7.18.1

since they're still not clear enough to be to sort about before 7.18.1

CHANGES

@@ -6,6 +6,702 @@
 
                                   Changelog
 
+Version 7.18.1 (30 March 2008)
+
+Daniel Stenberg (28 Mar 2008)
+- Stephen Collyer pointed out that configure --with-libssh2 without a given
+  path didn't work properly.
+
+Daniel Stenberg (27 Mar 2008)
+- As found out and reported by Dan Petitt, libcurl didn't show progress/call
+  the progress callback for the first (potentially huge) piece of body data
+  sent together with the POST request headers in the initial send().
+
+Daniel Stenberg (25 Mar 2008)
+- Made setting the CURLOPT_SSL_CTX_FUNCTION option return a failure in case
+  libcurl wasn't built to use OpenSSL as that is a prerequisite for this
+  option to function!
+
+Daniel Stenberg (22 Mar 2008)
+- Fixed the problem with doing a zero byte SCP transfer, verified with test
+  case 617 (which was added by Daniel Fandrich 5 Mar 2008).
+
+Daniel Fandrich (20 Mar 2008)
+- Fixed a problem where curl-config --protocols could erroneously show LDAPS
+  support when curl didn't even have regular LDAP support.  It looks like
+  this could happen when the --enable-ldaps configure switch is given but
+  configure couldn't find the LDAP headers or libraries.
+
+Michal Marek (20 Mar 2008)
+- Added --with-ca-path=DIRECTORY configure option to use an openSSL CApath by
+  default instead of a ca bundle. The configure script will also look for a
+  ca path if no ca bundle is found and no option given.
+
+- Fixed detection of previously installed curl-ca-bundle.crt
+
+Daniel Fandrich (18 Mar 2008)
+- Added test 626 to reproduce an infinite loop when given an invalid
+  SFTP quote command reported by Vincent Le Normand, and fixed it.
+
+Michal Marek (18 Mar 2008)
+- Added curl_easy_getinfo typechecker.
+
+- Added macros for curl_share_setopt and curl_multi_setopt to check at least
+  the correct number of arguments.
+
+Daniel Fandrich (13 Mar 2008)
+- Added tests 622-625 to test SFTP/SCP uploads. Test 625 was an attempt to
+  reproduce the --ftp-create-dirs problem reported by Brian Ulm, but that
+  seems to need a call curl_easy_reset() which this test case doesn't do.
+
+Daniel Stenberg (13 Mar 2008)
+- Brian Ulm figured out that if you did an SFTP upload with
+  CURLOPT_FTP_CREATE_MISSING_DIRS to create a directory, and then re-used the
+  handle and uploaded another file to another directory that needed to be
+  created, the second upload would fail. Another case of a state variable that
+  wasn't properly reset between requests.
+
+- I rewrote the 100-continue code to use a single state variable instead of
+  the previous two ones. I think it made the logic somewhat clearer.
+
+Daniel Stenberg (11 Mar 2008)
+- Dmitry Popov filed bug report #1911069
+  (http://curl.haxx.se/bug/view.cgi?id=1911069) that identified a race
+  condition in the name resolver code when the DNS cache is shared between
+  multiple easy handles, each running in simultaneous threads that could cause
+  crashes.
+
+- Added a macro for curl_easy_setopt() that accepts three arguments and simply
+  does nothing with them, just to make sure libcurl users always use three
+  arguments to this function. Due to its use of ... for the third argument, it
+  is otherwise hard to detect abuse.
+
+Michal Marek (11 Mar 2008)
+- Added a type checking macro for curl_easy_setopt(), needs gcc-4.3 and only
+  works in C mode atm (http://curl.haxx.se/mail/lib-2008-02/0267.html ,
+  http://curl.haxx.se/mail/lib-2008-02/0292.html )
+
+Daniel Fandrich (10 Mar 2008)
+- Added tests 618-621 to test SFTP/SCP transfers of more than one file
+  (test 620 tests the just-fixed problem reported by Brian Ulm).
+
+Daniel Stenberg (9 Mar 2008)
+- Brian Ulm reported a crash when doing a second SFTP transfer on a re-used
+  easy handle if curl_easy_reset() was used between them. I fixed it and Brian
+  verified that it cured his problem.
+
+- Brian Ulm reported that if you first tried to download a non-existing SFTP
+  file and then fetched an existing one and re-used the handle, libcurl would
+  still report the second one as non-existing as well! I fixed it and Brian
+  verified that it cured his problem.
+
+Michal Marek (6 Mar 2008)
+- Fix the gssapi configure check to detect newer MIT Kerberos (patch by
+  Michael Calmer)
+
+Yang Tse (6 Mar 2008)
+- Fix regression on Curl_socket_ready() and Curl_poll() so that these will
+  again fail on select/poll errors different than EINTR.
+
+Daniel Fandrich (5 Mar 2008)
+- Fixed the test harness so it will write out zero-length data files.
+
+- Added tests 616 and 617 to see how SFTP and SCP cope with zero-length
+  files, as questioned by Mike Protts. SFTP does for me but SCP doesn't
+  so test 617 is disabled for now.
+
+Daniel S (4 Mar 2008)
+- Mike Protts brought a patch that makes resumed transfers work with SFTP.
+
+Daniel S (1 Mar 2008)
+- Anatoli Tubman found and fixed a crash with Negotiate authentication used on
+  a re-used connection where both requests used Negotiate.
+
+Guenter Knauf (26 Feb 2008)
+- Kaspar Brand provided a patch to support server name indication (RFC 4366).
+
+Daniel S (25 Feb 2008)
+- Kaspar Brand made GnuTLS-built libcurl properly acknowledge the option that
+  forces it to prefer SSLv3.
+
+Daniel S (23 Feb 2008)
+- Sam Listopad provided a patch in feature-request #1900014
+  http://curl.haxx.se/bug/feature.cgi?id=1900014 that makes libcurl (built to
+  use OpenSSL) support a full chain of certificates in a given PKCS12
+  certificate.
+
+Daniel S (22 Feb 2008)
+- Georg Lippitsch made the src/Makefile.vc6 makefile use the same memory model
+  options as the lib/Makefile.vc6 already did.
+
+Daniel S (21 Feb 2008)
+- Zmey Petroff found a crash when libcurl accessed a NULL pointer, which
+  happened if you set the connection cache size to 1 and for example failed to
+  login to an FTP site. Bug report #1896698
+  (http://curl.haxx.se/bug/view.cgi?id=1896698)
+
+Daniel S (20 Feb 2008)
+- Fixed test case 405 to not fail when libcurl is built with GnuTLS
+
+- Based on initial work done by Gautam Kachroo to address a bug, we now keep
+  better control at the exact state of the connection's SSL status so that we
+  know exactly when it has completed the SSL negotiation or not so that there
+  won't be accidental re-uses of connections that are wrongly believed to be
+  in SSL-completed-negotiate state.
+
+- We no longer support setting the CURLOPT_URL option from inside a callback
+  such as the CURLOPT_SSL_CTX_FUNCTION one treat that as if it was a Location:
+  following. The patch that introduced this feature was done for 7.11.0, but
+  this code and functionality has been broken since about 7.15.4 (March 2006)
+  with the introduction of non-blocking OpenSSL "connects".
+
+  It was a hack to begin with and since it doesn't work and hasn't worked
+  correctly for a long time and nobody has even noticed, I consider it a very
+  suitable subject for plain removal. And so it was done.
+
+Guenter Knauf (19 Feb 2008)
+- We do no longer support SSLv2 by default since it has known flaws.
+  Kaspar Brand provided a patch for all supported SSL toolkits.
+ 
+Daniel Fandrich (19 Feb 2008)
+- Added test309 to test HTTP redirect to HTTPS URL
+
+Daniel S (18 Feb 2008)
+- We're no longer providing a very old ca-bundle in the curl tarball. You can
+  get a fresh one downloaded and created with 'make ca-bundle' or you can get
+  one from here => http://curl.haxx.se/docs/caextract.html if you want a fresh
+  new one extracted from Mozilla's recent list of ca certs.
+
+  The configure option --with-ca-bundle now lets you specify what file to use
+  as default ca bundle for your build. If not specified, the configure script
+  will check a few known standard places for a global ca cert to use.
+
+Daniel S (17 Feb 2008)
+- Jerome Muffat-Meridol helped me fix Curl_done() to close the current
+  connection by force when it was called before the entire request is
+  completed, simply because we can't know if the connection really can be
+  re-used safely at that point.
+
+- Based on the same debugging logic, I've also made Curl_http_done() not
+  return CURLE_GOT_NOTHING if called "prematurely". This should have no real
+  effect to anything but the code makes more sense like this.
+  
+Daniel S (15 Feb 2008)
+- Made the gnutls code path not even try to get the server cert if no peer
+  verification is requested. Previously it would even return failure if gnutls
+  failed to get the server cert even though no verification was asked for.
+  Public server showing the problem: https://www.net222.caisse-epargne.fr
+
+- Fix my Curl_timeleft() leftover mistake in the gnutls code
+
+- Pooyan McSporran found and fixed a flaw where you first would do a normal
+  http request and then you'd reuse the handle and replace the Accept: header,
+  as then libcurl would send two Accept: headers!
+
+Daniel S (11 Feb 2008)
+- Yang Tse pointed out a few remaining quirks from my timeout refactoring from
+  Feb 7 that didn't abort properly on timeouts. These are actually old
+  problems but now they should be fixed.
+
+Yang Tse (10 Feb 2008)
+- Bug report #1888932 (http://curl.haxx.se/bug/view.cgi?id=1888932) points out
+  and provides test program that demonstrates that libcurl might not set error
+  description message for error CURLE_COULDNT_RESOLVE_HOST for Windows threaded
+  name resolver builds. Fixed now.
+
+Daniel Fandrich (8 Feb 2007)
+- Added key words to all SSL-using tests so they can be skipped if necessary.
+  Removed a few unnecessary requires SSL statements.
+
+Daniel S (8 Feb 2008)
+- Mike Hommey filed and fixed bug report #1889856
+  (http://curl.haxx.se/bug/view.cgi?id=1889856): When using the gnutls ssl
+  layer, cleaning-up and reinitializing curl ends up with https requests
+  failing with "ASN1 parser: Element was not found" errors. Obviously a
+  regression added in 7.16.3.
+
+Yang Tse (8 Feb 2008)
+- Improved test harness SCP/SFTP start up server verification, doing a real
+  connection to the sftp server, authenticating and running a simple sftp
+  pwd command using the test harness generated configuration and key files.
+
+Daniel S (8 Feb 2008)
+- G<>nter Knauf added lib/mk-ca-bundle.pl which gets the Firefox ca bundle and
+  creates a suitable ca-bundle.crt file in PEM format for use with curl. The
+  recommended way to run it is to use 'make ca-bundle' in the build tree root.
+
+Daniel Fandrich (7 Feb 2007)
+- Added tests 1022 and 1023 to validate output of curl-config --version and
+  --vernum
+
+Daniel S (7 Feb 2008)
+- Refactored a lot of timeout code into a few functions in an attempt to make
+  them all use the same (hopefully correct) logic to make it less error-prone
+  and easier to introduce library-wide where it should be used.
+
+Yang Tse (6 Feb 2008)
+- Fix an issue in strdup replacement function when dealing with absolutely
+  huge strings. Only systems without a standard strdup would be affected.
+
+Daniel S (3 Feb 2008)
+- Dmitry Kurochkin cleaned up the pipelining code and removed the need for and
+  use of the "is_in_pipeline" struct field.
+
+- I wrote up and added the threaded-ssl.c example source code that shows how
+  to do multi-threaded downloads of HTTPS files with a libcurl that is built
+  with OpenSSL. It uses pthreads for the threading.
+
+Daniel S (31 Jan 2008)
+- Niklas Angebrand made the cookie support in libcurl properly deal with the
+  "HttpOnly" feature introduced by Microsoft and apparently also supported by
+  Firefox: http://msdn2.microsoft.com/en-us/library/ms533046.aspx . HttpOnly
+  is now supported when received from servers in HTTP headers, when written to
+  cookie jars and when read from existing cookie jars.
+
+  I modified test case 31 and 46 to also do some basic HttpOnly testing.
+
+- Dmitry Kurochkin moved several struct fields from the connectdata struct to
+  the SingleRequest one to make pipelining better. It is a bit tricky to keep
+  them in the right place, to keep things related to the actual request or to
+  the actual connection in the right place.
+
+Daniel S (29 Jan 2008)
+- Dmitry Kurochkin fixed Curl_done() for pipelining, as it could previously
+  crash!
+
+- Michal Marek fixed minor mistake in test case 553 that prevented it from
+  working on other IP-addresses or port numbers.
+
+Version 7.18.0 (28 January 2008)
+
+Daniel S (27 Jan 2008)
+- Dmitry Kurochkin: In "real world" testing I found more bugs in
+  pipelining. Broken connection is not restored and we get into infinite
+  loop. It happens because of wrong is_in_pipeline values.
+
+Daniel S (26 Jan 2008)
+- Kevin Reed filed bug report #1879375
+  (http://curl.haxx.se/bug/view.cgi?id=1879375) which describes how libcurl
+  got lost in this scenario: proxy tunnel (or HTTPS over proxy), ask to do any
+  proxy authentication and the proxy replies with an auth (like NTLM) and then
+  closes the connection after that initial informational response.
+
+  libcurl would not properly re-initialize the connection to the proxy and
+  continue the auth negotiation like supposed. It does now however, as it will
+  now detect if one or more authentication methods were available and asked
+  for, and will thus retry the connection and continue from there.
+
+- I made the progress callback get called properly during proxy CONNECT.
+
+Daniel S (23 Jan 2008)
+- Igor Franchuk pointed out that CURLOPT_COOKIELIST set to "ALL" leaked
+  memory, and so did "SESS". Fixed now.
+
+Yang Tse (22 Jan 2008)
+- Check poll.h at configuration time, and use it when sys/poll.h unavailable
+
+Daniel S (22 Jan 2008)
+- Dmitry Kurochkin removed the cancelled state for pipelining, as we agreed
+  that it is bad anyway. Starting now, removing a handle that is in used in a
+  pipeline will break the pipeline - it'll be set back up again but still...
+
+Yang Tse (21 Jan 2008)
+- Disable ldap support for cygwin builds, since it breaks whole build process.
+  Fixing it will affect other platforms, so it is postponed for another release.
+
+Daniel S (18 Jan 2008)
+- Lau Hang Kin found and fixed a problem with the multi interface when doing
+  CONNECT over a proxy. curl_multi_fdset() didn't report back the socket
+  properly during that state, due to a missing case in the switch in the
+  multi_getsock() function.
+
+Yang Tse (17 Jan 2008)
+- Don't abort tests 518 and 537 when unable to raise the open-file soft limit.
+
+Daniel S (16 Jan 2008)
+- Nathan Coulter's patch that makes runtests.pl respect the PATH when figuring
+  out what valgrind to run.
+
+Yang Tse (16 Jan 2008)
+- Improved handling of out of memory in the command line tool that afected
+  data url encoded HTTP POSTs when reading it from a file.
+
+Daniel S (16 Jan 2008)
+- Dmitry Kurochkin worked a lot on improving the HTTP Pipelining support that
+  previously had a number of flaws, perhaps most notably when an application
+  fired up N transfers at once as then they wouldn't pipeline at all that
+  nicely as anyone would think... Test case 530 was also updated to take the
+  improved functionality into account.
+
+- Calls to Curl_failf() are not supposed to provide a trailing newline as the
+  function itself adds that. Fixed on 50 or something strings!
+
+Daniel S (15 Jan 2008)
+- I made the torture test on test 530 go through. This was actually due to
+  silly code left from when we switched to let the multi handle "hold" the dns
+  cache when using the multi interface... Of course this only triggered when a
+  certain function call returned error at the correct moment.
+
+Daniel S (14 Jan 2008)
+- Joe Malicki filed bug report #1871269
+  (http://curl.haxx.se/bug/view.cgi?id=1871269) and we could fix his hang-
+  problem that occurred when doing a large HTTP POST request with the
+  response-body read from a callback.
+
+Daniel S (12 Jan 2008)
+- I re-arranged the curl --help output. All the options are now sorted on
+  their long option names and all descriptions are one-liners.
+
+- Eric Landes provided the patch (edited by me) that introduces the
+  --keepalive-time to curl to set the keepalive probe interval. I also took
+  the opportunity to rename the recently added no-keep-alive option to
+  no-keepalive to keep a consistent naming and to avoid getting two dashes in
+  these option names. Eric also provided an update to the man page for the new
+  option.
+
+Daniel S (11 Jan 2008)
+- Daniel Egger made CURLOPT_RANGE work on file:// URLs the very same way it
+  already worked for FTP:// URLs.
+
+- I made the curl tool switch from using CURLOPT_IOCTLFUNCTION to now use the
+  spanking new CURLOPT_SEEKFUNCTION simply to take advantage of the improved
+  performance for the upload resume cases where you want to upload the last
+  few bytes of a very large file. To implement this decently, I had to switch
+  the client code for uploading from fopen()/fread() to plain open()/read() so
+  that we can use lseek() to do >32bit seeks (as fseek() doesn't allow that)
+  on systems that offer support for that.
+
+Daniel S (10 Jan 2008)
+- Michal Marek made curl-config --libs not include /usr/lib64 in the output
+  (it already before skipped /usr/lib).  /usr/lib64 is the default library
+  directory on many 64bit systems and it's unlikely that anyone would use the
+  path privately on systems where it's not.
+
+- Georg Lippitsch brought CURLOPT_SEEKFUNCTION and CURLOPT_SEEKDATA to allow
+  libcurl to seek in a given input stream. This is particularly important when
+  doing upload resumes when there's already a huge part of the file present
+  remotely. Before, and still if this callback isn't used, libcurl will read
+  and through away the entire file up to the point to where the resuming
+  begins (which of course can be a slow opereration depending on file size,
+  I/O bandwidth and more). This new function will also be preferred to get
+  used instead of the CURLOPT_IOCTLFUNCTION for seeking back in a stream when
+  doing multi-stage HTTP auth with POST/PUT.
+
+- Nikitinskit Dmitriy filed bug report #1868255
+  (http://curl.haxx.se/bug/view.cgi?id=1868255) with a patch. It identifies
+  and fixes a problem with parsing WWW-Authenticate: headers with additional
+  spaces in the line that the parser wasn't written to deal with.
+
+Daniel S (8 Jan 2008)
+- Introducing curl_easy_pause() and new magic return codes for both the read
+  and the write callbacks that now can make a connection's reading and/or
+  writing get paused.
+
+Daniel S (6 Jan 2008)
+- Jeff Johnson filed bug report #1863171
+  (http://curl.haxx.se/bug/view.cgi?id=1863171) where he pointed out that
+  libcurl's date parser didn't accept a +1300 time zone which actually is used
+  fairly often (like New Zealand's Dailight Savings Time), so I modified the
+  parser to now accept up to and including -1400 to +1400.
+
+Daniel S (5 Jan 2008)
+- Based on further discussion on curl-library, I reverted yesterday's SOCKS5
+  code to instead introduce support for a new proxy type called
+  CURLPROXY_SOCKS5_HOSTNAME that is used to send the host name to the proxy
+  instead of IP address and there's thus no longer any need for a new
+  curl_easy_setopt() option.
+
+  The default SOCKS5 proxy is again back to sending the IP address to the
+  proxy.  The new curl command line option for enabling sending host name to a
+  SOCKS5 proxy is now --socks5-hostname.
+
+Daniel S (4 Jan 2008)
+- Based on Maxim Perenesenko's patch, we now do SOCKS5 operations and let the
+  proxy do the host name resolving and only if --socks5ip (or
+  CURLOPT_SOCKS5_RESOLVE_LOCAL) is used we resolve the host name locally and
+  pass on the IP address only to the proxy.
+
+Yang Tse (3 Jan 2008)
+- Modified test harness to allow SCP, SFTP and SOCKS4 tests to run with
+  OpenSSH 2.9.9, SunSSH 1.0 or later versions. SOCKS5 tests need OpenSSH
+  3.7, SunSSH 1.0 or later.
+
+Daniel S (2 Jan 2008)
+- I fixed two cases of missing return code checks when handling chunked
+  decoding where a write error (or abort return from a callback) didn't stop
+  libcurl's processing.
+
+- I removed the socklen_t use from the public curl/curl.h header and instead
+  made it an unsigned int. The type was only used in the curl_sockaddr struct
+  definition (only used by the curl_opensocket_callback). On all platforms I
+  could find information about, socklen_t is 32 unsigned bits large so I don't
+  think this will break the API or ABI. The main reason for this change is of
+  course for all the platforms that don't have a socklen_t definition in their
+  headers to build fine again. Providing our own configure magic and custom
+  definition of socklen_t on those systems proved to work but was a lot of
+  cruft, code and extra magic needed - when this very small change of type
+  seems harmless and still solves the missing socklen_t problem.
+
+- Richard Atterer brought a patch that added support for SOCKS4a proxies,
+  which is an inofficial PROXY4 variant that sends the hostname to the proxy
+  instead of the resolved address (which is already supported by SOCKS5).
+  --socks4a is the curl command line option for it and CURLOPT_PROXYTYPE can
+  now be set to CURLPROXY_SOCKS4A as well.
+
+Daniel S (1 Jan 2008)
+- Mohun Biswas pointed out that --libcurl generated a source code with an int
+  function but without a return statement. While fixing that, I also took care
+  about adding some better comments for the generated code.
+
+Daniel S (27 Dec 2007)
+- Dmitry Kurochkin mentioned a flaw
+  (http://curl.haxx.se/mail/lib-2007-12/0252.html) in detect_proxy() which
+  failed to set the bits.proxy variable properly when an environment variable
+  told libcurl to use a http proxy.
+
+Daniel S (26 Dec 2007)
+- In an attempt to repeat the problem in bug report #1850730
+  (http://curl.haxx.se/bug/view.cgi?id=1850730) I wrote up test case 552. The
+  test is doing a 70K POST with a read callback and an ioctl callback over a
+  proxy requiring Digest auth. The test case code is more or less identical to
+  the test recipe code provided by Spacen Jasset (who submitted the bug
+  report).
+
+Daniel S (25 Dec 2007)
+- Gary Maxwell filed bug report #1856628
+  (http://curl.haxx.se/bug/view.cgi?id=1856628) and provided a fix for the
+  (small) memory leak in the SSL session ID caching code. It happened when a
+  previous entry in the cache was re-used.
+
+Daniel Fandrich (19 Dec 2007)
+- Ensure that nroff doesn't put anything but ASCII characters into the
+  --manual text.
+
+Yang Tse (18 Dec 2007)
+- MSVC 9.0 (VS2008) does not support Windows build targets prior to WinXP,
+  and makes wrong asumptions of build target when it isn't specified. So,
+  if no build target has been defined we will target WinXP when building
+  curl/libcurl with MSVC 9.0 (VS2008).
+
+- (http://curl.haxx.se/mail/archive-2007-12/0039.html) reported and fixed
+  a file truncation problem on Windows build targets triggered when retrying
+  a download with curl.
+
+Daniel S (17 Dec 2007)
+- Mateusz Loskot pointed out that MSVC 9.0 (VS2008) has the pollfd struct and
+  defines in winsock2.h somehow differently than previous versions and that
+  curl 7.17.1 would fail to compile out of the box.
+
+Daniel S (13 Dec 2007)
+- David Wright filed bug report #1849764
+  (http://curl.haxx.se/bug/view.cgi?id=1849764) with an included fix. He
+  identified a problem for re-used connections that previously had sent
+  Expect: 100-continue and in some situations the subsequent POST (that didn't
+  use Expect:) still had the internal flag set for its use. David's fix (that
+  makes the setting of the flag in every single request unconditionally) is
+  fine and is now used!
+
+Daniel S (12 Dec 2007)
+- Gilles Blanc made the curl tool enable SO_KEEPALIVE for the connections and
+  added the --no-keep-alive option that can disable that on demand.
+
+Daniel S (9 Dec 2007)
+- Andrew Moise filed bug report #1847501
+  (http://curl.haxx.se/bug/view.cgi?id=1847501) and pointed out a memcpy()
+  that should be memmove() in the convert_lineends() function.
+
+Daniel S (8 Dec 2007)
+- Renamed all internal static functions that had Curl_ prefixes to no longer
+  have them. The Curl_ prefix is exclusively used for library internal global
+  symbols. Static functions can be named anything, except for using Curl_ or
+  curl_ prefixes. This is for consistency and for easier maintainance and
+  overview.
+
+- Cleaned up and reformatted the TODO document to look like the FAQ and
+  CONTRIBUTE, which makes nicer web pages
+
+- Added test cases 549 and 550 that test CURLOPT_PROXY_TRANSFER_MODE.
+
+- Added keywords on a bunch of test cases
+
+- Fixed an OOM problem in the curl code that would lead to fclose on a bad
+  handle and crash
+
+Daniel S (5 Dec 2007)
+- Spacen Jasset reported a problem with doing POST (with data read with a
+  callback) over a proxy when NTLM is used as auth with the proxy. The bug
+  also concerned Digest and was limited to using callback only. Spacen worked
+  with us to provide a useful patch. I added the test case 547 and 548 to
+  verify two variations of POST over proxy with NTLM.
+
+Daniel S (3 Dec 2007)
+- Ray Pekowski filed bug report #1842029
+  (http://curl.haxx.se/bug/view.cgi?id=1842029) in which he identified a
+  problem with SSL session caching that prevent it from working, and provided
+  the associated fix!
+
+- Now libcurl (built with OpenSSL) doesn't return error anymore if the remote
+  SSL-based server doesn't present a certificate when the request is told to
+  ignore certificate verification anyway.
+
+- Michal Marek introduced CURLOPT_PROXY_TRANSFER_MODE which is used to control
+  the appending of the "type=" thing on FTP URLs when they are passed to a
+  HTTP proxy. Some proxies just don't like that appending (which is done
+  unconditionally in 7.17.1), and some proxies treat binary/ascii transfers
+  better with the appending done!
+
+Daniel S (29 Nov 2007)
+- A bug report on the curl-library list showed a HTTP Digest session going on
+  with a 700+ letter nonce. Previously libcurl only support 127 letter ones
+  and now I bumped it to 1023.
+
+- Fixed the resumed FTP upload loop to not require that the read callback
+  returns a full buffer on each invoke.
+
+Daniel S (25 Nov 2007)
+- Added test case 1015 that tests --data-urlencode in multiple ways
+
+- Fixed --data-urlencode for when no @ or = are used
+
+- Extended the user-agent buffer curl uses, since we can hit the 128 byte
+  border with plenty development libraries used. Like my current set: "curl
+  7.17.2-CVS (i686-pc-linux-gnu) libcurl/7.17.2-CVS OpenSSL/0.9.8g
+  zlib/1.2.3.3 c-ares/1.5.2-CVS libidn/1.1 libssh2/0.19.0-CVS"
+
+Daniel S (24 Nov 2007)
+- Internal rearrangements, so that the previous struct HandleData is no more.
+  It is now known as SingleRequest and the Curl_transfer_keeper struct within
+  that was remove entirely. This has the upside that there are less duplicate
+  struct members that made it hard to see and remember what struct that was
+  used to store what data. The transfer_keeper thing was once stored on a
+  per-connection basis and then it made sense to have the duplicate info but
+  since it was moved to the SessionHandle (in 7.16.0) it just added weirdness.
+  The SingleRequest struct is used by data that only is valid for this single
+  request.
+
+Yang Tse (22 Nov 2007)
+- Provide a socklen_t definition in curl.h for Win32 API build targets
+  which don't have one.
+
+Daniel S (22 Nov 2007)
+- Alessandro Vesely helped me improve the --data-urlencode's syntax, parser
+  and documentation.
+
+Daniel S (21 Nov 2007)
+- While inspecting the Negotiate code, I noticed how the proxy auth was using
+  the same state struct as the host auth, so both could never be used at the
+  same time! I fixed it (without being able to check) to use two separate
+  structs to allow authentication using Negotiate on host and proxy
+  simultaneously.
+
+Daniel S (20 Nov 2007)
+- Emil Romanus pointed out a bug that made an easy handle get the cookie
+  engine activated when set to use a share (even if the share doesn't share
+  cookies). I fixed it.
+
+- Fixed a very long-lasting mprintf() bug that occurred when we did "%.*s%s",
+  since the second %s would then wrongly used the numerical precision argument
+  instead and crash.
+
+- Introduced --data-urlencode to the curl tool for easier url encoding of the
+  data sent in a post.
+
+Daniel S (18 Nov 2007)
+- Rob Crittenden fixed SSL connections with NSS done with the multi-interface
+
+Daniel S (17 Nov 2007)
+- Michal Marek made the test suite remember what test servers that fail to
+  start so that subsequent tries are simply skipped.
+
+- Andres Garcia made the examples build fine on Windows (mingw + msys) when
+  the lib was built staticly.
+
+Daniel S (16 Nov 2007)
+- Ates Goral identified a problem in http.c:add_buffer_send() when a debug
+  callback was used, as it could wrongly pass on a bad size for the outgoing
+  HTTP header. The bad size would be a very large value as it was a wrapped
+  size_t content. This happened when the whole HTTP request failed to get sent
+  in one single send.  http://curl.haxx.se/mail/lib-2007-11/0165.html
+
+Daniel S (15 Nov 2007)
+- Fixed yet another remaining problem with doing SFTP directory listings on a
+  re-used persistent connection. Mentioned by Immanuel Gregoire on the mailing
+  list.
+
+- Michal Marek fixed the test suite to better deal with the case when the HTTP
+  ipv6 server can't run.
+
+Yang Tse (14 Nov 2007)
+- Fix a variable potential wrapping in add_buffer() when using absolutely
+  huge send buffer sizes.
+
+Daniel S (13 Nov 2007)
+- Fixed a remaining problem with doing SFTP directory listings on a re-used
+  persistent connection. Mentioned by Immanuel Gregoire on the mailing list.
+
+Daniel S (12 Nov 2007)
+- Bug report #1830637 (http://curl.haxx.se/bug/view.cgi?id=1830637), which was
+  forwarded from the Gentoo bug tracker by Daniel Black and was originally
+  submitted by Robin Johnson, pointed out that libcurl would do bad memory
+  references when it failed and bailed out before the handler thing was
+  setup. My fix is not done like the provided patch does it, but instead I
+  make sure that there's never any chance for a NULL pointer in that struct
+  member.
+
+Yang Tse (10 Nov 2007)
+- Vikram Saxena (http://curl.haxx.se/mail/lib-2007-11/0096.html) pointed out
+  that the pollfd struct was being multi defined when using VS2008. This is
+  now fixed in /curl/lib/select.h
+
+Daniel S (8 Nov 2007)
+- Bug report #1823487 (http://curl.haxx.se/bug/view.cgi?id=1823487) pointed
+  out that SFTP requests didn't use persistent connections. Neither did SCP
+  ones.  I gave the SSH code a good beating and now both SCP and SFTP should
+  use persistent connections fine. I also did a bunch of indent changes as
+  well as a bug fix for the "keyboard interactive" auth.
+
+Dan F (6 Nov 2007)
+- Improved telnet support by drastically reducing the number of write
+  callbacks needed to pass a buffer to the user.  Instead one per byte it
+  is now as little as one per segment.
+
+Yang Tse (6 Nov 2007)
+- Bug report #1824894 (http://curl.haxx.se/bug/view.cgi?id=1824894) pointed
+  out a problem in curl.h when building C++ apps with MSVC. To fix it, the
+  inclusion of header files in curl.h is moved outside of the C++ extern "C"
+  linkage block.
+
+Daniel S (1 Nov 2007)
+- Toby Peterson patched a memory problem in the command line tool that
+  happened when a user had a home dir as an empty string. curl would then do
+  free() on a wrong area.
+
+Dan F (1 Nov 2007)
+- Fixed curl-config --features to not display libz when it wasn't used
+  due to a missing header file.
+
+Dan F (31 October 2007)
+- Fixed the output of curl-config --protocols which showed SCP and SFTP
+  always, except when --without-libssh2 was given
+
+- Added test cases 1013 and 1014 to check that curl-config --protocols and
+  curl-config --features matches the output of curl --version
+
+Dan F (30 October 2007)
+- Fixed an OOM problem with file: URLs
+
+- Moved Curl_file_connect into the protocol handler struct
+
+Dan F (29 October 2007)
+- Added test case 546 to check that subsequent FTP transfers work after a
+  failed one using the multi interface
+
+Daniel S (29 October 2007)
+- Based on one of those bug reports that are intercepted by a distro's bug
+  tracker (https://bugzilla.redhat.com/show_bug.cgi?id=316191), I now made
+  curl-config --features and --protocols show the correct output when built
+  with NSS.
+
 Version 7.17.1 (29 October 2007)
 
 Dan F (25 October 2007)

CHANGES.0

@@ -10864,7 +10864,7 @@ Version 6.2
    the configure script to leave SSL alone. The previous functionality has
    been retained. Troy Engel helped test this new one.
 
-Version 6.1
+Version 6.1 (October 17 1999)
 
  Daniel (17 October 1999):
  - I ifdef'ed or commented all the zlib stuff in the sources and configure
@@ -10939,7 +10939,7 @@ Version 6.1beta
  - Made the -F option allow stdin when specifying files. By using '-' instead
    of file name, the data will be read from stdin.
 
-Version 6.0
+Version 6.0 (September 14 1999)
 
  Daniel (13 September 1999)
  - Added -X/--http-request <request> to enable any HTTP command to be sent.
@@ -11201,7 +11201,7 @@ Version 5.9.1
    with form posting where the variable shouldn't have any content, as in curl
    -F "form=" www.site.com. It was now fixed.
 
-Version 5.9
+Version 5.9 (May 22 1999)
 
  Daniel (22 May 1999)
  - I've got a bug report from Aaron Scarisbrick in which he states he has some
@@ -11939,7 +11939,7 @@ Version 4.8.1
    had nothing but header. Appearantly Solaris deals with negative sizes in
    fwrite() calls a lot better than Linux does... =B-]
 
-Version 4.8
+Version 4.8 (Aug 31, 1998)
  Daniel Stenberg
  - Continue FTP file transfer. -c is the switch. Note that you need to
    specify a file name if you wanna resume a download (you can't resume a

COPYING

@@ -1,6 +1,6 @@
 COPYRIGHT AND PERMISSION NOTICE
 
-Copyright (c) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>.
+Copyright (c) 1996 - 2008, Daniel Stenberg, <daniel@haxx.se>.
 
 All rights reserved.
 

CVS-INFO

@@ -12,8 +12,8 @@ inner sanctum.
 
 Compile and build instructions follow below.
 
-  CHANGES.0     contains ancient changes.
-  CHANGES.$year contains changes for the particular year.
+  CHANGES.0     contains ancient changes
+  CHANGES       contains the most recent changes
 
   Makefile.dist is included as the root Makefile in distribution archives
 
@@ -49,9 +49,8 @@ installed:
 
    If you don't have nroff and perl and you for some reason don't want to
    install them, you can rename the source file src/hugehelp.c.cvs to
-   src/hugehelp.c and avoid having to generate this file. This will of course
-   give you an older version of the file that isn't up-to-date. That file was
-   checked in once and won't be updated very regularly.
+   src/hugehelp.c and avoid having to generate this file. This will give you
+   a stubbed version of the file that doesn't contain actual content.
 
 MAC OS X
 

Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -131,3 +131,7 @@ install-data-hook:
 uninstall-hook:
 	cd include && $(MAKE) uninstall
 	cd docs && $(MAKE) uninstall
+
+ca-bundle: lib/mk-ca-bundle.pl
+	@echo "generate a fresh ca-bundle.crt"
+	@perl $< -b -l -u lib/ca-bundle.crt

Makefile.dist

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -128,6 +128,12 @@ vc:
 	cd ..\src
 	nmake /f Makefile.$(VC)
 
+vc-x64:
+	cd lib
+	MACHINE=x64 nmake /f Makefile.$(VC) cfg=release
+	cd ..\src
+	MACHINE=x64 nmake /f Makefile.$(VC)
+
 vc-zlib:
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib
@@ -251,6 +257,12 @@ linux: all
 linux-ssl: ssl
 
 vc8:
-	echo "generate VC8 makefiles"
-	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" lib/Makefile.vc6 > lib/Makefile.vc8
-	sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" src/Makefile.vc6 > src/Makefile.vc8
+	@echo "generate VC8 makefiles"
+	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" lib/Makefile.vc6 > lib/Makefile.vc8
+	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/wsock32.lib/wsock32.lib bufferoverflowu.lib/g" -e "s/VC6/VC8/g" src/Makefile.vc6 > src/Makefile.vc8
+
+ca-bundle: lib/mk-ca-bundle.pl
+	@echo "generate a fresh ca-bundle.crt"
+	@perl $< -b -l -u lib/ca-bundle.crt
+
+

RELEASE-NOTES

@@ -1,53 +1,59 @@
-Curl and libcurl 7.17.1
+Curl and libcurl 7.18.1
 
- Public curl release number:               102
- Releases counted from the very beginning: 128
- Available command line options:           121
- Available curl_easy_setopt() options:     147
- Number of public functions in libcurl:    55
- Amount of public web site mirrors:        43
- Number of known libcurl bindings:         36
- Number of contributors:                   588
+ Public curl releases:         104
+ Command line options:         126
+ curl_easy_setopt() options:   150
+ Public functions in libcurl:  56
+ Public web site mirrors:      39
+ Known libcurl bindings:       36
+ Contributors:                 621
 
 This release includes the following changes:
  
- o automatically append ";type=<a|i>" when using HTTP proxies for FTP urls
- o improved NSS support
- o added --proxy-negotiate
- o added --post301 and CURLOPT_POST301
- o builds with c-ares 1.5.0
- o added CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 and --hostpubmd5
- o renamed CURLE_SSL_PEER_CERTIFICATE to CURLE_PEER_FAILED_VERIFICATION
- o added CURLOPT_OPENSOCKETFUNCTION and CURLOPT_OPENSOCKETDATA
- o CULROPT_COOKIELIST supports "FLUSH"
- o added CURLOPT_COPYPOSTFIELDS
- o added --static-libs to curl-config
+ o added support for HttpOnly cookies
+ o 'make ca-bundle' downloads and generates an updated ca bundle file
+ o we no longer distribute or install a ca cert bundle
+ o SSLv2 is now disabled by default for SSL operations
+ o the test509-style setting URL in callback is officially no longer supported
+ o support a full chain of certificates in a given PKCS12 certificate
+ o resumed transfers work with SFTP
+ o added type checking macros for curl_easy_setopt() and curl_easy_getinfo(),
+   watch out for new warnings in code using libcurl (needs gcc-4.3 and
+   currently only works in C mode)
+ o curl_easy_setopt(), curl_easy_getinfo(), curl_share_setopt() and
+   curl_multi_setopt() uses are now checked to use exactly three arguments
+ o --with-ca-path=DIR configure option allows to set an openSSL CApath instead
+   of a default ca bundle.
 
