name indication (SNI) "
+          "TLS extension\n");
+
   /* Use default priorities */
   rc = gnutls_set_default_priority(session);
   if(rc < 0)
     return CURLE_SSL_CONNECT_ERROR;
 
+  if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) {
+    int protocol_priority[] = { GNUTLS_SSL3, 0 };
+    gnutls_protocol_set_priority(session, protocol_priority);
+    if(rc < 0)
+      return CURLE_SSL_CONNECT_ERROR;
+  }
+
   /* Sets the priority on the certificate types supported by gnutls. Priority
      is higher for types specified before others. After specifying the types
      you want, you must append a 0. */
@@ -350,19 +360,20 @@ Curl_gtls_connect(struct connectdata *conn,
 
   chainp = gnutls_certificate_get_peers(session, &cert_list_size);
   if(!chainp) {
-    if(data->set.ssl.verifyhost) {
+    if(data->set.ssl.verifypeer) {
       failf(data, "failed to get server cert");
       return CURLE_PEER_FAILED_VERIFICATION;
     }
     infof(data, "\t common name: WARNING couldn't obtain\n");
   }
 
+  if(data->set.ssl.verifypeer) {
     /* This function will try to verify the peer's certificate and return its
-     status (trusted, invalid etc.). The value of status should be one or more
-     of the gnutls_certificate_status_t enumerated elements bitwise or'd. To
-     avoid denial of service attacks some default upper limits regarding the
-     certificate key size and chain size are set. To override them use
-     gnutls_certificate_set_verify_limits(). */
+       status (trusted, invalid etc.). The value of status should be one or
+       more of the gnutls_certificate_status_t enumerated elements bitwise
+       or'd. To avoid denial of service attacks some default upper limits
+       regarding the certificate key size and chain size are set. To override
+       them use gnutls_certificate_set_verify_limits(). */
 
     rc = gnutls_certificate_verify_peers2(session, &verify_status);
     if(rc < 0) {
@@ -382,6 +393,9 @@ Curl_gtls_connect(struct connectdata *conn,
     }
     else
       infof(data, "\t server certificate verification OK\n");
+  }
+  else
+    infof(data, "\t server certificate verification SKIPPED\n");
 
   /* initialize an X.509 certificate structure. */
   gnutls_x509_crt_init(&x509_cert);
@@ -423,14 +437,14 @@ Curl_gtls_connect(struct connectdata *conn,
     infof(data, "\t common name: %s (matched)\n", certbuf);
 
   /* Check for time-based validity */
-  clock = gnutls_x509_crt_get_expiration_time(x509_cert);
+  certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
 
-  if(clock == (time_t)-1) {
+  if(certclock == (time_t)-1) {
     failf(data, "server cert expiration date verify failed");
     return CURLE_SSL_CONNECT_ERROR;
   }
 
-  if(clock < time(NULL)) {
+  if(certclock < time(NULL)) {
     if(data->set.ssl.verifypeer) {
       failf(data, "server certificate expiration date has passed.");
       return CURLE_PEER_FAILED_VERIFICATION;
@@ -441,14 +455,14 @@ Curl_gtls_connect(struct connectdata *conn,
   else
     infof(data, "\t server certificate expiration date OK\n");
 
-  clock = gnutls_x509_crt_get_activation_time(x509_cert);
+  certclock = gnutls_x509_crt_get_activation_time(x509_cert);
 
-  if(clock == (time_t)-1) {
+  if(certclock == (time_t)-1) {
     failf(data, "server cert activation date verify failed");
     return CURLE_SSL_CONNECT_ERROR;
   }
 
-  if(clock > time(NULL)) {
+  if(certclock > time(NULL)) {
     if(data->set.ssl.verifypeer) {
       failf(data, "server certificate not activated yet.");
       return CURLE_PEER_FAILED_VERIFICATION;
@@ -484,11 +498,11 @@ Curl_gtls_connect(struct connectdata *conn,
   gnutls_x509_crt_get_dn(x509_cert, certbuf, &size);
   infof(data, "\t subject: %s\n", certbuf);
 
-  clock = gnutls_x509_crt_get_activation_time(x509_cert);
-  showtime(data, "start date", clock);
+  certclock = gnutls_x509_crt_get_activation_time(x509_cert);
+  showtime(data, "start date", certclock);
 
-  clock = gnutls_x509_crt_get_expiration_time(x509_cert);
-  showtime(data, "expire date", clock);
+  certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
+  showtime(data, "expire date", certclock);
 
   size = sizeof(certbuf);
   gnutls_x509_crt_get_issuer_dn(x509_cert, certbuf, &size);
@@ -509,6 +523,8 @@ Curl_gtls_connect(struct connectdata *conn,
   ptr = gnutls_mac_get_name(gnutls_mac_get(session));
   infof(data, "\t MAC: %s\n", ptr);
 
+  conn->ssl[sockindex].state = ssl_connection_complete;
+
   if(!ssl_sessionid) {
     /* this session was not previously in the cache, add it now */
 
@@ -553,16 +569,16 @@ void Curl_gtls_close_all(struct SessionHandle *data)
 }
 
 static void close_one(struct connectdata *conn,
-                      int index)
+                      int idx)
 {
-  if(conn->ssl[index].session) {
-    gnutls_bye(conn->ssl[index].session, GNUTLS_SHUT_RDWR);
-    gnutls_deinit(conn->ssl[index].session);
-    conn->ssl[index].session = NULL;
+  if(conn->ssl[idx].session) {
+    gnutls_bye(conn->ssl[idx].session, GNUTLS_SHUT_RDWR);
+    gnutls_deinit(conn->ssl[idx].session);
+    conn->ssl[idx].session = NULL;
   }
-  if(conn->ssl[index].cred) {
-    gnutls_certificate_free_credentials(conn->ssl[index].cred);
-    conn->ssl[index].cred = NULL;
+  if(conn->ssl[idx].cred) {
+    gnutls_certificate_free_credentials(conn->ssl[idx].cred);
+    conn->ssl[idx].cred = NULL;
   }
 }
 

lib/hostip.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -127,22 +127,19 @@ static void freednsentry(void *freethis);
  * Curl_global_host_cache_init() initializes and sets up a global DNS cache.
  * Global DNS cache is general badness. Do not use. This will be removed in
  * a future version. Use the share interface instead!
+ *
+ * Returns a struct curl_hash pointer on success, NULL on failure.
  */
-void Curl_global_host_cache_init(void)
+struct curl_hash *Curl_global_host_cache_init(void)
 {
+  int rc = 0;
   if(!host_cache_initialized) {
-    Curl_hash_init(&hostname_cache, 7, Curl_hash_str, Curl_str_key_compare,
-                   freednsentry);
+    rc = Curl_hash_init(&hostname_cache, 7, Curl_hash_str,
+                        Curl_str_key_compare, freednsentry);
+    if(!rc)
       host_cache_initialized = 1;
   }
-}
-
-/*
- * Return a pointer to the global cache
- */
-struct curl_hash *Curl_global_host_cache_get(void)
-{
-  return &hostname_cache;
+  return rc?NULL:&hostname_cache;
 }
 