 This release includes the following bugfixes:
 
- o curl-config --protocols now properly reports LDAPS, SCP and SFTP
- o ldapv3 support on Windows
- o ldap builds with the MSVC makefiles
- o no HOME and no key given caused SSH auth failure
- o Negotiate authentication over proxy
- o --ftp-method nocwd on directory listings
- o FTP, CURLOPT_NOBODY enabled and CURLOPT_HEADER disabled now does TYPE
-   before SIZE
- o re-used handle transfers with SFTP
- o curl_easy_escape() problem with byte values >= 128
- o handles chunked-encoded CONNECT responses
- o misuse of ares_timeout() result
- o --local-port on TFTP transfers
- o CURLOPT_POSTFIELDS could fail to send binary data
- o specifying a proxy with a trailing slash didn't work (unless it also
-   contained a port number)
- o redirect from HTTP to FTP or TFTP memory problems and leaks
- o re-used connections a bit too much when using non-SSL protocols tunneled
-   over a HTTP proxy
- o embed the manifest in VC8 builds
- o use valgrind in the tests even when the lib is built shared with libtool
- o libcurl built with NSS can now ignore the peer verification even when the
-   ca cert bundle is absent
+ o improved pipelining
+ o improved strdup replacement
+ o GnuTLS-built libcurl failed when doing global cleanup and reinit
+ o error message problem when unable to resolve a host on Windows
+ o Accept: header replacing
+ o not verifying server certs with GnuTLS still failed if gnutls had
+   problems with the cert
+ o when using the multi interface and a handle is removed while still having
+   a transfer going on, the connection is now closed by force
+ o bad re-use of SSL connections in non-complete state
+ o test case 405 failures with GnuTLS builds
+ o crash when connection cache size is 1 and Curl_do() failed
+ o GnuTLS-built libcurl can now be forced to prefer SSLv3
+ o crash when doing Negotiate again on a re-used connection
+ o select/poll regression
+ o better MIT kerberos configure check
+ o curl_easy_reset() + SFTP re-used connection download crash
+ o SFTP non-existing file + SFTP existing file error
+ o sharing DNS cache between easy handles running in multiple threads could
+   lead to crash
+ o SFTP upload with CURLOPT_FTP_CREATE_MISSING_DIRS on re-used connection
+ o SFTP infinite loop when given an invalid quote command
+ o curl-config erroneously reported LDAPS support with missing LDAP libraries
+ o SCP infinite loop when downloading a zero byte file
+ o setting the CURLOPT_SSL_CTX_FUNCTION with libcurl built without OpenSSL
+   now makes curl_easy_setopt() properly return failure
+ o configure --with-libssh2 (with no given path)
 
 This release includes the following known bugs:
 
@@ -59,14 +65,15 @@ Other curl-related news:
 
 New curl mirrors:
 
- o http://curl.wetzlmayr.at/ is a new web mirror in Nuremberg, Germany
+ o http://curl.cuendet.com/ is a new mirror in Atlanta, USA
 
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Dan Fandrich, Michal Marek, G<>nter Knauf, Rob Crittenden, Immanuel Gregoire,
- Mark Davies, Max Katsev, Philip Langdale, Alex Fishman, Johnny Luong,
- Alexey Pesternikov, Yang Tse, Kim Rinnewitz, Michael Wallner,
- Patrick Monnerat, Vladimir Lazarenko
+ Michal Marek, Dmitry Kurochkin, Niklas Angebrand, G<>nter Knauf, Yang Tse,
+ Dan Fandrich, Mike Hommey, Pooyan McSporran, Jerome Muffat-Meridol,
+ Kaspar Brand, Gautam Kachroo, Zmey Petroff, Georg Lippitsch, Sam Listopad,
+ Anatoli Tubman, Mike Protts, Michael Calmer, Brian Ulm, Dmitry Popov,
+ Jes Badwal, Dan Petitt, Stephen Collyer
 
         Thanks! (and sorry if I forgot to mention someone)

TODO-RELEASE

@@ -1,4 +1,17 @@
-To be addressed before 7.17.1 (planned release: late October 2007)
+To be addressed before 7.18.2 (planned release: June 2008)
 =============================
 
-106 - 
+128 - Phil Blundell's ares and ipv6 fix (feedback lacking)
+
+129 - Pierre Reiss' libcurl + https + multi = lost information (awaiting
+     better example/clarification on how to figure out when the claimed
+     problem occurs)
+
+130 - Vincent Le Normand's SFTP patch for touch
+
+131 - Scott Barrett's Support for CURLOPT_NOBODY with SFTP
+
+132 - Xponaut's CURLFORM_STREAM option to curl_formadd()
+
+133 - 
+

acinclude.m4

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -2491,3 +2491,106 @@ AC_DEFUN([CURL_CHECK_NATIVE_WINDOWS], [
   esac
 ])
 
+
+dnl CURL_CHECK_CA_BUNDLE
+dnl -------------------------------------------------
+dnl Check if a default ca-bundle should be used
+dnl
+dnl regarding the paths this will scan:
+dnl /etc/ssl/certs/ca-certificates.crt Debian systems
+dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva
+dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat
+dnl /etc/ssl/certs/ (ca path) SUSE
+
+AC_DEFUN([CURL_CHECK_CA_BUNDLE], [
+
+  AC_MSG_CHECKING([default CA cert bundle/path])
+
+  AC_ARG_WITH(ca-bundle,
+AC_HELP_STRING([--with-ca-bundle=FILE], [File name to use as CA bundle])
+AC_HELP_STRING([--without-ca-bundle], [Don't use a default CA bundle]),
+  [
+    want_ca="$withval"
+    if test "x$want_ca" = "xyes"; then
+      AC_MSG_ERROR([--with-ca-bundle=FILE requires a path to the CA bundle])
+    fi
+  ],
+  [ want_ca="unset" ])
+  AC_ARG_WITH(ca-path,
+AC_HELP_STRING([--with-ca-path=DIRECTORY], [Directory to use as CA path])
+AC_HELP_STRING([--without-ca-path], [Don't use a default CA path]),
+  [
+    want_capath="$withval"
+    if test "x$want_capath" = "xyes"; then
+      AC_MSG_ERROR([--with-ca-path=DIRECTORY requires a path to the CA path directory])
+    fi
+  ],
+  [ want_capath="unset"])
+
+  if test "x$want_ca" != "xno" -a "x$want_ca" != "xunset" -a \
+          "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
+    dnl both given
+    AC_MSG_ERROR([Can't specify both --with-ca-bundle and --with-ca-path.])
+  elif test "x$want_ca" != "xno" -a "x$want_ca" != "xunset"; then
+    dnl --with-ca-bundle given
+    ca="$want_ca"
+    capath="no"
+  elif test "x$want_capath" != "xno" -a "x$want_capath" != "xunset"; then
+    dnl --with-ca-path given
+    if test "x$OPENSSL_ENABLED" != "x1"; then
+      AC_MSG_ERROR([--with-ca-path only works with openSSL])
+    fi
+    capath="$want_capath"
+    ca="no"
+  else
+    dnl neither of --with-ca-* given
+    dnl first try autodetecting a CA bundle , then a CA path
+    dnl both autodetections can be skipped by --without-ca-*
+    ca="no"
+    capath="no"
+    if test "x$want_ca" = "xunset"; then
+      dnl the path we previously would have installed the curl ca bundle
+      dnl to, and thus we now check for an already existing cert in that place
+      dnl in case we find no other
+      if test "x$prefix" != xNONE; then
+        cac="${prefix}/share/curl/curl-ca-bundle.crt"
+      else
+        cac="$ac_default_prefix/share/curl/curl-ca-bundle.crt"
+      fi
+
+      for a in /etc/ssl/certs/ca-certificates.crt \
+               /etc/pki/tls/certs/ca-bundle.crt \
+               /usr/share/ssl/certs/ca-bundle.crt \
+               "$cac"; do
+        if test -f "$a"; then
+          ca="$a"
+          break
+        fi
+      done
+    fi
+    if test "x$want_capath" = "xunset" -a "x$ca" = "xno" -a \
+            "x$OPENSSL_ENABLED" = "x1"; then
+      for a in /etc/ssl/certs/; do
+        if test -d "$a" && ls "$a"/[[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f]].0 >/dev/null 2>/dev/null; then
+          capath="$a"
+          break
+        fi
+      done
+    fi
+  fi
+        
+    
+
+  if test "x$ca" != "xno"; then
+    CURL_CA_BUNDLE='"'$ca'"'
+    AC_SUBST(CURL_CA_BUNDLE)
+    AC_MSG_RESULT([$ca])
+  elif test "x$capath" != "xno"; then
+    CURL_CA_PATH="\"$capath\""
+    AC_SUBST(CURL_CA_PATH)
+    AC_MSG_RESULT([$capath (capath)])
+  else
+    AC_MSG_RESULT([no])
+  fi
+])
+

ares/CHANGES

@@ -1,5 +1,28 @@
   Changelog for the c-ares project
 
+* December 11 2007 (Gisle Vanem)
+
+- Added another sample application; acountry.c which converts an
+  IPv4-address(es) and/or host-name(s) to country-name and country-code.
+  This uses the service of the DNSBL at countries.nerd.dk.
+
+* December 3 2007 (Daniel Stenberg)
+
+- Brad Spencer fixed the configure script to assume that there's no
+  /dev/urandom when built cross-compiled as then the script cannot check for
+  it.
+
+- Erik Kline cleaned up ares_gethostbyaddr.c:next_lookup() somewhat
+
+Version 1.5.1 (Nov 21, 2007)
+
+* November 21 2007 (Daniel Stenberg)
+
+- Robin Cornelius pointed out that ares_llist.h was missing in the release
+  archive for 1.5.0
+
+Version 1.5.0 (Nov 21, 2007)
+
 * October 2 2007 (Daniel Stenberg)
 
 - ares_strerror() segfaulted if the input error number was out of the currently

ares/Makefile.am

@@ -8,11 +8,22 @@ MSVCFILES = vc/adig/adig.dep vc/adig/adig.dsp vc/vc.dsw vc/ahost/ahost.dep \
  vc/ahost/ahost.dsp vc/areslib/areslib.dep vc/areslib/areslib.dsp	   \
  vc/areslib/areslib.dsw
 
+if DEBUGBUILD
+PROGS =
+else
+PROGS = ahost adig acountry
+endif
+
+noinst_PROGRAMS =$(PROGS)
+
 # adig and ahost are just sample programs and thus not mentioned with the
 # regular sources and headers
-EXTRA_DIST = CHANGES README.cares Makefile.inc adig.c ahost.c $(man_MANS) \
- $(MSVCFILES) AUTHORS config-win32.h RELEASE-NOTES libcares.pc.in
+EXTRA_DIST = AUTHORS CHANGES README.cares Makefile.inc Makefile.dj \
+ Makefile.m32 Makefile.netware Makefile.vc6 adig.c ahost.c $(man_MANS) \
+ $(MSVCFILES) config-win32.h RELEASE-NOTES libcares.pc.in
 
+pkgconfigdir = $(libdir)/pkgconfig
+pkgconfig_DATA = libcares.pc
 
 VER=-version-info 2:0:0
 # This flag accepts an argument of the form current[:revision[:age]]. So,
@@ -61,6 +72,15 @@ libcares_ladir = $(includedir)
 # what headers to install on 'make install':
 libcares_la_HEADERS = ares.h ares_version.h ares_dns.h
 
+ahost_SOURCES = ahost.c ares_getopt.c
+ahost_LDADD = $(top_builddir)/$(lib_LTLIBRARIES)
+
+adig_SOURCES = adig.c ares_getopt.c
+adig_LDADD = $(top_builddir)/$(lib_LTLIBRARIES)
+
+acountry_SOURCES = acountry.c ares_getopt.c
+acountry_LDADD = $(top_builddir)/$(lib_LTLIBRARIES)
+
 # Make files named *.dist replace the file without .dist extension
 dist-hook:
 	find $(distdir) -name "*.dist" -exec rm {} \;

ares/Makefile.dj

@@ -22,7 +22,7 @@ CFLAGS += -DWATT32 -DHAVE_AF_INET6 -DHAVE_PF_INET6 -DHAVE_FIONBIO \
           -DRECV_TYPE_ARG1='int'   -DRECV_TYPE_ARG2='void*' \
           -DRECV_TYPE_ARG3='int'   -DRECV_TYPE_ARG4='int' \
           -DRECV_TYPE_RETV='int'   -DHAVE_STRUCT_TIMEVAL \
-          -Dselect=select_s        -UHAVE_CONFIG_H
+          -Dselect=select_s        -Dsocklen_t=int -UHAVE_CONFIG_H
 
 LDFLAGS = -s
 
@@ -49,7 +49,7 @@ EX_LIBS += $(WATT32_ROOT)/lib/libwatt.a
 
 OBJECTS = $(addprefix $(OBJ_DIR)/, $(CSOURCES:.c=.o))
 
-all: $(OBJ_DIR) libcares.a ahost.exe adig.exe
+all: $(OBJ_DIR) libcares.a ahost.exe adig.exe acountry.exe
 	@echo Welcome to c-ares.
 
 libcares.a: $(OBJECTS)
@@ -61,11 +61,14 @@ ahost.exe: ahost.c $(OBJ_DIR)/ares_getopt.o $(OBJ_HACK)
 adig.exe: adig.c $(OBJ_DIR)/ares_getopt.o $(OBJ_HACK)
 	$(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^ $(EX_LIBS)
 
+acountry.exe: acountry.c $(OBJ_DIR)/ares_getopt.o $(OBJ_HACK)
+	$(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^ $(EX_LIBS)
+
 clean:
 	rm -f $(OBJECTS) libcares.a
 
 vclean realclean: clean
-	rm -f ahost.exe adig.exe depend.dj
+	rm -f ahost.exe adig.exe acountry.exe depend.dj
 	- rmdir $(OBJ_DIR)
 
 -include depend.dj

ares/Makefile.inc

@@ -10,7 +10,7 @@ ares_parse_ns_reply.c ares_llist.c
 
 HHEADERS = ares.h ares_private.h setup.h ares_dns.h ares_version.h          \
            nameser.h inet_net_pton.h inet_ntop.h ares_ipv6.h bitncmp.h      \
-           setup_once.h 
+           setup_once.h ares_llist.h
 
 MANPAGES= ares_destroy.3 ares_expand_name.3 ares_expand_string.3 ares_fds.3 \
  ares_free_hostent.3 ares_free_string.3 ares_gethostbyaddr.3		    \

ares/Makefile.m32

@@ -32,7 +32,7 @@ $(LIB): $(OBJLIB)
 
 all: $(LIB) demos
 
-demos: adig.exe ahost.exe
+demos: adig.exe ahost.exe acountry.exe
 
 tags:
 	etags *.[ch]
@@ -61,7 +61,7 @@ install:
 	done)
 
 clean:
-	$(RM) ares_getopt.o $(OBJLIB) $(LIB) adig.exe ahost.exe
+	$(RM) ares_getopt.o $(OBJLIB) $(LIB) adig.exe ahost.exe acountry.exe
 
 distclean: clean
 	$(RM) config.cache config.log config.status Makefile

ares/Makefile.netware

@@ -14,14 +14,14 @@ NDKBASE	= c:/novell
 endif
 
 ifndef INSTDIR
-INSTDIR	= ../curl-$(LIBCURL_VERSION_STR)-bin-nw
+INSTDIR	= ../ares-$(LIBCARES_VERSION_STR)-bin-nw
 endif
 
 # Edit the vars below to change NLM target settings.
-TARGETS = adig.nlm ahost.nlm
+TARGETS = adig.nlm ahost.nlm acountry.nlm
 LTARGET = libcares.$(LIBEXT)
 VERSION	= $(LIBCARES_VERSION)
-COPYR	= Copyright (C) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>
+COPYR	= Copyright (C) 1996 - 2008, Daniel Stenberg, <daniel@haxx.se>
 DESCR	= cURL $(subst .def,,$(notdir $@)) $(LIBCARES_VERSION_STR) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
@@ -63,14 +63,15 @@ else
 	CC = gcc
 endif
 # a native win32 awk can be downloaded from here:
-# http://www.gknw.net/development/prgtools/awk-20050424.zip
+# http://www.gknw.net/development/prgtools/awk-20070501.zip
 AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
+MKDIR	= mkdir
 # RM	= rm -f
 # if you want to mark the target as MTSAFE you will need a tool for
 # generating the xdc data for the linker; here's a minimal tool:
-# http://www.gknw.com/development/prgtools/mkxdc.zip
+# http://www.gknw.net/development/prgtools/mkxdc.zip
 MPKXDC	= mkxdc
 
 # Global flags for all compilers
@@ -161,10 +162,6 @@ nlm: prebuild $(TARGETS)
 
 prebuild: $(OBJDIR) $(OBJDIR)/version.inc config.h arpa/nameser.h
 
-dist: all
-	-$(RM) $(OBJLIB) $(OBJDIR)/*.map $(OBJDIR)/*.ncv
-	-$(RM) $(OBJDIR)/*.def $(OBJDIR)/*.xdc $(OBJDIR)/version.inc
-
 install: $(INSTDIR) all
 	@$(CP) *.nlm $(INSTDIR)
 	@$(CP) ../CHANGES $(INSTDIR)
@@ -190,11 +187,8 @@ endif
 	@-$(RM) $@
 	@$(LD) $(LDFLAGS) $<
 
-$(INSTDIR):
-	@mkdir $(INSTDIR)
-
-$(OBJDIR):
-	@mkdir $(OBJDIR)
+$(OBJDIR) $(INSTDIR):
+	@$(MKDIR) $@
 
 $(OBJDIR)/%.o: %.c
 #	@echo Compiling $<
@@ -202,7 +196,7 @@ $(OBJDIR)/%.o: %.c
 
 $(OBJDIR)/version.inc: ares_version.h $(OBJDIR)
 	@echo Creating $@
-	@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
+	@$(AWK) -f get_ver.awk $< > $@
 
 $(OBJDIR)/%.xdc: Makefile.netware
 	@echo Creating $@
@@ -269,8 +263,9 @@ ifdef IMPORTS
 	@echo $(DL)import $(IMPORTS)$(DL) >> $@
 endif
 ifeq ($(LD),nlmconv)
-	@echo $(DL)input $(OBJEXE)$(DL) >> $@
 	@echo $(DL)input $(PRELUDE)$(DL) >> $@
+	@echo $(DL)input $(OBJEXE)$(DL) >> $@
+	@echo $(DL)input $(@:.def=.o)$(DL) >> $@
 	@echo $(DL)output $(notdir $(@:.def=.nlm))$(DL) >> $@
 endif
 
@@ -300,7 +295,6 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)#define SEND_TYPE_ARG3 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
-	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
 	@echo $(DL)#define socklen_t int$(DL) >> $@
 	@echo $(DL)#define strncasecmp strnicmp$(DL) >> $@
 	@echo $(DL)#define strcasecmp stricmp$(DL) >> $@
@@ -338,7 +332,6 @@ else
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
-	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
 endif
 	@echo $(DL)#define HAVE_ARPA_INET_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_ARPA_NAMESER_H 1$(DL) >> $@

ares/Makefile.vc6

@@ -76,7 +76,7 @@ OBJECTS = $(OBJ_DIR)\ares_fds.obj              \
           $(OBJ_DIR)\inet_net_pton.obj         \
           $(OBJ_DIR)\inet_ntop.obj
 
-all: $(OBJ_DIR) cares.lib cares.dll cares_imp.lib ahost.exe adig.exe
+all: $(OBJ_DIR) cares.lib cares.dll cares_imp.lib ahost.exe adig.exe acountry.exe
        @echo Welcome to c-ares library and examples
 
 $(OBJ_DIR):
@@ -131,6 +131,9 @@ ahost.exe: $(OBJ_DIR) $(OBJ_DIR)\ahost.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.
 adig.exe: $(OBJ_DIR) $(OBJ_DIR)\adig.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib
        link $(LDFLAGS) -out:$@ $(OBJ_DIR)\adig.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib $(EX_LIBS)
 
+acountry.exe: $(OBJ_DIR) $(OBJ_DIR)\acountry.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib
+       link $(LDFLAGS) -out:$@ $(OBJ_DIR)\acountry.obj $(OBJ_DIR)\ares_getopt.obj cares_imp.lib $(EX_LIBS)
+
 clean:
        - del $(OBJ_DIR)\*.obj *.ilk *.pdb *.pbt *.pbi *.pbo *._xe *.map
 

ares/RELEASE-NOTES

@@ -1,4 +1,4 @@
-This is what's new and changed in the c-ares 1.4.1 release:
+This is what's new and changed in the c-ares 1.5.2 release:
 
  o 
 

ares/acountry.c

@@ -0,0 +1,589 @@
+/*
+ * $Id$
+ *
+ * IP-address/hostname to country converter.
+ *
+ * Problem; you want to know where IP a.b.c.d is located.
+ *
+ * Use ares_gethostbyname ("d.c.b.a.zz.countries.nerd.dk")
+ * and get the CNAME (host->h_name). Result will be:
+ *   CNAME = zz<CC>.countries.nerd.dk with address 127.0.x.y (ver 1) or
+ *   CNAME = <a.b.c.d>.zz.countries.nerd.dk with address 127.0.x.y (ver 2)
+ *
+ * The 2 letter country code in <CC> and the ISO-3166 country
+ * number in x.y (number = x*256 + y). Version 2 of the protocol is missing
+ * the <CC> number.
+ *
+ * Ref: http://countries.nerd.dk/more.html
+ *
+ * Written by G. Vanem <gvanem@broadpark.no> 2006, 2007
+ *
+ * NB! This program may not be big-endian aware.
+ *
+ * Permission to use, copy, modify, and distribute this
+ * software and its documentation for any purpose and without
+ * fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright
+ * notice and this permission notice appear in supporting
+ * documentation, and that the name of M.I.T. not be used in
+ * advertising or publicity pertaining to distribution of the
+ * software without specific, written prior permission.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is"
+ * without express or implied warranty.
+ */
+
+#include "setup.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <ctype.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+
+#if defined(WIN32)
+  #include <winsock.h>
+#else
+  #include <arpa/inet.h>
+  #include <netinet/in.h>
+  #include <netdb.h>
+#endif
+
+#include "ares.h"
+#include "ares_getopt.h"
+#include "inet_net_pton.h"
+#include "inet_ntop.h"
+
+static const char *usage      = "acountry [-vh?] {host|addr} ...\n";
+static const char  nerd_fmt[] = "%u.%u.%u.%u.zz.countries.nerd.dk";
+static const char *nerd_ver1  = nerd_fmt + 14;
+static const char *nerd_ver2  = nerd_fmt + 11;
+static int         verbose    = 0;
+
+#define TRACE(fmt) do {               \
+                     if (verbose > 0) \
+                       printf fmt ;   \
+                   } while (0)
+
+static void wait_ares(ares_channel channel);
+static void callback(void *arg, int status, int timeouts, struct hostent *host);
+static void callback2(void *arg, int status, int timeouts, struct hostent *host);
+static void find_country_from_cname(const char *cname, struct in_addr addr);
+
+static void Abort(const char *fmt, ...)
+{
+  va_list args;
+  va_start(args, fmt);
+  vfprintf(stderr, fmt, args);
+  va_end(args);
+  exit(1);
+}
+
+int main(int argc, char **argv)
+{
+  ares_channel channel;
+  int    ch, status;
+
+#ifdef WIN32
+  WORD wVersionRequested = MAKEWORD(USE_WINSOCK,USE_WINSOCK);
+  WSADATA wsaData;
+  WSAStartup(wVersionRequested, &wsaData);
+#endif
+
+  while ((ch = ares_getopt(argc, argv, "dvh?")) != -1)
+    switch (ch)
+      {
+      case 'd':
+#ifdef WATT32
+        dbug_init();
+#endif
+        break;
+      case 'v':
+        verbose++;
+        break;
+      case 'h':
+      case '?':
+      default:
+        Abort(usage);
+      }
+
+  argc -= optind;
+  argv += optind;
+  if (argc < 1)
+     Abort(usage);
+
+  status = ares_init(&channel);
+  if (status != ARES_SUCCESS)
+    {
+      fprintf(stderr, "ares_init: %s\n", ares_strerror(status));
+      return 1;
+    }
+
+  /* Initiate the queries, one per command-line argument. */
+  for ( ; *argv; argv++)
+    {
+      struct in_addr addr;
+      char buf[100];
+
+      /* If this fails, assume '*argv' is a host-name that
+       * must be resolved first
+       */
+      if (ares_inet_pton(AF_INET, *argv, &addr) != 1)
+        {
+          ares_gethostbyname(channel, *argv, AF_INET, callback2, &addr);
+          wait_ares(channel);
+          if (addr.s_addr == INADDR_NONE)
+            {
+              printf("Failed to lookup %s\n", *argv);
+              continue;
+            }
+        }
+
+      sprintf(buf, nerd_fmt,
+              (unsigned int)(addr.s_addr >> 24),
+              (unsigned int)((addr.s_addr >> 16) & 255),
+              (unsigned int)((addr.s_addr >> 8) & 255),
+              (unsigned int)(addr.s_addr & 255));
+      TRACE(("Looking up %s...", buf));
+      fflush(stdout);
+      ares_gethostbyname(channel, buf, AF_INET, callback, buf);
+    }
+
+  wait_ares(channel);
+  ares_destroy(channel);
+
+#ifdef WIN32
+  WSACleanup();
+#endif
+
+  return 0;
+}
+
+/*
+ * Wait for the queries to complete.
+ */
+static void wait_ares(ares_channel channel)
+{
+  while (1)
+    {
+      struct timeval *tvp, tv;
+      fd_set read_fds, write_fds;
+      int nfds;
+
+      FD_ZERO(&read_fds);
+      FD_ZERO(&write_fds);
+      nfds = ares_fds(channel, &read_fds, &write_fds);
+      if (nfds == 0)
+        break;
+      tvp = ares_timeout(channel, NULL, &tv);
+      select(nfds, &read_fds, &write_fds, NULL, tvp);
+      ares_process(channel, &read_fds, &write_fds);
+    }
+}
+
+/*
+ * This is the callback used when we have the IP-address of interest.
+ * Extract the CNAME and figure out the country-code from it.
+ */
+static void callback(void *arg, int status, int timeouts, struct hostent *host)
+{
+  const char *name = (const char*)arg;
+  const char *cname;
+  char buf[20];
+
+  (void)timeouts;
+
+  if (!host || status != ARES_SUCCESS)
+    {
+      printf("Failed to lookup %s: %s\n", name, ares_strerror(status));
+      return;
+    }
+
+  TRACE(("\nFound address %s, name %s\n",
+         ares_inet_ntop(AF_INET,(const char*)host->h_addr,buf,sizeof(buf)),
+         host->h_name));
+
+  cname = host->h_name;  /* CNAME gets put here */
+  if (!cname)
+    printf("Failed to get CNAME for %s\n", name);
+  else
+    find_country_from_cname(cname, *(struct in_addr*)host->h_addr);
+}
+
+/*
+ * This is the callback used to obtain the IP-address of the host of interest.
+ */
+static void callback2(void *arg, int status, int timeouts, struct hostent *host)
+{
+  struct in_addr *addr = (struct in_addr*) arg;
+
+  (void)timeouts;
+  if (!host || status != ARES_SUCCESS)
+    memset(addr, INADDR_NONE, sizeof(*addr));
+  else
+    memcpy(addr, host->h_addr, sizeof(*addr));
+}
+
+struct search_list {
+       int         country_number; /* ISO-3166 country number */
+       char        short_name[3];  /* A2 short country code */
+       const char *long_name;      /* normal country name */
+     };
+
+const struct search_list *list_lookup(int number, const struct search_list *list, int num)
+{
+  while (num > 0 && list->long_name)
+    {
+      if (list->country_number == number)
+        return (list);
+      num--;
+      list++;
+    }
+  return (NULL);
+}
+
+/*
+ * Ref: ftp://ftp.ripe.net/iso3166-countrycodes.txt
+ */
+static const struct search_list country_list[] = {
+       {   4, "af", "Afghanistan"                          },
+       { 248, "ax", "<EFBFBD>land Island"                         },
+       {   8, "al", "Albania"                              },
+       {  12, "dz", "Algeria"                              },
+       {  16, "as", "American Samoa"                       },
+       {  20, "ad", "Andorra"                              },
+       {  24, "ao", "Angola"                               },
+       { 660, "ai", "Anguilla"                             },
+       {  10, "aq", "Antarctica"                           },
+       {  28, "ag", "Antigua & Barbuda"                    },
+       {  32, "ar", "Argentina"                            },
+       {  51, "am", "Armenia"                              },
+       { 533, "aw", "Aruba"                                },
+       {  36, "au", "Australia"                            },
+       {  40, "at", "Austria"                              },
+       {  31, "az", "Azerbaijan"                           },
+       {  44, "bs", "Bahamas"                              },
+       {  48, "bh", "Bahrain"                              },
+       {  50, "bd", "Bangladesh"                           },
+       {  52, "bb", "Barbados"                             },
+       { 112, "by", "Belarus"                              },
+       {  56, "be", "Belgium"                              },
+       {  84, "bz", "Belize"                               },
+       { 204, "bj", "Benin"                                },
+       {  60, "bm", "Bermuda"                              },
+       {  64, "bt", "Bhutan"                               },
+       {  68, "bo", "Bolivia"                              },
+       {  70, "ba", "Bosnia & Herzegowina"                 },
+       {  72, "bw", "Botswana"                             },
+       {  74, "bv", "Bouvet Island"                        },
+       {  76, "br", "Brazil"                               },
+       {  86, "io", "British Indian Ocean Territory"       },
+       {  96, "bn", "Brunei Darussalam"                    },
+       { 100, "bg", "Bulgaria"                             },
+       { 854, "bf", "Burkina Faso"                         },
+       { 108, "bi", "Burundi"                              },
+       { 116, "kh", "Cambodia"                             },
+       { 120, "cm", "Cameroon"                             },
+       { 124, "ca", "Canada"                               },
+       { 132, "cv", "Cape Verde"                           },
+       { 136, "ky", "Cayman Islands"                       },
+       { 140, "cf", "Central African Republic"             },
+       { 148, "td", "Chad"                                 },
+       { 152, "cl", "Chile"                                },
+       { 156, "cn", "China"                                },
+       { 162, "cx", "Christmas Island"                     },
+       { 166, "cc", "Cocos Islands"                        },
+       { 170, "co", "Colombia"                             },
+       { 174, "km", "Comoros"                              },
+       { 178, "cg", "Congo"                                },
+       { 180, "cd", "Congo"                                },
+       { 184, "ck", "Cook Islands"                         },
+       { 188, "cr", "Costa Rica"                           },
+       { 384, "ci", "Cote d'Ivoire"                        },
+       { 191, "hr", "Croatia"                              },
+       { 192, "cu", "Cuba"                                 },
+       { 196, "cy", "Cyprus"                               },
+       { 203, "cz", "Czech Republic"                       },
+       { 208, "dk", "Denmark"                              },
+       { 262, "dj", "Djibouti"                             },
+       { 212, "dm", "Dominica"                             },
+       { 214, "do", "Dominican Republic"                   },
+       { 218, "ec", "Ecuador"                              },
+       { 818, "eg", "Egypt"                                },
+       { 222, "sv", "El Salvador"                          },
+       { 226, "gq", "Equatorial Guinea"                    },
+       { 232, "er", "Eritrea"                              },
+       { 233, "ee", "Estonia"                              },
+       { 231, "et", "Ethiopia"                             },
+       { 238, "fk", "Falkland Islands"                     },
+       { 234, "fo", "Faroe Islands"                        },
+       { 242, "fj", "Fiji"                                 },
+       { 246, "fi", "Finland"                              },
+       { 250, "fr", "France"                               },
+       { 249, "fx", "France, Metropolitan"                 },
+       { 254, "gf", "French Guiana"                        },
+       { 258, "pf", "French Polynesia"                     },
+       { 260, "tf", "French Southern Territories"          },
+       { 266, "ga", "Gabon"                                },
+       { 270, "gm", "Gambia"                               },
+       { 268, "ge", "Georgia"                              },
+       { 276, "de", "Germany"                              },
+       { 288, "gh", "Ghana"                                },
+       { 292, "gi", "Gibraltar"                            },
+       { 300, "gr", "Greece"                               },
+       { 304, "gl", "Greenland"                            },
+       { 308, "gd", "Grenada"                              },
+       { 312, "gp", "Guadeloupe"                           },
+       { 316, "gu", "Guam"                                 },
+       { 320, "gt", "Guatemala"                            },
+       { 324, "gn", "Guinea"                               },
+       { 624, "gw", "Guinea-Bissau"                        },
+       { 328, "gy", "Guyana"                               },
+       { 332, "ht", "Haiti"                                },
+       { 334, "hm", "Heard & Mc Donald Islands"            },
+       { 336, "va", "Vatican City"                         },
+       { 340, "hn", "Honduras"                             },
+       { 344, "hk", "Hong kong"                            },
+       { 348, "hu", "Hungary"                              },
+       { 352, "is", "Iceland"                              },
+       { 356, "in", "India"                                },
+       { 360, "id", "Indonesia"                            },
+       { 364, "ir", "Iran"                                 },
+       { 368, "iq", "Iraq"                                 },
+       { 372, "ie", "Ireland"                              },
+       { 376, "il", "Israel"                               },
+       { 380, "it", "Italy"                                },
+       { 388, "jm", "Jamaica"                              },
+       { 392, "jp", "Japan"                                },
+       { 400, "jo", "Jordan"                               },
+       { 398, "kz", "Kazakhstan"                           },
+       { 404, "ke", "Kenya"                                },
+       { 296, "ki", "Kiribati"                             },
+       { 408, "kp", "Korea (north)"                        },
+       { 410, "kr", "Korea (south)"                        },
+       { 414, "kw", "Kuwait"                               },
+       { 417, "kg", "Kyrgyzstan"                           },
+       { 418, "la", "Laos"                                 },
+       { 428, "lv", "Latvia"                               },
+       { 422, "lb", "Lebanon"                              },
+       { 426, "ls", "Lesotho"                              },
+       { 430, "lr", "Liberia"                              },
+       { 434, "ly", "Libya"                                },
+       { 438, "li", "Liechtenstein"                        },
+       { 440, "lt", "Lithuania"                            },
+       { 442, "lu", "Luxembourg"                           },
+       { 446, "mo", "Macao"                                },
+       { 807, "mk", "Macedonia"                            },
+       { 450, "mg", "Madagascar"                           },
+       { 454, "mw", "Malawi"                               },
+       { 458, "my", "Malaysia"                             },
+       { 462, "mv", "Maldives"                             },
+       { 466, "ml", "Mali"                                 },
+       { 470, "mt", "Malta"                                },
+       { 584, "mh", "Marshall Islands"                     },
+       { 474, "mq", "Martinique"                           },
+       { 478, "mr", "Mauritania"                           },
+       { 480, "mu", "Mauritius"                            },
+       { 175, "yt", "Mayotte"                              },
+       { 484, "mx", "Mexico"                               },
+       { 583, "fm", "Micronesia"                           },
+       { 498, "md", "Moldova"                              },
+       { 492, "mc", "Monaco"                               },
+       { 496, "mn", "Mongolia"                             },
+       { 500, "ms", "Montserrat"                           },
+       { 504, "ma", "Morocco"                              },
+       { 508, "mz", "Mozambique"                           },
+       { 104, "mm", "Myanmar"                              },
+       { 516, "na", "Namibia"                              },
+       { 520, "nr", "Nauru"                                },
+       { 524, "np", "Nepal"                                },
+       { 528, "nl", "Netherlands"                          },
+       { 530, "an", "Netherlands Antilles"                 },
+       { 540, "nc", "New Caledonia"                        },
+       { 554, "nz", "New Zealand"                          },
+       { 558, "ni", "Nicaragua"                            },
+       { 562, "ne", "Niger"                                },
+       { 566, "ng", "Nigeria"                              },
+       { 570, "nu", "Niue"                                 },
+       { 574, "nf", "Norfolk Island"                       },
+       { 580, "mp", "Northern Mariana Islands"             },
+       { 578, "no", "Norway"                               },
+       { 512, "om", "Oman"                                 },
+       { 586, "pk", "Pakistan"                             },
+       { 585, "pw", "Palau"                                },
+       { 275, "ps", "Palestinian Territory"                },
+       { 591, "pa", "Panama"                               },
+       { 598, "pg", "Papua New Guinea"                     },
+       { 600, "py", "Paraguay"                             },
+       { 604, "pe", "Peru"                                 },
+       { 608, "ph", "Philippines"                          },
+       { 612, "pn", "Pitcairn"                             },
+       { 616, "pl", "Poland"                               },
+       { 620, "pt", "Portugal"                             },
+       { 630, "pr", "Puerto Rico"                          },
+       { 634, "qa", "Qatar"                                },
+       { 638, "re", "Reunion"                              },
+       { 642, "ro", "Romania"                              },
+       { 643, "ru", "Russia"                               },
+       { 646, "rw", "Rwanda"                               },
+       { 659, "kn", "Saint Kitts & Nevis"                  },
+       { 662, "lc", "Saint Lucia"                          },
+       { 670, "vc", "Saint Vincent"                        },
+       { 882, "ws", "Samoa"                                },
+       { 674, "sm", "San Marino"                           },
+       { 678, "st", "Sao Tome & Principe"                  },
+       { 682, "sa", "Saudi Arabia"                         },
+       { 686, "sn", "Senegal"                              },
+       { 891, "cs", "Serbia and Montenegro"                },
+       { 690, "sc", "Seychelles"                           },
+       { 694, "sl", "Sierra Leone"                         },
+       { 702, "sg", "Singapore"                            },
+       { 703, "sk", "Slovakia"                             },
+       { 705, "si", "Slovenia"                             },
+       {  90, "sb", "Solomon Islands"                      },
+       { 706, "so", "Somalia"                              },
+       { 710, "za", "South Africa"                         },
+       { 239, "gs", "South Georgia"                        },
+       { 724, "es", "Spain"                                },
+       { 144, "lk", "Sri Lanka"                            },
+       { 654, "sh", "St. Helena"                           },
+       { 666, "pm", "St. Pierre & Miquelon"                },
+       { 736, "sd", "Sudan"                                },
+       { 740, "sr", "Suriname"                             },
+       { 744, "sj", "Svalbard & Jan Mayen Islands"         },
+       { 748, "sz", "Swaziland"                            },
+       { 752, "se", "Sweden"                               },
+       { 756, "ch", "Switzerland"                          },
+       { 760, "sy", "Syrian Arab Republic"                 },
+       { 626, "tl", "Timor-Leste"                          },
+       { 158, "tw", "Taiwan"                               },
+       { 762, "tj", "Tajikistan"                           },
+       { 834, "tz", "Tanzania"                             },
+       { 764, "th", "Thailand"                             },
+       { 768, "tg", "Togo"                                 },
+       { 772, "tk", "Tokelau"                              },
+       { 776, "to", "Tonga"                                },
+       { 780, "tt", "Trinidad & Tobago"                    },
+       { 788, "tn", "Tunisia"                              },
+       { 792, "tr", "Turkey"                               },
+       { 795, "tm", "Turkmenistan"                         },
+       { 796, "tc", "Turks & Caicos Islands"               },
+       { 798, "tv", "Tuvalu"                               },
+       { 800, "ug", "Uganda"                               },
+       { 804, "ua", "Ukraine"                              },
+       { 784, "ae", "United Arab Emirates"                 },
+       { 826, "gb", "United Kingdom"                       },
+       { 840, "us", "United States"                        },
+       { 581, "um", "United States Minor Outlying Islands" },
+       { 858, "uy", "Uruguay"                              },
+       { 860, "uz", "Uzbekistan"                           },
+       { 548, "vu", "Vanuatu"                              },
+       { 862, "ve", "Venezuela"                            },
+       { 704, "vn", "Vietnam"                              },
+       {  92, "vg", "Virgin Islands (British)"             },
+       { 850, "vi", "Virgin Islands (US)"                  },
+       { 876, "wf", "Wallis & Futuna Islands"              },
+       { 732, "eh", "Western Sahara"                       },
+       { 887, "ye", "Yemen"                                },
+       { 894, "zm", "Zambia"                               },
+       { 716, "zw", "Zimbabwe"                             }
+     };
+
+/*
+ * Check if start of 'str' is simply an IPv4 address.
+ */
+#define BYTE_OK(x) ((x) >= 0 && (x) <= 255)
+
+static int is_addr(char *str, char **end)
+{
+  int a0, a1, a2, a3, num, rc = 0, length = 0;
+
+  if ((num = sscanf(str,"%3d.%3d.%3d.%3d%n",&a0,&a1,&a2,&a3,&length)) == 4 &&
+      BYTE_OK(a0) && BYTE_OK(a1) && BYTE_OK(a2) && BYTE_OK(a3) &&
+      length >= (3+4))
+    {
+      rc = 1;
+      *end = str + length;
+    }
+  return rc;
+}
+
+/*
+ * Find the country-code and name from the CNAME. E.g.:
+ *   version 1: CNAME = zzno.countries.nerd.dk with address 127.0.2.66
+ *              yields ccode_A" = "no" and cnumber 578 (2.66).
+ *   version 2: CNAME = <a.b.c.d>.zz.countries.nerd.dk with address 127.0.2.66
+ *              yields cnumber 578 (2.66). ccode_A is "";
+ */
+static void find_country_from_cname(const char *cname, struct in_addr addr)
+{
+  const struct search_list *country;
+  char  ccode_A2[3], *ccopy, *dot_4;
+  int   cnumber, z0, z1, ver_1, ver_2;
+  u_long ip;
+
+  ip = ntohl(addr.s_addr);
+  z0 = tolower(cname[0]);
+  z1 = tolower(cname[1]);
+  ccopy = strdup(cname);
+
+  ver_1 = (z0 == 'z' && z1 == 'z' && !strcasecmp(cname+4,nerd_ver1));
+  ver_2 = (is_addr(ccopy,&dot_4) && !strcasecmp(dot_4,nerd_ver2));
+
+  if (ver_1)
+    {
+      const char *dot = strchr(cname, '.');
+      if ((z0 != 'z' && z1 != 'z') || dot != cname+4)
+        {
+          printf("Unexpected CNAME %s (ver_1)\n", cname);
+          return;
+        }
+    }
+  else if (ver_2)
+    {
+      z0 = tolower(dot_4[1]);
+      z1 = tolower(dot_4[2]);
+      if (z0 != 'z' && z1 != 'z')
+        {
+          printf("Unexpected CNAME %s (ver_2)\n", cname);
+          return;
+        }
+    }
+  else
+    {
+      printf("Unexpected CNAME %s (ver?)\n", cname);
+      return;
+    }
+
+  if (ver_1)
+    {
+      ccode_A2[0] = tolower(cname[2]);
+      ccode_A2[1] = tolower(cname[3]);
+      ccode_A2[2] = '\0';
+    }
+  else
+    ccode_A2[0] = '\0';
+
+  cnumber = ip & 0xFFFF;
+
+  TRACE(("Found country-code `%s', number %d\n",
+         ver_1 ? ccode_A2 : "<n/a>", cnumber));
+
+  country = list_lookup(cnumber, country_list,
+                        sizeof(country_list) / sizeof(country_list[0]));
+  if (!country)
+    printf("Name for country-number %d not found.\n", cnumber);
+  else
+    {
+      if (ver_1 && *(unsigned short*)&country->short_name != *(unsigned*)&ccode_A2)
+        printf("short-name mismatch; %s vs %s\n", country->short_name, ccode_A2);
+
+      printf("%s (%s), number %d.\n",
+             country->long_name, country->short_name, cnumber);
+    }
+  free(ccopy);
+}
+

ares/ahost.c

@@ -40,13 +40,6 @@
 #include "inet_net_pton.h"
 #include "ares_getopt.h"
 
-#ifndef HAVE_STRUCT_IN6_ADDR
-struct in6_addr
-{
-  unsigned char s6_addr[16];
-};
-#endif
-
 static void callback(void *arg, int status, int timeouts, struct hostent *host);
 static void usage(void);
 

ares/ares.h

@@ -18,6 +18,14 @@
 #ifndef ARES__H
 #define ARES__H
 
+/*
+ * Define WIN32 when build target is Win32 API
+ */
+
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
+#define WIN32
+#endif
+
 #include <sys/types.h>
 
 #if defined(_AIX) || (defined(NETWARE) && defined(__NOVELL_LIBC__))
@@ -35,8 +43,12 @@
   #include <sys/socket.h>
   #include <tcp.h>
 #elif defined(WIN32)
-  #include <winsock2.h>
-  #include <windows.h>
+#  ifndef WIN32_LEAN_AND_MEAN
+#    define WIN32_LEAN_AND_MEAN
+#  endif
+#  include <windows.h>
+#  include <winsock2.h>
+#  include <ws2tcpip.h>
 #else
   #include <netinet/in.h>
   #include <sys/socket.h>
@@ -232,10 +244,38 @@ int ares_expand_name(const unsigned char *encoded, const unsigned char *abuf,
                      int alen, char **s, long *enclen);
 int ares_expand_string(const unsigned char *encoded, const unsigned char *abuf,
                      int alen, unsigned char **s, long *enclen);
+
+#if !defined(HAVE_STRUCT_IN6_ADDR) && !defined(s6_addr)
+struct in6_addr {
+  union {
+    unsigned char _S6_u8[16];
+  } _S6_un;
+};
+#define s6_addr _S6_un._S6_u8
+#endif
+
+struct addrttl {
+  struct in_addr ipaddr;
+  int            ttl;
+};
+struct addr6ttl {
+  struct in6_addr ip6addr;
+  int             ttl;
+};
+
+/*
+** Parse the buffer, starting at *abuf and of length alen bytes, previously
+** obtained from an ares_search call.  Put the results in *host, if nonnull.
+** Also, if addrttls is nonnull, put up to *naddrttls IPv4 addresses along with
+** their TTLs in that array, and set *naddrttls to the number of addresses
+** so written.
+*/
 int ares_parse_a_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host);
+                       struct hostent **host,
+                       struct addrttl *addrttls, int *naddrttls);
 int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host);
+                       struct hostent **host,
+                       struct addr6ttl *addrttls, int *naddrttls);
 int ares_parse_ptr_reply(const unsigned char *abuf, int alen, const void *addr,
                          int addrlen, int family, struct hostent **host);
 int ares_parse_ns_reply(const unsigned char *abuf, int alen,

ares/ares_gethostbyaddr.c

@@ -58,6 +58,7 @@ static void addr_callback(void *arg, int status, int timeouts,
 static void end_aquery(struct addr_query *aquery, int status,
                        struct hostent *host);
 static int file_lookup(union ares_addr *addr, int family, struct hostent **host);
+static void ptr_rr_name(char *name, int family, union ares_addr *addr);
 
 void ares_gethostbyaddr(ares_channel channel, const void *addr, int addrlen,
                         int family, ares_host_callback callback, void *arg)
@@ -101,48 +102,26 @@ static void next_lookup(struct addr_query *aquery)
 {
   const char *p;
   char name[128];
-  int a1, a2, a3, a4, status;
+  int status;
   struct hostent *host;
-  unsigned long addr;
 
   for (p = aquery->remaining_lookups; *p; p++)
     {
       switch (*p)
         {
         case 'b':
-          if (aquery->family == AF_INET)
-            {
-              addr = ntohl(aquery->addr.addr4.s_addr);
-              a1 = (int)((addr >> 24) & 0xff);
-              a2 = (int)((addr >> 16) & 0xff);
-              a3 = (int)((addr >> 8) & 0xff);
-              a4 = (int)(addr & 0xff);
-              sprintf(name, "%d.%d.%d.%d.in-addr.arpa", a4, a3, a2, a1);
+          ptr_rr_name(name, aquery->family, &aquery->addr);
           aquery->remaining_lookups = p + 1;
           ares_query(aquery->channel, name, C_IN, T_PTR, addr_callback,
                      aquery);
-            }
-          else
-            {
-              unsigned char *bytes;
-              bytes = (unsigned char *)&aquery->addr.addr6.s6_addr;
-              sprintf(name, "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.ip6.arpa",
-                      bytes[15]&0xf, bytes[15] >> 4, bytes[14]&0xf, bytes[14] >> 4,
-                      bytes[13]&0xf, bytes[13] >> 4, bytes[12]&0xf, bytes[12] >> 4,
-                      bytes[11]&0xf, bytes[11] >> 4, bytes[10]&0xf, bytes[10] >> 4,
-                      bytes[9]&0xf, bytes[9] >> 4, bytes[8]&0xf, bytes[8] >> 4,
-                      bytes[7]&0xf, bytes[7] >> 4, bytes[6]&0xf, bytes[6] >> 4,
-                      bytes[5]&0xf, bytes[5] >> 4, bytes[4]&0xf, bytes[4] >> 4,
-                      bytes[3]&0xf, bytes[3] >> 4, bytes[2]&0xf, bytes[2] >> 4,
-                      bytes[1]&0xf, bytes[1] >> 4, bytes[0]&0xf, bytes[0] >> 4);
-              aquery->remaining_lookups = p + 1;
-              ares_query(aquery->channel, name, C_IN, T_PTR, addr_callback,
-                         aquery);
-            }
           return;
         case 'f':
           status = file_lookup(&aquery->addr, aquery->family, &host);
-          if (status != ARES_ENOTFOUND)
+
+          /* this status check below previously checked for !ARES_ENOTFOUND,
+             but we should not assume that this single error code is the one
+             that can occur, as that is in fact no longer the case */
+          if (status == ARES_SUCCESS)
             {
               end_aquery(aquery, status, host);
               return;
@@ -264,3 +243,31 @@ static int file_lookup(union ares_addr *addr, int family, struct hostent **host)
     *host = NULL;
   return status;
 }
+
+static void ptr_rr_name(char *name, int family, union ares_addr *addr)
+{
+  if (family == AF_INET)
+    {
+       unsigned long laddr = ntohl(addr->addr4.s_addr);
+       int a1 = (int)((laddr >> 24) & 0xff);
+       int a2 = (int)((laddr >> 16) & 0xff);
+       int a3 = (int)((laddr >> 8) & 0xff);
+       int a4 = (int)(laddr & 0xff);
+       sprintf(name, "%d.%d.%d.%d.in-addr.arpa", a4, a3, a2, a1);
+    }
+  else
+    {
+       unsigned char *bytes = (unsigned char *)&addr->addr6.s6_addr;
+       sprintf(name,
+                "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x."
+                "%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.%x.ip6.arpa",
+                bytes[15]&0xf, bytes[15] >> 4, bytes[14]&0xf, bytes[14] >> 4,
+                bytes[13]&0xf, bytes[13] >> 4, bytes[12]&0xf, bytes[12] >> 4,
+                bytes[11]&0xf, bytes[11] >> 4, bytes[10]&0xf, bytes[10] >> 4,
+                bytes[9]&0xf, bytes[9] >> 4, bytes[8]&0xf, bytes[8] >> 4,
+                bytes[7]&0xf, bytes[7] >> 4, bytes[6]&0xf, bytes[6] >> 4,
+                bytes[5]&0xf, bytes[5] >> 4, bytes[4]&0xf, bytes[4] >> 4,
+                bytes[3]&0xf, bytes[3] >> 4, bytes[2]&0xf, bytes[2] >> 4,
+                bytes[1]&0xf, bytes[1] >> 4, bytes[0]&0xf, bytes[0] >> 4);
+    }
+}

ares/ares_gethostbyname.c

@@ -57,7 +57,7 @@ struct host_query {
   int timeouts;
 };
 
-static void next_lookup(struct host_query *hquery, int status);
+static void next_lookup(struct host_query *hquery, int status_code);
 static void host_callback(void *arg, int status, int timeouts,
                           unsigned char *abuf, int alen);
 static void end_hquery(struct host_query *hquery, int status,
@@ -111,13 +111,14 @@ void ares_gethostbyname(ares_channel channel, const char *name, int family,
   hquery->timeouts = 0;
 
   /* Start performing lookups according to channel->lookups. */
-  next_lookup(hquery, ARES_SUCCESS);
+  next_lookup(hquery, ARES_ECONNREFUSED /* initial error code */);
 }
 
-static void next_lookup(struct host_query *hquery, int status)
+static void next_lookup(struct host_query *hquery, int status_code)
 {
   const char *p;
   struct hostent *host;
+  int status = status_code;
 
   for (p = hquery->remaining_lookups; *p; p++)
     {
@@ -137,11 +138,16 @@ static void next_lookup(struct host_query *hquery, int status)
         case 'f':
           /* Host file lookup */
           status = file_lookup(hquery->name, hquery->family, &host);
-          if (status != ARES_ENOTFOUND)
+
+          /* this status check below previously checked for !ARES_ENOTFOUND,
+             but we should not assume that this single error code is the one
+             that can occur, as that is in fact no longer the case */
+          if (status == ARES_SUCCESS)
             {
               end_hquery(hquery, status, host);
               return;
             }
+          status = status_code;   /* Use original status code */
           break;
         }
     }
@@ -160,13 +166,13 @@ static void host_callback(void *arg, int status, int timeouts,
     {
       if (hquery->family == AF_INET)
         {
-          status = ares_parse_a_reply(abuf, alen, &host);
+          status = ares_parse_a_reply(abuf, alen, &host, NULL, NULL);
           if (host && channel->nsort)
             sort_addresses(host, channel->sortlist, channel->nsort);
         }
       else if (hquery->family == AF_INET6)
         {
-          status = ares_parse_aaaa_reply(abuf, alen, &host);
+          status = ares_parse_aaaa_reply(abuf, alen, &host, NULL, NULL);
           if (host && channel->nsort)
             sort6_addresses(host, channel->sortlist, channel->nsort);
         }

ares/ares_ipv6.h

@@ -1,6 +1,7 @@
 /* $Id$ */
 
-/*
+/* Copyright (C) 2005 by Dominick Meglio
+ *
  * Permission to use, copy, modify, and distribute this
  * software and its documentation for any purpose and without
  * fee is hereby granted, provided that the above copyright
@@ -21,11 +22,13 @@
 #define PF_INET6 AF_INET6
 #endif
 
-#ifndef HAVE_STRUCT_IN6_ADDR
-struct in6_addr
-{
-  unsigned char s6_addr[16];
+#if !defined(HAVE_STRUCT_IN6_ADDR) && !defined(s6_addr)
+struct in6_addr {
+  union {
+    unsigned char _S6_u8[16];
+  } _S6_un;
 };
+#define s6_addr _S6_un._S6_u8
 #endif
 
 #ifndef HAVE_STRUCT_SOCKADDR_IN6

ares/ares_parse_a_reply.3

@@ -22,24 +22,39 @@ ares_parse_a_reply \- Parse a reply to a DNS query of type A into a hostent
 .B #include <ares.h>
 .PP
 .B int ares_parse_a_reply(const unsigned char *\fIabuf\fP, int \fIalen\fP,
-.B 	struct hostent **\fIhost\fP);
+.B 	struct hostent **\fIhost\fP,
+.B      struct addrttl *\fIaddrttls\fB, int *\fInaddrttls\fB);
 .fi
 .SH DESCRIPTION
 The
 .B ares_parse_a_reply
 function parses the response to a query of type A into a
-.BR "struct hostent" .
+.BR "struct hostent"
+and/or an array of
+.BR "struct addrttls" . 
 The parameters
 .I abuf
 and
 .I alen
 give the contents of the response.  The result is stored in allocated
 memory and a pointer to it stored into the variable pointed to by
-.IR host .
+.IR host ,
+if host is nonnull.
 It is the caller's responsibility to free the resulting host structure
 using
 .BR ares_free_hostent (3)
 when it is no longer needed.
+.PP
+If
+.IR addrttls
+and
+.IR naddrttls
+are both nonnull,
+then up to *naddrttls
+.BR "struct addrttl"
+records are stored in the array pointed to by addrttls,
+and then *naddrttls is set to the number of records so stored.
+Note that the memory for these records is supplied by the caller.
 .SH RETURN VALUES
 .B ares_parse_a_reply
 can return any of the following values:

ares/ares_parse_a_reply.c

@@ -32,24 +32,32 @@
 
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 #include "ares.h"
 #include "ares_dns.h"
 #include "ares_private.h"
 
 int ares_parse_a_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host)
+                       struct hostent **host,
+                       struct addrttl *addrttls, int *naddrttls)
 {
   unsigned int qdcount, ancount;
-  int status, i, rr_type, rr_class, rr_len, naddrs;
+  int status, i, rr_type, rr_class, rr_len, rr_ttl, naddrs;
+  int cname_ttl = INT_MAX;  /* the TTL imposed by the CNAME chain */
   int naliases;
   long len;
   const unsigned char *aptr;
   char *hostname, *rr_name, *rr_data, **aliases;
   struct in_addr *addrs;
   struct hostent *hostent;
+  const int max_addr_ttls = (addrttls && naddrttls) ? *naddrttls : 0;
 
   /* Set *host to NULL for all failure cases. */
+  if (host)
     *host = NULL;
+  /* Same with *naddrttls. */
+  if (naddrttls)
+    *naddrttls = 0;
 
   /* Give up if abuf doesn't have room for a header. */
   if (alen < HFIXEDSZ)
@@ -73,6 +81,8 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
     }
   aptr += len + QFIXEDSZ;
 
+  if (host)
+    {
       /* Allocate addresses and aliases; ancount gives an upper bound for both. */
       addrs = malloc(ancount * sizeof(struct in_addr));
       if (!addrs)
@@ -87,6 +97,13 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
           free(addrs);
           return ARES_ENOMEM;
         }
+    }
+  else
+    {
+      addrs = NULL;
+      aliases = NULL;
+    }
+  
   naddrs = 0;
   naliases = 0;
 
@@ -106,13 +123,33 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
       rr_type = DNS_RR_TYPE(aptr);
       rr_class = DNS_RR_CLASS(aptr);
       rr_len = DNS_RR_LEN(aptr);
+      rr_ttl = DNS_RR_TTL(aptr);
       aptr += RRFIXEDSZ;
 
       if (rr_class == C_IN && rr_type == T_A
           && rr_len == sizeof(struct in_addr)
           && strcasecmp(rr_name, hostname) == 0)
         {
+          if (addrs)
+            {
+              if (aptr + sizeof(struct in_addr) > abuf + alen)
+              {
+                status = ARES_EBADRESP;
+                break;
+              }
               memcpy(&addrs[naddrs], aptr, sizeof(struct in_addr));
+            }
+          if (naddrs < max_addr_ttls)
+            {
+              struct addrttl * const at = &addrttls[naddrs];
+              if (aptr + sizeof(struct in_addr) > abuf + alen)
+              {
+                status = ARES_EBADRESP;
+                break;
+              }
+              memcpy(&at->ipaddr, aptr,  sizeof(struct in_addr));
+              at->ttl = rr_ttl;
+            }
           naddrs++;
           status = ARES_SUCCESS;
         }
@@ -120,7 +157,10 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
       if (rr_class == C_IN && rr_type == T_CNAME)
         {
           /* Record the RR name as an alias. */
+          if (aliases)
             aliases[naliases] = rr_name;
+          else
+            free(rr_name);
           naliases++;
 
           /* Decode the RR data and replace the hostname with it. */
@@ -129,6 +169,10 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
             break;
           free(hostname);
           hostname = rr_data;
+
+          /* Take the min of the TTLs we see in the CNAME chain. */
+          if (cname_ttl > rr_ttl)
+            cname_ttl = rr_ttl;
         }
       else
         free(rr_name);
@@ -145,8 +189,23 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
     status = ARES_ENODATA;
   if (status == ARES_SUCCESS)
     {
-      /* We got our answer.  Allocate memory to build the host entry. */
+      /* We got our answer. */
+      if (naddrttls)
+        {
+          const int n = naddrs < max_addr_ttls ? naddrs : max_addr_ttls;
+          for (i = 0; i < n; i++)
+            {
+              /* Ensure that each A TTL is no larger than the CNAME TTL. */
+              if (addrttls[i].ttl > cname_ttl)
+                addrttls[i].ttl = cname_ttl;
+            }
+          *naddrttls = n;
+        }
+      if (aliases)
         aliases[naliases] = NULL;
+      if (host)
+        {
+          /* Allocate memory to build the host entry. */
           hostent = malloc(sizeof(struct hostent));
           if (hostent)
             {
@@ -168,9 +227,13 @@ int ares_parse_a_reply(const unsigned char *abuf, int alen,
             }
           status = ARES_ENOMEM;
         }
+     }
+  if (aliases)
+    {
       for (i = 0; i < naliases; i++)
         free(aliases[i]);
       free(aliases);
+    }
   free(addrs);
   free(hostname);
   return status;

ares/ares_parse_aaaa_reply.3

@@ -22,24 +22,39 @@ ares_parse_aaaa_reply \- Parse a reply to a DNS query of type AAAA into a hosten
 .B #include <ares.h>
 .PP
 .B int ares_parse_aaaa_reply(const unsigned char *\fIabuf\fP, int \fIalen\fP,
-.B 	struct hostent **\fIhost\fP);
+.B 	struct hostent **\fIhost\fP,         
+.B      struct addrttl *\fIaddrttls\fB, int *\fInaddrttls\fB);
 .fi
 .SH DESCRIPTION
 The
 .B ares_parse_aaaa_reply
 function parses the response to a query of type AAAA into a
-.BR "struct hostent" .
+.BR "struct hostent"
+and/or an array of
+.BR "struct addrttls" . 
 The parameters
 .I abuf
 and
 .I alen
 give the contents of the response.  The result is stored in allocated
 memory and a pointer to it stored into the variable pointed to by
-.IR host .
+.IR host ,
+if host is nonnull.
 It is the caller's responsibility to free the resulting host structure
 using
 .BR ares_free_hostent (3)
 when it is no longer needed.
+.PP
+If
+.IR addrttls
+and
+.IR naddrttls
+are both nonnull,
+then up to *naddrttls
+.BR "struct addr6ttl"
+records are stored in the array pointed to by addrttls,
+and then *naddrttls is set to the number of records so stored.
+Note that the memory for these records is supplied by the caller.
 .SH RETURN VALUES
 .B ares_parse_aaaa_reply
 can return any of the following values:

ares/ares_parse_aaaa_reply.c

@@ -34,25 +34,33 @@
 
 #include <stdlib.h>
 #include <string.h>
+#include <limits.h>
 #include "ares.h"
 #include "ares_dns.h"
 #include "inet_net_pton.h"
 #include "ares_private.h"
 
 int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
-                       struct hostent **host)
+                          struct hostent **host, struct addr6ttl *addrttls,
+                          int *naddrttls)
 {
   unsigned int qdcount, ancount;
-  int status, i, rr_type, rr_class, rr_len, naddrs;
+  int status, i, rr_type, rr_class, rr_len, rr_ttl, naddrs;
+  int cname_ttl = INT_MAX;  /* the TTL imposed by the CNAME chain */
   int naliases;
   long len;
   const unsigned char *aptr;
   char *hostname, *rr_name, *rr_data, **aliases;
   struct in6_addr *addrs;
   struct hostent *hostent;
+  const int max_addr_ttls = (addrttls && naddrttls) ? *naddrttls : 0;
 
   /* Set *host to NULL for all failure cases. */
+  if (host)
     *host = NULL;
+  /* Same with *naddrttls. */
+  if (naddrttls)
+    *naddrttls = 0;
 
   /* Give up if abuf doesn't have room for a header. */
   if (alen < HFIXEDSZ)
@@ -77,6 +85,8 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
   aptr += len + QFIXEDSZ;
 
   /* Allocate addresses and aliases; ancount gives an upper bound for both. */
+  if (host)
+    {
       addrs = malloc(ancount * sizeof(struct in6_addr));
       if (!addrs)
         {
@@ -90,6 +100,12 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
           free(addrs);
           return ARES_ENOMEM;
         }
+    }
+  else
+    {
+      addrs = NULL;
+      aliases = NULL;
+    }
   naddrs = 0;
   naliases = 0;
 
@@ -109,13 +125,33 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
       rr_type = DNS_RR_TYPE(aptr);
       rr_class = DNS_RR_CLASS(aptr);
       rr_len = DNS_RR_LEN(aptr);
+      rr_ttl = DNS_RR_TTL(aptr);
       aptr += RRFIXEDSZ;
 
       if (rr_class == C_IN && rr_type == T_AAAA
           && rr_len == sizeof(struct in6_addr)
           && strcasecmp(rr_name, hostname) == 0)
         {
+          if (addrs)
+            {
+              if (aptr + sizeof(struct in6_addr) > abuf + alen)
+              {
+                status = ARES_EBADRESP;
+                break;
+              }
               memcpy(&addrs[naddrs], aptr, sizeof(struct in6_addr));
+            }
+          if (naddrs < max_addr_ttls)
+            {
+              struct addr6ttl * const at = &addrttls[naddrs];
+              if (aptr + sizeof(struct in6_addr) > abuf + alen)
+              {
+                status = ARES_EBADRESP;
+                break;
+              }
+              memcpy(&at->ip6addr, aptr,  sizeof(struct in6_addr));
+              at->ttl = rr_ttl;
+            }
           naddrs++;
           status = ARES_SUCCESS;
         }
@@ -123,7 +159,10 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
       if (rr_class == C_IN && rr_type == T_CNAME)
         {
           /* Record the RR name as an alias. */
+          if (aliases)
             aliases[naliases] = rr_name;
+          else
+            free(rr_name);
           naliases++;
 
           /* Decode the RR data and replace the hostname with it. */
@@ -132,6 +171,10 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
             break;
           free(hostname);
           hostname = rr_data;
+
+          /* Take the min of the TTLs we see in the CNAME chain. */
+          if (cname_ttl > rr_ttl)
+            cname_ttl = rr_ttl;
         }
       else
         free(rr_name);
@@ -148,8 +191,23 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
     status = ARES_ENODATA;
   if (status == ARES_SUCCESS)
     {
-      /* We got our answer.  Allocate memory to build the host entry. */
+      /* We got our answer. */
+      if (naddrttls)
+        {
+          const int n = naddrs < max_addr_ttls ? naddrs : max_addr_ttls;
+          for (i = 0; i < n; i++)
+            {
+              /* Ensure that each A TTL is no larger than the CNAME TTL. */
+              if (addrttls[i].ttl > cname_ttl)
+                addrttls[i].ttl = cname_ttl;
+            }
+          *naddrttls = n;
+        }
+      if (aliases)
         aliases[naliases] = NULL;
+      if (host)
+        {
+          /* Allocate memory to build the host entry. */
           hostent = malloc(sizeof(struct hostent));
           if (hostent)
             {
@@ -171,9 +229,13 @@ int ares_parse_aaaa_reply(const unsigned char *abuf, int alen,
             }
           status = ARES_ENOMEM;
         }
+    }
+  if (aliases)
+    {
       for (i = 0; i < naliases; i++)
         free(aliases[i]);
       free(aliases);
+    }
   free(addrs);
   free(hostname);
   return status;

ares/ares_private.h

@@ -18,6 +18,14 @@
  * without express or implied warranty.
  */
 
+/*
+ * Define WIN32 when build target is Win32 API
+ */
+
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
+#define WIN32
+#endif
+
 #include <stdio.h>
 #include <sys/types.h>
 

ares/ares_version.h

@@ -5,11 +5,11 @@
 
 #define ARES_VERSION_MAJOR 1
 #define ARES_VERSION_MINOR 5
-#define ARES_VERSION_PATCH 0
+#define ARES_VERSION_PATCH 2
 #define ARES_VERSION ((ARES_VERSION_MAJOR<<16)|\
                        (ARES_VERSION_MINOR<<8)|\
                        (ARES_VERSION_PATCH))
-#define ARES_VERSION_STR "1.5.0-CVS"
+#define ARES_VERSION_STR "1.5.2-CVS"
 
 #ifdef  __cplusplus
 extern "C" {

ares/bitncmp.h

@@ -3,7 +3,8 @@
 
 /* $Id$ */
 
-/*
+/* Copyright (C) 2005 by Dominick Meglio
+ *
  * Permission to use, copy, modify, and distribute this
  * software and its documentation for any purpose and without
  * fee is hereby granted, provided that the above copyright

ares/config-win32.h

@@ -159,24 +159,58 @@
 /* Define this if you have struct timeval */
 #define HAVE_STRUCT_TIMEVAL 1
 
+/* ---------------------------------------------------------------- */
+/*                        COMPILER SPECIFIC                         */
+/* ---------------------------------------------------------------- */
+
+/* Define to avoid VS2005 complaining about portable C functions */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#define _CRT_NONSTDC_NO_DEPRECATE 1
+#endif
+
+/* VS2008 does not support Windows build targets prior to WinXP, */
+/* so, if no build target has been defined we will target WinXP. */
+#if defined(_MSC_VER) && (_MSC_VER >= 1500)
+#  ifndef _WIN32_WINNT
+#    define _WIN32_WINNT 0x0501
+#  endif
+#  ifndef WINVER
+#    define WINVER 0x0501
+#  endif
+#  if (_WIN32_WINNT < 0x0501) || (WINVER < 0x0501)
+#    error VS2008 does not support Windows build targets prior to WinXP
+#  endif
+#endif
+
 /* ---------------------------------------------------------------- */
 /*                         IPV6 COMPATIBILITY                       */
 /* ---------------------------------------------------------------- */
 
 /* Define this if you have address family AF_INET6 */
+#ifdef HAVE_WINSOCK2_H
 #define HAVE_AF_INET6 1
+#endif
 
 /* Define this if you have protocol family PF_INET6 */
+#ifdef HAVE_WINSOCK2_H
 #define HAVE_PF_INET6 1
+#endif
 
 /* Define this if you have struct in6_addr */
+#ifdef HAVE_WS2TCPIP_H
 #define HAVE_STRUCT_IN6_ADDR 1
+#endif
 
 /* Define this if you have struct sockaddr_in6 */
+#ifdef HAVE_WS2TCPIP_H
 #define HAVE_STRUCT_SOCKADDR_IN6 1
+#endif
 
 /* Define this if you have sockaddr_in6 with scopeid */
+#ifdef HAVE_WS2TCPIP_H
 #define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1
+#endif
 
 
 #endif  /* __ARES_CONFIG_WIN32_H */

ares/configure.ac

@@ -46,6 +46,8 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
     dnl when doing the debug stuff, use static library only
     AC_DISABLE_SHARED
 
+    debugbuild="yes"
+
     dnl the entire --enable-debug is a hack that lives and runs on top of
     dnl libcurl stuff so this BUILDING_LIBCURL is not THAT much uglier
     AC_DEFINE(BUILDING_LIBCURL, 1, [when building as static part of libcurl])
@@ -70,6 +72,7 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
   esac ],
        AC_MSG_RESULT(no)
 )
+AM_CONDITIONAL(DEBUGBUILD, test x$debugbuild = xyes)
 
 dnl skip libtool C++ and Fortran compiler checks
 m4_ifdef([AC_PROG_CXX], [m4_undefine([AC_PROG_CXX])])
@@ -258,9 +261,6 @@ fi
 dnl socket lib?
 AC_CHECK_FUNC(connect, , [ AC_CHECK_LIB(socket, connect) ])
 
-dnl dl lib?
-AC_CHECK_FUNC(dlclose, , [ AC_CHECK_LIB(dl, dlopen) ])
-
 AC_MSG_CHECKING([whether to use libgcc])
 AC_ARG_ENABLE(libgcc,
 AC_HELP_STRING([--enable-libgcc],[use libgcc when linking]),
@@ -342,6 +342,9 @@ if test "x$RECENTAIX" = "xyes"; then
          dnl the optimizer assumes that pointers can only point to
          dnl an object of the same type.
          CFLAGS="$CFLAGS -qnoansialias"
+         dnl Force AIX xlc to stop after the compilation phase, and not
+         dnl generate object code, when the source compiles with errors.
+         CFLAGS="$CFLAGS -qhalt=e"
        )
 fi
 
@@ -831,8 +834,15 @@ AC_HELP_STRING([--with-random=FILE],
                [read randomness from FILE (default=/dev/urandom)]),
     [ RANDOM_FILE="$withval" ],
     [
-        dnl Check for random device
+        dnl Check for random device.  If we're cross compiling, we can't
+        dnl check, and it's better to assume it doesn't exist than it is
+        dnl to fail on AC_CHECK_FILE or later.
+        if test "$cross_compiling" = "no"; then
           AC_CHECK_FILE("/dev/urandom", [ RANDOM_FILE="/dev/urandom"] )
+        else
+          AC_MSG_WARN([cannot check for /dev/urandom while cross compiling; assuming none])
+        fi
+        
     ]
 )
 if test -n "$RANDOM_FILE" && test X"$RANDOM_FILE" != Xno ; then

ares/get_ver.awk

@@ -0,0 +1,36 @@
+# ***************************************************************************
+# *  Project: c-ares
+# *
+# * $Id$
+# ***************************************************************************
+# awk script which fetches c-ares version number and string from input
+# file and writes them to STDOUT. Here you can get an awk version for Win32:
+# http://www.gknw.net/development/prgtools/awk-20070501.zip
+#
+BEGIN {
+  if (match (ARGV[1], /ares_version.h/)) {
+    while ((getline < ARGV[1]) > 0) {
+      if (match ($0, /^#define ARES_COPYRIGHT "[^"]+"$/)) {
+        libcares_copyright_str = substr($0, 25, length($0)-25);
+      }
+      else if (match ($0, /^#define ARES_VERSION_STR "[^"]+"$/)) {
+        libcares_ver_str = substr($3, 2, length($3)-2);
+      }
+      else if (match ($0, /^#define ARES_VERSION_MAJOR [0-9]+$/)) {
+        libcares_ver_major = substr($3, 1, length($3));
+      }
+      else if (match ($0, /^#define ARES_VERSION_MINOR [0-9]+$/)) {
+        libcares_ver_minor = substr($3, 1, length($3));
+      }
+      else if (match ($0, /^#define ARES_VERSION_PATCH [0-9]+$/)) {
+        libcares_ver_patch = substr($3, 1, length($3));
+      }
+    }
+    libcares_ver = libcares_ver_major "," libcares_ver_minor "," libcares_ver_patch;
+    print "LIBCARES_VERSION = " libcares_ver "";
+    print "LIBCARES_VERSION_STR = " libcares_ver_str "";
+    print "LIBCARES_COPYRIGHT_STR = " libcares_copyright_str "";
+  }
+}
+
+

ares/inet_net_pton.h

@@ -3,7 +3,8 @@
 
 /* $Id$ */
 
-/*
+/* Copyright (C) 2005 by Daniel Stenberg
+ *
  * Permission to use, copy, modify, and distribute this
  * software and its documentation for any purpose and without
  * fee is hereby granted, provided that the above copyright

ares/inet_ntop.h

@@ -3,7 +3,8 @@
 
 /* $Id$ */
 
-/*
+/* Copyright (C) 2005 by Dominick Meglio
+ *
  * Permission to use, copy, modify, and distribute this
  * software and its documentation for any purpose and without
  * fee is hereby granted, provided that the above copyright

ares/libcares.pc.in

@@ -12,7 +12,7 @@ includedir=@includedir@
 
 Name: c-ares
 URL: http://daniel.haxx.se/projects/c-ares/
-Description: asyncronous DNS lookup library
+Description: asynchronous DNS lookup library
 Version: @VERSION@
 Requires: 
 Requires.private: 

ares/nameser.h

@@ -7,9 +7,6 @@
    port build */
 
 #ifndef NETWARE
-#ifndef __CYGWIN__
-#include <windows.h>
-#endif
 #include <process.h> /* for the _getpid() proto */
 #endif  /* !NETWARE */
 #include <sys/types.h>

ares/setup.h

@@ -16,13 +16,11 @@
  * without express or implied warranty.
  */
 
-#if !defined(WIN32) && defined(__WIN32__)
-/* Borland fix */
-#define WIN32
-#endif
+/*
+ * Define WIN32 when build target is Win32 API
+ */
 
-#if !defined(WIN32) && defined(_WIN32)
-/* VS2005 on x64 fix */
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
 #define WIN32
 #endif
 

ares/vc/adig/adig.dsp

@@ -49,8 +49,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
 
 !ELSEIF  "$(CFG)" == "adig - Win32 Debug"
 
@@ -73,8 +73,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
 
 !ENDIF 
 

ares/vc/ahost/ahost.dsp

@@ -39,6 +39,7 @@ RSC=rc.exe
 # PROP Use_Debug_Libraries 0
 # PROP Output_Dir "Release"
 # PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
 # PROP Target_Dir ""
 # ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
 # ADD CPP /nologo /MD /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
@@ -48,8 +49,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /machine:I386 /libpath:"..\areslib\Release"
 
 !ELSEIF  "$(CFG)" == "ahost - Win32 Debug"
 
@@ -62,6 +63,7 @@ LINK32=link.exe
 # PROP Use_Debug_Libraries 1
 # PROP Output_Dir "Debug"
 # PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
 # PROP Target_Dir ""
 # ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /GZ /c
 # ADD CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /FR /YX /FD /GZ /c
@@ -71,8 +73,8 @@ BSC32=bscmake.exe
 # ADD BASE BSC32 /nologo
 # ADD BSC32 /nologo
 LINK32=link.exe
-# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
-# ADD LINK32 wsock32.lib areslib.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
+# ADD BASE LINK32 ws2_32.lib advapi32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 ws2_32.lib advapi32.lib areslib.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept /libpath:"..\areslib\Debug"
 
 !ENDIF 
 

configure.ac

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -24,11 +24,11 @@ dnl Process this file with autoconf to produce a configure script.
 
 AC_PREREQ(2.57)
 
-dnl We don't know the version number "staticly" so we use a dash here
+dnl We don't know the version number "statically" so we use a dash here
 AC_INIT(curl, [-], [a suitable curl mailing list => http://curl.haxx.se/mail/])
 
 dnl configure script copyright
-AC_COPYRIGHT([Copyright (c) 1998 - 2006 Daniel Stenberg, <daniel@haxx.se>
+AC_COPYRIGHT([Copyright (c) 1998 - 2008 Daniel Stenberg, <daniel@haxx.se>
 This configure script may be copied, distributed and modified under the
 terms of the curl license; see COPYING for more details])
 
@@ -174,6 +174,7 @@ case $host in
 esac
 AC_MSG_RESULT($mimpure)
 AM_CONDITIONAL(MIMPURE, test x$mimpure = xyes)
+AM_CONDITIONAL(STATICLIB, false)
 
 AC_MSG_CHECKING([if we need BUILDING_LIBCURL])
 case $host in
@@ -185,6 +186,7 @@ case $host in
     then
       AC_DEFINE(CURL_STATICLIB, 1, [when not building a shared library])
       AC_MSG_RESULT(yes)
+      AM_CONDITIONAL(STATICLIB, true)
     else
       AC_MSG_RESULT(no)
     fi
@@ -321,10 +323,29 @@ AC_HELP_STRING([--disable-ldap],[Disable LDAP support]),
        AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
        AC_SUBST(CURL_DISABLE_LDAP, [1])
        ;;
-  *)   AC_MSG_RESULT(yes)
+  *)
+       case $host in
+         *-*-cygwin*)
+           # Force no ldap. config/build process is broken for cygwin
+           AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
+           AC_SUBST(CURL_DISABLE_LDAP, [1])
+           AC_MSG_RESULT(no)
            ;;
-  esac ],
+         *)
            AC_MSG_RESULT(yes)
+       esac
+       ;;
+  esac ],[
+       case $host in
+         *-*-cygwin*)
+           # Force no ldap. config/build process is broken for cygwin
+           AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
+           AC_SUBST(CURL_DISABLE_LDAP, [1])
+           AC_MSG_RESULT(no)
+           ;;
+         *)
+           AC_MSG_RESULT(yes)
+       esac ]
 )
 AC_MSG_CHECKING([whether to support ldaps])
 AC_ARG_ENABLE(ldaps,
@@ -604,6 +625,8 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
       AC_MSG_WARN(["$LDAPLIBNAME" is not an LDAP library: LDAP disabled])
       AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
       AC_SUBST(CURL_DISABLE_LDAP, [1])])
+      AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
+      AC_SUBST(CURL_DISABLE_LDAPS, [1])
   else
     dnl Try to find the right ldap libraries for this system
     CURL_CHECK_LIBS_LDAP
@@ -612,6 +635,8 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
         AC_MSG_WARN([Cannot find libraries for LDAP support: LDAP disabled])
         AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
         AC_SUBST(CURL_DISABLE_LDAP, [1])
+        AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
+        AC_SUBST(CURL_DISABLE_LDAPS, [1])
         ;;
     esac
   fi
@@ -627,6 +652,8 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
         AC_MSG_WARN(["$LBERLIBNAME" is not an LBER library: LDAP disabled])
         AC_DEFINE(CURL_DISABLE_LDAP, 1, [to disable LDAP])
         AC_SUBST(CURL_DISABLE_LDAP, [1])])
+        AC_DEFINE(CURL_DISABLE_LDAPS, 1, [to disable LDAPS])
+        AC_SUBST(CURL_DISABLE_LDAPS, [1])
     fi
   fi
 fi
@@ -901,6 +928,9 @@ dnl **********************************************************************
 dnl Check for GSS-API libraries
 dnl **********************************************************************
 
+dnl check for gss stuff in the /usr as default
+
+GSSAPI_ROOT="/usr"
 AC_ARG_WITH(gssapi-includes,
   AC_HELP_STRING([--with-gssapi-includes=DIR],
                  [Specify location of GSSAPI header]),
@@ -921,6 +951,10 @@ AC_ARG_WITH(gssapi,
   GSSAPI_ROOT="$withval"
   if test x"$GSSAPI_ROOT" != xno; then
     want_gss="yes"
+    if test x"$GSSAPI_ROOT" = xyes; then
+      dnl if yes, then use default root
+      GSSAPI_ROOT="/usr"
+    fi
   fi
 ])
 
@@ -932,11 +966,15 @@ if test x"$want_gss" = xyes; then
   if test -z "$GSSAPI_INCS"; then
      if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
         GSSAPI_INCS=`$GSSAPI_ROOT/bin/krb5-config --cflags gssapi`
+        GSSAPI_LIBS=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
      elif test "$GSSAPI_ROOT" != "yes"; then
         GSSAPI_INCS="-I$GSSAPI_ROOT/include"
+        GSSAPI_LIBS="-lgssapi"
      fi
   fi
+
   CPPFLAGS="$CPPFLAGS $GSSAPI_INCS"
+  LIBS="$LIBS $GSSAPI_LIBS"
 