 /*
@@ -271,6 +268,9 @@ void Curl_hostcache_prune(struct SessionHandle *data)
     Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
 }
 
+/*
+ * Check if the entry should be pruned. Assumes a locked cache.
+ */
 static int
 remove_entry_if_stale(struct SessionHandle *data, struct Curl_dns_entry *dns)
 {
@@ -287,19 +287,10 @@ remove_entry_if_stale(struct SessionHandle *data, struct Curl_dns_entry *dns)
   if( !hostcache_timestamp_remove(&user,dns) )
     return 0;
 
-  /* ok, we do need to clear the cache. although we need to remove just a
-     single entry we clean the entire hash, as no explicit delete function
-     is provided */
-  if(data->share)
-    Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE);
-
   Curl_hash_clean_with_criterium(data->dns.hostcache,
                                  (void *) &user,
                                  hostcache_timestamp_remove);
 
-  if(data->share)
-    Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
-
   return 1;
 }
 
@@ -400,7 +391,7 @@ int Curl_resolv(struct connectdata *conn,
   size_t entry_len;
   struct SessionHandle *data = conn->data;
   CURLcode result;
-  int rc;
+  int rc = CURLRESOLV_ERROR; /* default to failure */
   *entry = NULL;
 
 #ifdef HAVE_SIGSETJMP
@@ -410,7 +401,7 @@ int Curl_resolv(struct connectdata *conn,
     if(sigsetjmp(curl_jmpenv, 1)) {
       /* this is coming from a siglongjmp() */
       failf(data, "name lookup timed out");
-      return CURLRESOLV_ERROR;
+      return rc;
     }
   }
 #endif
@@ -419,7 +410,7 @@ int Curl_resolv(struct connectdata *conn,
   entry_id = create_hostcache_id(hostname, port);
   /* If we can't create the entry id, fail */
   if(!entry_id)
-    return CURLRESOLV_ERROR;
+    return rc;
 
   entry_len = strlen(entry_id);
 
@@ -429,19 +420,21 @@ int Curl_resolv(struct connectdata *conn,
   /* See if its already in our dns cache */
   dns = Curl_hash_pick(data->dns.hostcache, entry_id, entry_len+1);
 
+  /* See whether the returned entry is stale. Done before we release lock */
+  if( remove_entry_if_stale(data, dns) )
+    dns = NULL; /* the memory deallocation is being handled by the hash */
+
+  if(dns) {
+    dns->inuse++; /* we use it! */
+    rc = CURLRESOLV_RESOLVED;
+  }
+
   if(data->share)
     Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
 
   /* free the allocated entry_id again */
   free(entry_id);
 
-  /* See whether the returned entry is stale. Deliberately done after the
-     locked block */
-  if ( remove_entry_if_stale(data,dns) )
-    dns = NULL; /* the memory deallocation is being handled by the hash */
-
-  rc = CURLRESOLV_ERROR; /* default to failure */
-
   if(!dns) {
     /* The entry was not in the cache. Resolve it to IP address */
 
@@ -489,14 +482,6 @@ int Curl_resolv(struct connectdata *conn,
         rc = CURLRESOLV_RESOLVED;
     }
   }
-  else {
-    if(data->share)
-      Curl_share_lock(data, CURL_LOCK_DATA_DNS, CURL_LOCK_ACCESS_SINGLE);
-    dns->inuse++; /* we use it! */
-    if(data->share)
-      Curl_share_unlock(data, CURL_LOCK_DATA_DNS);
-    rc = CURLRESOLV_RESOLVED;
-  }
 
   *entry = dns;
 

lib/hostip.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -125,11 +125,15 @@ struct hostent;
 struct SessionHandle;
 struct connectdata;
 
-void Curl_global_host_cache_init(void);
+/*
+ * Curl_global_host_cache_init() initializes and sets up a global DNS cache.
+ * Global DNS cache is general badness. Do not use. This will be removed in
+ * a future version. Use the share interface instead!
+ *
+ * Returns a struct curl_hash pointer on success, NULL on failure.
+ */
+struct curl_hash *Curl_global_host_cache_init(void);
 void Curl_global_host_cache_dtor(void);
-struct curl_hash *Curl_global_host_cache_get(void);
-
-#define Curl_global_host_cache_use(__p) ((__p)->set.global_dns_cache)
 
 struct Curl_dns_entry {
   Curl_addrinfo *addr;

lib/hostthre.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -682,6 +682,8 @@ CURLcode Curl_wait_for_resolv(struct connectdata *conn,
 CURLcode Curl_is_resolved(struct connectdata *conn,
                           struct Curl_dns_entry **entry)
 {
+  struct SessionHandle *data = conn->data;
+
   *entry = NULL;
 
   if(conn->async.done) {
@@ -689,6 +691,8 @@ CURLcode Curl_is_resolved(struct connectdata *conn,
     Curl_destroy_thread_data(&conn->async);
     if(!conn->async.dns) {
       TRACE(("Curl_is_resolved(): CURLE_COULDNT_RESOLVE_HOST\n"));
+      failf(data, "Could not resolve host: %s; %s",
+            conn->host.name, Curl_strerror(conn, conn->async.status));
       return CURLE_COULDNT_RESOLVE_HOST;
     }
     *entry = conn->async.dns;

lib/http.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -109,9 +109,9 @@
  * Forward declarations.
  */
 
-static CURLcode Curl_https_connecting(struct connectdata *conn, bool *done);
+static CURLcode https_connecting(struct connectdata *conn, bool *done);
 #ifdef USE_SSL
-static int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                          curl_socket_t *socks,
                          int numsocks);
 #endif
@@ -146,9 +146,9 @@ const struct Curl_handler Curl_handler_https = {
   Curl_http_done,                       /* done */
   ZERO_NULL,                            /* do_more */
   Curl_http_connect,                    /* connect_it */
-  Curl_https_connecting,                /* connecting */
+  https_connecting,                     /* connecting */
   ZERO_NULL,                            /* doing */
-  Curl_https_getsock,                   /* proto_getsock */
+  https_getsock,                        /* proto_getsock */
   ZERO_NULL,                            /* doing_getsock */
   ZERO_NULL,                            /* disconnect */
   PORT_HTTPS,                           /* defport */
@@ -176,12 +176,12 @@ static char *checkheaders(struct SessionHandle *data, const char *thisheader)
 }
 