   AC_CHECK_HEADER(gss.h,
     [
@@ -945,19 +983,19 @@ if test x"$want_gss" = xyes; then
       gnu_gss=yes
     ],
     [
-      dnl not found, check Heimdal
-      AC_CHECK_HEADER(gssapi.h,
-        [
-          dnl found in the given dirs
-          AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have the Heimdal gssapi libraries])
-        ],
-        [
-          dnl not found, check in gssapi/ subdir
+      dnl not found, check MIT
       AC_CHECK_HEADER(gssapi/gssapi.h,
         [
-              dnl found
+          dnl found in the given dirs
           AC_DEFINE(HAVE_GSSMIT, 1, [if you have the MIT gssapi libraries])
         ],
+        [
+          dnl not found, check for Heimdal
+          AC_CHECK_HEADER(gssapi.h,
+            [
+              dnl found
+              AC_DEFINE(HAVE_GSSHEIMDAL, 1, [if you have the Heimdal gssapi libraries])
+            ],
             [
               dnl no header found, disabling GSS
               want_gss=no
@@ -978,18 +1016,23 @@ if test x"$want_gss" = xyes; then
 
   if test -n "$gnu_gss"; then
     curl_gss_msg="enabled (GNU GSS)"
-    LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR -lgss"
+    LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
+    LIBS="$LIBS -lgss"
   elif test -z "$GSSAPI_LIB_DIR"; then
      if test -f "$GSSAPI_ROOT/bin/krb5-config"; then
-        gss_ldflags=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
-        LDFLAGS="$LDFLAGS $gss_ldflags"
+        dnl krb5-config doesn't have --libs-only-L or similar, put everything
+        dnl into LIBS
+        gss_libs=`$GSSAPI_ROOT/bin/krb5-config --libs gssapi`
+        LIBS="$LIBS $gss_libs"
      elif test "$GSSAPI_ROOT" != "yes"; then
-        LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff -lgssapi"
+        LDFLAGS="$LDFLAGS -L$GSSAPI_ROOT/lib$libsuff"
+        LIBS="$LIBS -lgssapi"
      else
-        LDFLAGS="$LDFLAGS -lgssapi"
+        LIBS="$LIBS -lgssapi"
      fi
   else
-     LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR -lgssapi"
+     LDFLAGS="$LDFLAGS $GSSAPI_LIB_DIR"
+     LIBS="$LIBS -lgssapi"
   fi
 else
   CPPFLAGS="$save_CPPFLAGS"
@@ -1292,6 +1335,7 @@ else
   if test "$HAVE_LIBZ" = "1" && test "$HAVE_ZLIB_H" != "1"
   then
     AC_MSG_WARN([configure found only the libz lib, not the header file!])
+    HAVE_LIBZ=""
   elif test "$HAVE_LIBZ" != "1" && test "$HAVE_ZLIB_H" = "1"
   then
     AC_MSG_WARN([configure found only the libz header file, not the lib!])
@@ -1336,7 +1380,7 @@ if test X"$OPT_LIBSSH2" != Xno; then
   yes)
     dnl --with-libssh2 (without path) used
     PREFIX_LIBSSH2=/usr/local/lib
-    LIB_LIBSSH2="$PREFIX_LIBSSH2/lib$libsuff"
+    LIB_LIBSSH2="$PREFIX_LIBSSH2$libsuff"
     ;;
   off)
     dnl no --with-libssh2 option given, just check default places
@@ -1356,8 +1400,9 @@ if test X"$OPT_LIBSSH2" != Xno; then
   AC_CHECK_HEADERS(libssh2.h,
     curl_ssh_msg="enabled (libSSH2)"
     LIBSSH2_ENABLED=1
-    AC_DEFINE(USE_LIBSSH2, 1, [if libSSH2 is in use]))
+    AC_DEFINE(USE_LIBSSH2, 1, [if libSSH2 is in use])
     AC_SUBST(USE_LIBSSH2, [1])
+  )
 
   if test X"$OPT_LIBSSH2" != Xoff &&
      test "$LIBSSH2_ENABLED" != "1"; then
@@ -1516,7 +1561,7 @@ if test "$OPENSSL_ENABLED" != "1" -a "$GNUTLS_ENABLED" != "1"; then
 
     dnl Check for functionPK11_CreateGenericObject
     dnl this is needed for using the PEM PKCS#11 module
-    AC_CHECK_LIB(nss3, PK11_CreateGenericObject-d,
+    AC_CHECK_LIB(nss3, PK11_CreateGenericObject,
      [
      AC_DEFINE(HAVE_PK11_CREATEGENERICOBJECT, 1, [if you have the function PK11_CreateGenericObject])
      AC_SUBST(HAVE_PK11_CREATEGENERICOBJECT, [1])
@@ -1566,36 +1611,20 @@ fi dnl OPENSSL != 1 -a GNUTLS_ENABLED != 1
 if test "x$OPENSSL_ENABLED$GNUTLS_ENABLED$NSS_ENABLED" = "x"; then
   AC_MSG_WARN([SSL disabled, you will not be able to use HTTPS, FTPS, NTLM and more.])
   AC_MSG_WARN([Use --with-ssl, --with-gnutls or --with-nss to address this.])
+else
+  # SSL is enabled, genericly
+  AC_SUBST(SSL_ENABLED)
+  SSL_ENABLED="1"
 fi
 
 dnl **********************************************************************
 dnl Check for the CA bundle
 dnl **********************************************************************
 
-if test X"$USE_NSS$USE_GNUTLS$OPENSSL_ENABLED" != "X"; then
-
-  AC_MSG_CHECKING([CA cert bundle install path])
-
-  AC_ARG_WITH(ca-bundle,
-AC_HELP_STRING([--with-ca-bundle=FILE], [File name to install the CA bundle as])
-AC_HELP_STRING([--without-ca-bundle], [Don't install the CA bundle]),
-    [ ca="$withval" ],
-    [
-      if test "x$prefix" != xNONE; then
-        ca="\${prefix}/share/curl/curl-ca-bundle.crt"
-      else
-        ca="$ac_default_prefix/share/curl/curl-ca-bundle.crt"
-      fi
-    ] )
-
-    if test "x$ca" != "xno"; then
-      CURL_CA_BUNDLE='"'$ca'"'
-      AC_SUBST(CURL_CA_BUNDLE)
-    fi
-    AC_MSG_RESULT([$ca])
-fi dnl only done if some kind of SSL was enabled
+CURL_CHECK_CA_BUNDLE
 
 AM_CONDITIONAL(CABUNDLE, test x$ca != xno)
+AM_CONDITIONAL(CAPATH, test x$capath != xno)
 
 dnl **********************************************************************
 dnl Check for the presence of IDN libraries and headers
@@ -1733,6 +1762,9 @@ if test "x$RECENTAIX" = "xyes"; then
          dnl the optimizer assumes that pointers can only point to
          dnl an object of the same type.
          CFLAGS="$CFLAGS -qnoansialias"
+         dnl Force AIX xlc to stop after the compilation phase, and not
+         dnl generate object code, when the source compiles with errors.
+         CFLAGS="$CFLAGS -qhalt=e"
        )
 
 
@@ -1782,7 +1814,7 @@ if test x$cross_compiling != xyes; then
     )
   fi
 else
-  dnl and for crosscompilings
+  dnl and for crosscompiling
   AC_CHECK_FUNCS(gmtime_r)
 fi
 
@@ -1827,6 +1859,7 @@ AC_CHECK_HEADERS(
         utime.h \
         sys/utime.h \
         sys/poll.h \
+        poll.h \
         sys/resource.h \
         libgen.h \
         locale.h \
@@ -1874,6 +1907,7 @@ AC_CHECK_SIZEOF(curl_off_t, ,[
 AC_CHECK_SIZEOF(size_t)
 AC_CHECK_SIZEOF(long)
 AC_CHECK_SIZEOF(time_t)
+AC_CHECK_SIZEOF(off_t)
 
 AC_CHECK_TYPE(long long,
    [AC_DEFINE(HAVE_LONGLONG, 1, [if your compiler supports long long])]
@@ -1962,6 +1996,7 @@ AC_CHECK_FUNCS( strtoll \
                 strlcat \
                 getpwuid \
                 geteuid \
+                getppid \
                 utime \
                 sigsetjmp \
                 basename \
@@ -2088,6 +2123,8 @@ if test "$disable_poll" = "no"; then
     AC_RUN_IFELSE([
 #ifdef HAVE_SYS_POLL_H
 #include <sys/poll.h>
+#elif defined(HAVE_POLL_H)
+#include <poll.h>
 #endif
 
   int main(void)
@@ -2458,7 +2495,8 @@ AC_MSG_NOTICE([Configured to build curl/libcurl:
   Built-in manual: ${curl_manual_msg}
   Verbose errors:  ${curl_verbose_msg}
   SSPI support:    ${curl_sspi_msg}
-  ca cert path:    ${ca}
+  ca cert bundle:  ${ca}
+  ca cert path:    ${capath}
   LDAP support:    ${curl_ldap_msg}
   LDAPS support:   ${curl_ldaps_msg}
 ])

curl-config.in

@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 2001 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 2001 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -83,7 +83,7 @@ while test $# -gt 0; do
 	if test "@USE_SSLEAY@" = "1"; then
           echo "SSL"
           NTLM=1 # OpenSSL implies NTLM
-        elif test -n "@USE_GNUTLS@"; then
+        elif test -n "@SSL_ENABLED@"; then
           echo "SSL"
         fi
 	if test "@KRB4_ENABLED@" = "1"; then
@@ -113,13 +113,13 @@ while test $# -gt 0; do
     --protocols)
 	if test "@CURL_DISABLE_HTTP@" != "1"; then
           echo "HTTP"
-	  if test "@USE_SSLEAY@" = "1"; then
+	  if test "@SSL_ENABLED@" = "1"; then
             echo "HTTPS"
           fi
         fi
 	if test "@CURL_DISABLE_FTP@" != "1"; then
           echo "FTP"
-	  if test "@USE_SSLEAY@" = "1"; then
+	  if test "@SSL_ENABLED@" = "1"; then
             echo "FTPS"
           fi
         fi
@@ -189,7 +189,7 @@ while test $# -gt 0; do
        	;;
 
     --libs)
-	if test "X@libdir@" != "X/usr/lib"; then
+	if test "X@libdir@" != "X/usr/lib" -a "X@libdir@" != "X/usr/lib64"; then
 	   CURLLIBDIR="-L@libdir@ "
 	else
 	   CURLLIBDIR=""

docs/BINDINGS

@@ -72,7 +72,7 @@ glib/GTK+
 
 Java
 
-  Maintained by Vic Hanson
+  Maintained by [blank]
   http://curl.haxx.se/libcurl/java/
 
 Lisp
@@ -143,11 +143,20 @@ Rexx
   Written Mark Hessling
   http://rexxcurl.sourceforge.net/
 
+RPG
+
+  Support for ILE/RPG on OS/400 is included in source distribution
+  http://curl.haxx.se/libcurl/
+  See packages/OS400/README.OS400 and packages/OS400/curl.inc.in
+
 Ruby
 
-  Written by Ross Bamford
+  curb - written by Ross Bamford
   http://curb.rubyforge.org/
 
+  ruby-curl-multi - written by Kristjan Petursson and Keith Rarick
+  http://curl-multi.rubyforge.org/
+
 Scheme
 
   Bigloo binding by Kirill Lisovsky

docs/CONTRIBUTE

@@ -102,6 +102,8 @@
  using spaces only (no tabs) and having the opening brace ({) on the same line
  as the if() or while().
 
+ Also note that we use if() and while() with no space before the parenthesis.
+
 2.3 Commenting
 
  Comment your source code extensively using C comments (/* comment */), DO NOT

docs/FAQ

@@ -1,4 +1,4 @@
-Updated: July 30, 2007 (http://curl.haxx.se/docs/faq.html)
+Updated: Feb 18, 2008 (http://curl.haxx.se/docs/faq.html)
                                   _   _ ____  _
                               ___| | | |  _ \| |
                              / __| | | | |_) | |
@@ -18,6 +18,7 @@ FAQ
   1.8 I have a problem who do I mail?
   1.9 Where do I buy commercial support for curl?
   1.10 How many are using curl?
+  1.11 Why don't you update ca-bundle.crt
 
  2. Install Related Problems
   2.1 configure doesn't find OpenSSL even when it is installed
@@ -83,6 +84,7 @@ FAQ
   5.10 How do I prevent libcurl from writing the response to stdout?
   5.11 How do I make libcurl not receive the whole HTTP response?
   5.12 Can I make libcurl fake or hide my real IP address?
+  5.13 How do I stop an ongoing transfer?
 
  6. License Issues
   6.1 I have a GPL program, can I use the libcurl library?
@@ -214,8 +216,7 @@ FAQ
   improvements and have them inserted in the main sources (of course on the
   condition that developers agree on that the fixes are good).
 
-  The full list of the more than 530 contributors is found in the docs/THANKS
-  file.
+  The full list of all contributors is found in the docs/THANKS file.
 
   curl is developed by a community, with Daniel at the wheel.
 
@@ -296,7 +297,7 @@ FAQ
   as used by numerous applications that include libcurl binaries in their
   distribution packages (like Adobe Acrobat Reader and Google Earth).
 
-  More than 70 known named companies use curl in commercial environments and
+  More than 80 known named companies use curl in commercial environments and
   products. More than 100 known named open source projects depend on
   (lib)curl.
 
@@ -317,6 +318,29 @@ FAQ
   http://counter.li.org/estimates.php
   http://news.netcraft.com/archives/2005/03/14/fedora_makes_rapid_progress.html
 
+  1.11 Why don't you update ca-bundle.crt
+
+  The ca-bundle.crt file that used to be bundled with curl was very outdated
+  (it being last modified year 2000 should tell) and must be replaced with a
+  much more modern and up-to-date version by anyone who wants to verify peers
+  anyway. It is no longer provided, the last curl release that shipped it was
+  curl 7.18.0.
+
+  In the cURL project we've decided not to attempt to keep this file updated
+  (or even present anymore) since deciding what to add to a ca cert bundle is
+  an undertaking we've not been ready to accept, and the one we can get from
+  Mozilla is perfectly fine so there's no need to duplicate that work.
+
+  Today, with many services performed over HTTPS, every operating system
+  should come with a default ca cert bundle that can be deemed somewhat
+  trustworthy and that collection (if reasonably updated) should be deemed to
+  be a lot better than a private curl version.
+
+  If you want the most recent collection of ca certs that Mozilla Firefox
+  uses, we recommend that you extract the collection yourself from Mozilla
+  Firefox (by running 'make ca-bundle), or by using our online service setup
+  for this purpose: http://curl.haxx.se/docs/caextract.html
+
 
 2. Install Related Problems
 
@@ -1033,6 +1057,18 @@ FAQ
   that makes you see and use a different IP address locally than what the
   remote server will see you coming from.
 
+  5.13 How do I stop an ongoing transfer?
+
+  There are several ways, but none of them are instant. There is no function
+  you can call from another thread or similar that will stop it immediately.
+  Instead you need to make sure that one of the callbacks you use return an
+  appropriate value that will stop the transfer.
+
+  Suitable callbacks that you can do this with include the progress callback,
+  the read callback and the write callback.
+
+  If you're using the multi interface, you also stop a transfer by removing
+  the particular easy handle from the multi stack.
 
 6. License Issues
 

docs/INSTALL

@@ -188,7 +188,7 @@ Win32
    environment variables, for example:
 
      set ZLIB_PATH=c:\zlib-1.2.3
-     set OPENSSL_PATH=c:\openssl-0.9.8e
+     set OPENSSL_PATH=c:\openssl-0.9.8g
      set LIBSSH2_PATH=c:\libssh2-0.17
 
    ATTENTION: if you want to build with libssh2 support you have to use latest
@@ -257,7 +257,7 @@ Win32
    Before running nmake define the OPENSSL_PATH environment variable with
    the root/base directory of OpenSSL, for example:
 
-     set OPENSSL_PATH=c:\openssl-0.9.8e
+     set OPENSSL_PATH=c:\openssl-0.9.8g
 
    Then run 'nmake vc-ssl' or 'nmake vc-ssl-dll' in curl's root
    directory.  'nmake vc-ssl' will create a libcurl static and dynamic
@@ -521,7 +521,7 @@ NetWare
      http://www.gknw.net/development/ossl/netware/
      for CLIB-based builds OpenSSL needs to be patched to build with BSD
      sockets (currently only a winsock-based CLIB build is supported):
-     http://www.gknw.net/development/ossl/netware/patches/v_0.9.8e/openssl-0.9.8e.diff
+     http://www.gknw.net/development/ossl/netware/patches/v_0.9.8g/openssl-0.9.8g.diff
    - optional SSH2 sources (version 0.17 or later);
 
    Set a search path to your compiler, linker and tools; on Linux make
@@ -808,10 +808,12 @@ PORTS
         - ia64 Linux 2.3.99
         - m68k AmigaOS 3
         - m68k Linux
+        - m68k uClinux
         - m68k OpenBSD
         - m88k dg-dgux5.4R3.00
         - s390 Linux
         - XScale/PXA250 Linux 2.4
+        - Nios II uClinux
 
 Useful URLs
 ===========

docs/INTERNALS

@@ -97,7 +97,9 @@ Library
 
    ... analyzes the URL, it separates the different components and connects to
    the remote host. This may involve using a proxy and/or using SSL. The
-   Curl_gethost() function in lib/hostip.c is used for looking up host names.
+   Curl_resolv() function in lib/hostip.c is used for looking up host names
+   (it does then use the proper underlying method, which may vary between
+   platforms and builds).
 
    When Curl_connect is done, we are connected to the remote site. Then it is
    time to tell the server to get a document/file. Curl_do() arranges this.
@@ -122,17 +124,20 @@ Library
    Curl_Transfer() function (in lib/transfer.c) to setup the transfer and
    returns.
 
-   Starting in 7.9.1, if this DO function fails and the connection is being
-   re-used, libcurl will then close this connection, setup a new connection
-   and re-issue the DO request on that. This is because there is no way to be
-   perfectly sure that we have discovered a dead connection before the DO
-   function and thus we might wrongly be re-using a connection that was closed
-   by the remote peer.
+   If this DO function fails and the connection is being re-used, libcurl will
+   then close this connection, setup a new connection and re-issue the DO
+   request on that. This is because there is no way to be perfectly sure that
+   we have discovered a dead connection before the DO function and thus we
+   might wrongly be re-using a connection that was closed by the remote peer.
+
+   Some time during the DO function, the Curl_setup_transfer() function must
+   be called with some basic info about the upcoming transfer: what socket(s)
+   to read/write and the expected file tranfer sizes (if known).
 
  o Transfer()
 
-   Curl_perform() then calls Transfer() in lib/transfer.c that performs
-   the entire file transfer.
+   Curl_perform() then calls Transfer() in lib/transfer.c that performs the
+   entire file transfer.
 
    During transfer, the progress functions in lib/progress.c are called at a
    frequent interval (or at the user's choice, a specified callback might get
@@ -236,9 +241,8 @@ Library
  URL encoding and decoding, called escaping and unescaping in the source code,
  is found in lib/escape.c.
 
- While transfering data in Transfer() a few functions might get
- used. curl_getdate() in lib/getdate.c is for HTTP date comparisons (and
- more).
+ While transfering data in Transfer() a few functions might get used.
+ curl_getdate() in lib/parsedate.c is for HTTP date comparisons (and more).
 
  lib/getenv.c offers curl_getenv() which is for reading environment variables
  in a neat platform independent way. That's used in the client, but also in
@@ -254,10 +258,6 @@ Library
  A function named curl_version() that returns the full curl version string is
  found in lib/version.c.
 
- If authentication is requested but no password is given, a getpass_r() clone
- exists in lib/getpass.c. libcurl offers a custom callback that can be used
- instead of this, but it doesn't change much to us.
-
 Persistent Connections
 ======================
 
@@ -269,9 +269,11 @@ Persistent Connections
    all the options etc that the library-user may choose.
  o The 'SessionHandle' struct holds the "connection cache" (an array of
    pointers to 'connectdata' structs). There's one connectdata struct
-   allocated for each connection that libcurl knows about.
- o This also enables the 'curl handle' to be reused on subsequent transfers,
-   something that was illegal before libcurl 7.7.
+   allocated for each connection that libcurl knows about. Note that when you
+   use the multi interface, the multi handle will hold the connection cache
+   and not the particular easy handle. This of course to allow all easy handles
+   in a multi stack to be able to share and re-use connections.
+ o This enables the 'curl handle' to be reused on subsequent transfers.
  o When we are about to perform a transfer with curl_easy_perform(), we first
    check for an already existing connection in the cache that we can use,
    otherwise we create a new one and add to the cache. If the cache is full
@@ -281,11 +283,46 @@ Persistent Connections
  o When the transfer operation is complete, we try to leave the connection
    open. Particular options may tell us not to, and protocols may signal
    closure on connections and then we don't keep it open of course.
- o When curl_easy_cleanup() is called, we close all still opened connections.
+ o When curl_easy_cleanup() is called, we close all still opened connections,
+   unless of course the multi interface "owns" the connections.
 
  You do realize that the curl handle must be re-used in order for the
  persistent connections to work.
 
+multi interface/non-blocking
+============================
+
+ We make an effort to provide a non-blocking interface to the library, the
+ multi interface. To make that interface work as good as possible, no
+ low-level functions within libcurl must be written to work in a blocking
+ manner.
+
+ One of the primary reasons we introduced c-ares support was to allow the name
+ resolve phase to be perfectly non-blocking as well.
+
+ The ultimate goal is to provide the easy interface simply by wrapping the
+ multi interface functions and thus treat everything internally as the multi
+ interface is the single interface we have.
+
+ The FTP and the SFTP/SCP protocols are thus perfect examples of how we adapt
+ and adjust the code to allow non-blocking operations even on multi-stage
+ protocols. The DICT, TELNET and TFTP are crappy examples and they are subject
+ for rewrite in the future to better fit the libcurl protocol family.
+
+SSL libraries
+=============
+
+ Originally libcurl supported SSLeay for SSL/TLS transports, but that was then
+ extended to its successor OpenSSL but has since also been extended to several
+ other SSL/TLS libraries and we expect and hope to further extend the support
+ in future libcurl versions.
+
+ To deal with this internally in the best way possible, we have a generic SSL
+ function API as provided by the sslgen.[ch] system, and they are the only SSL
+ functions we must use from within libcurl. sslgen is then crafted to use the
+ appropriate lower-level function calls to whatever SSL library that is in
+ use.
+
 Library Symbols
 ===============
  
@@ -309,6 +346,13 @@ Return Codes and Informationals
  them. They are best used when revealing information that isn't otherwise
  obvious.
 
+API/ABI
+=======
+
+ We make an effort to not export or show internals or how internals work, as
+ that makes it easier to keep a solid API/ABI over time. See docs/libcurl/ABI
+ for our promise to users.
+
 Client
 ======
 

docs/KNOWN_BUGS

@@ -3,6 +3,17 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!
 
+52. Gautam Kachroo's issue that identifies a problem with the multi interface
+  where a connection can be re-used without actually being properly
+  SSL-negoatiated:
+  http://curl.haxx.se/mail/lib-2008-01/0277.html
+
+49. If using --retry and the transfer timeouts (possibly due to using -m or
+  -y/-Y) the next attempt doesn't resume the transfer properly from what was
+  downloaded in the previous attempt but will truncate and restart at the
+  original position where it was at before the previous failed attempt. See
+  http://curl.haxx.se/mail/lib-2008-01/0080.html
+
 48. If a CONNECT response-headers are larger than BUFSIZE (16KB) when the
   connection is meant to be kept alive (like for NTLM proxy auth), the
   function will return prematurely and will confuse the rest of the HTTP
@@ -43,23 +54,9 @@ may have been fixed since this was written!
   Also see #12. According to bug #1556528, even the SOCKS5 connect code does
   not do it right: http://curl.haxx.se/bug/view.cgi?id=1556528,
 
-33. Doing multi-pass HTTP authentication on a non-default port does not work.
-  This happens because the multi-pass code abuses the redirect following code
-  for doing multiple requests, and when we following redirects to an absolute
-  URL we must use the newly specified port and not the one specified in the
-  original URL. A proper fix to this would need to separate the negotiation
-  "redirect" from an actual redirect.
-
-32. (At least on Windows) If libcurl is built with c-ares and there's no DNS
-  server configured in the system, the ares_init() call fails and thus
-  curl_easy_init() fails as well. This causes weird effects for people who use
-  numerical IP addresses only.
-
 31. "curl-config --libs" will include details set in LDFLAGS when configure is
-  run that might be needed only for building libcurl. Similarly, it might
-  include options that perhaps aren't suitable both for static and dynamic
-  linking. Further, curl-config --cflags suffers from the same effects with
-  CFLAGS/CPPFLAGS.
+  run that might be needed only for building libcurl. Further, curl-config
+  --cflags suffers from the same effects with CFLAGS/CPPFLAGS.
 
 30. You need to use -g to the command line tool in order to use RFC2732-style
   IPv6 numerical addresses in URLs.

docs/SSLCERTS

@@ -1,21 +1,25 @@
                       Peer SSL Certificate Verification
                       =================================
 
-libcurl performs peer SSL certificate verification by default. This is done by
-installing a default CA cert bundle on 'make install' (or similar), that CA
-bundle package is used by default on operations against SSL servers.
+libcurl performs peer SSL certificate verification by default.  This is done
+by using CA cert bundle that the SSL library can use to make sure the peer's
+server certificate is valid.
 
 If you communicate with HTTPS or FTPS servers using certificates that are
 signed by CAs present in the bundle, you can be sure that the remote server
 really is the one it claims to be.
 
-If the remote server uses a self-signed certificate, if you don't install
-curl's CA cert bundle, if the server uses a certificate signed by a CA that
-isn't included in the bundle or if the remote host is an impostor
+Until 7.18.0, curl bundled a severely outdated ca bundle file that was
+installed by default. These days, the curl archives include no ca certs at
+all. You need to get them elsewhere. See below for example.
+
+If the remote server uses a self-signed certificate, if you don't install a CA
+cert bundle, if the server uses a certificate signed by a CA that isn't
+included in the bundle you use or if the remote host is an impostor
 impersonating your favorite site, and you want to transfer files from this
 server, do one of the following:
 
- 1. Tell libcurl to *not* verify the peer. With libcurl you disable with with
+ 1. Tell libcurl to *not* verify the peer. With libcurl you disable this with
     curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, FALSE);
 
     With the curl command line tool, you disable this with -k/--insecure.
@@ -27,10 +31,8 @@ server, do one of the following:
     With the curl command line tool: --cacert [file]
 
  3. Add the CA cert for your server to the existing default CA cert bundle.
-    The default path of the CA bundle installed with the curl package is:
-    /usr/local/share/curl/curl-ca-bundle.crt, which can be changed by running
-    configure with the --with-ca-bundle option pointing out the path of your
-    choice.
+    The default path of the CA bundle used can be changed by running configure
+    with the --with-ca-bundle option pointing out the path of your choice.
 
     To do this, you need to get the CA cert for your server in PEM format and
     then append that to your CA cert bundle.
@@ -48,8 +50,6 @@ server, do one of the following:
      o Append the 'outcert.pem' to the CA cert bundle or use it stand-alone
        as described below.
 
-     (Thanks to Frankie V for this description)
-
     If you use the 'openssl' tool, this is one way to get extract the CA cert
     for a particular server:
 
@@ -64,8 +64,6 @@ server, do one of the following:
        cert_bundle or use it stand-alone as described. Just remember that the
        security is no better than the way you obtained the certificate.
 
-     (Thanks to Doug Kaufman for this description)
-
  4. If you're using the curl command line tool, you can specify your own CA
     cert path by setting the environment variable CURL_CA_BUNDLE to the path
     of your choice.
@@ -80,8 +78,9 @@ server, do one of the following:
       5. all directories along %PATH%
 
  5. Get a better/different/newer CA cert bundle! One option is to extract the
-    one a recent Mozilla browser uses, by following the instruction found
-    here:
+    one a recent Mozilla browser uses by running 'make ca-bundle' in the curl
+    build tree root, or possibly download a version that was generated this
+    way for you:
 
         http://curl.haxx.se/docs/caextract.html
 

docs/THANKS

@@ -12,6 +12,8 @@ Albert Chin-A-Young
 Albert Choy
 Ale Vesely
 Aleksandar Milivojevic
+Alessandro Vesely
+Alex Fishman
 Alex Neblett
 Alex Suykov
 Alex aka WindEagle
@@ -19,6 +21,7 @@ Alexander Kourakos
 Alexander Krasnostavsky
 Alexander Lazic
 Alexander Zhuravlev
+Alexey Pesternikov
 Alexey Simak
 Alexis Carvalho
 Allen Pulsifer
@@ -36,6 +39,7 @@ Andrew Biggs
 Andrew Bushnell
 Andrew Francis
 Andrew Fuller
+Andrew Moise
 Andrew Wansink
 Andr<EFBFBD>s Garc<72>a
 Andy Cedilnik
@@ -103,6 +107,7 @@ Dan Torop
 Dan Zitter
 Daniel Black
 Daniel Cater
+Daniel Egger
 Daniel Johnson
 Daniel Stenberg
 Daniel at touchtunes
@@ -128,6 +133,7 @@ David Phillips
 David Shaw
 David Tarendash
 David Thiel
+David Wright
 David Yan
 Detlef Schmier
 Diego Casorran
@@ -138,6 +144,7 @@ Dirk Eddelbuettel
 Dirk Manske
 Dmitriy Sergeyev
 Dmitry Bartsevich
+Dmitry Kurochkin
 Dmitry Rechkin
 Dolbneff A.V
 Domenico Andreoli
@@ -155,10 +162,12 @@ Dylan Salisbury
 Early Ehlinger
 Edin Kadribasic
 Ellis Pritchard
+Emil Romanus
 Emiliano Ida
 Enrico Scholz
 Enrik Berkhan
 Eric Cooper
+Eric Landes
 Eric Lavigne
 Eric Melville
 Eric Rautman
@@ -183,11 +192,13 @@ Frank Ticheler
 Fred New
 Fred Noz
 Frederic Lepied
+Gary Maxwell
 Gautam Mani
 Gavrie Philipson
 Gaz Iqbal
 Georg Horn
 Georg Huettenegger
+Georg Lippitsch
 Georg Wicherski
 Gerd v. Egidy
 Gerhard Herre
@@ -196,6 +207,7 @@ Giancarlo Formicuccia
 Giaslas Georgios
 Gilad
 Gilbert Ramirez Jr.
+Gilles Blanc
 Gisle Vanem
 Giuseppe Attardi
 Giuseppe D'Ambrosio
@@ -226,9 +238,11 @@ Ian Gulliver
 Ian Turner
 Ian Wilkes
 Ignacio Vazquez-Abrams
+Igor Franchuk
 Igor Polyakov
 Ilguiz Latypov
 Ilja van Sprundel
+Immanuel Gregoire
 Ingmar Runge
 Ingo Ralf Blum
 Ingo Wilken
@@ -256,6 +270,7 @@ Jean-Claude Chauve
 Jean-Louis Lemaire
 Jean-Marc Ranger
 Jean-Philippe Barrette-LaPierre
+Jeff Johnson
 Jeff Lawson
 Jeff Phillips
 Jeff Pohlmeyer
@@ -265,6 +280,7 @@ Jesper Jensen
 Jesse Noller
 Jim Drash
 Joe Halpin
+Joe Malicki
 Joel Chen
 Jofell Gallardo
 Johan Anderson
@@ -274,6 +290,7 @@ John Janssen
 John Kelly
 John Lask
 John McGowan
+Johnny Luong
 Jon Grubbs
 Jon Travis
 Jon Turner
@@ -285,6 +302,7 @@ Jose Kahan
 Josh Kapell
 Juan F. Codagnone
 Juan Ignacio Herv<72>s
+Judson Bishop
 Juergen Wilke
 Jukka Pihl
 Julian Noble
@@ -307,7 +325,9 @@ Ken Rastatter
 Kent Boortz
 Kevin Fisk
 Kevin Lussier
+Kevin Reed
 Kevin Roth
+Kim Rinnewitz
 Kimmo Kinnunen
 Kjell Ericson
 Kjetil Jacobsen
@@ -324,6 +344,7 @@ Lars Gustafsson
 Lars J. Aas
 Lars Nilsson
 Lars Torben Wilson
+Lau Hang Kin
 Legoff Vincent
 Lehel Bernadt
 Len Krause
@@ -348,6 +369,7 @@ Marco G. Salvagno
 Marcus Webster
 Mario Schroeder
 Mark Butler
+Mark Davies
 Mark Eichin
 Mark Lentczner
 Markus Koetter
@@ -360,6 +382,7 @@ Martin Skinner
 Marty Kuhrt
 Maruko
 Massimiliano Ziccardi
+Mateusz Loskot
 Mathias Axelsson
 Mats Lidell
 Matt Kraai
@@ -368,6 +391,8 @@ Matt Witherspoon
 Matthew Blain
 Matthew Clarke
 Maurice Barnum
+Max Katsev
+Maxim Perenesenko
 Mekonikum
 Mettgut Jamalla
 Michael Benedict
@@ -389,6 +414,7 @@ Mitz Wark
 Mohamed Lrhazi
 Mohun Biswas
 Moonesamy
+Nathan Coulter
 Nathan O'Sullivan
 Nathanael Nerode
 Naveen Noel
@@ -404,6 +430,7 @@ Nicolas Croiset
 Nicolas Fran<61>ois
 Niels van Tongeren
 Nikita Schmidt
+Nikitinskit Dmitriy
 Nir Soffer
 Nis Jorgensen
 Nodak Sodak
@@ -440,6 +467,7 @@ Peter Wullinger
 Peteris Krumins
 Phil Karn
 Philip Gladstone
+Philip Langdale
 Philippe Hameau
 Philippe Raoult
 Philippe Vaucher
@@ -453,6 +481,7 @@ Ralph Mitchell
 Ramana Mokkapati
 Randy McMurchy
 Ravi Pratap
+Ray Pekowski
 Reinout van Schouwen
 Renaud Chaillat
 Renaud Duhaut
@@ -479,6 +508,7 @@ Robert Foreman
 Robert Iakobashvili
 Robert Olson
 Robert Weaver
+Robin Johnson
 Robin Kay
 Robson Braga Araujo
 Rodney Simmons
@@ -514,6 +544,7 @@ Simon Josefsson
 Simon Liu
 Song Ma
 Sonia Subramanian
+Spacen Jasset
 Spiridonoff A.V
 Stadler Stephan
 Stefan Esser
@@ -571,10 +602,12 @@ Ulf H
 Ulrich Zadow
 Venkat Akella
 Victor Snezhko
+Vikram Saxena
 Vilmos Nebehaj
 Vincent Bronner
 Vincent Penquerc'h
 Vincent Sanders
+Vladimir Lazarenko
 Vojtech Janota
 Vojtech Minarik
 Walter J. Mack

docs/TODO

@@ -4,257 +4,445 @@
                             | (__| |_| |  _ <| |___ 
                              \___|\___/|_| \_\_____|
 
-TODO
+                Things that could be nice to do in the future
 
  Things to do in project cURL. Please tell us what you think, contribute and
- send us patches that improve things! Also check the http://curl.haxx.se/dev
- web section for various technical development notes.
+ send us patches that improve things!
 
  All bugs documented in the KNOWN_BUGS document are subject for fixing!
 
- LIBCURL
+ 1. libcurl
+ 1.1 Zero-copy interface
+ 1.2 More data sharing
+ 1.3 struct lifreq
+ 1.4 Get IP address
+ 1.5 c-ares ipv6
+ 1.6 configure-based info in public headers
 
- * Introduce another callback interface for upload/download that makes one
-   less copy of data and thus a faster operation.
+ 2. libcurl - multi interface
+ 2.1 More non-blocking
+ 2.2 Pause transfers
+ 2.3 Remove easy interface internally
+ 2.4 Avoid having to remove/readd handles
+
+ 3. Documentation
+ 3.1  More and better
+
+ 4. FTP
+ 4.1 PRET
+ 4.2 Alter passive/active on failure and retry
+ 4.3 Earlier bad letter detection
+ 4.4 REST for large files
+ 4.5 FTP proxy support
+ 4.6 PORT port range
+ 4.7 ASCII support
+
+ 5. HTTP
+ 5.1 Other HTTP versions with CONNECT
+ 5.2 Better persistancy for HTTP 1.0
+ 5.3 support FF3 sqlite cookie files
+
+ 6. TELNET
+ 6.1 ditch stdin
+ 6.2 ditch telnet-specific select
+
+ 7. SSL
+ 7.1 Disable specific versions
+ 7.2 Provide mytex locking API
+ 7.3 dumpcert
+ 7.4 Evaluate SSL patches
+ 7.5 Cache OpenSSL contexts
+ 7.6 Export session ids
+ 7.7 Provide callback for cert verfication
+ 7.8 Support other SSL libraries
+ 7.9  Support SRP on the TLS layer
+ 7.10 improve configure --with-ssl
+
+ 8. GnuTLS
+ 8.1 Make NTLM work without OpenSSL functions
+ 8.2 SSl engine stuff
+ 8.3 SRP
+ 8.4 non-blocking
+ 8.5 check connection
+
+ 9. LDAP
+ 9.1 ditch ldap-specific select
+
+ 10. New protocols
+ 10.1 RTSP
+ 10.2 RSYNC
+ 10.3 RTMP
+
+ 11. Client
+ 11.1 Content-Disposition
+ 11.2 sync
+ 11.3 glob posts
+ 11.4 prevent file overwriting
+ 11.5 ftp wildcard download
+ 11.6 simultaneous parallel transfers
+ 11.7 provide formpost headers
+ 11.8 url-specific options
+
+ 12. Build
+ 12.1 roffit
+
+ 13. Test suite
+ 13.1 SSL tunnel
+ 13.2 nicer lacking perl message
+ 13.3 more protocols supported
+ 13.4 more platforms supported
+
+ 14. Next SONAME bump
+ 14.1 http-style HEAD output for ftp
+ 14.2 combine error codes
+ 14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
+
+ 15. Next major release
+ 15.1 cleanup return codes
+ 15.2 remove obsolete defines
+ 15.3 size_t
+ 15.4 remove several functions
+ 15.5 remove CURLOPT_FAILONERROR
+ 15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+
+==============================================================================
+
+1. libcurl
+
+1.1 Zero-copy interface
+
+ Introdue another callback interface for upload/download that makes one less
+ copy of data and thus a faster operation.
  [http://curl.haxx.se/dev/no_copy_callbacks.txt]
 
- * More data sharing. curl_share_* functions already exist and work, and they
-   can be extended to share more. For example, enable sharing of the ares
-   channel and the connection cache.
+1.2 More data sharing
 
- * Introduce a new error code indicating authentication problems (for proxy
-   CONNECT error 407 for example). This cannot be an error code, we must not
-   return informational stuff as errors, consider a new info returned by
-   curl_easy_getinfo() http://curl.haxx.se/bug/view.cgi?id=845941
+ curl_share_* functions already exist and work, and they can be extended to
+ share more. For example, enable sharing of the ares channel and the
+ connection cache.
 
- * Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
+1.3 struct lifreq
+
+ Use 'struct lifreq' and SIOCGLIFADDR instead of 'struct ifreq' and
  SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
-   To support ipv6 interface addresses properly.
+ To support ipv6 interface addresses for network interfaces properly.
 
- * Add the following to curl_easy_getinfo(): GET_HTTP_IP, GET_FTP_IP and
-   GET_FTP_DATA_IP. Return a string with the used IP. Suggested by Alan.
+1.4 Get IP address
 
- * Add option that changes the interval in which the progress callback is
-   called at most.
+ Add the following to curl_easy_getinfo(): GET_HTTP_IP, GET_FTP_IP and
+ GET_FTP_DATA_IP. Return a string with the used IP.
 
- * Make libcurl built with c-ares use c-ares' IPv6 abilities. They weren't
+1.5 c-ares ipv6
+
+ Make libcurl built with c-ares use c-ares' IPv6 abilities. They weren't
  present when we first added c-ares support but they have been added since!
  When this is done and works, we can actually start considering making c-ares
  powered libcurl the default build (which of course would require that we'd
  bundle the c-ares source code in the libcurl source code releases).
 
- * Make the curl/*.h headers include the proper system includes based on what
-   was present at the time when configure was run. Currently, the sys/select.h
-   header is for example included by curl/multi.h only on specific platforms
-   we know MUST have it. This is error-prone. We therefore want the header
-   files to adapt to configure results. Those results must be stored in a new
-   header and they must use a curl name space, i.e not be HAVE_* prefix (as
-   that would risk collide with other apps that use libcurl and that runs
-   configure).
+1.6 configure-based info in public headers
 
-   Work on this has been started but hasn't been finished, and the initial
-   patch and some details are found here:
+ Make the public headers include the proper system includes based on what was
+ present at the time when configure was run. Currently, the sys/select.h
+ header is for example included by curl/multi.h only on specific platforms we
+ know MUST have it. This is error-prone. We therefore want the header files to
+ adapt to configure results. Those results must be stored in a new header and
+ they must use a curl name space, i.e not be HAVE_* prefix (as that would risk
+ collide with other apps that use libcurl and that runs configure).
+
+ Work on this has been started but hasn't been finished, and the initial patch
+ and some details are found here:
  http://curl.haxx.se/mail/lib-2006-12/0084.html
 
- LIBCURL - multi interface
+ The remaining problems to solve involve the platforms that can't run
+ configure.
 
- * Make sure we don't ever loop because of non-blocking sockets return
+2. libcurl - multi interface
+
+2.1 More non-blocking
+
+ Make sure we don't ever loop because of non-blocking sockets return
  EWOULDBLOCK or similar. The GnuTLS connection etc.
 
- * Make transfers treated more carefully. We need a way to tell libcurl we
-   have data to write, as the current system expects us to upload data each
-   time the socket is writable and there is no way to say that we want to
-   upload data soon just not right now, without that aborting the upload. The
-   opposite situation should be possible as well, that we tell libcurl we're
-   ready to accept read data. Today libcurl feeds the data as soon as it is
-   available for reading, no matter what.
+2.2 Pause transfers
 
- * Make curl_easy_perform() a wrapper-function that simply creates a multi
+ Make transfers treated more carefully. We need a way to tell libcurl we have
+ data to write, as the current system expects us to upload data each time the
+ socket is writable and there is no way to say that we want to upload data
+ soon just not right now, without that aborting the upload. The opposite
+ situation should be possible as well, that we tell libcurl we're ready to
+ accept read data. Today libcurl feeds the data as soon as it is available for
+ reading, no matter what.
+
+2.3 Remove easy interface internally
+
+ Make curl_easy_perform() a wrapper-function that simply creates a multi
  handle, adds the easy handle to it, runs curl_multi_perform() until the
  transfer is done, then detach the easy handle, destroy the multi handle and
  return the easy handle's return code. This will thus make everything
  internally use and assume the multi interface. The select()-loop should use
  curl_multi_socket().
 
- * curl_multi_handle_control() - this can control the easy handle (while)
-   added to a multi handle in various ways:
+2.4 Avoid having to remove/readd handles
+
+ curl_multi_handle_control() - this can control the easy handle (while) added
+ to a multi handle in various ways:
+
  o RESTART, unconditionally restart this easy handle's transfer from the
    start, re-init the state
+
  o RESTART_COMPLETED, restart this easy handle's transfer but only if the
    existing transfer has already completed and it is in a "finished state".
+
  o STOP, just stop this transfer and consider it completed
+
  o PAUSE?
+
  o RESUME?
 