 /*
- * Curl_output_basic() sets up an Authorization: header (or the proxy version)
+ * http_output_basic() sets up an Authorization: header (or the proxy version)
  * for HTTP Basic authentication.
  *
  * Returns CURLcode.
  */
-static CURLcode Curl_output_basic(struct connectdata *conn, bool proxy)
+static CURLcode http_output_basic(struct connectdata *conn, bool proxy)
 {
   char *authorization;
   struct SessionHandle *data=conn->data;
@@ -275,8 +275,7 @@ static bool pickoneauth(struct auth *pick)
 static CURLcode perhapsrewind(struct connectdata *conn)
 {
   struct SessionHandle *data = conn->data;
-  struct HTTP *http = data->reqdata.proto.http;
-  struct Curl_transfer_keeper *k = &data->reqdata.keep;
+  struct HTTP *http = data->state.proto.http;
   curl_off_t bytessent;
   curl_off_t expectsend = -1; /* default is unknown */
 
@@ -338,7 +337,7 @@ static CURLcode perhapsrewind(struct connectdata *conn)
     /* This is not NTLM or NTLM with many bytes left to send: close
      */
     conn->bits.close = TRUE;
-    k->size = 0; /* don't download any more than 0 bytes */
+    data->req.size = 0; /* don't download any more than 0 bytes */
   }
 
   if(bytessent)
@@ -361,7 +360,7 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
   bool pickproxy = FALSE;
   CURLcode code = CURLE_OK;
 
-  if(100 == data->reqdata.keep.httpcode)
+  if(100 == data->req.httpcode)
     /* this is a transient response code, ignore */
     return CURLE_OK;
 
@@ -369,23 +368,23 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
     return data->set.http_fail_on_error?CURLE_HTTP_RETURNED_ERROR:CURLE_OK;
 
   if(conn->bits.user_passwd &&
-     ((data->reqdata.keep.httpcode == 401) ||
-      (conn->bits.authneg && data->reqdata.keep.httpcode < 300))) {
+     ((data->req.httpcode == 401) ||
+      (conn->bits.authneg && data->req.httpcode < 300))) {
     pickhost = pickoneauth(&data->state.authhost);
     if(!pickhost)
       data->state.authproblem = TRUE;
   }
   if(conn->bits.proxy_user_passwd &&
-     ((data->reqdata.keep.httpcode == 407) ||
-      (conn->bits.authneg && data->reqdata.keep.httpcode < 300))) {
+     ((data->req.httpcode == 407) ||
+      (conn->bits.authneg && data->req.httpcode < 300))) {
     pickproxy = pickoneauth(&data->state.authproxy);
     if(!pickproxy)
       data->state.authproblem = TRUE;
   }
 
   if(pickhost || pickproxy) {
-    data->reqdata.newurl = strdup(data->change.url); /* clone URL */
-    if (!data->reqdata.newurl)
+    data->req.newurl = strdup(data->change.url); /* clone URL */
+    if(!data->req.newurl)
       return CURLE_OUT_OF_MEMORY;
 
     if((data->set.httpreq != HTTPREQ_GET) &&
@@ -397,7 +396,7 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
     }
   }
 
-  else if((data->reqdata.keep.httpcode < 300) &&
+  else if((data->req.httpcode < 300) &&
           (!data->state.authhost.done) &&
           conn->bits.authneg) {
     /* no (known) authentication available,
@@ -406,15 +405,15 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
        we didn't try HEAD or GET */
     if((data->set.httpreq != HTTPREQ_GET) &&
        (data->set.httpreq != HTTPREQ_HEAD)) {
-      data->reqdata.newurl = strdup(data->change.url); /* clone URL */
-      if (!data->reqdata.newurl)
+      data->req.newurl = strdup(data->change.url); /* clone URL */
+      if(!data->req.newurl)
         return CURLE_OUT_OF_MEMORY;
       data->state.authhost.done = TRUE;
     }
   }
   if(Curl_http_should_fail(conn)) {
     failf (data, "The requested URL returned error: %d",
-           data->reqdata.keep.httpcode);
+           data->req.httpcode);
     code = CURLE_HTTP_RETURNED_ERROR;
   }
 
@@ -436,7 +435,7 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
  * @returns CURLcode
  */
 static CURLcode
-Curl_http_output_auth(struct connectdata *conn,
+http_output_auth(struct connectdata *conn,
                  const char *request,
                  const char *path,
                  bool proxytunnel) /* TRUE if this is the request setting
@@ -503,11 +502,11 @@ Curl_http_output_auth(struct connectdata *conn,
         if(conn->bits.proxy_user_passwd &&
            !checkheaders(data, "Proxy-authorization:")) {
           auth="Basic";
-          result = Curl_output_basic(conn, TRUE);
+          result = http_output_basic(conn, TRUE);
           if(result)
             return result;
         }
-        /* NOTE: Curl_output_basic() should set 'done' TRUE, as the other auth
+        /* NOTE: http_output_basic() should set 'done' TRUE, as the other auth
            functions work that way */
         authproxy->done = TRUE;
       }
@@ -583,7 +582,7 @@ Curl_http_output_auth(struct connectdata *conn,
           if(conn->bits.user_passwd &&
              !checkheaders(data, "Authorization:")) {
             auth="Basic";
-            result = Curl_output_basic(conn, FALSE);
+            result = http_output_basic(conn, FALSE);
             if(result)
               return result;
           }
@@ -660,8 +659,8 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
       /* if exactly this is wanted, go */
       int neg = Curl_input_negotiate(conn, (bool)(httpcode == 407), start);
       if(neg == 0) {
-        data->reqdata.newurl = strdup(data->change.url);
-        data->state.authproblem = (data->reqdata.newurl == NULL);
+        data->req.newurl = strdup(data->change.url);
+        data->state.authproblem = (data->req.newurl == NULL);
       }
       else {
         infof(data, "Authentication problem. Ignoring this.\n");
@@ -743,16 +742,13 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
 int Curl_http_should_fail(struct connectdata *conn)
 {
   struct SessionHandle *data;
-  struct Curl_transfer_keeper *k;
+  int httpcode;
 
   DEBUGASSERT(conn);
   data = conn->data;
   DEBUGASSERT(data);
 
-  /*
-  ** For readability
-  */
-  k = &data->reqdata.keep;
+  httpcode = data->req.httpcode;
 
   /*
   ** If we haven't been asked to fail on error,
@@ -764,12 +760,12 @@ int Curl_http_should_fail(struct connectdata *conn)
   /*
   ** Any code < 400 is never terminal.
   */
-  if (k->httpcode < 400)
+  if(httpcode < 400)
     return 0;
 
-  if (data->reqdata.resume_from &&
+  if(data->state.resume_from &&
      (data->set.httpreq==HTTPREQ_GET) &&
-      (k->httpcode == 416)) {
+     (httpcode == 416)) {
     /* "Requested Range Not Satisfiable", just proceed and
        pretend this is no error */
     return 0;
@@ -779,14 +775,14 @@ int Curl_http_should_fail(struct connectdata *conn)
   ** Any code >= 400 that's not 401 or 407 is always
   ** a terminal error
   */
-  if ((k->httpcode != 401) &&
-      (k->httpcode != 407))
+  if((httpcode != 401) &&
+      (httpcode != 407))
     return 1;
 
   /*
   ** All we have left to deal with is 401 and 407
   */
-  DEBUGASSERT((k->httpcode == 401) || (k->httpcode == 407));
+  DEBUGASSERT((httpcode == 401) || (httpcode == 407));
 
   /*
   ** Examine the current authentication state to see if this
@@ -807,7 +803,8 @@ int Curl_http_should_fail(struct connectdata *conn)
   infof(data,"%s: authavail = 0x%08x\n",__FUNCTION__,data->state.authavail);
   infof(data,"%s: httpcode = %d\n",__FUNCTION__,k->httpcode);
   infof(data,"%s: authdone = %d\n",__FUNCTION__,data->state.authdone);
-  infof(data,"%s: newurl = %s\n",__FUNCTION__,data->reqdata.newurl ? data->reqdata.newurl : "(null)");
+  infof(data,"%s: newurl = %s\n",__FUNCTION__,data->req.newurl ?
+        data->req.newurl : "(null)");
   infof(data,"%s: authproblem = %d\n",__FUNCTION__,data->state.authproblem);
 #endif
 
@@ -815,9 +812,9 @@ int Curl_http_should_fail(struct connectdata *conn)
   ** Either we're not authenticating, or we're supposed to
   ** be authenticating something else.  This is an error.
   */
-  if((k->httpcode == 401) && !conn->bits.user_passwd)
+  if((httpcode == 401) && !conn->bits.user_passwd)
     return TRUE;
-  if((k->httpcode == 407) && !conn->bits.proxy_user_passwd)
+  if((httpcode == 407) && !conn->bits.proxy_user_passwd)
     return TRUE;
 
   return data->state.authproblem;
@@ -837,7 +834,7 @@ static size_t readmoredata(char *buffer,
                            void *userp)
 {
   struct connectdata *conn = (struct connectdata *)userp;
-  struct HTTP *http = conn->data->reqdata.proto.http;
+  struct HTTP *http = conn->data->state.proto.http;
   size_t fullsize = size * nitems;
 
   if(0 == http->postsize)
@@ -845,7 +842,7 @@ static size_t readmoredata(char *buffer,
     return 0;
 
   /* make sure that a HTTP request is never sent away chunked! */
-  conn->bits.forbidchunk = (bool)(http->sending == HTTPSEND_REQUEST);
+  conn->data->req.forbidchunk = (bool)(http->sending == HTTPSEND_REQUEST);
 
   if(http->postsize <= (curl_off_t)fullsize) {
     memcpy(buffer, http->postdata, (size_t)http->postsize);
@@ -929,9 +926,10 @@ CURLcode add_buffer_send(send_buffer *in,
   CURLcode res;
   char *ptr;
   size_t size;
-  struct HTTP *http = conn->data->reqdata.proto.http;
+  struct HTTP *http = conn->data->state.proto.http;
   size_t sendsize;
   curl_socket_t sockfd;
+  size_t headersize;
 
   DEBUGASSERT(socketindex <= SECONDARYSOCKET);
 
@@ -943,9 +941,13 @@ CURLcode add_buffer_send(send_buffer *in,
   ptr = in->buffer;
   size = in->size_used;
 
+  headersize = size - included_body_bytes; /* the initial part that isn't body
+                                              is header */
+
+  DEBUGASSERT(size > included_body_bytes);
+
 #ifdef CURL_DOES_CONVERSIONS
-  if(size - included_body_bytes > 0) {
-    res = Curl_convert_to_network(conn->data, ptr, size - included_body_bytes);
+  res = Curl_convert_to_network(conn->data, ptr, headersize);
   /* Curl_convert_to_network calls failf if unsuccessful */
   if(res != CURLE_OK) {
     /* conversion failed, free memory and return to the caller */
@@ -954,7 +956,6 @@ CURLcode add_buffer_send(send_buffer *in,
     free(in);
     return res;
   }
-  }
 #endif /* CURL_DOES_CONVERSIONS */
 
   if(conn->protocol & PROT_HTTPS) {
@@ -981,20 +982,29 @@ CURLcode add_buffer_send(send_buffer *in,
   res = Curl_write(conn, sockfd, ptr, sendsize, &amount);
 
   if(CURLE_OK == res) {
+    /*
+     * Note that we may not send the entire chunk at once, and we have a set
+     * number of data bytes at the end of the big buffer (out of which we may
+     * only send away a part).
+     */
+    /* how much of the header that was sent */
+    size_t headlen = (size_t)amount>headersize?headersize:(size_t)amount;
+    size_t bodylen = amount - headlen;
 
     if(conn->data->set.verbose) {
       /* this data _may_ contain binary stuff */
-      Curl_debug(conn->data, CURLINFO_HEADER_OUT, ptr,
-                 (size_t)(amount-included_body_bytes), conn);
-      if (included_body_bytes)
+      Curl_debug(conn->data, CURLINFO_HEADER_OUT, ptr, headlen, conn);
+      if((size_t)amount > headlen) {
+        /* there was body data sent beyond the initial header part, pass that
+           on to the debug callback too */
         Curl_debug(conn->data, CURLINFO_DATA_OUT,
-                   ptr+amount-included_body_bytes,
-                   (size_t)included_body_bytes, conn);
+                   ptr+headlen, bodylen, conn);
       }
-    if (included_body_bytes)
+    }
+    if(bodylen)
       /* since we sent a piece of the body here, up the byte counter for it
          accordingly */
-      http->writebytecount = included_body_bytes;
+      http->writebytecount += bodylen;
 
     *bytes_written += amount;
 
@@ -1083,9 +1093,28 @@ CURLcode add_buffer(send_buffer *in, const void *inptr, size_t size)
   char *new_rb;
   size_t new_size;
 