- DOCUMENTATION
+3. Documentation
 
- * More and better
+3.1  More and better
 
- FTP
+ Exactly
 
- * PRET is a command that primarily "drftpd" supports, which could be useful
+4. FTP
+
+4.1 PRET
+
+ PRET is a command that primarily "drftpd" supports, which could be useful
  when using libcurl against such a server. It is a non-standard and a rather
  oddly designed command, but...
  http://curl.haxx.se/bug/feature.cgi?id=1729967
 
- * When trying to connect passively to a server which only supports active
+4.2 Alter passive/active on failure and retry
+
+ When trying to connect passively to a server which only supports active
  connections, libcurl returns CURLE_FTP_WEIRD_PASV_REPLY and closes the
  connection. There could be a way to fallback to an active connection (and
  vice versa). http://curl.haxx.se/bug/feature.cgi?id=1754793
 
- * Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in
-   the process to avoid doing a resolve and connect in vain.
+4.3 Earlier bad letter detection
 
- * REST fix for servers not behaving well on >2GB requests. This should fail
-   if the server doesn't set the pointer to the requested index. The tricky
-   (impossible?) part is to figure out if the server did the right thing or
-   not.
+ Make the detection of (bad) %0d and %0a codes in FTP url parts earlier in the
+ process to avoid doing a resolve and connect in vain.
 
- * Support the most common FTP proxies, Philip Newton provided a list
-   allegedly from ncftp:
-   http://curl.haxx.se/mail/archive-2003-04/0126.html
+4.4 REST for large files
 
- * Make CURLOPT_FTPPORT support an additional port number on the IP/if/name,
+ REST fix for servers not behaving well on >2GB requests. This should fail if
+ the server doesn't set the pointer to the requested index. The tricky
+ (impossible?) part is to figure out if the server did the right thing or not.
+
+4.5 FTP proxy support
+
+ Support the most common FTP proxies, Philip Newton provided a list allegedly
+ from ncftp. This is not a subject without debate, and is probably not really
+ suitable for libcurl.  http://curl.haxx.se/mail/archive-2003-04/0126.html
+
+4.6 PORT port range
+
+ Make CURLOPT_FTPPORT support an additional port number on the IP/if/name,
  like "blabla:[port]" or possibly even "blabla:[portfirst]-[portsecond]".
  http://curl.haxx.se/bug/feature.cgi?id=1505166
 
- * FTP ASCII transfers do not follow RFC959. They don't convert the data
+4.7 ASCII support
+
+ FTP ASCII transfers do not follow RFC959. They don't convert the data
  accordingly.
 
- * Since USERPWD always override the user and password specified in URLs, we
-   might need another way to specify user+password for anonymous ftp logins.
+5. HTTP
 
- * The FTP code should get a way of returning errors that is known to still
-   have the control connection alive and sound. Currently, a returned error
-   from within ftp-functions does not tell if the control connection is still
-   OK to use or not. This causes libcurl to fail to re-use connections
-   slightly too often.
+5.1 Other HTTP versions with CONNECT
 
- HTTP
+ When doing CONNECT to a HTTP proxy, libcurl always uses HTTP/1.0. This has
+ never been reported as causing trouble to anyone, but should be considered to
+ use the HTTP version the user has chosen.
 
- * When doing CONNECT to a HTTP proxy, libcurl always uses HTTP/1.0. This has
-   never been reported as causing trouble to anyone, but should be considered
-   to use the HTTP version the user has chosen.
+5.2 Better persistancy for HTTP 1.0
 
- * "Better" support for persistent connections over HTTP 1.0
+ "Better" support for persistent connections over HTTP 1.0
  http://curl.haxx.se/bug/feature.cgi?id=1089001
 
- TELNET
+5.3 support FF3 sqlite cookie files
 
- * Reading input (to send to the remote server) on stdin is a crappy solution
-   for library purposes. We need to invent a good way for the application to
-   be able to provide the data to send.
+ Firefox 3 is changing from its former format to a a sqlite database instead.
+ We should consider how (lib)curl can/should support this.
+ http://curl.haxx.se/bug/feature.cgi?id=1871388
 
- * Move the telnet support's network select() loop go away and merge the code
+6. TELNET
+
+6.1 ditch stdin
+
+Reading input (to send to the remote server) on stdin is a crappy solution for
+library purposes. We need to invent a good way for the application to be able
+to provide the data to send.
+
+6.2 ditch telnet-specific select
+
+ Move the telnet support's network select() loop go away and merge the code
  into the main transfer loop. Until this is done, the multi interface won't
  work for telnet.
 
- SSL
+7. SSL
 
- * Provide an option that allows for disabling specific SSL versions, such as
+7.1 Disable specific versions
+
+ Provide an option that allows for disabling specific SSL versions, such as
  SSLv2 http://curl.haxx.se/bug/feature.cgi?id=1767276
 
- * Provide a libcurl API for setting mutex callbacks in the underlying SSL
+7.2 Provide mytex locking API
+
+ Provide a libcurl API for setting mutex callbacks in the underlying SSL
  library, so that the same application code can use mutex-locking
  independently of OpenSSL or GnutTLS being used.
 
- * Anton Fedorov's "dumpcert" patch:
+7.3 dumpcert
+
+ Anton Fedorov's "dumpcert" patch:
  http://curl.haxx.se/mail/lib-2004-03/0088.html
 
- * Evaluate/apply Gertjan van Wingerde's SSL patches:
+7.4 Evaluate SSL patches
+
+ Evaluate/apply Gertjan van Wingerde's SSL patches:
  http://curl.haxx.se/mail/lib-2004-03/0087.html
 
- * "Look at SSL cafile - quick traces look to me like these are done on every
-   request as well, when they should only be necessary once per ssl context
-   (or once per handle)". The major improvement we can rather easily do is to
-   make sure we don't create and kill a new SSL "context" for every request,
-   but instead make one for every connection and re-use that SSL context in
-   the same style connections are re-used. It will make us use slightly more
-   memory but it will libcurl do less creations and deletions of SSL contexts.
+7.5 Cache OpenSSL contexts
 
- * Add an interface to libcurl that enables "session IDs" to get
+ "Look at SSL cafile - quick traces look to me like these are done on every
+ request as well, when they should only be necessary once per ssl context (or
+ once per handle)". The major improvement we can rather easily do is to make
+ sure we don't create and kill a new SSL "context" for every request, but
+ instead make one for every connection and re-use that SSL context in the same
+ style connections are re-used. It will make us use slightly more memory but
+ it will libcurl do less creations and deletions of SSL contexts.
+
+7.6 Export session ids
+
+ Add an interface to libcurl that enables "session IDs" to get
  exported/imported. Cris Bailiff said: "OpenSSL has functions which can
-   serialise the current SSL state to a buffer of your choice, and
-   recover/reset the state from such a buffer at a later date - this is used
-   by mod_ssl for apache to implement and SSL session ID cache".
+ serialise the current SSL state to a buffer of your choice, and recover/reset
+ the state from such a buffer at a later date - this is used by mod_ssl for
+ apache to implement and SSL session ID cache".
 
- * OpenSSL supports a callback for customised verification of the peer
+7.7 Provide callback for cert verfication
+
+ OpenSSL supports a callback for customised verification of the peer
  certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
-   it be? There's so much that could be done if it were! (brought by Chris
-   Clark)
+ it be? There's so much that could be done if it were!
 
- * Make curl's SSL layer capable of using other free SSL libraries.  Such as
+7.8 Support other SSL libraries
+
+ Make curl's SSL layer capable of using other free SSL libraries.  Such as
  MatrixSSL (http://www.matrixssl.org/).
 
- * Peter Sylvester's patch for SRP on the TLS layer.
-   Awaits OpenSSL support for this, no need to support this in libcurl before
-   there's an OpenSSL release that does it.
+7.9  Support SRP on the TLS layer
 
- * make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
+ Peter Sylvester's patch for SRP on the TLS layer.  Awaits OpenSSL support for
+ this, no need to support this in libcurl before there's an OpenSSL release
+ that does it.
+
+7.10 improve configure --with-ssl
+
+ make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
  then NSS...
 
- GnuTLS
+8. GnuTLS
 
- * Get NTLM working using the functions provided by libgcrypt, since GnuTLS
+8.1 Make NTLM work without OpenSSL functions
+
+ Get NTLM working using the functions provided by libgcrypt, since GnuTLS
  already depends on that to function. Not strictly SSL/TLS related, but
  hey... Another option is to get available DES and MD4 source code from the
  cryptopp library. They are fine license-wise, but are C++.
 
- * SSL engine stuff?
+8.2 SSl engine stuff
 
- * Work out a common method with Peter Sylvester's OpenSSL-patch for SRP
-   on the TLS to provide name and password
+ Is this even possible?
 
- * Fix the connection phase to be non-blocking when multi interface is used
+8.3 SRP
 
- * Add a way to check if the connection seems to be alive, to correspond to
-   the SSL_peak() way we use with OpenSSL.
+ Work out a common method with Peter Sylvester's OpenSSL-patch for SRP on the
+ TLS to provide name and password. GnuTLS already supports it...
 
- LDAP
+8.4 non-blocking
+
+ Fix the connection phase to be non-blocking when multi interface is used
+
+8.5 check connection
+
+ Add a way to check if the connection seems to be alive, to correspond to the
+ SSL_peak() way we use with OpenSSL.
+
+9. LDAP
+
+9.1 ditch ldap-specific select
 
  * Look over the implementation. The looping will have to "go away" from the
    lib/ldap.c source file and get moved to the main network code so that the
    multi interface and friends will work for LDAP as well.
 
- NEW PROTOCOLS
+10. New protocols
 
- * RTSP - RFC2326 (protocol - very HTTP-like, also contains URL description)
+10.1 RTSP
 
- * RSYNC (no RFCs for protocol nor URI/URL format).  An implementation should
+ RFC2326 (protocol - very HTTP-like, also contains URL description)
+
+10.2 RSYNC
+
+ There's no RFC for protocol nor URI/URL format.  An implementation should
  most probably use an existing rsync library, such as librsync.
 
- CLIENT
+10.3 RTMP
 
- * Add option that is similar to -O but that takes the output file name from
-   the Content-Disposition: header, and/or uses the local file name used in
+ There exists a patch that claims to introduce this protocol:
+ http://osdir.com/ml/gnu.gnash.devel2/2006-11/msg00278.html, further details
+ in the feature-request: http://curl.haxx.se/bug/feature.cgi?id=1843469
+
+11. Client
+
+11.1 Content-Disposition
+
+ Add option that is similar to -O but that takes the output file name from the
+ Content-Disposition: header, and/or uses the local file name used in
  redirections for the cases the server bounces the request further to a
  different file (name): http://curl.haxx.se/bug/feature.cgi?id=1364676
 
- * "curl --sync http://example.com/feed[1-100].rss" or
+11.2 sync
+
+ "curl --sync http://example.com/feed[1-100].rss" or
  "curl --sync http://example.net/{index,calendar,history}.html"
 
  Downloads a range or set of URLs using the remote name, but only if the
  remote file is newer than the local file. A Last-Modified HTTP date header
  should also be used to set the mod date on the downloaded file.
-   (idea from "Brianiac")
 
- * Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
-   Requested by Dane Jensen and others. This is easily scripted though.
+11.3 glob posts
 
- * Add an option that prevents cURL from overwriting existing local files. When
+ Globbing support for -d and -F, as in 'curl -d "name=foo[0-9]" URL'.
+ This is easily scripted though.
+
+11.4 prevent file overwriting
+
+ Add an option that prevents cURL from overwriting existing local files. When
  used, and there already is an existing file with the target file name
  (either -O or -o), a number should be appended (and increased if already
  existing). So that index.html becomes first index.html.1 and then
-   index.html.2 etc. Jeff Pohlmeyer suggested.
+ index.html.2 etc.
 
- * "curl ftp://site.com/*.txt"
+11.5 ftp wildcard download
 
- * The client could be told to use maximum N simultaneous parallel transfers
-   and then just make sure that happens. It should of course not make more
-   than one connection to the same remote host. This would require the client
-   to use the multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
+ "curl ftp://site.com/*.txt"
 
- * Extending the capabilities of the multipart formposting. How about leaving
+11.6 simultaneous parallel transfers
+
+ The client could be told to use maximum N simultaneous parallel transfers and
+ then just make sure that happens. It should of course not make more than one
+ connection to the same remote host. This would require the client to use the
+ multi interface. http://curl.haxx.se/bug/feature.cgi?id=1558595
+
+11.7 provide formpost headers
+
+ Extending the capabilities of the multipart formposting. How about leaving
  the ';type=foo' syntax as it is and adding an extra tag (headers) which
  works like this: curl -F "coolfiles=@fil1.txt;headers=@fil1.hdr" where
  fil1.hdr contains extra headers like
@@ -264,17 +452,11 @@ TODO
    X-User-Comment: Please don't use browser specific HTML code
 
  which should overwrite the program reasonable defaults (plain/text,
-   8bit...) (Idea brough to us by kromJx)
+ 8bit...)
 
- * ability to specify the classic computing suffixes on the range
-   specifications. For example, to download the first 500 Kilobytes of a file,
-   be able to specify the following for the -r option: "-r 0-500K" or for the
-   first 2 Megabytes of a file: "-r 0-2M". (Mark Smith suggested)
+11.8 url-specific options
 
- * --data-encode that URL encodes the data before posting
-   http://curl.haxx.se/mail/archive-2003-11/0091.html (Kevin Roth suggested)
-
- * Provide a way to make options bound to a specific URL among several on the
+ Provide a way to make options bound to a specific URL among several on the
  command line. Possibly by letting ':' separate options between URLs,
  similar to this:
 
@@ -286,32 +468,46 @@ TODO
 
  The example would do a POST-GET-POST combination on a single command line.
 
- BUILD
+12. Build
 
- * Consider extending 'roffit' to produce decent ASCII output, and use that
+12.1 roffit
+
+ Consider extending 'roffit' to produce decent ASCII output, and use that
  instead of (g)nroff when building src/hugehelp.c
 
- TEST SUITE
+13. Test suite
 
- * Make our own version of stunnel for simple port forwarding to enable HTTPS
+13.1 SSL tunnel
+
+ Make our own version of stunnel for simple port forwarding to enable HTTPS
  and FTP-SSL tests without the stunnel dependency, and it could allow us to
  provide test tools built with either OpenSSL or GnuTLS
 
- * If perl wasn't found by the configure script, don't attempt to run the
-   tests but explain something nice why it doesn't.
+13.2 nicer lacking perl message
 
- * Extend the test suite to include more protocols. The telnet could just do
-   ftp or http operations (for which we have test servers).
+ If perl wasn't found by the configure script, don't attempt to run the tests
+ but explain something nice why it doesn't.
 
- * Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
+13.3 more protocols supported
+
+ Extend the test suite to include more protocols. The telnet could just do ftp
+ or http operations (for which we have test servers).
+
+13.4 more platforms supported
+
+ Make the test suite work on more platforms. OpenBSD and Mac OS. Remove
  fork()s and it should become even more portable.
 
- NEXT soname bump
+14. Next SONAME bump
 
- * #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
+14.1 http-style HEAD output for ftp
+
+ #undef CURL_FTP_HTTPSTYLE_HEAD in lib/ftp.c to remove the HTTP-style headers
  from being output in NOBODY requests over ftp
 
- * Combine some of the error codes to remove duplicates.  The original
+14.2 combine error codes
+
+ Combine some of the error codes to remove duplicates.  The original
  numbering should not be changed, and the old identifiers would be
  macroed to the new ones in an CURL_NO_OLDIES section to help with
  backward compatibility.
@@ -327,23 +523,50 @@ TODO
     CURLE_TFTP_NOTFOUND => CURLE_REMOTE_FILE_NOT_FOUND
     CURLE_TFTP_PERM => CURLE_REMOTE_ACCESS_DENIED
 
- NEXT MAJOR RELEASE
+14.3 extend CURLOPT_SOCKOPTFUNCTION prototype
 
- * curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
+ The current prototype only provides 'purpose' that tells what the
+ connection/socket is for, but not any protocol or similar. It makes it hard
+ for applications to differentiate on TCP vs UDP and even HTTP vs FTP and
+ similar.
+
+15. Next major release
+
+15.1 cleanup return codes
+
+ curl_easy_cleanup() returns void, but curl_multi_cleanup() returns a
  CURLMcode. These should be changed to be the same.
 
- * remove obsolete defines from curl/curl.h
+15.2 remove obsolete defines
 
- * make several functions use size_t instead of int in their APIs
+ remove obsolete defines from curl/curl.h
+
+15.3 size_t
+
+ make several functions use size_t instead of int in their APIs
+
+15.4 remove several functions
+
+ remove the following functions from the public API:
 
- * remove the following functions from the public API:
  curl_getenv
+
  curl_mprintf (and variations)
+
  curl_strequal
+
  curl_strnequal
 
  They will instead become curlx_ - alternatives. That makes the curl app
  still capable of building with them from source.
 
- * Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
+15.5 remove CURLOPT_FAILONERROR
+
+ Remove support for CURLOPT_FAILONERROR, it has gotten too kludgy and weird
  internally. Let the app judge success or not for itself.
+
+15.6 remove CURLOPT_DNS_USE_GLOBAL_CACHE
+
+ Remove support for a global DNS cache. Anything global is silly, and we
+ already offer the share interface for the same functionality but done
+ "right".

docs/curl.1

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH curl 1 "21 Sep 2007" "Curl 7.17.1" "Curl Manual"
+.TH curl 1 "5 Jan 2008" "Curl 7.18.0" "Curl Manual"
 .SH NAME
 curl \- transfer a URL
 .SH SYNOPSIS
@@ -82,7 +82,7 @@ specified on a single command line and cannot be used between separate curl
 invokes.
 .SH "PROGRESS METER"
 curl normally displays a progress meter during operations, indicating amount
-of transfered data, transfer speeds and estimated time left etc.
+of transferred data, transfer speeds and estimated time left etc.
 
 However, since curl displays data to the terminal by default, if you invoke
 curl to do an operation and it is about to write data to the terminal, it
@@ -115,10 +115,10 @@ used.
 .IP "--anyauth"
 (HTTP) Tells curl to figure out authentication method by itself, and use the
 most secure one the remote site claims it supports. This is done by first
-doing a request and checking the response-headers, thus inducing an extra
-network round-trip. This is used instead of setting a specific authentication
-method, which you can do with \fI--basic\fP, \fI--digest\fP, \fI--ntlm\fP, and
-\fI--negotiate\fP.
+doing a request and checking the response-headers, thus possibly inducing an
+extra network round-trip. This is used instead of setting a specific
+authentication method, which you can do with \fI--basic\fP, \fI--digest\fP,
+\fI--ntlm\fP, and \fI--negotiate\fP.
 
 Note that using --anyauth is not recommended if you do uploads from stdin,
 since it may require data to be sent twice and then the client must be able to
@@ -224,43 +224,63 @@ To create remote directories when using FTP or SFTP, try
 If this option is used several times, the following occurrences make no
 difference.
 .IP "-d/--data <data>"
-(HTTP) Sends the specified data in a POST request to the HTTP server, in a way
-that can emulate as if a user has filled in a HTML form and pressed the submit
-button. Note that the data is sent exactly as specified with no extra
-processing (with all newlines cut off).  The data is expected to be
-\&"url-encoded". This will cause curl to pass the data to the server using the
-content-type application/x-www-form-urlencoded. Compare to \fI-F/--form\fP. If
-this option is used more than once on the same command line, the data pieces
-specified will be merged together with a separating &-letter. Thus, using '-d
-name=daniel -d skill=lousy' would generate a post chunk that looks like
-\&'name=daniel&skill=lousy'.
+(HTTP) Sends the specified data in a POST request to the HTTP server, in the
+same way that a browser does when a user has filled in an HTML form and
+presses the submit button. This will cause curl to pass the data to the server
+using the content-type application/x-www-form-urlencoded.  Compare to
+\fI-F/--form\fP.
+
+\fI-d/--data\fP is the same as \fI--data-ascii\fP. To post data purely binary,
+you should instead use the \fI--data-binary\fP option. To URL encode the value
+of a form field you may use \fI--data-urlencode\fP.
+
+If any of these options is used more than once on the same command line, the
+data pieces specified will be merged together with a separating
+&-letter. Thus, using '-d name=daniel -d skill=lousy' would generate a post
+chunk that looks like \&'name=daniel&skill=lousy'.
 
 If you start the data with the letter @, the rest should be a file name to
 read the data from, or - if you want curl to read the data from stdin.  The
 contents of the file must already be url-encoded. Multiple files can also be
 specified. Posting data from a file named 'foobar' would thus be done with
-\fI--data\fP @foobar".
-
-To post data purely binary, you should instead use the \fI--data-binary\fP
-option.
-
-\fI-d/--data\fP is the same as \fI--data-ascii\fP.
-
-If this option is used several times, the ones following the first will
-append data.
-.IP "--data-ascii <data>"
-(HTTP) This is an alias for the \fI-d/--data\fP option.
-
-If this option is used several times, the ones following the first will
-append data.
+\fI--data @foobar\fP.
 .IP "--data-binary <data>"
-(HTTP) This posts data in a similar manner as \fI--data-ascii\fP does,
-although when using this option the entire context of the posted data is kept
-as-is. If you want to post a binary file without the strip-newlines feature of
-the \fI--data-ascii\fP option, this is for you.
+(HTTP) This posts data exactly as specified with no extra processing
+whatsoever.
 
-If this option is used several times, the ones following the first will
-append data.
+If you start the data with the letter @, the rest should be a filename.  Data
+is posted in a similar manner as \fI--data-ascii\fP does, except that newlines
+are preserved and conversions are never done.
+
+If this option is used several times, the ones following the first will append
+data. As described in \fI-d/--data\fP.
+.IP "--data-urlencode <data>"
+(HTTP) This posts data, similar to the other --data options with the exception
+that this performs URL encoding. (Added in 7.18.0)
+
+To be CGI compliant, the <data> part should begin with a \fIname\fP followed
+by a separator and a content specification. The <data> part can be passed to
+curl using one of the following syntaxes:
+.RS
+.IP "content"
+This will make curl URL encode the content and pass that on. Just be careful
+so that the content doesn't contain any = or @ letters, as that will then make
+the syntax match one of the other cases below!
+.IP "=content"
+This will make curl URL encode the content and pass that on. The preceding =
+letter is not included in the data.
+.IP "name=content"
+This will make curl URL encode the content part and pass that on. Note that
+the name part is expected to be URL encoded already.
+.IP "@filename"
+This will make curl load data from the given file (including any newlines),
+URL encode that data and pass it on in the POST.
+.IP "name@filename"
+This will make curl load data from the given file (including any newlines),
+URL encode that data and pass it on in the POST. The name part gets an equal
+sign appended, resulting in \fIname=urlencoded-file-content\fP. Note that the
+name is expected to be URL encoded already.
+.RE
 .IP "--digest"
 (HTTP) Enables HTTP Digest authentication. This is a authentication that
 prevents the password from being sent over the wire in clear text. Use this in
@@ -341,9 +361,10 @@ DER and ENG are recognized types.  If not specified, PEM is assumed.
 
 If this option is used several times, the last one will be used.
 .IP "--cacert <CA certificate>"
-(SSL) Tells curl to use the specified certificate file to verify the
-peer. The file may contain multiple CA certificates. The certificate(s) must
-be in PEM format.
+(SSL) Tells curl to use the specified certificate file to verify the peer. The
+file may contain multiple CA certificates. The certificate(s) must be in PEM
+format. Normally curl is built to use a default file for this, so this option
+is typically used to alter that default file.
 
 curl recognizes the environment variable named 'CURL_CA_BUNDLE' if that is
 set, and uses the given path as a path to a CA cert bundle. This option
@@ -388,9 +409,10 @@ has been provided, this data is sent off using the ACCT command. (Added in
 
 If this option is used twice, the second will override the previous use.
 .IP "--ftp-create-dirs"
-(FTP) When an FTP or SFTP URL/operation uses a path that doesn't currently exist on
-the server, the standard behavior of curl is to fail. Using this option, curl
-will instead attempt to create missing directories.
+(FTP/SFTP) When an FTP or SFTP URL/operation uses a path that doesn't
+currently exist on the server, the standard behavior of curl is to
+fail. Using this option, curl will instead attempt to create missing
+directories.
 
 If this option is used twice, the second will again disable directory creation.
 .IP "--ftp-method [method]"
@@ -546,7 +568,7 @@ See also the \fI-A/--user-agent\fP and \fI-e/--referer\fP options.
 This option can be used multiple times to add/replace/remove multiple headers.
 .IP "--hostpubmd5"
 Pass a string containing 32 hexadecimal digits. The string should be the 128
-bit MD5 cheksum of the remote host's public key, curl will refuse the
+bit MD5 checksum of the remote host's public key, curl will refuse the
 connection with the host unless the md5sums match. This option is only for SCP
 and SFTP transfers. (Added in 7.17.1)
 .IP "--ignore-content-length"
@@ -592,6 +614,14 @@ See this online resource for further details:
 \fBhttp://curl.haxx.se/docs/sslcerts.html\fP
 
 If this option is used twice, the second time will again disable it.
+.IP "--keepalive-time <seconds>"
+This option sets the time a connection needs to remain idle before sending
+keepalive probes and the time between individual keepalive probes. It is
+currently effective on operating systems offering the TCP_KEEPIDLE and
+TCP_KEEPINTVL socket options (meaning Linux, recent AIX, HP-UX and more). This
+option has no effect if \fI--no-keepalive\fP is used. (Added in 7.18.0)
+
+If this option is used multiple times, the last occurrence sets the amount.
 .IP "--key <key>"
 (SSL/SSH) Private key file name. Allows you to provide your private key in this
 separate file.
@@ -617,8 +647,12 @@ If this option is used several times, the last one will be used.
 Specify which config file to read curl arguments from. The config file is a
 text file in which command line arguments can be written which then will be
 used as if they were written on the actual command line. Options and their
-parameters must be specified on the same config file line. If the parameter is
-to contain white spaces, the parameter must be enclosed within quotes.  If the
+parameters must be specified on the same config file line, separated by
+white space, colon, the equals sign or any combination thereof (however,
+the preferred separator is the equals sign). If the parameter is to contain
+white spaces, the parameter must be enclosed within quotes. Within double
+quotes, the following escape sequences are available: \\\\, \\", \\t, \\n,
+\\r and \\v. A backlash preceding any other letter is  ignored. If the
 first column of a config line is a '#' character, the rest of the line will be
 treated as a comment. Only write one option per physical line in the config
 file.
@@ -673,7 +707,8 @@ NOTE: this does not properly support -F and the sending of multipart
 formposts, so in those cases the output program will be missing necessary
 calls to \fIcurl_formadd(3)\fP, and possibly more.
 
-If this option is used several times, the last given file name will be used.
+If this option is used several times, the last given file name will be
+used. (Added in 7.16.1)
 .IP "--limit-rate <speed>"
 Specify the maximum transfer rate you want curl to use. This feature is useful
 if you have a limited pipe and you'd like your transfer not use your entire
@@ -799,6 +834,11 @@ will output the data in chunks, not necessarily exactly when the data arrives.
 Using this option will disable that buffering.
 
 If this option is used twice, the second will again switch on buffering.
+.IP "--no-keepalive"
+Disables the use of keepalive messages on the TCP connection, as by default
+curl enables them.
+
+If this option is used twice, the second will again enable keepalive.
 .IP "--no-sessionid"
 (SSL) Disable curl's use of SSL session-ID caching.  By default all transfers
 are done using the cache. Note that while nothing ever should get hurt by
@@ -861,7 +901,7 @@ a redirection. This option is meaningful only when using \fI-L/--location\fP
 (Added in 7.17.1)
 .IP "--proxy-anyauth"
 Tells curl to pick a suitable authentication method when communicating with
-the given proxy. This will cause an extra request/response round-trip. (Added
+the given proxy. This might cause an extra request/response round-trip. (Added
 in 7.13.2)
 
 If this option is used twice, the second will again disable the proxy use-any
@@ -948,9 +988,9 @@ This option can be used multiple times.
 random data. The data is used to seed the random engine for SSL connections.
 See also the \fI--egd-file\fP option.
 .IP "-r/--range <range>"
-(HTTP/FTP)
-Retrieve a byte range (i.e a partial document) from a HTTP/1.1 or FTP
-server. Ranges can be specified in a number of ways.
+(HTTP/FTP/FILE) Retrieve a byte range (i.e a partial document) from a
+HTTP/1.1, FTP server or a local FILE. Ranges can be specified in a number of
+ways.
 .RS
 .TP 10
 .B 0-499
@@ -1049,9 +1089,28 @@ This option overrides any previous use of \fI-x/--proxy\fP, as they are
 mutually exclusive.
 
 If this option is used several times, the last one will be used.
+.IP "--socks4a <host[:port]>"
+Use the specified SOCKS4a proxy. If the port number is not specified, it is
+assumed at port 1080. (Added in 7.18.0)
+
+This option overrides any previous use of \fI-x/--proxy\fP, as they are
+mutually exclusive.
+
+If this option is used several times, the last one will be used.
+.IP "--socks5-hostname <host[:port]>"
+Use the specified SOCKS5 proxy (and let the proxy resolve the host name). If
+the port number is not specified, it is assumed at port 1080. (Added in
+7.18.0)
+
+This option overrides any previous use of \fI-x/--proxy\fP, as they are
+mutually exclusive.
+
+If this option is used several times, the last one will be used. (This option
+was previously wrongly documented and used as --socks without the number
+appended.)
 .IP "--socks5 <host[:port]>"
-Use the specified SOCKS5 proxy. If the port number is not specified, it is
-assumed at port 1080. (Added in 7.11.1)
+Use the specified SOCKS5 proxy - but resolve the host name locally. If the
+port number is not specified, it is assumed at port 1080.
 
 This option overrides any previous use of \fI-x/--proxy\fP, as they are
 mutually exclusive.
@@ -1128,6 +1187,9 @@ If this option is used several times, each occurrence will toggle it on/off.
 Specify user and password to use for server authentication. Overrides
 \fI-n/--netrc\fP and \fI--netrc-optional\fP.
 
+If you just give the user name (without entering a colon) curl will prompt for
+a password.
+
 If you use an SSPI-enabled curl binary and do NTLM authentication, you can
 force curl to pick up the user name and password from your environment by
 simply specifying a single colon with this option: "-u :".

docs/examples/10-at-a-time.c

@@ -18,6 +18,9 @@
 #include <string.h>
 #include <unistd.h>
 #include <curl/multi.h>
+#ifdef WIN32
+#include <windows.h>
+#endif
 
 static const char *urls[] = {
   "http://www.microsoft.com",
@@ -74,7 +77,7 @@ static const char *urls[] = {
 #define MAX 10 /* number of simultaneous transfers */
 #define CNT sizeof(urls)/sizeof(char*) /* total number of transfers to do */
 
-static int cb(char *d, size_t n, size_t l, void *p)
+static size_t cb(char *d, size_t n, size_t l, void *p)
 {
   /* take care of the data here, ignored in this example */
   (void)d;
@@ -138,7 +141,11 @@ int main(void)
         L = 100;
 
       if (M == -1) {
+#ifdef WIN32
+        Sleep(L);
+#else
         sleep(L / 1000);
+#endif
       } else {
         T.tv_sec = L/1000;
         T.tv_usec = (L%1000)*1000;

docs/examples/Makefile.am

@@ -4,28 +4,24 @@
 
 AUTOMAKE_OPTIONS = foreign nostdinc
 
-EXTRA_DIST = README Makefile.example makefile.dj $(COMPLICATED_EXAMPLES)
+EXTRA_DIST = README Makefile.example Makefile.inc Makefile.m32 \
+	makefile.dj $(COMPLICATED_EXAMPLES)
 
 INCLUDES = -I$(top_srcdir)/include
 
 LIBDIR = $(top_builddir)/lib
-CPPFLAGS = -DCURL_NO_OLDIES
+
+if STATICLIB
+# we need this define when building with a static lib on Windows
+STATICCPPFLAGS = -DCURL_STATICLIB
+endif
+
+CPPFLAGS = -DCURL_NO_OLDIES $(STATICCPPFLAGS)
 
 # Dependencies
 LDADD = $(LIBDIR)/libcurl.la
 
-# These are all libcurl example programs to be test compiled
-noinst_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
-  debug fileupload fopen ftpget ftpgetresp ftpupload \
-  getinfo getinmemory http-post httpput \
-  https multi-app multi-debugcallback multi-double \
-  multi-post multi-single persistant post-callback \
-  postit2 sepheaders simple simplepost simplessl
+# Makefile.inc provides the noinst_PROGRAMS and COMPLICATED_EXAMPLES defines
+include Makefile.inc
 
-# These examples require external dependencies that may not be commonly
-# available on POSIX systems, so don't bother attempting to compile them here.
-COMPLICATED_EXAMPLES = \
- curlgtk.c curlx.c htmltitle.cc cacertinmem.c ftpuploadresume.c \
- ghiper.c hiperfifo.c htmltidy.c multithread.c \
- opensslthreadlock.c sampleconv.c synctime.c
 

docs/examples/Makefile.inc

@@ -0,0 +1,16 @@
+# These are all libcurl example programs to be test compiled
+noinst_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
+  debug fileupload fopen ftpget ftpgetresp ftpupload \
+  getinfo getinmemory http-post httpput \
+  https multi-app multi-debugcallback multi-double \
+  multi-post multi-single persistant post-callback \
+  postit2 sepheaders simple simplepost simplessl
+
+# These examples require external dependencies that may not be commonly
+# available on POSIX systems, so don't bother attempting to compile them here.
+COMPLICATED_EXAMPLES = \
+ curlgtk.c curlx.c htmltitle.cc cacertinmem.c ftpuploadresume.c \
+ ghiper.c hiperfifo.c htmltidy.c multithread.c \
+ opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c
+
+

docs/examples/Makefile.m32

@@ -0,0 +1,135 @@
+#########################################################################
+# $Id$
+#
+## Makefile for building curl examples with MingW32
+## and optionally OpenSSL (0.9.8), libssh2 (0.18), zlib (1.2.3)
+##
+## Usage:
+## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
+##
+## Hint: you can also set environment vars to control the build, f.e.:
+## set ZLIB_PATH=c:/zlib-1.2.3
+## set ZLIB=1
+##
+#########################################################################
+
+# Edit the path below to point to the base of your Zlib sources.
+ifndef ZLIB_PATH
+ZLIB_PATH = ../../zlib-1.2.3
+endif
+# Edit the path below to point to the base of your OpenSSL package.
+ifndef OPENSSL_PATH
+OPENSSL_PATH = ../../openssl-0.9.8g
+endif
+# Edit the path below to point to the base of your LibSSH2 package.
+ifndef LIBSSH2_PATH
+LIBSSH2_PATH = ../../libssh2-0.18
+endif
+# Edit the path below to point to the base of your Novell LDAP NDK.
+ifndef LDAP_SDK
+LDAP_SDK = c:/novell/ndk/cldapsdk/win32
+endif
+
+PROOT = ../..
+ARES_LIB = $(PROOT)/ares
+
+SSL = 1
+ZLIB = 1
+
+CC = gcc
+CFLAGS = -g -O2 -Wall
+# comment LDFLAGS below to keep debug info
+LDFLAGS = -s
+RC = windres
+RCFLAGS = --include-dir=$(PROOT)/include -O COFF -i
+RM = del /q /f > NUL 2>&1
+CP = copy
+
+########################################################
+## Nothing more to do below this line!
+
+INCLUDES = -I. -I$(PROOT) -I$(PROOT)/include -I$(PROOT)/lib
+LINK = $(CC) $(LDFLAGS) -o $@
+
+curl_PROGRAMS = curl.exe
+ifdef DYN
+  curl_DEPENDENCIES = $(PROOT)/lib/libcurldll.a $(PROOT)/lib/libcurl.dll
+  curl_LDADD = -L$(PROOT)/lib -lcurldll
+else
+  curl_DEPENDENCIES = $(PROOT)/lib/libcurl.a
+  curl_LDADD = -L$(PROOT)/lib -lcurl
+  CFLAGS += -DCURL_STATICLIB
+endif
+ifdef ARES
+  ifndef DYN
+    curl_DEPENDENCIES += $(ARES_LIB)/libcares.a
+  endif
+  CFLAGS += -DUSE_ARES
+  curl_LDADD += -L$(ARES_LIB) -lcares
+endif
+ifdef SSH2
+  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
+  curl_LDADD += -L$(LIBSSH2_PATH)/win32 -lssh2
+endif
+ifdef SSL
+  INCLUDES += -I"$(OPENSSL_PATH)/outinc"
+  CFLAGS += -DUSE_SSLEAY -DHAVE_OPENSSL_ENGINE_H
+  ifdef DYN
+    curl_LDADD += -L$(OPENSSL_PATH)/out -leay32 -lssl32
+  else
+    curl_LDADD += -L$(OPENSSL_PATH)/out -lssl -lcrypto -lgdi32
+  endif
+endif
+ifdef ZLIB
+  INCLUDES += -I"$(ZLIB_PATH)"
+  CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H
+  curl_LDADD += -L$(ZLIB_PATH) -lz
+endif
+ifdef SSPI
+  CFLAGS += -DUSE_WINDOWS_SSPI
+endif
+ifdef IPV6
+  CFLAGS += -DENABLE_IPV6
+endif
+ifdef LDAPS
+  CFLAGS += -DHAVE_LDAP_SSL
+endif
+ifdef USE_LDAP_NOVELL
+  CFLAGS += -DCURL_HAS_NOVELL_LDAPSDK
+  curl_LDADD += -L"$(LDAP_SDK)/lib/mscvc" -lldapsdk -lldapssl -lldapx
+endif
+ifdef USE_LDAP_OPENLDAP
+  CFLAGS += -DCURL_HAS_OPENLDAP_LDAPSDK
+  curl_LDADD += -L"$(LDAP_SDK)/lib" -lldap -llber
+endif
+ifndef USE_LDAP_NOVELL
+ifndef USE_LDAP_OPENLDAP
+curl_LDADD += -lwldap32
+endif
+endif
+curl_LDADD += -lws2_32 -lwinmm
+COMPILE = $(CC) $(INCLUDES) $(CFLAGS)
+
+# Makefile.inc provides the noinst_PROGRAMS and COMPLICATED_EXAMPLES defines
+include Makefile.inc
+
+example_PROGRAMS := $(patsubst %,%.exe,$(strip $(noinst_PROGRAMS)))
+
+.SUFFIXES: .rc .res .o .exe
+
+
+all: $(example_PROGRAMS)
+
+.o.exe: $(curl_DEPENDENCIES)
+	$(LINK) $< $(curl_LDADD)
+
+.c.o:
+	$(COMPILE) -c $<
+
+.rc.res:
+	$(RC) $(RCFLAGS) $< -o $@
+
+clean:
+	$(RM) $(example_PROGRAMS)
+
+

docs/examples/anyauthput.c

@@ -37,7 +37,7 @@
 /* ioctl callback function */
 static curlioerr my_ioctl(CURL *handle, curliocmd cmd, void *userp)
 {
-  int fd = (int)userp;
+  intptr_t fd = (intptr_t)userp;
 
   (void)handle; /* not used in here */
 
@@ -61,7 +61,7 @@ static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
 {
   size_t retcode;
 
-  int fd = (int)stream;
+  intptr_t fd = (intptr_t)stream;
 
   retcode = read(fd, ptr, size * nmemb);
 
@@ -74,7 +74,7 @@ int main(int argc, char **argv)
 {
   CURL *curl;
   CURLcode res;
-  int hd ;
+  intptr_t hd ;
   struct stat file_info;
 
   char *file;
@@ -100,13 +100,13 @@ int main(int argc, char **argv)
     curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
 
     /* which file to upload */
-    curl_easy_setopt(curl, CURLOPT_READDATA, hd);
+    curl_easy_setopt(curl, CURLOPT_READDATA, (void*)hd);
 
     /* set the ioctl function */
     curl_easy_setopt(curl, CURLOPT_IOCTLFUNCTION, my_ioctl);
 
     /* pass the file descriptor to the ioctl callback as well */
-    curl_easy_setopt(curl, CURLOPT_IOCTLDATA, hd);
+    curl_easy_setopt(curl, CURLOPT_IOCTLDATA, (void*)hd);
 
     /* enable "uploading" (which means PUT when doing HTTP) */
     curl_easy_setopt(curl, CURLOPT_UPLOAD, TRUE) ;

docs/examples/debug.c

@@ -65,7 +65,7 @@ void dump(const char *text,
 
 static
 int my_trace(CURL *handle, curl_infotype type,
-             unsigned char *data, size_t size,
+             char *data, size_t size,
              void *userp)
 {
   struct data *config = (struct data *)userp;
@@ -98,7 +98,7 @@ int my_trace(CURL *handle, curl_infotype type,
     break;
   }
 
-  dump(text, stderr, data, size, config->trace_ascii);
+  dump(text, stderr, (unsigned char *)data, size, config->trace_ascii);
   return 0;
 }
 

docs/examples/ftpget.c

@@ -26,7 +26,7 @@ struct FtpFile {
   FILE *stream;
 };
 