+  if(~size < in->size_used) {
+    /* If resulting used size of send buffer would wrap size_t, cleanup
+       the whole buffer and return error. Otherwise the required buffer
+       size will fit into a single allocatable memory chunk */
+    Curl_safefree(in->buffer);
+    free(in);
+    return CURLE_OUT_OF_MEMORY;
+  }
+
   if(!in->buffer ||
      ((in->size_used + size) > (in->size_max - 1))) {
+
+    /* If current buffer size isn't enough to hold the result, use a
+       buffer size that doubles the required size. If this new size
+       would wrap size_t, then just use the largest possible one */
+
+    if((size > (size_t)-1/2) || (in->size_used > (size_t)-1/2) ||
+       (~(size*2) < (in->size_used*2)))
+      new_size = (size_t)-1;
+    else
       new_size = (in->size_used+size)*2;
+
     if(in->buffer)
       /* we have a buffer, enlarge the existing one */
       new_rb = (char *)realloc(in->buffer, new_size);
@@ -1188,7 +1217,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
 {
   int subversion=0;
   struct SessionHandle *data=conn->data;
-  struct Curl_transfer_keeper *k = &data->reqdata.keep;
+  struct SingleRequest *k = &data->req;
   CURLcode result;
   int res;
   long timeout =
@@ -1214,12 +1243,12 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
       infof(data, "Establish HTTP proxy tunnel to %s:%d\n",
             hostname, remote_port);
 
-      if(data->reqdata.newurl) {
+      if(data->req.newurl) {
         /* This only happens if we've looped here due to authentication
            reasons, and we don't really use the newly cloned URL here
            then. Just free() it. */
-        free(data->reqdata.newurl);
-        data->reqdata.newurl = NULL;
+        free(data->req.newurl);
+        data->req.newurl = NULL;
       }
 
       /* initialize a dynamic send-buffer */
@@ -1235,7 +1264,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
       }
 
       /* Setup the proxy-authorization header, if any */
-      result = Curl_http_output_auth(conn, (char *)"CONNECT", host_port, TRUE);
+      result = http_output_auth(conn, (char *)"CONNECT", host_port, TRUE);
 
       if(CURLE_OK == result) {
         char *host=(char *)"";
@@ -1380,9 +1409,16 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
             keepon = FALSE;
           else if(gotbytes <= 0) {
             keepon = FALSE;
+            if(data->set.proxyauth && data->state.authproxy.avail) {
+              /* proxy auth was requested and there was proxy auth available,
+                 then deem this as "mere" proxy disconnect */
+              conn->bits.proxy_connect_closed = TRUE;
+            }
+            else {
               error = SELECT_ERROR;
               failf(data, "Proxy CONNECT aborted");
             }
+          }
           else {
             /*
              * We got a whole chunk of data, which can be anything from one
@@ -1561,6 +1597,8 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
           }
           break;
         } /* switch */
+        if(Curl_pgrsUpdate(conn))
+          return CURLE_ABORTED_BY_CALLBACK;
       } /* while there's buffer left and loop is requested */
 
       if(error)
@@ -1571,20 +1609,20 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
            headers. 'newurl' is set to a new URL if we must loop. */
         Curl_http_auth_act(conn);
 
-      if (closeConnection && data->reqdata.newurl) {
+      if(closeConnection && data->req.newurl) {
         /* Connection closed by server. Don't use it anymore */
         sclose(conn->sock[sockindex]);
         conn->sock[sockindex] = CURL_SOCKET_BAD;
         break;
       }
     } /* END NEGOTIATION PHASE */
-  } while(data->reqdata.newurl);
+  } while(data->req.newurl);
 
-  if(200 != k->httpcode) {
+  if(200 != data->req.httpcode) {
     failf(data, "Received HTTP code %d from proxy after CONNECT",
-          k->httpcode);
+          data->req.httpcode);
 
-    if (closeConnection && data->reqdata.newurl)
+    if(closeConnection && data->req.newurl)
       conn->bits.proxy_connect_closed = TRUE;
 
     return CURLE_RECV_ERROR;
@@ -1599,7 +1637,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
   data->state.authproxy.done = TRUE;
 
   infof (data, "Proxy replied OK to CONNECT request\n");
-  k->ignorebody = FALSE; /* put it (back) to non-ignore state */
+  data->req.ignorebody = FALSE; /* put it (back) to non-ignore state */
   return CURLE_OK;
 }
 
@@ -1653,7 +1691,7 @@ CURLcode Curl_http_connect(struct connectdata *conn, bool *done)
   if(conn->protocol & PROT_HTTPS) {
     /* perform SSL initialization */
     if(data->state.used_interface == Curl_if_multi) {
-      result = Curl_https_connecting(conn, done);
+      result = https_connecting(conn, done);
       if(result)
         return result;
     }
@@ -1672,7 +1710,7 @@ CURLcode Curl_http_connect(struct connectdata *conn, bool *done)
   return CURLE_OK;
 }
 
-static CURLcode Curl_https_connecting(struct connectdata *conn, bool *done)
+static CURLcode https_connecting(struct connectdata *conn, bool *done)
 {
   CURLcode result;
   DEBUGASSERT((conn) && (conn->protocol & PROT_HTTPS));
@@ -1688,7 +1726,7 @@ static CURLcode Curl_https_connecting(struct connectdata *conn, bool *done)
 #ifdef USE_SSLEAY
 /* This function is OpenSSL-specific. It should be made to query the generic
    SSL layer instead. */
-static int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                          curl_socket_t *socks,
                          int numsocks)
 {
@@ -1713,7 +1751,7 @@ static int Curl_https_getsock(struct connectdata *conn,
 }
 #else
 #ifdef USE_GNUTLS
-int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                          curl_socket_t *socks,
                          int numsocks)
 {
@@ -1724,7 +1762,7 @@ int Curl_https_getsock(struct connectdata *conn,
 }
 #else
 #ifdef USE_NSS
-int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                          curl_socket_t *socks,
                          int numsocks)
 {
@@ -1735,7 +1773,7 @@ int Curl_https_getsock(struct connectdata *conn,
 }
 #else
 #ifdef USE_QSOSSL
-int Curl_https_getsock(struct connectdata *conn,
+static int https_getsock(struct connectdata *conn,
                          curl_socket_t *socks,
                          int numsocks)
 {
@@ -1758,13 +1796,14 @@ CURLcode Curl_http_done(struct connectdata *conn,
                         CURLcode status, bool premature)
 {
   struct SessionHandle *data = conn->data;
-  struct HTTP *http =data->reqdata.proto.http;
-  struct Curl_transfer_keeper *k = &data->reqdata.keep;
+  struct HTTP *http =data->state.proto.http;
   (void)premature; /* not used */
 