-static int my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream)
+static size_t my_fwrite(void *buffer, size_t size, size_t nmemb, void *stream)
 {
   struct FtpFile *out=(struct FtpFile *)stream;
   if(out && !out->stream) {

docs/examples/ftpupload.c

@@ -14,7 +14,12 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <fcntl.h>
+#include <errno.h>
+#ifdef WIN32
+#include <io.h>
+#else
 #include <unistd.h>
+#endif
 
 /*
  * This example shows an FTP upload, with a rename of the file just after
@@ -28,12 +33,26 @@
 #define REMOTE_URL      "ftp://localhost/"  UPLOAD_FILE_AS
 #define RENAME_FILE_TO  "renamed-and-fine.txt"
 
+/* NOTE: if you want this example to work on Windows with libcurl as a
+   DLL, you MUST also provide a read callback with CURLOPT_READFUNCTION.
+   Failing to do so will give you a crash since a DLL may not use the
+   variable's memory when passed in to it from an app like this. */
+static size_t read_callback(void *ptr, size_t size, size_t nmemb, void *stream)
+{
+  /* in real-world cases, this would probably get this data differently
+     as this fread() stuff is exactly what the library already would do
+     by default internally */
+  size_t retcode = fread(ptr, size, nmemb, stream);
+
+  fprintf(stderr, "*** We read %d bytes from file\n", retcode);
+  return retcode;
+}
+
 int main(int argc, char **argv)
 {
   CURL *curl;
   CURLcode res;
-  FILE * hd_src ;
-  int hd ;
+  FILE *hd_src;
   struct stat file_info;
 
   struct curl_slist *headerlist=NULL;
@@ -41,13 +60,13 @@ int main(int argc, char **argv)
   static const char buf_2 [] = "RNTO " RENAME_FILE_TO;
 
   /* get the file size of the local file */
-  hd = open(LOCAL_FILE, O_RDONLY) ;
-  fstat(hd, &file_info);
-  close(hd) ;
+  if(stat(LOCAL_FILE, &file_info)) {
+    printf("Couldnt open '%s': %s\n", LOCAL_FILE, strerror(errno));
+    return 1;
+  }
+  printf("Local file size: %ld bytes.\n", file_info.st_size);
 
-  /* get a FILE * of the same file, could also be made with
-     fdopen() from the previous descriptor, but hey this is just
-     an example! */
+  /* get a FILE * of the same file */
   hd_src = fopen(LOCAL_FILE, "rb");
 
   /* In windows, this will init the winsock stuff */
@@ -60,6 +79,9 @@ int main(int argc, char **argv)
     headerlist = curl_slist_append(headerlist, buf_1);
     headerlist = curl_slist_append(headerlist, buf_2);
 
+    /* we want to use our own read function */
+    curl_easy_setopt(curl, CURLOPT_READFUNCTION, read_callback);
+
     /* enable uploading */
     curl_easy_setopt(curl, CURLOPT_UPLOAD, 1) ;
 
@@ -72,12 +94,6 @@ int main(int argc, char **argv)
     /* now specify which file to upload */
     curl_easy_setopt(curl, CURLOPT_READDATA, hd_src);
 
-    /* NOTE: if you want this example to work on Windows with libcurl as a
-       DLL, you MUST also provide a read callback with
-       CURLOPT_READFUNCTION. Failing to do so will give you a crash since a
-       DLL may not use the variable's memory when passed in to it from an app
-       like this. */
-
     /* Set the size of the file to upload (optional).  If you give a *_LARGE
        option you MUST make sure that the type of the passed-in argument is a
        curl_off_t. If you use CURLOPT_INFILESIZE (without _LARGE) you must

docs/examples/getinmemory.c

@@ -98,5 +98,8 @@ int main(int argc, char **argv)
   if(chunk.memory)
     free(chunk.memory);
 
+  /* we're done with libcurl, so clean it up */
+  curl_global_cleanup();
+
   return 0;
 }

docs/examples/multi-debugcallback.c

@@ -74,7 +74,7 @@ void dump(const char *text,
 
 static
 int my_trace(CURL *handle, curl_infotype type,
-             unsigned char *data, size_t size,
+             char *data, size_t size,
              void *userp)
 {
   const char *text;

docs/examples/post-callback.c

@@ -75,7 +75,7 @@ int main(void)
     */
 #ifdef USE_CHUNKED
     {
-      curl_slist *chunk = NULL;
+      struct curl_slist *chunk = NULL;
 
       chunk = curl_slist_append(chunk, "Transfer-Encoding: chunked");
       res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
@@ -98,7 +98,7 @@ int main(void)
     /* A less good option would be to enforce HTTP 1.0, but that might also
        have other implications. */
     {
-      curl_slist *chunk = NULL;
+      struct curl_slist *chunk = NULL;
 
       chunk = curl_slist_append(chunk, "Expect:");
       res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);

docs/examples/smooth-gtk-thread.c

@@ -0,0 +1,217 @@
+/*****************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * $Id$
+ *
+ * This is a multi threaded application that uses a progress bar to show
+ * status.  It uses Gtk+ to make a smooth pulse.
+ *
+ * Written by Jud Bishop after studying the other examples provided with
+ * libcurl.
+ *
+ * To compile (on a single line):
+ * gcc -ggdb `pkg-config --cflags  --libs gtk+-2.0` -lcurl -lssl -lcrypto
+ *   -lgthread-2.0 -dl  smooth-gtk-thread.c -o smooth-gtk-thread
+ */
+
+#include <stdio.h>
+#include <gtk/gtk.h>
+#include <glib.h>
+#include <unistd.h>
+#include <pthread.h>
+
+#include <curl/curl.h>
+#include <curl/types.h> /* new for v7 */
+#include <curl/easy.h> /* new for v7 */
+
+#define NUMT 4
+
+pthread_mutex_t lock = PTHREAD_MUTEX_INITIALIZER;
+int j = 0;
+gint num_urls = 9; /* Just make sure this is less than urls[]*/
+char *urls[]= {
+  "90022",
+  "90023",
+  "90024",
+  "90025",
+  "90026",
+  "90027",
+  "90028",
+  "90029",
+  "90030"
+};
+
+size_t write_file(void *ptr, size_t size, size_t nmemb, FILE *stream)
+{
+  /* printf("write_file\n"); */
+  return fwrite(ptr, size, nmemb, stream);
+}
+
+/* http://xoap.weather.com/weather/local/46214?cc=*&dayf=5&unit=i */
+void *pull_one_url(void *NaN)
+{
+  CURL *curl;
+  CURLcode res;
+  gchar *http;
+  FILE *outfile;
+  gint i;
+
+  /* Stop threads from entering unless j is incremented */
+  pthread_mutex_lock(&lock);
+  while ( j < num_urls )
+  {
+    printf("j = %d\n", j);
+
+    http =
+      g_strdup_printf("xoap.weather.com/weather/local/%s?cc=*&dayf=5&unit=i\n",
+                      urls[j]);
+
+    printf( "http %s", http );
+
+    curl = curl_easy_init();
+    if(curl)
+    {
+
+      outfile = fopen(urls[j], "w");
+      /* printf("fopen\n"); */
+
+      /* Set the URL and transfer type */
+      curl_easy_setopt(curl, CURLOPT_URL, http);
+
+      /* Write to the file */
+      curl_easy_setopt(curl, CURLOPT_WRITEDATA, outfile);
+      curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, write_file);
+
+      j++;  /* critical line */
+      pthread_mutex_unlock(&lock);
+
+      res = curl_easy_perform(curl);
+
+      fclose(outfile);
+      printf("fclose\n");
+
+      curl_easy_cleanup(curl);
+    }
+    g_free (http);
+
+    /* Adds more latency, testing the mutex.*/
+    sleep(1);
+
+  } /* end while */
+  return NULL;
+}
+
+
+gboolean pulse_bar(gpointer data)
+{
+  gdk_threads_enter();
+  gtk_progress_bar_pulse (GTK_PROGRESS_BAR (data));
+  gdk_threads_leave();
+
+  /* Return true so the function will be called again;
+   * returning false removes this timeout function.
+   */
+  return TRUE;
+}
+
+void *create_thread(void *progress_bar)
+{
+  pthread_t tid[NUMT];
+  int i;
+  int error;
+
+  /* Make sure I don't create more threads than urls. */
+  for(i=0; i < NUMT && i < num_urls ; i++) {
+    error = pthread_create(&tid[i],
+                           NULL, /* default attributes please */
+                           pull_one_url,
+                           NULL);
+    if(0 != error)
+      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
+    else
+      fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]);
+  }
+
+  /* Wait for all threads to terminate. */
+  for(i=0; i < NUMT && i < num_urls; i++) {
+    error = pthread_join(tid[i], NULL);
+    fprintf(stderr, "Thread %d terminated\n", i);
+  }
+
+  /* This stops the pulsing if you have it turned on in the progress bar
+     section */
+  g_source_remove(GPOINTER_TO_INT(g_object_get_data(G_OBJECT(progress_bar),
+                                                    "pulse_id")));
+
+  /* This destroys the progress bar */
+  gtk_widget_destroy(progress_bar);
+
+  /* [Un]Comment this out to kill the program rather than pushing close. */
+  /* gtk_main_quit(); */
+
+
+  return NULL;
+
+}
+
+static gboolean cb_delete(GtkWidget *window, gpointer data)
+{
+  gtk_main_quit();
+  return FALSE;
+}
+
+int main(int argc, char **argv)
+{
+  GtkWidget *top_window, *outside_frame, *inside_frame, *progress_bar;
+  GtkAdjustment *adj;
+
+  /* Init thread */
+  g_thread_init(NULL);
+  gdk_threads_init ();
+  gdk_threads_enter ();
+
+  gtk_init(&argc, &argv);
+
+  /* Base window */
+  top_window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
+
+  /* Frame */
+  outside_frame = gtk_frame_new(NULL);
+  gtk_frame_set_shadow_type(GTK_FRAME(outside_frame), GTK_SHADOW_OUT);
+  gtk_container_add(GTK_CONTAINER(top_window), outside_frame);
+
+  /* Frame */
+  inside_frame = gtk_frame_new(NULL);
+  gtk_frame_set_shadow_type(GTK_FRAME(inside_frame), GTK_SHADOW_IN);
+  gtk_container_set_border_width(GTK_CONTAINER(inside_frame), 5);
+  gtk_container_add(GTK_CONTAINER(outside_frame), inside_frame);
+
+  /* Progress bar */
+  progress_bar = gtk_progress_bar_new();
+  gtk_progress_bar_pulse (GTK_PROGRESS_BAR (progress_bar));
+  /* Make uniform pulsing */
+  gint pulse_ref = g_timeout_add (300, pulse_bar, progress_bar);
+  g_object_set_data(G_OBJECT(progress_bar), "pulse_id",
+                    GINT_TO_POINTER(pulse_ref));
+  gtk_container_add(GTK_CONTAINER(inside_frame), progress_bar);
+
+  gtk_widget_show_all(top_window);
+  printf("gtk_widget_show_all\n");
+
+  g_signal_connect(G_OBJECT (top_window), "delete-event",
+                   G_CALLBACK(cb_delete), NULL);
+
+  if (!g_thread_create(&create_thread, progress_bar, FALSE, NULL) != 0)
+    g_warning("can't create the thread");
+
+  gtk_main();
+  gdk_threads_leave();
+  printf("gdk_threads_leave\n");
+
+  return 0;
+}
+

docs/examples/threaded-ssl.c

@@ -0,0 +1,145 @@
+/*****************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * $Id$
+ *
+ * A multi-threaded example that uses pthreads and fetches 4 remote files at
+ * once over HTTPS. The lock callbacks and stuff assume OpenSSL or GnuTLS
+ * (libgcrypt) so far.
+ *
+ * OpenSSL docs for this:
+ *   http://www.openssl.org/docs/crypto/threads.html
+ * gcrypt docs for this:
+ *   http://gnupg.org/documentation/manuals/gcrypt/Multi_002dThreading.html
+ */
+
+#define USE_OPENSSL /* or USE_GNUTLS accordingly */
+
+#include <stdio.h>
+#include <pthread.h>
+#include <curl/curl.h>
+
+/* we have this global to let the callback get easy access to it */
+static pthread_mutex_t *lockarray;
+
+#ifdef USE_OPENSSL
+#include <openssl/crypto.h>
+static void lock_callback(int mode, int type, char *file, int line)
+{
+  (void)file;
+  (void)line;
+  if (mode & CRYPTO_LOCK) {
+    pthread_mutex_lock(&(lockarray[type]));
+  }
+  else {
+    pthread_mutex_unlock(&(lockarray[type]));
+  }
+}
+
+static unsigned long thread_id(void)
+{
+  unsigned long ret;
+
+  ret=(unsigned long)pthread_self();
+  return(ret);
+}
+
+static void init_locks(void)
+{
+  int i;
+
+  lockarray=(pthread_mutex_t *)OPENSSL_malloc(CRYPTO_num_locks() *
+                                            sizeof(pthread_mutex_t));
+  for (i=0; i<CRYPTO_num_locks(); i++) {
+    pthread_mutex_init(&(lockarray[i]),NULL);
+  }
+
+  CRYPTO_set_id_callback((unsigned long (*)())thread_id);
+  CRYPTO_set_locking_callback((void (*)())lock_callback);
+}
+
+static void kill_locks(void)
+{
+  int i;
+
+  CRYPTO_set_locking_callback(NULL);
+  for (i=0; i<CRYPTO_num_locks(); i++)
+    pthread_mutex_destroy(&(lockarray[i]));
+
+  OPENSSL_free(lockarray);
+}
+#endif
+
+#ifdef USE_GNUTLS
+#include <gcrypt.h>
+#include <errno.h>
+
+GCRY_THREAD_OPTION_PTHREAD_IMPL;
+
+void init_locks(void)
+{
+  gcry_control(GCRYCTL_SET_THREAD_CBS);
+}
+
+#define kill_locks()
+#endif
+
+/* List of URLs to fetch.*/
+const char *urls[]= {
+  "https://www.sf.net/",
+  "https://www.openssl.org/",
+  "https://www.sf.net/",
+  "https://www.openssl.org/",
+};
+
+static void *pull_one_url(void *url)
+{
+  CURL *curl;
+
+  curl = curl_easy_init();
+  curl_easy_setopt(curl, CURLOPT_URL, url);
+  /* this example doesn't verify the server's certificate, which means we
+     might be downloading stuff from an impostor */
+  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0);
+  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0);
+  curl_easy_perform(curl); /* ignores error */
+  curl_easy_cleanup(curl);
+
+  return NULL;
+}
+
+int main(int argc, char **argv)
+{
+  pthread_t tid[4];
+  int i;
+  int error;
+  (void)argc; /* we don't use any arguments in this example */
+  (void)argv;
+
+  init_locks();
+
+  for(i=0; i< 4; i++) {
+    error = pthread_create(&tid[i],
+                           NULL, /* default attributes please */
+                           pull_one_url,
+                           (void *)urls[i]);
+    if(0 != error)
+      fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
+    else
+      fprintf(stderr, "Thread %d, gets %s\n", i, urls[i]);
+  }
+
+  /* now wait for all threads to terminate */
+  for(i=0; i< 4; i++) {
+    error = pthread_join(tid[i], NULL);
+    fprintf(stderr, "Thread %d terminated\n", i);
+  }
+
+  kill_locks();
+
+  return 0;
+}

docs/libcurl/Makefile.am

@@ -18,7 +18,8 @@ man_MANS = curl_easy_cleanup.3 curl_easy_getinfo.3 curl_easy_init.3	 \
  curl_multi_strerror.3 curl_share_strerror.3 curl_global_init_mem.3	 \
  libcurl-tutorial.3 curl_easy_reset.3 curl_easy_escape.3		 \
  curl_easy_unescape.3 curl_multi_setopt.3 curl_multi_socket.3		 \
- curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3
+ curl_multi_timeout.3 curl_formget.3 curl_multi_assign.3		 \
+ curl_easy_pause.3
 
 HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html		  \
  curl_easy_init.html curl_easy_perform.html curl_easy_setopt.html	  \
@@ -36,7 +37,7 @@ HTMLPAGES = curl_easy_cleanup.html curl_easy_getinfo.html		  \
  curl_share_strerror.html curl_global_init_mem.html libcurl-tutorial.html \
  curl_easy_reset.html curl_easy_escape.html curl_easy_unescape.html	  \
  curl_multi_setopt.html curl_multi_socket.html curl_multi_timeout.html	  \
- curl_formget.html curl_multi_assign.html
+ curl_formget.html curl_multi_assign.html curl_easy_pause.html
 
 PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf curl_easy_init.pdf \
  curl_easy_perform.pdf curl_easy_setopt.pdf curl_easy_duphandle.pdf	  \
@@ -53,7 +54,7 @@ PDFPAGES = curl_easy_cleanup.pdf curl_easy_getinfo.pdf curl_easy_init.pdf \
  curl_share_strerror.pdf curl_global_init_mem.pdf libcurl-tutorial.pdf	  \
  curl_easy_reset.pdf curl_easy_escape.pdf curl_easy_unescape.pdf	  \
  curl_multi_setopt.pdf curl_multi_socket.pdf curl_multi_timeout.pdf	  \
- curl_formget.pdf curl_multi_assign.pdf
+ curl_formget.pdf curl_multi_assign.pdf curl_easy_pause.pdf
 
 CLEANFILES = $(HTMLPAGES) $(PDFPAGES)
 

docs/libcurl/curl_easy_pause.3

@@ -0,0 +1,63 @@
+.\" $Id$
+.\"
+.TH curl_easy_pause 3 "17 Dec 2007" "libcurl 7.18.0" "libcurl Manual"
+.SH NAME
+curl_easy_pause - pause and unpause a connection
+.SH SYNOPSIS
+.B #include <curl/curl.h>
+
+.BI "CURLcode curl_easy_pause(CURL *"handle ", int "bitmask " );"
+
+.SH DESCRIPTION
+Using this function, you can explicitly mark a running connection to get
+paused, and you can unpause a connection that was previously paused.
+
+A connection can made to pause by using this function or by letting the read
+or the write callbacks return the proper magic return code
+(\fICURL_READFUNC_PAUSE\fP and \fICURL_WRITEFUNC_PAUSE\fP).
+
+NOTE: while it may feel tempting, take care and notice that you cannot call
+this function from another thread.
+
+When this function is called to unpause reading, the chance is high that you
+will get your write callback called before this function returns.
+
+The \fBhandle\fP argument is of course identifying the handle that operates on
+the connection you want to pause or unpause.
+
+The \fBbitmask\fP argument is a set of bits that sets the new state of the
+connection. The following bits can be used:
+.IP CURLPAUSE_RECV
+Pause receiving data. There will be no data received on this conneciton until
+this function is called again without this bit set. Thus, the write callback
+(\fICURLOPT_WRITEFUNCTION\fP) won't be called.
+.IP CURLPAUSE_SEND
+Pause sending data. There will be no data sent on this connection until this
+function is called again without this bit set. Thus, the read callback
+(\fICURLOPT_READFUNCTION\fP) won't be called.
+.IP CURLPAUSE_ALL
+Convenience define that pauses both directions.
+.IP CURLPAUSE_CONT
+Convenience define that unpauses both directions
+.SH RETURN VALUE
+CURLE_OK (zero) means that the option was set properly, and a non-zero return
+code means something wrong occurred after the new state was set.  See the
+\fIlibcurl-errors(3)\fP man page for the full list with descriptions.
+.SH AVAILABILITY
+This function was added in libcurl 7.18.0. Before this version, there was no
+explicit support for pausing transfers.
+.SH "MEMORY USE"
+When pausing a read by returning the magic return code from a write callback,
+the read data is already in libcurl's internal buffers so it'll have to keep
+it in an allocated buffer until the reading is again unpaused using this
+function.
+
+If the downloaded data is compressed and is asked to get uncompressed
+automatially on download, libcurl will continue to uncompress the entire
+downloaded chunk and it will cache the data uncompressed. This has the side-
+effect that if you download something that is compressed a lot, it can result
+in a very large data amount needing to be allocated to save the data during
+the pause. This said, you should probably consider not using paused reading if
+you allow libcurl to uncompress data automatically.
+.SH "SEE ALSO"
+.BR curl_easy_cleanup "(3), " curl_easy_reset "(3)"

docs/libcurl/curl_easy_setopt.3

@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -21,7 +21,7 @@
 .\" * $Id$
 .\" **************************************************************************
 .\"
-.TH curl_easy_setopt 3 "30 Aug 2007" "libcurl 7.17.0" "libcurl Manual"
+.TH curl_easy_setopt 3 "5 Jan 2008" "libcurl 7.18.0" "libcurl Manual"
 .SH NAME
 curl_easy_setopt \- set options for a curl easy handle
 .SH SYNOPSIS
@@ -95,6 +95,10 @@ of bytes actually taken care of. If that amount differs from the amount passed
 to your function, it'll signal an error to the library and it will abort the
 transfer and return \fICURLE_WRITE_ERROR\fP.
 
+From 7.18.0, the function can return CURL_WRITEFUNC_PAUSE which then will
+cause writing to this connection to become paused. See
+\fIcurl_easy_pause(3)\fP for further details.
+
 This function may be called with zero bytes data if the transfered file is
 empty.
 
@@ -142,6 +146,10 @@ The read callback may return \fICURL_READFUNC_ABORT\fP to stop the current
 operation immediately, resulting in a \fICURLE_ABORTED_BY_CALLBACK\fP error
 code from the transfer (Added in 7.12.1)
 
+From 7.18.0, the function can return CURL_READFUNC_PAUSE which then will cause
+reading from this connection to become paused. See \fIcurl_easy_pause(3)\fP
+for further details.
+
 If you set the callback pointer to NULL, or doesn't set it at all, the default
 internal read function will be used. It is simply doing an fread() on the FILE
 * stream set with \fICURLOPT_READDATA\fP.
@@ -163,11 +171,32 @@ something special I/O-related needs to be done that the library can't do by
 itself. For now, rewinding the read data stream is the only action it can
 request. The rewinding of the read data stream may be necessary when doing a
 HTTP PUT or POST with a multi-pass authentication method.  (Option added in
-7.12.3)
+7.12.3).
+
+Use \fICURLOPT_SEEKFUNCTION\fP instead to provide seeking!
 .IP CURLOPT_IOCTLDATA
 Pass a pointer that will be untouched by libcurl and passed as the 3rd
 argument in the ioctl callback set with \fICURLOPT_IOCTLFUNCTION\fP.  (Option
 added in 7.12.3)
+.IP CURLOPT_SEEKFUNCTION
+Function pointer that should match the following prototype: \fIint
+function(void *instream, curl_off_t offset, int origin);\fP This function gets
+called by libcurl to seek to a certain position in the input stream and can be
+used to fast forward a file in a resumed upload (instead of reading all
+uploaded bytes with the normal read function/callback). It is also called to
+rewind a stream when doing a HTTP PUT or POST with a multi-pass authentication
+method. The function shall work like "fseek" or "lseek" and accepted SEEK_SET,
+SEEK_CUR and SEEK_END as argument for origin, although (in 7.18.0) libcurl
+only passes SEEK_SET. The callback must return 0 on success as returning
+non-zero will cause the upload operation to fail.
+
+If you forward the input arguments directly to "fseek" or "lseek", note that
+the data type for \fIoffset\fP is not the same as defined for curl_off_t on
+many systems! (Option added in 7.18.0)
+.IP CURLOPT_SEEKDATA
+Data pointer to pass to the file read function. If you use the
+\fICURLOPT_SEEKFUNCTION\fP option, this is the pointer you'll get as input. If
+you don't specify a seek callback, NULL is passed. (Option added in 7.18.0)
 .IP CURLOPT_SOCKOPTFUNCTION
 Function pointer that should match the \fIcurl_sockopt_callback\fP prototype
 found in \fI<curl/curl.h>\fP. This function gets called by libcurl after the
@@ -281,6 +310,9 @@ Pass a pointer to whatever you want passed in to your
 \fICURLOPT_DEBUGFUNCTION\fP in the last void * argument. This pointer is not
 used by libcurl, it is only passed to the callback.
 .IP CURLOPT_SSL_CTX_FUNCTION
+This option does only function for libcurl powered by OpenSSL. If libcurl was
+built against another SSL library, this functionality is absent.
+
 Function pointer that should match the following prototype: \fBCURLcode
 sslctxfun(CURL *curl, void *sslctx, void *parm);\fP This function gets called
 by libcurl just before the initialization of an SSL connection after having
@@ -430,13 +462,21 @@ Pass a long with this option to set the proxy port to connect to unless it is
 specified in the proxy string \fICURLOPT_PROXY\fP.
 .IP CURLOPT_PROXYTYPE
 Pass a long with this option to set type of the proxy. Available options for
-this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_SOCKS4\fP (added in 7.15.2)
-\fICURLPROXY_SOCKS5\fP. The HTTP type is default. (Added in 7.10)
+this are \fICURLPROXY_HTTP\fP, \fICURLPROXY_SOCKS4\fP (added in 7.15.2),
+\fICURLPROXY_SOCKS5\fP, \fICURLPROXY_SOCKS4A\fP (added in 7.18.0) and
+\fICURLPROXY_SOCKS5_HOSTNAME\fP (added in 7.18.0). The HTTP type is
+default. (Added in 7.10)
 .IP CURLOPT_HTTPPROXYTUNNEL
 Set the parameter to non-zero to get the library to tunnel all operations
 through a given HTTP proxy. There is a big difference between using a proxy
 and to tunnel through it. If you don't know what this means, you probably
 don't want this tunneling option.
+.IP CURLOPT_SOCKS5_RESOLVE_LOCAL
+Set the parameter to 1 to get the library to resolve the host name locally
+instead of passing it to the proxy to resolve, when using a SOCKS5 proxy.
+
+Note that libcurl before 7.18.0 always resolved the host name locally even
+when SOCKS5 was used. (Added in 7.18.0)
 .IP CURLOPT_INTERFACE
 Pass a char * as parameter. This set the interface name to use as outgoing
 network interface. The name can be an interface name, an IP address or a host
@@ -670,7 +710,9 @@ and \fICURLOPT_READDATA\fP options but then you must make sure to not set
 \fICURLOPT_POSTFIELDS\fP to anything but NULL. When providing data with a
 callback, you must transmit it using chunked transfer-encoding or you must set
 the size of the data with the \fICURLOPT_POSTFIELDSIZE\fP or
-\fICURLOPT_POSTFIELDSIZE_LARGE\fP option.
+\fICURLOPT_POSTFIELDSIZE_LARGE\fP option. To enable chunked encoding, you
+simply pass in the appropriate Transfer-Encoding header, see the
+post-callback.c example.
 
 You can override the default POST Content-Type: header by setting your own
 with \fICURLOPT_HTTPHEADER\fP.
@@ -1064,6 +1106,13 @@ or similar.
 libcurl does not do a complete ASCII conversion when doing ASCII transfers
 over FTP. This is a known limitation/flaw that nobody has rectified. libcurl
 simply sets the mode to ascii and performs a standard transfer.
+.IP CURLOPT_PROXY_TRANSFER_MODE
+Pass a long. If the value is set to 1 (one), it tells libcurl to set the
+transfer mode (binary or ASCII) for FTP transfers done via an HTTP proxy, by
+appending ;type=a or ;type=i to the URL. Without this setting, or it being
+set to 0 (zero, the default), \fICURLOPT_TRANSFERTEXT\fP has no effect when
+doing FTP via a proxy. Beware that not all proxies support this feature.
+(Added in 7.18.0)
 .IP CURLOPT_CRLF
 Convert Unix newlines to CRLF newlines on transfers.
 .IP CURLOPT_RANGE
@@ -1073,6 +1122,8 @@ transfers also support several intervals, separated with commas as in
 \fI"X-Y,N-M"\fP. Using this kind of multiple intervals will cause the HTTP
 server to send the response document in pieces (using standard MIME separation
 techniques). Pass a NULL to this option to disable the use of ranges.
+
+Ranges work on HTTP, FTP and FILE (since 7.18.0) transfers only.
 .IP CURLOPT_RESUME_FROM
 Pass a long as parameter. It contains the offset in number of bytes that you
 want the transfer to start from. Set this option to 0 to make the transfer
@@ -1326,15 +1377,19 @@ operations.
 
 If the crypto device cannot be set, \fICURLE_SSL_ENGINE_SETFAILED\fP is
 returned.
+
+Note that even though this option doesn't need any parameter, in some
+configurations \fIcurl_easy_setopt\fP might be defined as a macro taking
+exactly three arguments. Therefore, it's recommended to pass 1 as parameter to
+this option.
 .IP CURLOPT_SSLVERSION
 Pass a long as parameter to control what version of SSL/TLS to attempt to use.
 The available options are:
 .RS
 .IP CURL_SSLVERSION_DEFAULT
-The default action. When libcurl built with OpenSSL or NSS, this will attempt
-to figure out the remote SSL protocol version. Unfortunately there are a lot of
-ancient and broken servers in use which cannot handle this technique and will
-fail to connect. When libcurl is built with GnuTLS, this will mean SSLv3.
+The default action. This will attempt to figure out the remote SSL protocol
+version, i.e. either SSLv3 or TLSv1 (but not SSLv2, which became disabled
+by default with 7.18.1).
 .IP CURL_SSLVERSION_TLSv1
 Force TLSv1
 .IP CURL_SSLVERSION_SSLv2
@@ -1491,6 +1546,14 @@ this curl handle use the data from the shared handle instead of keeping the
 data to itself. This enables several curl handles to share data. If the curl
 handles are used simultaneously, you \fBMUST\fP use the locking methods in the
 share handle. See \fIcurl_share_setopt(3)\fP for details.
+
+If you add a share that is set to share cookies, your easy handle will use
+that cookie cache and get the cookie engine enabled. If you unshare an object
+that were using cookies (or change to another object that doesn't share
+cookies), the easy handle will get its cookie engine disabled.
+
+Data that the share object is not set to share will be dealt with the usual
+way, as if no share was used.
 .IP CURLOPT_NEW_FILE_PERMS
 Pass a long as a parameter, containing the value of the permissions that will
 be assigned to newly created files on the remote server.  The default value is

docs/libcurl/curl_multi_setopt.3

@@ -47,10 +47,11 @@ changes. The timeout value is at what latest time the application should call
 one of the \&"performing" functions of the multi interface
 (\fIcurl_multi_socket(3)\fP, \fIcurl_multi_socket_all(3)\fP and
 \fIcurl_multi_perform(3)\fP) - to allow libcurl to keep timeouts and retries
-etc to work. Libcurl attempts to limit calling this only when the fixed future
-timeout time actually change. See also \fICURLMOPT_TIMERDATA\fP. This callback
-can be used instead of, or in addition to, \fIcurl_multi_timeout(3)\fP. (Added
-in 7.16.0)
+etc to work. A timeout value of -1 means that there is no timeout at all, and
+0 means that the timeout is already reached. Libcurl attempts to limit calling
+this only when the fixed future timeout time actually change. See also
+\fICURLMOPT_TIMERDATA\fP. This callback can be used instead of, or in addition
+to, \fIcurl_multi_timeout(3)\fP. (Added in 7.16.0)
 .IP CURLMOPT_TIMERDATA
 Pass a pointer to whatever you want passed to the
 \fBcurl_multi_timer_callback\fP's third argument, the userp pointer.  This is

docs/libcurl/curl_multi_socket.3

@@ -27,7 +27,7 @@ application has detected action on a socket handled by libcurl, it should call
 socket with the action. When the events on a socket are known, they can be
 passed as an events bitmask \fBev_bitmask\fP by first setting \fBev_bitmask\fP
 to 0, and then adding using bitwise OR (|) any combination of events to be
-choosen from CURL_CSELECT_IN, CURL_CSELECT_OUT or CURL_CSELECT_ERR. When the
+chosen from CURL_CSELECT_IN, CURL_CSELECT_OUT or CURL_CSELECT_ERR. When the
 events on a socket are unknown, pass 0 instead, and libcurl will test the
 descriptor internally.
 
@@ -45,17 +45,20 @@ socket callback function set with the CURLMOPT_SOCKETFUNCTION option to
 \fIcurl_multi_setopt(3)\fP. They update the status with changes since the
 previous time this function was called.
 
-To force libcurl to (re-)check all its internal sockets and transfers instead
-of just a single one, you call \fBcurl_multi_socket_all(3)\fP. This is
-typically done as the first function call before the application has any
-knowledge about what sockets libcurl uses.
+Force libcurl to (re-)check all its internal sockets and transfers instead of
+just a single one by calling \fBcurl_multi_socket_all(3)\fP. This is typically
+done as the first function call before the application has any knowledge about
+what sockets libcurl uses.
 
-Applications should call \fBcurl_multi_timeout(3)\fP to figure out how long to
-wait for socket actions \- at most \- before doing the timeout action: call
-the \fBcurl_multi_socket(3)\fP function with the \fBsockfd\fP argument set to
-CURL_SOCKET_TIMEOUT.
+Get the timeout time - how long to wait for socket actions at most before
+doing the timeout action: call the \fBcurl_multi_socket(3)\fP function with
+the \fBsockfd\fP argument set to CURL_SOCKET_TIMEOUT, by setting the
+\fICURLMOPT_TIMERFUNCTION\fP option with \fIcurl_multi_setopt(3)\fP. You can
+also use the \fIcurl_multi_timeout(3)\fP function to poll the value at any
+given time, but for an event-based system using the callback is far better
+than relying on polling the timeout value.
 
-Usage of \fIcurl_multi_socket(3)\fP is depricated, whereas the function is
+Usage of \fIcurl_multi_socket(3)\fP is deprecated, whereas the function is
 equivalent to \fIcurl_multi_socket_action(3)\fP, when \fBev_bitmask\fP is set 
 to 0.
 
@@ -91,7 +94,7 @@ register, interested in write readiness
 .IP "CURL_POLL_INOUT (3)"
 register, interested in both read and write readiness
 .IP "CURL_POLL_REMOVE (4)"
-deregister
+unregister
 .RE
 
 The \fIsocketp\fP argument is a private pointer you have previously set with
@@ -131,7 +134,7 @@ them for activity. This can be done through your application code, or by way
 of an external library such as libevent or glib.
 
 7. Wait for activity on any of libcurl's sockets, use the timeout value your
-calback has been told
+callback has been told
 
 8, When activity is detected, call curl_multi_socket_action() for the
 socket(s) that got action. If no activity is detected and the timeout expires,

docs/libcurl/curl_multi_timeout.3

@@ -23,6 +23,10 @@ The timeout value returned in the long \fBtimeout\fP points to, is in number
 of milliseconds at this very moment. If 0, it means you should proceed
 immediately without waiting for anything. If it returns -1, there's no timeout
 at all set.
+
+Note: if libcurl returns a -1 timeout here, it just means that libcurl
+currently has no stored timeout value. You must not wait too long (more than a
+few seconds perhaps) before you call curl_multi_perform() again.
 .SH "RETURN VALUE"
 The standard CURLMcode for multi interface error codes.
 .SH "TYPICAL USAGE"
@@ -30,7 +34,7 @@ Call \fBcurl_multi_timeout(3)\fP, then wait for action on the sockets. You
 figure out which sockets to wait for by calling \fBcurl_multi_fdset(3)\fP or
 by a previous call to \fBcurl_multi_socket(3)\fP.
 .SH AVAILABILITY
-This function was added in libcurl 7.15.4, although not deemed stable yet.
+This function was added in libcurl 7.15.4.
 .SH "SEE ALSO"
 .BR curl_multi_cleanup "(3), " curl_multi_init "(3), "
 .BR curl_multi_fdset "(3), " curl_multi_info_read "(3), "

include/curl/Makefile.am

@@ -1,5 +1,6 @@
 pkginclude_HEADERS = \
-	curl.h curlver.h easy.h mprintf.h stdcheaders.h types.h multi.h
+	curl.h curlver.h easy.h mprintf.h stdcheaders.h types.h multi.h \
+	typecheck-gcc.h
 pkgincludedir= $(includedir)/curl
 
 CLEANFILES = *dist

include/curl/curl.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -29,6 +29,14 @@
 
 #include "curlver.h" /* the libcurl version defines */
 
+/*
+ * Define WIN32 when build target is Win32 API
+ */
+
+#if (defined(_WIN32) || defined(__WIN32__)) && !defined(WIN32)
+#define WIN32
+#endif
+
 #include <stdio.h>
 #include <limits.h>
 
@@ -41,12 +49,42 @@
 # include <time.h>
 #endif /* defined (vms) */
 
-typedef void CURL;
+#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__GNUC__) && \
+  !defined(__CYGWIN__) || defined(__MINGW32__)
+#if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H))
+/* The check above prevents the winsock2 inclusion if winsock.h already was
+   included, since they can't co-exist without problems */
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#endif
+#else
+
+/* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
+   libc5-based Linux systems. Only include it on system that are known to
+   require it! */
+#if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || defined(__minix)
+#include <sys/select.h>
+#endif
+
+#ifndef _WIN32_WCE
+#include <sys/socket.h>
+#endif
+#ifndef __WATCOMC__
+#include <sys/time.h>
+#endif
+#include <sys/types.h>
+#endif
+
+#ifdef __BEOS__
+#include <support/SupportDefs.h>
+#endif
 
 #ifdef  __cplusplus
 extern "C" {
 #endif
 
+typedef void CURL;
+
 /*
  * Decorate exportable functions for Win32 DLL linking.
  * This avoids using a .def file for building libcurl.dll.
@@ -139,38 +177,6 @@ extern "C" {
 #undef FILESIZEBITS
 #endif
 
-#if defined(_WIN32) && !defined(WIN32)
-/* Chris Lewis mentioned that he doesn't get WIN32 defined, only _WIN32 so we
-   make this adjustment to catch this. */
-#define WIN32 1
-#endif
-
-#if defined(WIN32) && !defined(_WIN32_WCE) && !defined(__GNUC__) && \
-  !defined(__CYGWIN__) || defined(__MINGW32__)
-#if !(defined(_WINSOCKAPI_) || defined(_WINSOCK_H))
-/* The check above prevents the winsock2 inclusion if winsock.h already was
-   included, since they can't co-exist without problems */
-#include <winsock2.h>
-#include <ws2tcpip.h>
-#endif
-#else
-
-/* HP-UX systems version 9, 10 and 11 lack sys/select.h and so does oldish
-   libc5-based Linux systems. Only include it on system that are known to
-   require it! */
-#if defined(_AIX) || defined(__NOVELL_LIBC__) || defined(__NetBSD__) || defined(__minix)
-#include <sys/select.h>
-#endif
-
-#ifndef _WIN32_WCE
-#include <sys/socket.h>
-#endif
-#ifndef __WATCOMC__
-#include <sys/time.h>
-#endif
-#include <sys/types.h>
-#endif
-
 #ifndef curl_socket_typedef
 /* socket typedef */
 #ifdef WIN32
@@ -224,7 +230,9 @@ typedef int (*curl_progress_callback)(void *clientp,
      time for those who feel adventurous. */
 #define CURL_MAX_WRITE_SIZE 16384
 #endif
-
+/* This is a magic return code for the write callback that, when returned,
+   will signal libcurl to pause receving on the current transfer. */
+#define CURL_WRITEFUNC_PAUSE 0x10000001
 typedef size_t (*curl_write_callback)(char *buffer,
                                       size_t size,
                                       size_t nitems,
@@ -233,6 +241,13 @@ typedef size_t (*curl_write_callback)(char *buffer,
 /* This is a return code for the read callback that, when returned, will
    signal libcurl to immediately abort the current transfer. */
 #define CURL_READFUNC_ABORT 0x10000000
+/* This is a return code for the read callback that, when returned, will
+   signal libcurl to pause sending data on the current transfer. */
+#define CURL_READFUNC_PAUSE 0x10000001
+typedef int (*curl_seek_callback)(void *instream,
+                                  curl_off_t offset,
+				  int origin); /* 'whence' */
+
 typedef size_t (*curl_read_callback)(char *buffer,
                                       size_t size,
                                       size_t nitems,
@@ -251,7 +266,9 @@ struct curl_sockaddr {
   int family;
   int socktype;
   int protocol;
-  socklen_t addrlen;
+  unsigned int addrlen; /* addrlen was a socklen_t type before 7.18.0 but it
+                           turned really ugly and painful on the systems that
+                           lack this type */
   struct sockaddr addr;
 };
 
@@ -487,10 +504,15 @@ typedef CURLcode (*curl_ssl_ctx_callback)(CURL *curl,    /* easy handle */
                                           void *userptr);
 
 typedef enum {
-  CURLPROXY_HTTP = 0,
-  CURLPROXY_SOCKS4 = 4,
-  CURLPROXY_SOCKS5 = 5
-} curl_proxytype;
+  CURLPROXY_HTTP = 0,   /* added in 7.10 */
+  CURLPROXY_SOCKS4 = 4, /* support added in 7.15.2, enum existed already
+                           in 7.10 */
+  CURLPROXY_SOCKS5 = 5, /* added in 7.10 */
+  CURLPROXY_SOCKS4A = 6, /* added in 7.18.0 */
+  CURLPROXY_SOCKS5_HOSTNAME = 7 /* Use the SOCKS5 protocol but pass along the
+                                   host name rather than the IP address. added
+                                   in 7.18.0 */
+} curl_proxytype;  /* this enum was added in 7.10 */
 
 #define CURLAUTH_NONE         0       /* nothing */
 #define CURLAUTH_BASIC        (1<<0)  /* Basic (default) */
@@ -935,7 +957,7 @@ typedef enum {
   CINIT(SHARE, OBJECTPOINT, 100),
 
   /* indicates type of proxy. accepted values are CURLPROXY_HTTP (default),
-     CURLPROXY_SOCKS4 and CURLPROXY_SOCKS5. */
+     CURLPROXY_SOCKS4, CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5. */
   CINIT(PROXYTYPE, LONG, 101),
 
   /* Set the Accept-Encoding string. Use this to tell a server you would like
@@ -1159,6 +1181,13 @@ typedef enum {
   /* POST volatile input fields. */
   CINIT(COPYPOSTFIELDS, OBJECTPOINT, 165),
 
+  /* set transfer mode (;type=<a|i>) when doing FTP via an HTTP proxy */
+  CINIT(PROXY_TRANSFER_MODE, LONG, 166),
+
+  /* Callback function for seeking in the input stream */
+  CINIT(SEEKFUNCTION, FUNCTIONPOINT, 167),
+  CINIT(SEEKDATA, OBJECTPOINT, 168),
+
   CURLOPT_LASTENTRY /* the last unused */
 } CURLoption;
 
@@ -1241,10 +1270,6 @@ typedef enum {
   CURL_TIMECOND_LAST
 } curl_TimeCond;
 
-#ifdef __BEOS__
-#include <support/SupportDefs.h>
-#endif
-
 
 /* curl_strequal() and curl_strnequal() are subject for removal in a future
    libcurl, see lib/README.curlx for details */
@@ -1737,6 +1762,26 @@ CURL_EXTERN const char *curl_easy_strerror(CURLcode);
  */
 CURL_EXTERN const char *curl_share_strerror(CURLSHcode);
 
+/*
+ * NAME curl_easy_pause()
+ *
+ * DESCRIPTION
+ *
+ * The curl_easy_pause function pauses or unpauses transfers. Select the new
+ * state by setting the bitmask, use the convenience defines below.
+ *
+ */
+CURL_EXTERN CURLcode curl_easy_pause(CURL *handle, int bitmask);
+
+#define CURLPAUSE_RECV      (1<<0)
+#define CURLPAUSE_RECV_CONT (0)
+
+#define CURLPAUSE_SEND      (1<<2)
+#define CURLPAUSE_SEND_CONT (0)
+
+#define CURLPAUSE_ALL       (CURLPAUSE_RECV|CURLPAUSE_SEND)
+#define CURLPAUSE_CONT      (CURLPAUSE_RECV_CONT|CURLPAUSE_SEND_CONT)
+
 #ifdef  __cplusplus
 }
 #endif
@@ -1746,4 +1791,20 @@ CURL_EXTERN const char *curl_share_strerror(CURLSHcode);
 #include "easy.h" /* nothing in curl is fun without the easy stuff */
 #include "multi.h"
 
+/* the typechecker doesn't work in C++ (yet) */
+#if (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 3)) && \
+    !defined(__cplusplus)
+#include "typecheck-gcc.h"
+#else
+#if defined(__STDC__) && (__STDC__ >= 1) 
+/* This preprocessor magic that replaces a call with the exact same call is
+   only done to make sure application authors pass exactly three arguments
+   to these functions. */
+#define curl_easy_setopt(handle,opt,param) curl_easy_setopt(handle,opt,param)
+#define curl_easy_getinfo(handle,info,arg) curl_easy_getinfo(handle,info,arg)
+#define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
+#define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
+#endif /* __STDC__ >= 1 */
+#endif /* gcc >= 4.3 && !__cplusplus */
+
 #endif /* __CURL_CURL_H */

include/curl/curlver.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -26,14 +26,17 @@
 /* This header file contains nothing but libcurl version info, generated by
    a script at release-time. This was made its own header file in 7.11.2 */
 
+/* This is the global package copyright */
+#define LIBCURL_COPYRIGHT "1996 - 2008 Daniel Stenberg, <daniel@haxx.se>."
+
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "7.17.1-CVS"
+#define LIBCURL_VERSION "7.18.1-CVS"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 7
-#define LIBCURL_VERSION_MINOR 17
+#define LIBCURL_VERSION_MINOR 18
 #define LIBCURL_VERSION_PATCH 1
 
 /* This is the numeric version of the libcurl version number, meant for easier
@@ -51,7 +54,7 @@
    and it is always a greater number in a more recent release. It makes
    comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071101
+#define LIBCURL_VERSION_NUM 0x071201
 
 /*
  * This is the date and time when the full source package was created. The

include/curl/typecheck-gcc.h

@@ -0,0 +1,539 @@
+#ifndef __CURL_TYPECHECK_GCC_H
+#define __CURL_TYPECHECK_GCC_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ * $Id$
+ ***************************************************************************/
+
+/* wraps curl_easy_setopt() with typechecking */
+
+/* To add a new kind of warning, add an
+ *   if(_curl_is_sometype_option(_curl_opt) && ! _curl_is_sometype(value))
+ *     _curl_easy_setopt_err_sometype();
+ * block and define _curl_is_sometype_option, _curl_is_sometype and
+ * _curl_easy_setopt_err_sometype below
+ *
+ * To add an option that uses the same type as an existing option, you'll just
+ * need to extend the appropriate _curl_*_option macro
+ */
+#define curl_easy_setopt(handle, option, value)                               \
+__extension__ ({                                                              \
+  __typeof__ (option) _curl_opt = option;                                     \
+  if (__builtin_constant_p(_curl_opt)) {                                      \
+    if (_curl_is_long_option(_curl_opt) && !_curl_is_long(value))             \
+      _curl_easy_setopt_err_long();                                           \
+    if (_curl_is_off_t_option(_curl_opt) && !_curl_is_off_t(value))           \
+      _curl_easy_setopt_err_curl_off_t();                                     \
+    if (_curl_is_string_option(_curl_opt) && !_curl_is_string(value))         \
+      _curl_easy_setopt_err_string();                                         \
+    if (_curl_is_write_cb_option(_curl_opt) && !_curl_is_write_cb(value))     \
+      _curl_easy_setopt_err_write_callback();                                 \
+    if ((_curl_opt) == CURLOPT_READFUNCTION && !_curl_is_read_cb(value))      \
+      _curl_easy_setopt_err_read_cb();                                        \
+    if ((_curl_opt) == CURLOPT_IOCTLFUNCTION && !_curl_is_ioctl_cb(value))    \
+      _curl_easy_setopt_err_ioctl_cb();                                       \
+    if ((_curl_opt) == CURLOPT_SOCKOPTFUNCTION && !_curl_is_sockopt_cb(value))\
+      _curl_easy_setopt_err_sockopt_cb();                                     \
+    if ((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION &&                          \
+            !_curl_is_opensocket_cb(value))                                   \
+      _curl_easy_setopt_err_opensocket_cb();                                  \
+    if ((_curl_opt) == CURLOPT_PROGRESSFUNCTION &&                            \
+            !_curl_is_progress_cb(value))                                     \
+      _curl_easy_setopt_err_progress_cb();                                    \
+    if ((_curl_opt) == CURLOPT_DEBUGFUNCTION && !_curl_is_debug_cb(value))    \
+      _curl_easy_setopt_err_debug_cb();                                       \
+    if ((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION &&                            \
+            !_curl_is_ssl_ctx_cb(value))                                      \
+      _curl_easy_setopt_err_ssl_ctx_cb();                                     \
+    if (_curl_is_conv_cb_option(_curl_opt) && !_curl_is_conv_cb(value))       \
+      _curl_easy_setopt_err_conv_cb();                                        \
+    if ((_curl_opt) == CURLOPT_SEEKFUNCTION && !_curl_is_seek_cb(value))      \
+      _curl_easy_setopt_err_seek_cb();                                        \
+    if (_curl_is_cb_data_option(_curl_opt) && !_curl_is_cb_data(value))       \
+      _curl_easy_setopt_err_cb_data();                                        \
+    if ((_curl_opt) == CURLOPT_ERRORBUFFER && !_curl_is_error_buffer(value))  \
+      _curl_easy_setopt_err_error_buffer();                                   \
+    if ((_curl_opt) == CURLOPT_STDERR && !_curl_is_FILE(value))               \
+      _curl_easy_setopt_err_FILE();                                           \
+    if (_curl_is_postfields_option(_curl_opt) && !_curl_is_postfields(value)) \
+      _curl_easy_setopt_err_postfields();                                     \
+    if ((_curl_opt) == CURLOPT_HTTPPOST &&                                    \
+            !_curl_is_arr((value), struct curl_httppost))                     \
+      _curl_easy_setopt_err_curl_httpost();                                   \
+    if (_curl_is_slist_option(_curl_opt) &&                                   \
+            !_curl_is_arr((value), struct curl_slist))                        \
+      _curl_easy_setopt_err_curl_slist();                                     \
+    if ((_curl_opt) == CURLOPT_SHARE && !_curl_is_ptr((value), CURLSH))       \
+      _curl_easy_setopt_err_CURLSH();                                         \
+  }                                                                           \
+  curl_easy_setopt(handle, _curl_opt, value);                                 \
+})
+
+/* wraps curl_easy_getinfo() with typechecking */
+/* FIXME: don't allow const pointers */
+#define curl_easy_getinfo(handle, info, arg)                                  \
+__extension__ ({                                                              \
+  __typeof__ (info) _curl_info = info;                                        \
+  if (__builtin_constant_p(_curl_info)) {                                     \
+    if (_curl_is_string_info(_curl_info) && !_curl_is_arr((arg), char *))     \
+      _curl_easy_getinfo_err_string();                                        \
+    if (_curl_is_long_info(_curl_info) && !_curl_is_arr((arg), long))         \
+      _curl_easy_getinfo_err_long();                                          \
+    if (_curl_is_double_info(_curl_info) && !_curl_is_arr((arg), double))     \
+      _curl_easy_getinfo_err_double();                                        \
+    if (_curl_is_slist_info(_curl_info) &&                                    \
+           !_curl_is_arr((arg), struct curl_slist *))                         \
+      _curl_easy_getinfo_err_curl_slist();                                    \
+  }                                                                           \
+  curl_easy_getinfo(handle, _curl_info, arg);                                 \
+})
+
+/* TODO: typechecking for curl_share_setopt() and curl_multi_setopt(),
+ * for now just make sure that the functions are called with three
+ * arguments
+ */
+#define curl_share_setopt(share,opt,param) curl_share_setopt(share,opt,param)
+#define curl_multi_setopt(handle,opt,param) curl_multi_setopt(handle,opt,param)
+
+
+/* the actual warnings, triggered by calling the _curl_easy_setopt_err*
+ * functions */
+
+/* To define a new warning, use _CURL_WARNING(identifier, "message") */
+#define _CURL_WARNING(id, message)                                            \
+  static void __attribute__((warning(message))) __attribute__((unused))       \
+  __attribute__((noinline)) id(void) { __asm__(""); }
+
+_CURL_WARNING(_curl_easy_setopt_err_long,
+  "curl_easy_setopt expects a long argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_curl_off_t,
+  "curl_easy_setopt expects a curl_off_t argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_string,
+  "curl_easy_setopt expects a string (char* or char[]) argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_write_callback,
+  "curl_easy_setopt expects a curl_write_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_read_cb,
+  "curl_easy_setopt expects a curl_read_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_ioctl_cb,
+  "curl_easy_setopt expects a curl_ioctl_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_sockopt_cb,
+  "curl_easy_setopt expects a curl_sockopt_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_opensocket_cb,
+  "curl_easy_setopt expects a curl_opensocket_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_progress_cb,
+  "curl_easy_setopt expects a curl_progress_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_debug_cb,
+  "curl_easy_setopt expects a curl_debug_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_ssl_ctx_cb,
+  "curl_easy_setopt expects a curl_ssl_ctx_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_conv_cb,
+  "curl_easy_setopt expects a curl_conv_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_seek_cb,
+  "curl_easy_setopt expects a curl_seek_callback argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_cb_data,
+  "curl_easy_setopt expects a private data pointer as argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_error_buffer,
+  "curl_easy_setopt expects a char buffer of CURL_ERROR_SIZE as argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_FILE,
+  "curl_easy_setopt expects a FILE* argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_postfields,
+  "curl_easy_setopt expects a void* or char* argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_curl_httpost,
+  "curl_easy_setopt expects a struct curl_httppost* argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_curl_slist,
+  "curl_easy_setopt expects a struct curl_slist* argument for this option")
+_CURL_WARNING(_curl_easy_setopt_err_CURLSH,
+  "curl_easy_setopt expects a CURLSH* argument for this option")
+
+_CURL_WARNING(_curl_easy_getinfo_err_string,
+  "curl_easy_getinfo expects a pointer to char * for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_long,
+  "curl_easy_getinfo expects a pointer to long for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_double,
+  "curl_easy_getinfo expects a pointer to double for this info")
+_CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
+  "curl_easy_getinfo expects a pointer to struct curl_slist * for this info")
+
+/* groups of curl_easy_setops options that take the same type of argument */
+
+/* To add a new option to one of the groups, just add
+ *   (option) == CURLOPT_SOMETHING
+ * to the or-expression. If the option takes a long or curl_off_t, you don't
+ * have to do anything
+ */
+
+/* evaluates to true if option takes a long argument */
+#define _curl_is_long_option(option)                                          \
+  (0 < (option) && (option) < CURLOPTTYPE_OBJECTPOINT)
+
+#define _curl_is_off_t_option(option)                                         \
+  ((option) > CURLOPTTYPE_OFF_T)
+
+/* evaluates to true if option takes a char* argument */
+#define _curl_is_string_option(option)                                        \
+  ((option) == CURLOPT_URL ||                                                 \
+   (option) == CURLOPT_PROXY ||                                               \
+   (option) == CURLOPT_INTERFACE ||                                           \
+   (option) == CURLOPT_NETRC_FILE ||                                          \
+   (option) == CURLOPT_USERPWD ||                                             \
+   (option) == CURLOPT_PROXYUSERPWD ||                                        \
+   (option) == CURLOPT_ENCODING ||                                            \
+   (option) == CURLOPT_REFERER ||                                             \
+   (option) == CURLOPT_USERAGENT ||                                           \
+   (option) == CURLOPT_COOKIE ||                                              \
+   (option) == CURLOPT_COOKIEFILE ||                                          \
+   (option) == CURLOPT_COOKIEJAR ||                                           \
+   (option) == CURLOPT_COOKIELIST ||                                          \
+   (option) == CURLOPT_FTPPORT ||                                             \
+   (option) == CURLOPT_FTP_ALTERNATIVE_TO_USER ||                             \
+   (option) == CURLOPT_FTP_ACCOUNT ||                                         \
+   (option) == CURLOPT_RANGE ||                                               \
+   (option) == CURLOPT_CUSTOMREQUEST ||                                       \
+   (option) == CURLOPT_SSLCERT ||                                             \
+   (option) == CURLOPT_SSLCERTTYPE ||                                         \
+   (option) == CURLOPT_SSLKEY ||                                              \
+   (option) == CURLOPT_SSLKEYTYPE ||                                          \
+   (option) == CURLOPT_KEYPASSWD ||                                           \
+   (option) == CURLOPT_SSLENGINE ||                                           \
+   (option) == CURLOPT_CAINFO ||                                              \
+   (option) == CURLOPT_CAPATH ||                                              \
+   (option) == CURLOPT_RANDOM_FILE ||                                         \
+   (option) == CURLOPT_EGDSOCKET ||                                           \
+   (option) == CURLOPT_SSL_CIPHER_LIST ||                                     \
+   (option) == CURLOPT_KRBLEVEL ||                                            \
+   (option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 ||                             \
+   (option) == CURLOPT_SSH_PUBLIC_KEYFILE ||                                  \
+   (option) == CURLOPT_SSH_PRIVATE_KEYFILE ||                                 \
+   0)
+
+/* evaluates to true if option takes a curl_write_callback argument */
+#define _curl_is_write_cb_option(option)                                      \
+  ((option) == CURLOPT_HEADERFUNCTION ||                                      \
+   (option) == CURLOPT_WRITEFUNCTION)
+
+/* evaluates to true if option takes a curl_conv_callback argument */
+#define _curl_is_conv_cb_option(option)                                       \
+  ((option) == CURLOPT_CONV_TO_NETWORK_FUNCTION ||                            \
+   (option) == CURLOPT_CONV_FROM_NETWORK_FUNCTION ||                          \
+   (option) == CURLOPT_CONV_FROM_UTF8_FUNCTION)
+
+/* evaluates to true if option takes a data argument to pass to a callback */
+#define _curl_is_cb_data_option(option)                                       \
+  ((option) == CURLOPT_WRITEDATA ||                                           \
+   (option) == CURLOPT_READDATA ||                                            \
+   (option) == CURLOPT_IOCTLDATA ||                                           \
+   (option) == CURLOPT_SOCKOPTDATA ||                                         \
+   (option) == CURLOPT_OPENSOCKETDATA ||                                      \
+   (option) == CURLOPT_PROGRESSDATA ||                                        \
+   (option) == CURLOPT_WRITEHEADER ||                                         \
+   (option) == CURLOPT_DEBUGDATA ||                                           \
+   (option) == CURLOPT_SSL_CTX_DATA ||                                        \
+   (option) == CURLOPT_SEEKDATA ||                                            \
+   (option) == CURLOPT_PRIVATE ||                                             \
+   0)
+
+/* evaluates to true if option takes a POST data argument (void* or char*) */
+#define _curl_is_postfields_option(option)                                    \
+  ((option) == CURLOPT_POSTFIELDS ||                                          \
+   (option) == CURLOPT_COPYPOSTFIELDS ||                                      \
+   0)
+
+/* evaluates to true if option takes a struct curl_slist * argument */
+#define _curl_is_slist_option(option)                                         \
+  ((option) == CURLOPT_HTTPHEADER ||                                          \
+   (option) == CURLOPT_HTTP200ALIASES ||                                      \
+   (option) == CURLOPT_QUOTE ||                                               \
+   (option) == CURLOPT_POSTQUOTE ||                                           \
+   (option) == CURLOPT_PREQUOTE ||                                            \
+   (option) == CURLOPT_TELNETOPTIONS ||                                       \
+   0)
+
+/* groups of curl_easy_getinfo infos that take the same type of argument */
+
+/* evaluates to true if info expects a pointer to char * argument */
+#define _curl_is_string_info(info)                                            \
+  (CURLINFO_STRING < (info) && (info) < CURLINFO_LONG)
+
+/* evaluates to true if info expects a pointer to long argument */
+#define _curl_is_long_info(info)                                              \
+  (CURLINFO_LONG < (info) && (info) < CURLINFO_DOUBLE)
+
+/* evaluates to true if info expects a pointer to double argument */
+#define _curl_is_double_info(info)                                            \
+  (CURLINFO_DOUBLE < (info) && (info) < CURLINFO_SLIST)
+
+/* evaluates to true if info expects a pointer to struct curl_slist * argument */
+#define _curl_is_slist_info(info)                                             \
+  (CURLINFO_SLIST < (info))
+
+
+/* typecheck helpers -- check whether given expression has requested type*/
+
+/* For pointers, you can use the _curl_is_ptr/_curl_is_arr macros,
+ * otherwise define a new macro. Search for __builtin_types_compatible_p
+ * in the GCC manual.
+ * NOTE: these macros MUST NOT EVALUATE their arguments! The argument is
+ * the actual expression passed to the curl_easy_setopt macro. This
+ * means that you can only apply the sizeof and __typeof__ operators, no
+ * == or whatsoever.
+ */
+
+/* XXX: should evaluate to true iff expr is a pointer */
+#define _curl_is_any_ptr(expr)                                                \
+  (sizeof(expr) == sizeof(void*))
+
+/* evaluates to true if expr is NULL */
+/* XXX: must not evaluate expr, so this check is not accurate */
+#define _curl_is_NULL(expr)                                                   \
+  (__builtin_types_compatible_p(__typeof__(expr), __typeof__(NULL)))
+
+/* evaluates to true if expr is type*, const type* or NULL */
+#define _curl_is_ptr(expr, type)                                              \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), type *) ||                  \
+   __builtin_types_compatible_p(__typeof__(expr), const type *))
+
+/* evaluates to true if expr is one of type[], type*, NULL or const type* */
+#define _curl_is_arr(expr, type)                                              \
+  (_curl_is_ptr((expr), type) ||                                              \
+   __builtin_types_compatible_p(__typeof__(expr), type []))
+
+/* evaluates to true if expr is a string */
+#define _curl_is_string(expr)                                                 \
+  (_curl_is_arr((expr), char) ||                                              \
+   _curl_is_arr((expr), signed char) ||                                       \
+   _curl_is_arr((expr), unsigned char))
+
+/* evaluates to true if expr is a long (no matter the signedness)
+ * XXX: for now, int is also accepted (and therefore short and char, which
+ * are promoted to int when passed to a variadic function) */
+#define _curl_is_long(expr)                                                   \
+  (__builtin_types_compatible_p(__typeof__(expr), long) ||                    \
+   __builtin_types_compatible_p(__typeof__(expr), signed long) ||             \
+   __builtin_types_compatible_p(__typeof__(expr), unsigned long) ||           \
+   __builtin_types_compatible_p(__typeof__(expr), int) ||                     \
+   __builtin_types_compatible_p(__typeof__(expr), signed int) ||              \
+   __builtin_types_compatible_p(__typeof__(expr), unsigned int) ||            \
+   __builtin_types_compatible_p(__typeof__(expr), short) ||                   \
+   __builtin_types_compatible_p(__typeof__(expr), signed short) ||            \
+   __builtin_types_compatible_p(__typeof__(expr), unsigned short) ||          \
+   __builtin_types_compatible_p(__typeof__(expr), char) ||                    \
+   __builtin_types_compatible_p(__typeof__(expr), signed char) ||             \
+   __builtin_types_compatible_p(__typeof__(expr), unsigned char))
+
+/* evaluates to true if expr is of type curl_off_t */
+#define _curl_is_off_t(expr)                                                  \
+  (__builtin_types_compatible_p(__typeof__(expr), curl_off_t))
+
+/* evaluates to true if expr is abuffer suitable for CURLOPT_ERRORBUFFER */
+/* XXX: also check size of an char[] array? */
+#define _curl_is_error_buffer(expr)                                           \
+  (__builtin_types_compatible_p(__typeof__(expr), char *) ||                  \
+   __builtin_types_compatible_p(__typeof__(expr), char[]))
+
+/* evaluates to true if expr is of type (const) void* or (const) FILE* */
+#if 0
+#define _curl_is_cb_data(expr)                                                \
+  (_curl_is_ptr((expr), void) ||                                              \
+   _curl_is_ptr((expr), FILE))
+#else /* be less strict */
+#define _curl_is_cb_data(expr)                                                \
+  _curl_is_any_ptr(expr)
+#endif
+
+/* evaluates to true if expr is of type FILE* */
+#define _curl_is_FILE(expr)                                                   \
+  (__builtin_types_compatible_p(__typeof__(expr), FILE *))
+
+/* evaluates to true if expr can be passed as POST data (void* or char*) */
+#define _curl_is_postfields(expr)                                             \
+  (_curl_is_ptr((expr), void) ||                                              \
+   _curl_is_arr((expr), char))
+
+/* FIXME: the whole callback checking is messy...
+ * The idea is to tolerate char vs. void and const vs. not const
+ * pointers in arguments at least
+ */
+/* helper: __builtin_types_compatible_p distinguishes between functions and
+ * function pointers, hide it */
+#define _curl_callback_compatible(func, type)                                 \
+  (__builtin_types_compatible_p(__typeof__(func), type) ||                    \
+   __builtin_types_compatible_p(__typeof__(func), type*))
+
+/* evaluates to true if expr is of type curl_read_callback or "similar" */
+#define _curl_is_read_cb(expr)                                          \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), __typeof__(fread)) ||       \
+   __builtin_types_compatible_p(__typeof__(expr), curl_read_callback) ||      \
+   _curl_callback_compatible((expr), _curl_read_callback1) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback2) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback3) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback4) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback5) ||                 \
+   _curl_callback_compatible((expr), _curl_read_callback6))
+typedef size_t (_curl_read_callback1)(char *, size_t, size_t, void*);
+typedef size_t (_curl_read_callback2)(char *, size_t, size_t, const void*);
+typedef size_t (_curl_read_callback3)(char *, size_t, size_t, FILE*);
+typedef size_t (_curl_read_callback4)(void *, size_t, size_t, void*);
+typedef size_t (_curl_read_callback5)(void *, size_t, size_t, const void*);
+typedef size_t (_curl_read_callback6)(void *, size_t, size_t, FILE*);
+
+/* evaluates to true if expr is of type curl_write_callback or "similar" */
+#define _curl_is_write_cb(expr)                                               \
+  (_curl_is_read_cb(expr) ||                                            \
+   __builtin_types_compatible_p(__typeof__(expr), __typeof__(fwrite)) ||      \
+   __builtin_types_compatible_p(__typeof__(expr), curl_write_callback) ||     \
+   _curl_callback_compatible((expr), _curl_write_callback1) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback2) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback3) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback4) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback5) ||                \
+   _curl_callback_compatible((expr), _curl_write_callback6))
+typedef size_t (_curl_write_callback1)(const char *, size_t, size_t, void*);
+typedef size_t (_curl_write_callback2)(const char *, size_t, size_t, const void*);
+typedef size_t (_curl_write_callback3)(const char *, size_t, size_t, FILE*);
+typedef size_t (_curl_write_callback4)(const void *, size_t, size_t, void*);
+typedef size_t (_curl_write_callback5)(const void *, size_t, size_t, const void*);
+typedef size_t (_curl_write_callback6)(const void *, size_t, size_t, FILE*);
+
+/* evaluates to true if expr is of type curl_ioctl_callback or "similar" */
+#define _curl_is_ioctl_cb(expr)                                         \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_ioctl_callback) ||     \
+   _curl_callback_compatible((expr), _curl_ioctl_callback1) ||                \
+   _curl_callback_compatible((expr), _curl_ioctl_callback2) ||                \
+   _curl_callback_compatible((expr), _curl_ioctl_callback3) ||                \
+   _curl_callback_compatible((expr), _curl_ioctl_callback4))
+typedef curlioerr (_curl_ioctl_callback1)(CURL *, int, void*);
+typedef curlioerr (_curl_ioctl_callback2)(CURL *, int, const void*);
+typedef curlioerr (_curl_ioctl_callback3)(CURL *, curliocmd, void*);
+typedef curlioerr (_curl_ioctl_callback4)(CURL *, curliocmd, const void*);
+
+/* evaluates to true if expr is of type curl_sockopt_callback or "similar" */
+#define _curl_is_sockopt_cb(expr)                                       \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_sockopt_callback) ||   \
+   _curl_callback_compatible((expr), _curl_sockopt_callback1) ||              \
+   _curl_callback_compatible((expr), _curl_sockopt_callback2))
+typedef int (_curl_sockopt_callback1)(void *, curl_socket_t, curlsocktype);
+typedef int (_curl_sockopt_callback2)(const void *, curl_socket_t, curlsocktype);
+
+/* evaluates to true if expr is of type curl_opensocket_callback or "similar" */
+#define _curl_is_opensocket_cb(expr)                                    \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_opensocket_callback) ||\
+   _curl_callback_compatible((expr), _curl_opensocket_callback1) ||           \
+   _curl_callback_compatible((expr), _curl_opensocket_callback2) ||           \
+   _curl_callback_compatible((expr), _curl_opensocket_callback3) ||           \
+   _curl_callback_compatible((expr), _curl_opensocket_callback4))
+typedef curl_socket_t (_curl_opensocket_callback1)
+  (void *, curlsocktype, struct curl_sockaddr *);
+typedef curl_socket_t (_curl_opensocket_callback2)
+  (void *, curlsocktype, const struct curl_sockaddr *);
+typedef curl_socket_t (_curl_opensocket_callback3)
+  (const void *, curlsocktype, struct curl_sockaddr *);
+typedef curl_socket_t (_curl_opensocket_callback4)
+  (const void *, curlsocktype, const struct curl_sockaddr *);
+
+/* evaluates to true if expr is of type curl_progress_callback or "similar" */
+#define _curl_is_progress_cb(expr)                                      \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_progress_callback) ||  \
+   _curl_callback_compatible((expr), _curl_progress_callback1) ||             \
+   _curl_callback_compatible((expr), _curl_progress_callback2))
+typedef int (_curl_progress_callback1)(void *,
+    double, double, double, double);
+typedef int (_curl_progress_callback2)(const void *,
+    double, double, double, double);
+
+/* evaluates to true if expr is of type curl_debug_callback or "similar" */
+#define _curl_is_debug_cb(expr)                                         \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_debug_callback) ||     \
+   _curl_callback_compatible((expr), _curl_debug_callback1) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback2) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback3) ||                \
+   _curl_callback_compatible((expr), _curl_debug_callback4))
+typedef int (_curl_debug_callback1) (CURL *,
+    curl_infotype, char *, size_t, void *);
+typedef int (_curl_debug_callback2) (CURL *,
+    curl_infotype, char *, size_t, const void *);
+typedef int (_curl_debug_callback3) (CURL *,
+    curl_infotype, const char *, size_t, void *);
+typedef int (_curl_debug_callback4) (CURL *,
+    curl_infotype, const char *, size_t, const void *);
+
+/* evaluates to true if expr is of type curl_ssl_ctx_callback or "similar" */
+/* this is getting even messier... */
+#define _curl_is_ssl_ctx_cb(expr)                                       \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_ssl_ctx_callback) ||   \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback1) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback2) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback3) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback4) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback5) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback6) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback7) ||              \
+   _curl_callback_compatible((expr), _curl_ssl_ctx_callback8))
+typedef CURLcode (_curl_ssl_ctx_callback1)(CURL *, void *, void *);
+typedef CURLcode (_curl_ssl_ctx_callback2)(CURL *, void *, const void *);
+typedef CURLcode (_curl_ssl_ctx_callback3)(CURL *, const void *, void *);
+typedef CURLcode (_curl_ssl_ctx_callback4)(CURL *, const void *, const void *);
+#ifdef HEADER_SSL_H
+/* hack: if we included OpenSSL's ssl.h, we know about SSL_CTX
+ * this will of course break if we're included before OpenSSL headers...
+ */
+typedef CURLcode (_curl_ssl_ctx_callback5)(CURL *, SSL_CTX, void *);
+typedef CURLcode (_curl_ssl_ctx_callback6)(CURL *, SSL_CTX, const void *);
+typedef CURLcode (_curl_ssl_ctx_callback7)(CURL *, const SSL_CTX, void *);
+typedef CURLcode (_curl_ssl_ctx_callback8)(CURL *, const SSL_CTX, const void *);
+#else
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback5;
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback6;
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback7;
+typedef _curl_ssl_ctx_callback1 _curl_ssl_ctx_callback8;
+#endif
+
+/* evaluates to true if expr is of type curl_conv_callback or "similar" */
+#define _curl_is_conv_cb(expr)                                          \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_conv_callback) ||      \
+   _curl_callback_compatible((expr), _curl_conv_callback1) ||                 \
+   _curl_callback_compatible((expr), _curl_conv_callback2) ||                 \
+   _curl_callback_compatible((expr), _curl_conv_callback3) ||                 \
+   _curl_callback_compatible((expr), _curl_conv_callback4))
+typedef CURLcode (*_curl_conv_callback1)(char *, size_t length);
+typedef CURLcode (*_curl_conv_callback2)(const char *, size_t length);
+typedef CURLcode (*_curl_conv_callback3)(void *, size_t length);
+typedef CURLcode (*_curl_conv_callback4)(const void *, size_t length);
+
+/* evaluates to true if expr is of type curl_seek_callback or "similar" */
+#define _curl_is_seek_cb(expr)                                          \
+  (_curl_is_NULL(expr) ||                                                     \
+   __builtin_types_compatible_p(__typeof__(expr), curl_seek_callback) ||      \
+   _curl_callback_compatible((expr), _curl_seek_callback1) ||                 \
+   _curl_callback_compatible((expr), _curl_seek_callback2))
+typedef CURLcode (*_curl_seek_callback1)(void *, curl_off_t, int);
+typedef CURLcode (*_curl_seek_callback2)(const void *, curl_off_t, int);
+
+
+#endif /* __CURL_TYPECHECK_GCC_H */

lib/Makefile.Watcom

@@ -1,21 +1,32 @@
 #
 #  Watcom / OpenWatcom / Win32 makefile for libcurl.
-#  G. Vanem <giva@bgnett.no>
+#  G. Vanem <gvanem@broadpark.no>
 #
 # $Id$
 
-TARGETS = ca-bundle.h libcurl_wc.lib libcurl_wc.dll libcurl_wc_imp.lib
+TARGETS = ca-bundle.h libcurl_wc.dll libcurl_wc_imp.lib
 
 CC = wcc386
 
-CFLAGS = -3r -mf -d3 -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm -bt=nt -bd &
-         -d+ -dWIN32 -dCURL_CA_BUNDLE=getenv("CURL_CA_BUNDLE")                     &
+CFLAGS = -3r -mf -d3 -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm -bt=nt &
+         -bd -d+ -dWIN32 -dCURL_CA_BUNDLE=getenv("CURL_CA_BUNDLE")                 &
          -dBUILDING_LIBCURL -dWITHOUT_MM_LIB -dHAVE_SPNEGO=1 -dENABLE_IPV6         &
          -dDEBUG_THREADING_GETADDRINFO -dDEBUG=1 -dCURLDEBUG -d_WIN32_WINNT=0x0501 &
-         -I. -I..\include -dCURL_DISABLE_LDAP
+         -dWINBERAPI=__declspec(cdecl) -dWINLDAPAPI=__declspec(cdecl)              &
+         -I. -I..\include
 
-OBJ_DIR  = Watcom_obj
-LIB_ARG  = $(OBJ_DIR)\wlib.arg
+#
+# Change to suite.
+#
+ZLIB_ROOT = ..\..\..\zlib-1.2.3
+USE_ZLIB  = 0
+
+!ifeq USE_ZLIB 1
+CFLAGS += -dHAVE_ZLIB_H -dHAVE_LIBZ -I$(ZLIB_ROOT)
+!endif
+
+OBJ_DIR  = WC_Win32.obj
+C_ARG    = $(OBJ_DIR)\wcc386.arg
 LINK_ARG = $(OBJ_DIR)\wlink.arg
 
 OBJS = $(OBJ_DIR)\base64.obj           $(OBJ_DIR)\connect.obj     &
@@ -50,7 +61,7 @@ OBJS = $(OBJ_DIR)\base64.obj           $(OBJ_DIR)\connect.obj     &
 
 RESOURCE = $(OBJ_DIR)\libcurl.res
 
-all: $(OBJ_DIR) $(TARGETS) .SYMBOLIC
+all: $(OBJ_DIR) $(C_ARG) $(TARGETS) .SYMBOLIC
 	@echo Welcome to libcurl
 
 $(OBJ_DIR):
@@ -59,17 +70,14 @@ $(OBJ_DIR):
 ca-bundle.h:
 	@echo /* dummy ca-bundle.h. Not used */ > $@
 
-libcurl_wc.lib: $(OBJS) $(LIB_ARG)
-	wlib -q -b -c $@ @$(LIB_ARG)
-
-libcurl_wc.dll: $(OBJS) $(RESOURCE) $(LINK_ARG)
+libcurl_wc.dll libcurl_wc_imp.lib: $(OBJS) $(RESOURCE) $(LINK_ARG)
 	wlink name libcurl_wc.dll @$(LINK_ARG)
 
 clean: .SYMBOLIC
 	- rm -f $(OBJS) $(RESOURCE)
 
 vclean realclean: clean .SYMBOLIC
-	- rm -f $(TARGETS) $(LIB_ARG) $(LINK_ARG) libcurl_wc.map
+	- rm -f $(TARGETS) $(C_ARG) $(LINK_ARG) libcurl_wc.map
 	- rmdir $(OBJ_DIR)
 
 .ERASE
@@ -78,12 +86,11 @@ $(RESOURCE): libcurl.rc
 
 .ERASE
 .c{$(OBJ_DIR)}.obj:
-	$(CC) $[@ $(CFLAGS) -fo=$@
-	@echo .
+	$(CC) $[@ @$(C_ARG) -fo=$@
 
-$(LIB_ARG): $(__MAKEFILES__)
+$(C_ARG): $(__MAKEFILES__)
 	%create $^@
-	for %f in ($(OBJS)) do @%append $^@ +- %f
+	%append $^@ $(CFLAGS)
 
 $(LINK_ARG): $(__MAKEFILES__)
 	%create $^@
@@ -91,7 +98,10 @@ $(LINK_ARG): $(__MAKEFILES__)
 	@%append $^@ file { $(OBJS) }
 	@%append $^@ option quiet, map, caseexact, eliminate, implib=libcurl_wc_imp.lib,
 	@%append $^@ res=$(RESOURCE) libpath $(%watcom)\lib386;$(%watcom)\lib386\nt
-	@%append $^@ library clib3r.lib, ws2_32.lib
+	@%append $^@ library clib3r.lib, wldap32.lib, ws2_32.lib
+!ifeq USE_ZLIB 1
+	@%append $^@ library $(ZLIB_ROOT)\zlib.lib
+!endif
 
 #
 # Dependencies based on "gcc -MM .."

lib/Makefile.am

@@ -5,7 +5,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -30,12 +30,12 @@ DOCS = README.encoding README.memoryleak README.ares README.curlx	\
 
 EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 Makefile.riscos	\
  $(DSP) curllib.dsw config-win32.h config-win32ce.h config-riscos.h	\
- config-mac.h config.h.in ca-bundle.crt makefile.dj config.dos		\
+ config-mac.h config.h.in makefile.dj config.dos		\
  libcurl.framework.make libcurl.plist libcurl.rc config-amigaos.h	\
  amigaos.c amigaos.h makefile.amiga Makefile.netware nwlib.c nwos.c	\
  libcurl.imp msvcproj.head msvcproj.foot config-win32ce.h		\
  config-os400.h setup-os400.h \
- Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ)
+ Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ) mk-ca-bundle.pl
 
 CLEANFILES = $(DSP) $(VCPROJ)
 
@@ -111,14 +111,13 @@ $(top_builddir)/lib/ca-bundle.h: Makefile.in Makefile
 if CABUNDLE
 	echo '#define CURL_CA_BUNDLE @CURL_CA_BUNDLE@' >> $@
 else
-	echo '#undef CURL_CA_BUNDLE /* unknown */' >> $@
+	echo '#undef CURL_CA_BUNDLE /* unknown default path */' >> $@
+endif
+if CAPATH
+	echo '#define CURL_CA_PATH @CURL_CA_PATH@' >> $@
+else
+	echo '#undef CURL_CA_PATH /* unknown default path */' >>$@
 endif
-
-install-data-hook:
-	@if test -n "@CURL_CA_BUNDLE@"; then \
-	  $(mkinstalldirs) `dirname $(DESTDIR)@CURL_CA_BUNDLE@`; \
-	  @INSTALL_DATA@ $(srcdir)/ca-bundle.crt $(DESTDIR)@CURL_CA_BUNDLE@; \
-        fi
 
 # this hook is mainly for non-unix systems to build even if configure
 # isn't run

lib/Makefile.m32

@@ -1,8 +1,8 @@
 #########################################################################
 # $Id$
 #
-## Makefile for building libcurl.a with MingW32 (GCC-3.2) and
-## optionally OpenSSL (0.9.8), libssh2 (0.17), zlib (1.2.3)
+## Makefile for building libcurl.a with MingW32 (GCC-3.2)
+## and optionally OpenSSL (0.9.8), libssh2 (0.18), zlib (1.2.3)
 ##
 ## Usage:
 ## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
@@ -21,11 +21,11 @@ ZLIB_PATH = ../../zlib-1.2.3
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8e
+OPENSSL_PATH = ../../openssl-0.9.8g
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-0.17
+LIBSSH2_PATH = ../../libssh2-0.18
 endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
@@ -41,7 +41,7 @@ LDFLAGS = -s
 RANLIB = ranlib
 RC = windres
 RCFLAGS = --include-dir=../include -DCURLDEBUG=0 -O COFF -i
-RM = del /q /f
+RM = del /q /f > NUL 2>&1
 STRIP = strip -g
 
 ########################################################

lib/Makefile.netware

@@ -20,12 +20,12 @@ endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8e
+OPENSSL_PATH = ../../openssl-0.9.8g
 endif
 
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-0.16
+LIBSSH2_PATH = ../../libssh2-0.18
 endif
 
 ifndef INSTDIR
@@ -35,13 +35,16 @@ endif
 # Edit the vars below to change NLM target settings.
 TARGET  = libcurl
 VERSION	= $(LIBCURL_VERSION)
-COPYR	= Copyright (C) 1996 - 2007, Daniel Stenberg, <daniel@haxx.se>
+COPYR	= Copyright (C) $(LIBCURL_COPYRIGHT_STR)
 DESCR	= cURL libcurl $(LIBCURL_VERSION_STR) ($(LIBARCH)) - http://curl.haxx.se
 MTSAFE	= YES
 STACK	= 64000
 SCREEN	= none
 EXPORTS	= @libcurl.imp
 