   /* set the proper values (possibly modified on POST) */
   conn->fread_func = data->set.fread_func; /* restore */
   conn->fread_in = data->set.in; /* restore */
+  conn->seek_func = data->set.seek_func; /* restore */
+  conn->seek_client = data->set.seek_client; /* restore */
 
   if(http == NULL)
     return CURLE_OK;
@@ -1778,7 +1817,7 @@ CURLcode Curl_http_done(struct connectdata *conn,
   }
 
   if(HTTPREQ_POST_FORM == data->set.httpreq) {
-    k->bytecount = http->readbytecount + http->writebytecount;
+    data->req.bytecount = http->readbytecount + http->writebytecount;
 
     Curl_formclean(&http->sendit); /* Now free that whole lot */
     if(http->form.fp) {
@@ -1788,15 +1827,17 @@ CURLcode Curl_http_done(struct connectdata *conn,
     }
   }
   else if(HTTPREQ_PUT == data->set.httpreq)
-    k->bytecount = http->readbytecount + http->writebytecount;
+    data->req.bytecount = http->readbytecount + http->writebytecount;
 
   if(status != CURLE_OK)
     return (status);
 
-  if(!conn->bits.retry &&
+  if(!premature && /* this check is pointless when DONE is called before the
+                      entire operation is complete */
+     !conn->bits.retry &&
      ((http->readbytecount +
-       data->reqdata.keep.headerbytecount -
-       data->reqdata.keep.deductheadercount)) <= 0) {
+       data->req.headerbytecount -
+       data->req.deductheadercount)) <= 0) {
     /* If this connection isn't simply closed to be retried, AND nothing was
        read from the HTTP server (that counts), this can't be right so we
        return an error here */
@@ -1879,7 +1920,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
   char *buf = data->state.buffer; /* this is a short cut to the buffer */
   CURLcode result=CURLE_OK;
   struct HTTP *http;
-  char *ppath = data->reqdata.path;
+  char *ppath = data->state.path;
   char ftp_typecode[sizeof(";type=?")] = "";
   char *host = conn->host.name;
   const char *te = ""; /* transfer-encoding */
@@ -1888,6 +1929,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
   Curl_HttpReq httpreq = data->set.httpreq;
   char *addcookies = NULL;
   curl_off_t included_body = 0;
+  const char *httpstring;
+  send_buffer *req_buffer;
+  curl_off_t postsize; /* off_t type to be able to hold a large file size */
+
 
   /* Always consider the DO phase done after this function call, even if there
      may be parts of the request that is not yet sent, since we can deal with
@@ -1898,16 +1943,16 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      sessionhandle, deal with it */
   Curl_reset_reqproto(conn);
 
-  if(!data->reqdata.proto.http) {
+  if(!data->state.proto.http) {
     /* Only allocate this struct if we don't already have it! */
 
     http = (struct HTTP *)calloc(sizeof(struct HTTP), 1);
     if(!http)
       return CURLE_OUT_OF_MEMORY;
-    data->reqdata.proto.http = http;
+    data->state.proto.http = http;
   }
   else
-    http = data->reqdata.proto.http;
+    http = data->state.proto.http;
 
   if( (conn->protocol&(PROT_HTTP|PROT_FTP)) &&
        data->set.upload) {
@@ -1918,7 +1963,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
   if(data->set.str[STRING_CUSTOMREQUEST])
     request = data->set.str[STRING_CUSTOMREQUEST];
   else {
-    if(conn->bits.no_body)
+    if(data->set.opt_no_body)
       request = (char *)"HEAD";
     else {
       DEBUGASSERT((httpreq > HTTPREQ_NONE) && (httpreq < HTTPREQ_LAST));
@@ -1951,7 +1996,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
   }
 
   /* setup the authentication headers */
-  result = Curl_http_output_auth(conn, request, ppath, FALSE);
+  result = http_output_auth(conn, request, ppath, FALSE);
   if(result)
     return result;
 
@@ -1986,13 +2031,23 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
   ptr = checkheaders(data, "Transfer-Encoding:");
   if(ptr) {
     /* Some kind of TE is requested, check if 'chunked' is chosen */
-    conn->bits.upload_chunky =
+    data->req.upload_chunky =
       Curl_compareheader(ptr, "Transfer-Encoding:", "chunked");
   }
   else {
-    if (httpreq == HTTPREQ_GET)
-      conn->bits.upload_chunky = FALSE;
-    if(conn->bits.upload_chunky)
+    if((conn->protocol&PROT_HTTP) &&
+        data->set.upload &&
+        (data->set.infilesize == -1) &&
+        (data->set.httpversion != CURL_HTTP_VERSION_1_0)) {
+      /* HTTP, upload, unknown file size and not HTTP 1.0 */
+      data->req.upload_chunky = TRUE;
+    }
+    else {
+      /* else, no chunky upload */
+      data->req.upload_chunky = FALSE;
+    }
+
+    if(data->req.upload_chunky)
       te = "Transfer-Encoding: chunked\r\n";
   }
 
@@ -2035,7 +2090,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
 
     if(((conn->protocol&PROT_HTTPS) && (conn->remote_port == PORT_HTTPS)) ||
        (!(conn->protocol&PROT_HTTPS) && (conn->remote_port == PORT_HTTP)) )
-      /* If (HTTPS on port 443) OR (non-HTTPS on port 80) then don't include
+      /* if(HTTPS on port 443) OR (non-HTTPS on port 80) then don't include
          the port number in the host string */
       conn->allocptr.host = aprintf("Host: %s%s%s\r\n",
                                     conn->bits.ipv6_ip?"[":"",
@@ -2094,6 +2149,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
       }
     }
     ppath = data->change.url;
+    if (data->set.proxy_transfer_mode) {
       /* when doing ftp, append ;type=<a|i> if not present */
       if(checkprefix("ftp://", ppath) || checkprefix("ftps://", ppath)) {
         char *p = strstr(ppath, ";type=");
@@ -2112,6 +2168,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                    data->set.prefer_ascii ? 'a' : 'i');
       }
     }
+  }
   if(HTTPREQ_POST_FORM == httpreq) {
     /* we must build the whole darned post sequence first, so that we have
        a size of the whole shebang before we start to send it */
@@ -2131,13 +2188,12 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      (conn->bits.httpproxy && !conn->bits.tunnel_proxy) )?
     "Pragma: no-cache\r\n":NULL;
 
-  if(!checkheaders(data, "Accept:"))
-    http->p_accept = "Accept: */*\r\n";
+  http->p_accept = checkheaders(data, "Accept:")?NULL:"Accept: */*\r\n";
 
   if(( (HTTPREQ_POST == httpreq) ||
        (HTTPREQ_POST_FORM == httpreq) ||
        (HTTPREQ_PUT == httpreq) ) &&
-     data->reqdata.resume_from) {
+     data->state.resume_from) {
     /**********************************************************************
      * Resuming upload in HTTP means that we PUT or POST and that we have
      * got a resume_from value set. The resume value has already created
@@ -2146,30 +2202,40 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
      * file size before we continue this venture in the dark lands of HTTP.
      *********************************************************************/
 
-    if(data->reqdata.resume_from < 0 ) {
+    if(data->state.resume_from < 0 ) {
       /*
        * This is meant to get the size of the present remote-file by itself.
        * We don't support this now. Bail out!
        */
-       data->reqdata.resume_from = 0;
+       data->state.resume_from = 0;
     }
 
-    if(data->reqdata.resume_from && !data->state.this_is_a_follow) {
+    if(data->state.resume_from && !data->state.this_is_a_follow) {
       /* do we still game? */
-      curl_off_t passed=0;
 
       /* Now, let's read off the proper amount of bytes from the
-         input. If we knew it was a proper file we could've just
-         fseek()ed but we only have a stream here */
+         input. */
+      if(conn->seek_func) {
+        curl_off_t readthisamountnow = data->state.resume_from;
+
+        if(conn->seek_func(conn->seek_client,
+                           readthisamountnow, SEEK_SET) != 0) {
+          failf(data, "Could not seek stream");
+          return CURLE_READ_ERROR;
+        }
+      }
+      else {
+        curl_off_t passed=0;
+
         do {
-        size_t readthisamountnow = (size_t)(data->reqdata.resume_from - passed);
+          size_t readthisamountnow = (size_t)(data->state.resume_from - passed);
           size_t actuallyread;
 
           if(readthisamountnow > BUFSIZE)
             readthisamountnow = BUFSIZE;
 
-        actuallyread =
-          data->set.fread_func(data->state.buffer, 1, (size_t)readthisamountnow,
+          actuallyread = data->set.fread_func(data->state.buffer, 1,
+                                              (size_t)readthisamountnow,
                                               data->set.in);
 
           passed += actuallyread;
@@ -2179,11 +2245,12 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                   passed);
             return CURLE_READ_ERROR;
           }
-      } while(passed != data->reqdata.resume_from); /* loop until done */
+        } while(passed != data->state.resume_from); /* loop until done */
+      }
 
       /* now, decrease the size of the read */
       if(data->set.infilesize>0) {
-        data->set.infilesize -= data->reqdata.resume_from;
+        data->set.infilesize -= data->state.resume_from;
 
         if(data->set.infilesize <= 0) {
           failf(data, "File already completely uploaded");
@@ -2193,7 +2260,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
       /* we've passed, proceed as normal */
     }
   }
-  if(data->reqdata.use_range) {
+  if(data->state.use_range) {
     /*
      * A range is selected. We use different headers whether we're downloading
      * or uploading and we always let customized headers override our internal
@@ -2205,7 +2272,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
       if(conn->allocptr.rangeline)
         free(conn->allocptr.rangeline);
       conn->allocptr.rangeline = aprintf("Range: bytes=%s\r\n",
-                                         data->reqdata.range);
+                                         data->state.range);
     }
     else if((httpreq != HTTPREQ_GET) &&
             !checkheaders(data, "Content-Range:")) {
@@ -2214,14 +2281,14 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
       if(conn->allocptr.rangeline)
         free(conn->allocptr.rangeline);
 
-      if(data->reqdata.resume_from) {
+      if(data->state.resume_from) {
         /* This is because "resume" was selected */
         curl_off_t total_expected_size=
-          data->reqdata.resume_from + data->set.infilesize;
+          data->state.resume_from + data->set.infilesize;
         conn->allocptr.rangeline =
             aprintf("Content-Range: bytes %s%" FORMAT_OFF_T
                     "/%" FORMAT_OFF_T "\r\n",
-                    data->reqdata.range, total_expected_size-1,
+                    data->state.range, total_expected_size-1,
                     total_expected_size);
       }
       else {
@@ -2229,20 +2296,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
            append total size */
         conn->allocptr.rangeline =
             aprintf("Content-Range: bytes %s/%" FORMAT_OFF_T "\r\n",
-                    data->reqdata.range, data->set.infilesize);
+                    data->state.range, data->set.infilesize);
       }
       if(!conn->allocptr.rangeline)
         return CURLE_OUT_OF_MEMORY;
     }
   }
 
-  {
   /* Use 1.1 unless the use specificly asked for 1.0 */
-    const char *httpstring=
-      data->set.httpversion==CURL_HTTP_VERSION_1_0?"1.0":"1.1";
-
-    send_buffer *req_buffer;
-    curl_off_t postsize; /* off_t type to be able to hold a large file size */
+  httpstring= data->set.httpversion==CURL_HTTP_VERSION_1_0?"1.0":"1.1";
 
   /* initialize a dynamic send-buffer */
   req_buffer = add_buffer_init();
@@ -2274,7 +2336,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                 conn->allocptr.proxyuserpwd?
                 conn->allocptr.proxyuserpwd:"",
                 conn->allocptr.userpwd?conn->allocptr.userpwd:"",
-                (data->reqdata.use_range && conn->allocptr.rangeline)?
+                (data->state.use_range && conn->allocptr.rangeline)?
                 conn->allocptr.rangeline:"",
                 (data->set.str[STRING_USERAGENT] &&
                  *data->set.str[STRING_USERAGENT] && conn->allocptr.uagent)?
@@ -2295,6 +2357,14 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
                 te
       );
 
+  /*
+   * Free userpwd now --- cannot reuse this for Negotiate and possibly NTLM
+   * with basic and digest, it will be freed anyway by the next request
+   */
+
+  Curl_safefree (conn->allocptr.userpwd);
+  conn->allocptr.userpwd = NULL;
+
   if(result)
     return result;
 
@@ -2307,7 +2377,8 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
       Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
       co = Curl_cookie_getlist(data->cookies,
                                conn->allocptr.cookiehost?
-                                 conn->allocptr.cookiehost:host, data->reqdata.path,
+                               conn->allocptr.cookiehost:host,
+                               data->state.path,
                                (bool)(conn->protocol&PROT_HTTPS?TRUE:FALSE));
       Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
     }
@@ -2330,7 +2401,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
         }
         co = co->next; /* next cookie please */
       }
-        Curl_cookie_freelist(store); /* free the cookie list */
+      Curl_cookie_freelist(store, FALSE); /* free the cookie list */
     }
     if(addcookies && (CURLE_OK == result)) {
       if(!count)
@@ -2441,7 +2512,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
 
     http->sending = HTTPSEND_BODY;
 
-      if(!conn->bits.upload_chunky) {
+    if(!data->req.upload_chunky) {
       /* only add Content-Length if not uploading chunked */
       result = add_bufferf(req_buffer,
                            "Content-Length: %" FORMAT_OFF_T "\r\n",
@@ -2513,7 +2584,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
     else
       postsize = data->set.infilesize;
 
-      if((postsize != -1) && !conn->bits.upload_chunky) {
+    if((postsize != -1) && !data->req.upload_chunky) {
       /* only add Content-Length if not uploading chunked */
       result = add_bufferf(req_buffer,
                            "Content-Length: %" FORMAT_OFF_T "\r\n",
@@ -2559,7 +2630,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
         data->set.postfieldsize:
         (data->set.postfields? (curl_off_t)strlen(data->set.postfields):0);
 
-      if(!conn->bits.upload_chunky) {
+        if(!data->req.upload_chunky) {
           /* We only set Content-Length and allow a custom Content-Length if
              we don't upload data chunked, as RFC2616 forbids us to set both
              kinds of headers (Transfer-Encoding: chunked and Content-Length) */
@@ -2582,10 +2653,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
             return result;
         }
 
-      if(data->set.postfields) {
-
-        /* for really small posts we don't use Expect: headers at all, and for
-           the somewhat bigger ones we allow the app to disable it */
+        /* For really small posts we don't use Expect: headers at all, and for
+           the somewhat bigger ones we allow the app to disable it. Just make
+           sure that the expect100header is always set to the preferred value
+           here. */
         if(postsize > TINY_INITIAL_POST_SIZE) {
           result = expect100(data, req_buffer);
           if(result)
@@ -2594,6 +2665,8 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
         else
           data->state.expect100header = FALSE;
 
+        if(data->set.postfields) {
+
           if(!data->state.expect100header &&
              (postsize < MAX_INITIAL_POST_SIZE))  {
             /* if we don't use expect: 100  AND
@@ -2607,7 +2680,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
             if(result)
               return result;
 
-          if(!conn->bits.upload_chunky) {
+            if(!data->req.upload_chunky) {
               /* We're not sending it 'chunked', append it to the request
                  already now to reduce the number if send() calls */
               result = add_buffer(req_buffer, data->set.postfields,
@@ -2656,9 +2729,13 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
             /* set the upload size to the progress meter */
             Curl_pgrsSetUploadSize(data, postsize?postsize:-1);
 
-          /* set the pointer to mark that we will send the post body using
-             the read callback */
+            /* set the pointer to mark that we will send the post body using the
+               read callback, but only if we're not in authenticate
+               negotiation  */
+            if(!conn->bits.authneg) {
               http->postdata = (char *)&http->postdata;
+              http->postsize = postsize;
+            }
           }
         }
         /* issue the request */
@@ -2695,8 +2772,15 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
   }
   if(result)
     return result;
+
+  if(http->writebytecount) {
+    /* if a request-body has been sent off, we make sure this progress is noted
+       properly */
+    Curl_pgrsSetUploadCounter(data, http->writebytecount);
+    if(Curl_pgrsUpdate(conn))
+      result = CURLE_ABORTED_BY_CALLBACK;
   }
 
-  return CURLE_OK;
+  return result;
 }
 #endif

lib/http_chunks.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -109,7 +109,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
   CURLcode result=CURLE_OK;
   struct SessionHandle *data = conn->data;
   struct Curl_chunker *ch = &conn->chunk;
-  struct Curl_transfer_keeper *k = &data->reqdata.keep;
+  struct SingleRequest *k = &data->req;
   size_t piece;
   size_t length = (size_t)datalen;
   size_t *wrote = (size_t *)wrotep;
@@ -118,8 +118,11 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
 
   /* the original data is written to the client, but we go on with the
      chunk read process, to properly calculate the content length*/
-  if (data->set.http_te_skip && !k->ignorebody)
-    Curl_client_write(conn, CLIENTWRITE_BODY, datap,datalen);
+  if(data->set.http_te_skip && !k->ignorebody) {
+    result = Curl_client_write(conn, CLIENTWRITE_BODY, datap, datalen);
+    if(result)
+      return CHUNKE_WRITE_ERROR;
+  }
 
   while(length) {
     switch(ch->state) {
@@ -178,7 +181,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
       if(*datap == 0x0a) {
         /* we're now expecting data to come, unless size was zero! */
         if(0 == ch->datasize) {
-          if (conn->bits.trailerHdrPresent!=TRUE) {
+          if(k->trailerhdrpresent!=TRUE) {
             /* No Trailer: header found - revert to original Curl processing */
             ch->state = CHUNK_STOPCR;
 
@@ -217,7 +220,7 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
       /* Write the data portion available */
 #ifdef HAVE_LIBZ
       switch (conn->data->set.http_ce_skip?
-              IDENTITY : data->reqdata.keep.content_encoding) {
+              IDENTITY : data->req.content_encoding) {
       case IDENTITY:
 #endif
         if(!k->ignorebody) {
@@ -231,16 +234,16 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
         break;
 
       case DEFLATE:
-        /* update data->reqdata.keep.str to point to the chunk data. */
-        data->reqdata.keep.str = datap;
-        result = Curl_unencode_deflate_write(conn, &data->reqdata.keep,
+        /* update data->req.keep.str to point to the chunk data. */
+        data->req.str = datap;
+        result = Curl_unencode_deflate_write(conn, &data->req,
                                              (ssize_t)piece);
         break;
 
       case GZIP:
-        /* update data->reqdata.keep.str to point to the chunk data. */
-        data->reqdata.keep.str = datap;
-        result = Curl_unencode_gzip_write(conn, &data->reqdata.keep,
+        /* update data->req.keep.str to point to the chunk data. */
+        data->req.str = datap;
+        result = Curl_unencode_gzip_write(conn, &data->req,
                                           (ssize_t)piece);
         break;
 
@@ -362,9 +365,12 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
             return(CHUNKE_BAD_CHUNK);
           }
 #endif /* CURL_DOES_CONVERSIONS */
-          if ( !data->set.http_te_skip )
-            Curl_client_write(conn, CLIENTWRITE_HEADER,
+          if(!data->set.http_te_skip) {
+            result = Curl_client_write(conn, CLIENTWRITE_HEADER,
                                        conn->trailer, conn->trlPos);
+            if(result)
+              return CHUNKE_WRITE_ERROR;
+          }
         }
         ch->state = CHUNK_TRAILER;
         conn->trlPos=0;