+# Uncomment the next line to enable linking with POSIX semantics.
+# POSIXFL = 1
+
 # Edit the var below to point to your lib architecture.
 ifndef LIBARCH
 LIBARCH = LIBC
@@ -71,11 +74,13 @@ ifdef METROWERKS
 else
 	CC = gcc
 endif
+PERL	= perl
 # a native win32 awk can be downloaded from here:
-# http://www.gknw.net/development/prgtools/awk-20050424.zip
+# http://www.gknw.net/development/prgtools/awk-20070501.zip
 AWK	= awk
 YACC	= bison -y
 CP	= cp -afv
+MKDIR	= mkdir
 # RM	= rm -f
 # if you want to mark the target as MTSAFE you will need a tool for
 # generating the xdc data for the linker; here's a minimal tool:
@@ -102,7 +107,11 @@ CFLAGS	+= -msgstyle gcc -gccinc -inline off -opt nointrinsics -proc 586
 CFLAGS	+= -relax_pointers
 #CFLAGS	+= -w on
 ifeq ($(LIBARCH),LIBC)
+ifeq ($(POSIXFL),1)
+	PRELUDE = $(SDK_LIBC)/imports/posixpre.o
+else
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.o
+endif
 	CFLAGS += -align 4
 else
 	# PRELUDE = $(SDK_CLIB)/imports/clibpre.o
@@ -121,7 +130,11 @@ RANLIB	= ranlib
 CFLAGS	+= -fno-builtin -fpcc-struct-return -fno-strict-aliasing
 CFLAGS	+= -Wall # -pedantic
 ifeq ($(LIBARCH),LIBC)
+ifeq ($(POSIXFL),1)
+	PRELUDE = $(SDK_LIBC)/imports/posixpre.gcc.o
+else
 	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
+endif
 else
 	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
 	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
@@ -159,6 +172,7 @@ ifdef WITH_SSL
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/crypto.$(LIBEXT)
 	IMPORTS += GetProcessSwitchCount RunningProcess
+	INSTDEP += ca-bundle.crt
 endif
 ifdef WITH_ZLIB
 	INCLUDES += -I$(ZLIB_PATH)
@@ -226,11 +240,7 @@ $(OBJDIR)/version.inc: ../include/curl/curlver.h $(OBJDIR)
 	@echo Creating $@
 	@$(AWK) -f ../packages/NetWare/get_ver.awk $< > $@
 
-dist: all
-	-$(RM) $(OBJDIR)/*.o $(OBJDIR)/$(TARGET).map $(OBJDIR)/$(TARGET).ncv
-	-$(RM) $(OBJDIR)/$(TARGET).def $(OBJDIR)/version.inc $(XDCDATA)
-
-install: $(INSTDIR) all
+install: $(INSTDIR) all $(INSTDEP)
 	@$(CP) $(TARGET).nlm $(INSTDIR)
 	@$(CP) $(TARGET).$(LIBEXT) $(INSTDIR)
 	@$(CP) ../CHANGES $(INSTDIR)
@@ -238,7 +248,7 @@ install: $(INSTDIR) all
 	@$(CP) ../README $(INSTDIR)
 	@$(CP) ../RELEASE-NOTES $(INSTDIR)
 ifdef WITH_SSL
-	@$(CP) ca-bundle.crt $(INSTDIR)
+	@-$(CP) ca-bundle.crt $(INSTDIR)/ca-bundle.crt
 endif
 
 clean:
@@ -246,13 +256,11 @@ clean:
 	-$(RM) -r $(OBJDIR)
 
 distclean: clean
-	-$(RM) -r $(TARGET).$(LIBEXT) $(TARGET).nlm
+	-$(RM) $(TARGET).$(LIBEXT) $(TARGET).nlm
+	-$(RM) certdata.txt ca-bundle.crt
 
-$(INSTDIR):
-	@mkdir $(INSTDIR)
-
-$(OBJDIR):
-	@mkdir $(OBJDIR)
+$(OBJDIR) $(INSTDIR):
+	@$(MKDIR) $@
 
 $(TARGET).$(LIBEXT): $(OBJS)
 	@echo Creating $@
@@ -305,27 +313,36 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)import @$(SDK_CLIB)/imports/threads.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_CLIB)/imports/nlmlib.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_CLIB)/imports/socklib.imp$(DL) >> $@
+	@echo $(DL)module clib$(DL) >> $@
 ifndef DISABLE_LDAP
 	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapsdk.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapssl.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
-	@echo $(DL)module ldapsdk ldapssl ldapx$(DL) >> $@
+#	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
+	@echo $(DL)module ldapsdk ldapssl$(DL) >> $@
 endif
-	@echo $(DL)module clib$(DL) >> $@
 else
+ifeq ($(POSIXFL),1)
+	@echo $(DL)flag_on 4194304$(DL) >> $@
+endif
 	@echo $(DL)pseudopreemption$(DL) >> $@
+ifeq ($(findstring posixpre,$(PRELUDE)),posixpre)
+	@echo $(DL)start POSIX_Start$(DL) >> $@
+	@echo $(DL)exit POSIX_Stop$(DL) >> $@
+	@echo $(DL)check POSIX_CheckUnload$(DL) >> $@
+else
 	@echo $(DL)start _LibCPrelude$(DL) >> $@
 	@echo $(DL)exit _LibCPostlude$(DL) >> $@
 	@echo $(DL)check _LibCCheckUnload$(DL) >> $@
+endif
 	@echo $(DL)import @$(SDK_LIBC)/imports/libc.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LIBC)/imports/netware.imp$(DL) >> $@
+	@echo $(DL)module libc$(DL) >> $@
 ifndef DISABLE_LDAP
 	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapsdk.imp$(DL) >> $@
 	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapssl.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
-	@echo $(DL)module lldapsdk lldapssl lldapx$(DL) >> $@
+#	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
+	@echo $(DL)module lldapsdk lldapssl$(DL) >> $@
 endif
-	@echo $(DL)module libc$(DL) >> $@
 endif
 ifdef MODULES
 	@echo $(DL)module $(MODULES)$(DL) >> $@
@@ -336,9 +353,9 @@ endif
 ifdef IMPORTS
 	@echo $(DL)import $(IMPORTS)$(DL) >> $@
 endif
-ifeq ($(LD),nlmconv)
-	@echo $(DL)input $(OBJL)$(DL) >> $@
+ifeq ($(findstring nlmconv,$(LD)),nlmconv)
 	@echo $(DL)input $(PRELUDE)$(DL) >> $@
+	@echo $(DL)input $(OBJL)$(DL) >> $@
 #ifdef LDLIBS
 #	@echo $(DL)input $(LDLIBS)$(DL) >> $@
 #endif
@@ -372,7 +389,6 @@ ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV int$(DL) >> $@
 	@echo $(DL)#define socklen_t int$(DL) >> $@
-	@echo $(DL)#define DL_LDAP_FILE "ldapsdk.nlm"$(DL) >> $@
 else
 	@echo $(DL)#define OS "i586-pc-libc-NetWare"$(DL) >> $@
 	@echo $(DL)#define HAVE_FTRUNCATE 1$(DL) >> $@
@@ -405,7 +421,6 @@ else
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
 	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
-	@echo $(DL)#define DL_LDAP_FILE "lldapsdk.nlm"$(DL) >> $@
 ifdef ENABLE_IPV6
 	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
 endif
@@ -556,4 +571,8 @@ endif
 $(ARES_LIB)/libcares.$(LIBEXT):
 	$(MAKE) -C $(ARES_LIB) -f Makefile.netware lib
 
+ca-bundle.crt: mk-ca-bundle.pl
+	@echo Creating $@
+	@-$(PERL) $< -b -n $@
+
 

lib/Makefile.vc6

@@ -35,7 +35,7 @@ IMPLIB_NAME       = libcurl_imp
 IMPLIB_NAME_DEBUG = libcurld_imp
 
 !IFNDEF OPENSSL_PATH
-OPENSSL_PATH   = ../../openssl-0.9.8e
+OPENSSL_PATH   = ../../openssl-0.9.8g
 !ENDIF
 
 !IFNDEF ZLIB_PATH
@@ -58,7 +58,7 @@ MACHINE  = X86
 # It can be downloaded from:
 # http://www.microsoft.com/msdownload/platformsdk/sdkupdate/
 
-# USE_WINDOWS_SSPI = 1
+# WINDOWS_SSPI = 1
 
 !IFDEF WINDOWS_SSPI
 !IFNDEF WINDOWS_SDK_PATH

lib/base64.c

@@ -101,7 +101,7 @@ size_t Curl_base64_decode(const char *src, unsigned char **outptr)
   numQuantums = (length + equalsTerm) / 4;
 
   /* Don't allocate a buffer if the decoded length is 0 */
-  if (numQuantums <= 0)
+  if(numQuantums <= 0)
     return 0;
 
   rawlen = (numQuantums * 3) - equalsTerm;

lib/config-win32.h

@@ -347,6 +347,36 @@
 #define HAVE_LONGLONG 1
 #endif
 
+/* Define to avoid VS2005 complaining about portable C functions */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#define _CRT_NONSTDC_NO_DEPRECATE 1
+#endif
+
+/* VS2005 and later dafault size for time_t is 64-bit, unless */
+/* _USE_32BIT_TIME_T has been defined to get a 32-bit time_t. */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#  ifndef _USE_32BIT_TIME_T
+#    define SIZEOF_TIME_T 8
+#  else
+#    define SIZEOF_TIME_T 4
+#  endif
+#endif
+
+/* VS2008 does not support Windows build targets prior to WinXP, */
+/* so, if no build target has been defined we will target WinXP. */
+#if defined(_MSC_VER) && (_MSC_VER >= 1500)
+#  ifndef _WIN32_WINNT
+#    define _WIN32_WINNT 0x0501
+#  endif
+#  ifndef WINVER
+#    define WINVER 0x0501
+#  endif
+#  if (_WIN32_WINNT < 0x0501) || (WINVER < 0x0501)
+#    error VS2008 does not support Windows build targets prior to WinXP
+#  endif
+#endif
+
 /* ---------------------------------------------------------------- */
 /*                           LDAP SUPPORT                           */
 /* ---------------------------------------------------------------- */
@@ -370,10 +400,6 @@
 /*                       ADDITIONAL DEFINITIONS                     */
 /* ---------------------------------------------------------------- */
 
-/* Defines set for VS2005 to _not_ deprecate a few functions we use. */
-#define _CRT_SECURE_NO_DEPRECATE 1
-#define _CRT_NONSTDC_NO_DEPRECATE 1
-
 /* Define cpu-machine-OS */
 #undef OS
 #if defined(_M_IX86) || defined(__i386__) /* x86 (MSVC or gcc) */

lib/config-win32ce.h

@@ -308,6 +308,22 @@
 /* Undef keyword 'const' if it does not work.  */
 /* #undef const */
 
+/* Define to avoid VS2005 complaining about portable C functions */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#define _CRT_SECURE_NO_DEPRECATE 1
+#define _CRT_NONSTDC_NO_DEPRECATE 1
+#endif
+
+/* VS2005 and later dafault size for time_t is 64-bit, unless */
+/* _USE_32BIT_TIME_T has been defined to get a 32-bit time_t. */
+#if defined(_MSC_VER) && (_MSC_VER >= 1400)
+#  ifndef _USE_32BIT_TIME_T
+#    define SIZEOF_TIME_T 8
+#  else
+#    define SIZEOF_TIME_T 4
+#  endif
+#endif
+
 /* ---------------------------------------------------------------- */
 /*                           LDAP SUPPORT                           */
 /* ---------------------------------------------------------------- */
@@ -320,10 +336,6 @@
 /*                       ADDITIONAL DEFINITIONS                     */
 /* ---------------------------------------------------------------- */
 
-/* Defines set for VS2005 to _not_ deprecate a few functions we use. */
-#define _CRT_SECURE_NO_DEPRECATE 1
-#define _CRT_NONSTDC_NO_DEPRECATE 1
-
 /* Define cpu-machine-OS */
 #undef OS
 #define OS "i386-pc-win32ce"

lib/connect.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -101,6 +101,66 @@ singleipconnect(struct connectdata *conn,
                 long timeout_ms,
                 bool *connected);
 
+/*
+ * Curl_timeleft() returns the amount of milliseconds left allowed for the
+ * transfer/connection. If the value is negative, the timeout time has already
+ * elapsed.
+ *
+ * If 'nowp' is non-NULL, it points to the current time.
+ * 'duringconnect' is FALSE if not during a connect, as then of course the
+ * connect timeout is not taken into account!
+ */
+long Curl_timeleft(struct connectdata *conn,
+                   struct timeval *nowp,
+                   bool duringconnect)
+{
+  struct SessionHandle *data = conn->data;
+  int timeout_set = 0;
+  long timeout_ms = duringconnect?DEFAULT_CONNECT_TIMEOUT:0;
+  struct timeval now;
+
+  /* if a timeout is set, use the most restrictive one */
+
+  if(data->set.timeout > 0)
+    timeout_set |= 1;
+  if(duringconnect && (data->set.connecttimeout > 0))
+    timeout_set |= 2;
+
+  switch (timeout_set) {
+  case 1:
+    timeout_ms = data->set.timeout;
+    break;
+  case 2:
+    timeout_ms = data->set.connecttimeout;
+    break;
+  case 3:
+    if(data->set.timeout < data->set.connecttimeout)
+      timeout_ms = data->set.timeout;
+    else
+      timeout_ms = data->set.connecttimeout;
+    break;
+  default:
+    /* use the default */
+    if(!duringconnect)
+      /* if we're not during connect, there's no default timeout so if we're
+         at zero we better just return zero and not make it a negative number
+         by the math below */
+      return 0;
+    break;
+  }
+
+  if(!nowp) {
+    now = Curl_tvnow();
+    nowp = &now;
+  }
+
+  /* substract elapsed time */
+  timeout_ms -= Curl_tvdiff(*nowp, data->progress.t_startsingle);
+
+  return timeout_ms;
+}
+
+
 /*
  * Curl_nonblock() set the given socket to either blocking or non-blocking
  * mode based on the 'nonblock' boolean argument. This function is highly
@@ -116,7 +176,7 @@ int Curl_nonblock(curl_socket_t sockfd,    /* operate on this */
   int flags;
 
   flags = fcntl(sockfd, F_GETFL, 0);
-  if (FALSE != nonblock)
+  if(FALSE != nonblock)
     return fcntl(sockfd, F_SETFL, flags | O_NONBLOCK);
   else
     return fcntl(sockfd, F_SETFL, flags & (~O_NONBLOCK));
@@ -165,7 +225,7 @@ int Curl_nonblock(curl_socket_t sockfd,    /* operate on this */
 #define SETBLOCK 6
 #endif
 
-#if (SETBLOCK == 0)
+#if(SETBLOCK == 0)
 #error "no non-blocking method was found/used/set"
 #endif
 }
@@ -233,7 +293,7 @@ static CURLcode bindlocal(struct connectdata *conn,
   /*************************************************************
    * Select device to bind socket to
    *************************************************************/
-  if (dev && (strlen(dev)<255) ) {
+  if(dev && (strlen(dev)<255) ) {
     struct Curl_dns_entry *h=NULL;
     char myhost[256] = "";
     in_addr_t in;
@@ -303,11 +363,11 @@ static CURLcode bindlocal(struct connectdata *conn,
      * interfaces to go out the external interface.
      *
      */
-    if (was_iface) {
+    if(was_iface) {
       /* Only bind to the interface when specified as interface, not just as a
        * hostname or ip address.
        */
-      if (setsockopt(sockfd, SOL_SOCKET, SO_BINDTODEVICE,
+      if(setsockopt(sockfd, SOL_SOCKET, SO_BINDTODEVICE,
                      dev, strlen(dev)+1) != 0) {
         /* printf("Failed to BINDTODEVICE, socket: %d  device: %s error: %s\n",
            sockfd, dev, Curl_strerror(SOCKERRNO)); */
@@ -323,12 +383,12 @@ static CURLcode bindlocal(struct connectdata *conn,
 #ifdef ENABLE_IPV6
     in6 = Curl_inet_pton (AF_INET6, myhost, (void *)&ipv6_addr);
 #endif
-    if (CURL_INADDR_NONE == in && -1 == in6) {
+    if(CURL_INADDR_NONE == in && -1 == in6) {
       failf(data,"couldn't find my own IP address (%s)", myhost);
       return CURLE_INTERFACE_FAILED;
     } /* end of inet_addr */
 
-    if ( h ) {
+    if( h ) {
       Curl_addrinfo *addr = h->addr;
       sock = addr->ai_addr;
       socksize = addr->ai_addrlen;
@@ -433,33 +493,33 @@ static bool verifyconnect(curl_socket_t sockfd, int *error)
 
 #endif
 
-  if (0 != getsockopt(sockfd, SOL_SOCKET, SO_ERROR, (void *)&err, &errSize))
+  if(0 != getsockopt(sockfd, SOL_SOCKET, SO_ERROR, (void *)&err, &errSize))
     err = SOCKERRNO;
 #ifdef _WIN32_WCE
   /* Old WinCE versions don't support SO_ERROR */
-  if (WSAENOPROTOOPT == err) {
+  if(WSAENOPROTOOPT == err) {
     SET_SOCKERRNO(0);
     err = 0;
   }
 #endif
 #ifdef __minix
   /* Minix 3.1.x doesn't support getsockopt on UDP sockets */
-  if (EBADIOCTL == err) {
+  if(EBADIOCTL == err) {
     SET_SOCKERRNO(0);
     err = 0;
   }
 #endif
-  if ((0 == err) || (EISCONN == err))
+  if((0 == err) || (EISCONN == err))
     /* we are connected, awesome! */
     rc = TRUE;
   else
     /* This wasn't a successful connect */
     rc = FALSE;
-  if (error)
+  if(error)
     *error = err;
 #else
   (void)sockfd;
-  if (error)
+  if(error)
     *error = SOCKERRNO;
 #endif
   return rc;
@@ -504,7 +564,7 @@ static bool trynextip(struct connectdata *conn,
   /* try the next address */
   ai = conn->ip_addr->ai_next;
 
-  while (ai) {
+  while(ai) {
     sockfd = singleipconnect(conn, ai, 0L, connected);
     if(sockfd != CURL_SOCKET_BAD) {
       /* store the new socket descriptor */
@@ -533,42 +593,33 @@ CURLcode Curl_is_connected(struct connectdata *conn,
   CURLcode code = CURLE_OK;
   curl_socket_t sockfd = conn->sock[sockindex];
   long allow = DEFAULT_CONNECT_TIMEOUT;
-  long allow_total = 0;
-  long has_passed;
 
   DEBUGASSERT(sockindex >= FIRSTSOCKET && sockindex <= SECONDARYSOCKET);
 
   *connected = FALSE; /* a very negative world view is best */
 
-  /* Evaluate in milliseconds how much time that has passed */
-  has_passed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
-
-  /* subtract the most strict timeout of the ones */
-  if(data->set.timeout && data->set.connecttimeout) {
-    if (data->set.timeout < data->set.connecttimeout)
-      allow_total = allow = data->set.timeout;
-    else
-      allow = data->set.connecttimeout;
-  }
-  else if(data->set.timeout) {
-    allow_total = allow = data->set.timeout;
-  }
-  else if(data->set.connecttimeout) {
-    allow = data->set.connecttimeout;
-  }
-
-  if(has_passed > allow ) {
-    /* time-out, bail out, go home */
-    failf(data, "Connection time-out after %ld ms", has_passed);
-    return CURLE_OPERATION_TIMEDOUT;
-  }
   if(conn->bits.tcpconnect) {
     /* we are connected already! */
+    long allow_total = 0;
+
+    /* subtract the most strict timeout of the ones */
+    if(data->set.timeout)
+      allow_total = data->set.timeout;
+
     Curl_expire(data, allow_total);
     *connected = TRUE;
     return CURLE_OK;
   }
 
+  /* figure out how long time we have left to connect */
+  allow = Curl_timeleft(conn, NULL, TRUE);
+
+  if(allow < 0) {
+    /* time-out, bail out, go home */
+    failf(data, "Connection time-out");
+    return CURLE_OPERATION_TIMEDOUT;
+  }
+
   Curl_expire(data, allow);
 
   /* check for connect without timeout as we want to return immediately */
@@ -576,7 +627,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
 
   if(WAITCONN_CONNECTED == rc) {
     int error;
-    if (verifyconnect(sockfd, &error)) {
+    if(verifyconnect(sockfd, &error)) {
       /* we are connected, awesome! */
       *connected = TRUE;
       return CURLE_OK;
@@ -594,7 +645,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
     int error = 0;
 
     /* nope, not connected  */
-    if (WAITCONN_FDSET_ERROR == rc) {
+    if(WAITCONN_FDSET_ERROR == rc) {
       (void)verifyconnect(sockfd, &error);
       data->state.os_errno = error;
       infof(data, "%s\n",Curl_strerror(conn,error));
@@ -628,7 +679,7 @@ static void tcpnodelay(struct connectdata *conn,
 
 #ifdef HAVE_GETPROTOBYNAME
   struct protoent *pe = getprotobyname("tcp");
-  if (pe)
+  if(pe)
     proto = pe->p_proto;
 #endif
 
@@ -694,7 +745,7 @@ singleipconnect(struct connectdata *conn,
   addr->protocol=ai->ai_protocol;
   addr->addrlen =
     (ai->ai_addrlen < (socklen_t)sizeof(struct Curl_sockaddr_storage)) ?
-     ai->ai_addrlen : (socklen_t)sizeof(struct Curl_sockaddr_storage);
+     (unsigned int)ai->ai_addrlen : sizeof(struct Curl_sockaddr_storage);
   memcpy(&addr->addr, ai->ai_addr, addr->addrlen);
 
   /* If set, use opensocket callback to get the socket */
@@ -703,7 +754,7 @@ singleipconnect(struct connectdata *conn,
                                    CURLSOCKTYPE_IPCXN, addr);
   else
     sockfd = socket(addr->family, addr->socktype, addr->protocol);
-  if (sockfd == CURL_SOCKET_BAD)
+  if(sockfd == CURL_SOCKET_BAD)
     return CURL_SOCKET_BAD;
 
   *connected = FALSE; /* default is not connected */
@@ -728,7 +779,7 @@ singleipconnect(struct connectdata *conn,
     error = data->set.fsockopt(data->set.sockopt_client,
                                sockfd,
                                CURLSOCKTYPE_IPCXN);
-    if (error) {
+    if(error) {
       sclose(sockfd); /* close the socket and bail out */
       return CURL_SOCKET_BAD;
     }
@@ -821,7 +872,6 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
   int num_addr;
   Curl_addrinfo *ai;
   Curl_addrinfo *curr_addr;
-  int timeout_set = 0;
 
   struct timeval after;
   struct timeval before = Curl_tvnow();
@@ -834,40 +884,14 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
 
   *connected = FALSE; /* default to not connected */
 
-  /* if a timeout is set, use the most restrictive one */
+  /* get the timeout left */
+  timeout_ms = Curl_timeleft(conn, &before, TRUE);
 
-  if (data->set.timeout > 0)
-    timeout_set += 1;
-  if (data->set.connecttimeout > 0)
-    timeout_set += 2;
-
-  switch (timeout_set) {
-  case 1:
-    timeout_ms = data->set.timeout;
-    break;
-  case 2:
-    timeout_ms = data->set.connecttimeout;
-    break;
-  case 3:
-    if (data->set.timeout < data->set.connecttimeout)
-      timeout_ms = data->set.timeout;
-    else
-      timeout_ms = data->set.connecttimeout;
-    break;
-  default:
-    timeout_ms = DEFAULT_CONNECT_TIMEOUT;
-    break;
-  }
-
-  if (timeout_set > 0) {
-    /* if a timeout was already set, substract elapsed time */
-    timeout_ms -= Curl_tvdiff(before, data->progress.t_startsingle);
   if(timeout_ms < 0) {
     /* a precaution, no need to continue if time already is up */
     failf(data, "Connection time-out");
     return CURLE_OPERATION_TIMEDOUT;
   }
-  }
   Curl_expire(data, timeout_ms);
 
   /* Max time for each address */
@@ -906,7 +930,7 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
     before = after;
   }  /* end of connect-to-each-address loop */
 
-  if (sockfd == CURL_SOCKET_BAD) {
+  if(sockfd == CURL_SOCKET_BAD) {
     /* no good connect was made */
     *sockconn = CURL_SOCKET_BAD;
     failf(data, "couldn't connect to host");

lib/connect.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -31,14 +31,20 @@ CURLcode Curl_is_connected(struct connectdata *conn,
                            bool *connected);
 
 CURLcode Curl_connecthost(struct connectdata *conn,
-                          const struct Curl_dns_entry *host, /* connect to this */
+                          const struct Curl_dns_entry *host, /* connect to
+                                                                this */
                           curl_socket_t *sockconn, /* not set if error */
                           Curl_addrinfo **addr, /* the one we used */
-                          bool *connected /* truly connected? */
-                          );
+                          bool *connected); /* truly connected? */
 
 CURLcode Curl_store_ip_addr(struct connectdata *conn);
 
+/* generic function that returns how much time there's left to run, according
+   to the timeouts set */
+long Curl_timeleft(struct connectdata *conn,
+                   struct timeval *nowp,
+                   bool duringconnect);
+
 #define DEFAULT_CONNECT_TIMEOUT 300000 /* milliseconds == five minutes */
 
 #endif

lib/content_encoding.c

@@ -57,7 +57,7 @@ static CURLcode
 process_zlib_error(struct connectdata *conn, z_stream *z)
 {
   struct SessionHandle *data = conn->data;
-  if (z->msg)
+  if(z->msg)
     failf (data, "Error while processing content unencoding: %s",
            z->msg);
   else
@@ -77,7 +77,7 @@ exit_zlib(z_stream *z, zlibInitState *zlib_init, CURLcode result)
 
 static CURLcode
 inflate_stream(struct connectdata *conn,
-               struct Curl_transfer_keeper *k)
+               struct SingleRequest *k)
 {
   int allow_restart = 1;
   z_stream *z = &k->z;          /* zlib state structure */
@@ -90,7 +90,7 @@ inflate_stream(struct connectdata *conn,
   /* Dynamically allocate a buffer for decompression because it's uncommonly
      large to hold on the stack */
   decomp = (char*)malloc(DSIZ);
-  if (decomp == NULL) {
+  if(decomp == NULL) {
     return exit_zlib(z, &k->zlib_init, CURLE_OUT_OF_MEMORY);
   }
 
@@ -102,39 +102,39 @@ inflate_stream(struct connectdata *conn,
     z->avail_out = DSIZ;
 
     status = inflate(z, Z_SYNC_FLUSH);
-    if (status == Z_OK || status == Z_STREAM_END) {
+    if(status == Z_OK || status == Z_STREAM_END) {
       allow_restart = 0;
       if(DSIZ - z->avail_out) {
         result = Curl_client_write(conn, CLIENTWRITE_BODY, decomp,
                                    DSIZ - z->avail_out);
         /* if !CURLE_OK, clean up, return */
-        if (result) {
+        if(result) {
           free(decomp);
           return exit_zlib(z, &k->zlib_init, result);
         }
       }
 
       /* Done? clean up, return */
-      if (status == Z_STREAM_END) {
+      if(status == Z_STREAM_END) {
         free(decomp);
-        if (inflateEnd(z) == Z_OK)
+        if(inflateEnd(z) == Z_OK)
           return exit_zlib(z, &k->zlib_init, result);
         else
           return exit_zlib(z, &k->zlib_init, process_zlib_error(conn, z));
       }
 
       /* Done with these bytes, exit */
-      if (status == Z_OK && z->avail_in == 0) {
+      if(status == Z_OK && z->avail_in == 0) {
         free(decomp);
         return result;
       }
     }
-    else if (allow_restart && status == Z_DATA_ERROR) {
+    else if(allow_restart && status == Z_DATA_ERROR) {
       /* some servers seem to not generate zlib headers, so this is an attempt
          to fix and continue anyway */
 
       (void) inflateEnd(z);	/* don't care about the return code */
-      if (inflateInit2(z, -MAX_WBITS) != Z_OK) {
+      if(inflateInit2(z, -MAX_WBITS) != Z_OK) {
         return process_zlib_error(conn, z);
       }
       z->next_in = orig_in;
@@ -152,19 +152,19 @@ inflate_stream(struct connectdata *conn,
 
 CURLcode
 Curl_unencode_deflate_write(struct connectdata *conn,
-                            struct Curl_transfer_keeper *k,
+                            struct SingleRequest *k,
                             ssize_t nread)
 {
   z_stream *z = &k->z;          /* zlib state structure */
 
   /* Initialize zlib? */
-  if (k->zlib_init == ZLIB_UNINIT) {
+  if(k->zlib_init == ZLIB_UNINIT) {
     z->zalloc = (alloc_func)Z_NULL;
     z->zfree = (free_func)Z_NULL;
     z->opaque = 0;
     z->next_in = NULL;
     z->avail_in = 0;
-    if (inflateInit(z) != Z_OK)
+    if(inflateInit(z) != Z_OK)
       return process_zlib_error(conn, z);
     k->zlib_init = ZLIB_INIT;
   }
@@ -189,16 +189,16 @@ static enum {
   const ssize_t totallen = len;
 
   /* The shortest header is 10 bytes */
-  if (len < 10)
+  if(len < 10)
     return GZIP_UNDERFLOW;
 
-  if ((data[0] != GZIP_MAGIC_0) || (data[1] != GZIP_MAGIC_1))
+  if((data[0] != GZIP_MAGIC_0) || (data[1] != GZIP_MAGIC_1))
     return GZIP_BAD;
 
   method = data[2];
   flags = data[3];
 
-  if (method != Z_DEFLATED || (flags & RESERVED) != 0) {
+  if(method != Z_DEFLATED || (flags & RESERVED) != 0) {
     /* Can't handle this compression method or unknown flag */
     return GZIP_BAD;
   }
@@ -207,28 +207,28 @@ static enum {
   len -= 10;
   data += 10;
 
-  if (flags & EXTRA_FIELD) {
+  if(flags & EXTRA_FIELD) {
     ssize_t extra_len;
 
-    if (len < 2)
+    if(len < 2)
       return GZIP_UNDERFLOW;
 
     extra_len = (data[1] << 8) | data[0];
 
-    if (len < (extra_len+2))
+    if(len < (extra_len+2))
       return GZIP_UNDERFLOW;
 
     len -= (extra_len + 2);
     data += (extra_len + 2);
   }
 
-  if (flags & ORIG_NAME) {
+  if(flags & ORIG_NAME) {
     /* Skip over NUL-terminated file name */
-    while (len && *data) {
+    while(len && *data) {
       --len;
       ++data;
     }
-    if (!len || *data)
+    if(!len || *data)
       return GZIP_UNDERFLOW;
 
     /* Skip over the NUL */
@@ -236,13 +236,13 @@ static enum {
     ++data;
   }
 
-  if (flags & COMMENT) {
+  if(flags & COMMENT) {
     /* Skip over NUL-terminated comment */
-    while (len && *data) {
+    while(len && *data) {
       --len;
       ++data;
     }
-    if (!len || *data)
+    if(!len || *data)
       return GZIP_UNDERFLOW;
 
     /* Skip over the NUL */
@@ -250,8 +250,8 @@ static enum {
     ++data;
   }
 
-  if (flags & HEAD_CRC) {
-    if (len < 2)
+  if(flags & HEAD_CRC) {
+    if(len < 2)
       return GZIP_UNDERFLOW;
 
     len -= 2;
@@ -265,36 +265,36 @@ static enum {
 
 CURLcode
 Curl_unencode_gzip_write(struct connectdata *conn,
-                         struct Curl_transfer_keeper *k,
+                         struct SingleRequest *k,
                          ssize_t nread)
 {
   z_stream *z = &k->z;          /* zlib state structure */
 
   /* Initialize zlib? */
-  if (k->zlib_init == ZLIB_UNINIT) {
+  if(k->zlib_init == ZLIB_UNINIT) {
     z->zalloc = (alloc_func)Z_NULL;
     z->zfree = (free_func)Z_NULL;
     z->opaque = 0;
     z->next_in = NULL;
     z->avail_in = 0;
 
-    if (strcmp(zlibVersion(), "1.2.0.4") >= 0) {
+    if(strcmp(zlibVersion(), "1.2.0.4") >= 0) {
         /* zlib ver. >= 1.2.0.4 supports transparent gzip decompressing */
-        if (inflateInit2(z, MAX_WBITS+32) != Z_OK) {
+        if(inflateInit2(z, MAX_WBITS+32) != Z_OK) {
           return process_zlib_error(conn, z);
         }
         k->zlib_init = ZLIB_INIT_GZIP; /* Transparent gzip decompress state */
 
     } else {
         /* we must parse the gzip header ourselves */
-        if (inflateInit2(z, -MAX_WBITS) != Z_OK) {
+        if(inflateInit2(z, -MAX_WBITS) != Z_OK) {
           return process_zlib_error(conn, z);
         }
         k->zlib_init = ZLIB_INIT;   /* Initial call state */
     }
   }
 
-  if (k->zlib_init == ZLIB_INIT_GZIP) {
+  if(k->zlib_init == ZLIB_INIT_GZIP) {
      /* Let zlib handle the gzip decompression entirely */
      z->next_in = (Bytef *)k->str;
      z->avail_in = (uInt)nread;
@@ -342,7 +342,7 @@ Curl_unencode_gzip_write(struct connectdata *conn,
        */
       z->avail_in = (uInt)nread;
       z->next_in = malloc(z->avail_in);
-      if (z->next_in == NULL) {
+      if(z->next_in == NULL) {
         return exit_zlib(z, &k->zlib_init, CURLE_OUT_OF_MEMORY);
       }
       memcpy(z->next_in, k->str, z->avail_in);
@@ -366,7 +366,7 @@ Curl_unencode_gzip_write(struct connectdata *conn,
 
     z->avail_in += nread;
     z->next_in = realloc(z->next_in, z->avail_in);
-    if (z->next_in == NULL) {
+    if(z->next_in == NULL) {
       free(oldblock);
       return exit_zlib(z, &k->zlib_init, CURLE_OUT_OF_MEMORY);
     }
@@ -404,7 +404,7 @@ Curl_unencode_gzip_write(struct connectdata *conn,
     break;
   }
 
-  if (z->avail_in == 0) {
+  if(z->avail_in == 0) {
     /* We don't have any data to inflate; wait until next time */
     return CURLE_OK;
   }

lib/content_encoding.h

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -32,10 +32,10 @@
 #endif
 
 CURLcode Curl_unencode_deflate_write(struct connectdata *conn,
-                                     struct Curl_transfer_keeper *k,
+                                     struct SingleRequest *req,
                                      ssize_t nread);
 
 CURLcode
 Curl_unencode_gzip_write(struct connectdata *conn,
-                         struct Curl_transfer_keeper *k,
+                         struct SingleRequest *k,
                          ssize_t nread);

lib/cookie.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -367,8 +367,12 @@ Curl_cookie_add(struct SessionHandle *data,
       else {
         if(sscanf(ptr, "%" MAX_COOKIE_LINE_TXT "[^;\r\n]",
                   what)) {
-          if(strequal("secure", what))
+          if(strequal("secure", what)) {
             co->secure = TRUE;
+          }
+          else if (strequal("httponly", what)) {
+            co->httponly = TRUE;
+          }
           /* else,
              unsupported keyword without assign! */
 
@@ -433,6 +437,19 @@ Curl_cookie_add(struct SessionHandle *data,
     char *tok_buf;
     int fields;
 
+    /* IE introduced HTTP-only cookies to prevent XSS attacks. Cookies 
+       marked with httpOnly after the domain name are not accessible  
+       from javascripts, but since curl does not operate at javascript  
+       level, we include them anyway. In Firefox's cookie files, these 
+       lines are preceeded with #HttpOnly_ and then everything is
+       as usual, so we skip 10 characters of the line..
+    */
+    if (strncmp(lineptr, "#HttpOnly_", 10) == 0) {
+      lineptr += 10;
+      co->httponly = TRUE;
+    }
+
+
     if(lineptr[0]=='#') {
       /* don't even try the comments */
       free(co);
@@ -483,7 +500,7 @@ Curl_cookie_add(struct SessionHandle *data,
         /* It turns out, that sometimes the file format allows the path
            field to remain not filled in, we try to detect this and work
            around it! Andr<64>s Garc<72>a made us aware of this... */
-        if (strcmp("TRUE", ptr) && strcmp("FALSE", ptr)) {
+        if(strcmp("TRUE", ptr) && strcmp("FALSE", ptr)) {
           /* only if the path doesn't look like a boolean option! */
           co->path = strdup(ptr);
           if(!co->path)
@@ -812,7 +829,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
 void Curl_cookie_clearall(struct CookieInfo *cookies)
 {
   if(cookies) {
-    Curl_cookie_freelist(cookies->cookies);
+    Curl_cookie_freelist(cookies->cookies, TRUE);
     cookies->cookies = NULL;
     cookies->numcookies = 0;
   }
@@ -824,16 +841,22 @@ void Curl_cookie_clearall(struct CookieInfo *cookies)
  *
  * Free a list of cookies previously returned by Curl_cookie_getlist();
  *
+ * The 'cookiestoo' argument tells this function whether to just free the
+ * list or actually also free all cookies within the list as well.
+ *
  ****************************************************************************/
 
-void Curl_cookie_freelist(struct Cookie *co)
+void Curl_cookie_freelist(struct Cookie *co, bool cookiestoo)
 {
   struct Cookie *next;
   if(co) {
     while(co) {
       next = co->next;
-      free(co); /* we only free the struct since the "members" are all
-                      just copied! */
+      if(cookiestoo)
+        freecookie(co);
+      else
+        free(co); /* we only free the struct since the "members" are all just
+                     pointed out in the main cookie list! */
       co = next;
     }
   }
@@ -867,7 +890,7 @@ void Curl_cookie_clearsess(struct CookieInfo *cookies)
       else
         prev->next = next;
 
-      free(curr);
+      freecookie(curr);
       cookies->numcookies--;
     }
     else
@@ -912,6 +935,7 @@ void Curl_cookie_cleanup(struct CookieInfo *c)
 static char *get_netscape_format(const struct Cookie *co)
 {
   return aprintf(
+    "%s"     /* httponly preamble */
     "%s%s\t" /* domain */
     "%s\t"   /* tailmatch */
     "%s\t"   /* path */
@@ -919,6 +943,7 @@ static char *get_netscape_format(const struct Cookie *co)
     "%" FORMAT_OFF_T "\t"   /* expires */
     "%s\t"   /* name */
     "%s",    /* value */
+    co->httponly?"#HttpOnly_":"",
     /* Make sure all domains are prefixed with a dot if they allow
        tailmatching. This is Mozilla-style. */
     (co->tailmatch && co->domain && co->domain[0] != '.')? ".":"",
@@ -972,7 +997,7 @@ int Curl_cookie_output(struct CookieInfo *c, const char *dumphere)
 
     while(co) {
       format_ptr = get_netscape_format(co);
-      if (format_ptr == NULL) {
+      if(format_ptr == NULL) {
         fprintf(out, "#\n# Fatal libcurl error\n");
         fclose(out);
         return 1;
@@ -996,27 +1021,27 @@ struct curl_slist *Curl_cookie_list(struct SessionHandle *data)
   struct Cookie *c;
   char *line;
 
-  if ((data->cookies == NULL) ||
+  if((data->cookies == NULL) ||
       (data->cookies->numcookies == 0))
     return NULL;
 
   c = data->cookies->cookies;
 
   beg = list;
-  while (c) {
+  while(c) {
     /* fill the list with _all_ the cookies we know */
     line = get_netscape_format(c);
-    if (line == NULL) {
+    if(line == NULL) {
       curl_slist_free_all(beg);
       return NULL;
     }
     list = curl_slist_append(list, line);
     free(line);
-    if (list == NULL) {
+    if(list == NULL) {
       curl_slist_free_all(beg);
       return NULL;
     }
-    else if (beg == NULL) {
+    else if(beg == NULL) {
       beg = list;
     }
     c = c->next;

lib/cookie.h

@@ -7,7 +7,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2006, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -50,6 +50,7 @@ struct Cookie {
 
   bool secure;       /* whether the 'secure' keyword was used */
   bool livecookie;   /* updated from a server, not a stored file */
+  bool httponly;     /* true if the httponly directive is present */
 };
 
 struct CookieInfo {
@@ -91,7 +92,7 @@ struct CookieInfo *Curl_cookie_init(struct SessionHandle *data,
                                     const char *, struct CookieInfo *, bool);
 struct Cookie *Curl_cookie_getlist(struct CookieInfo *, const char *,
 		                   const char *, bool);
-void Curl_cookie_freelist(struct Cookie *);
+void Curl_cookie_freelist(struct Cookie *cookies, bool cookiestoo);
 void Curl_cookie_clearall(struct CookieInfo *cookies);
 void Curl_cookie_clearsess(struct CookieInfo *cookies);
 void Curl_cookie_cleanup(struct CookieInfo *);

lib/dict.c

@@ -87,7 +87,7 @@
  * Forward declarations.
  */
 
-static CURLcode Curl_dict(struct connectdata *conn, bool *done);
+static CURLcode dict_do(struct connectdata *conn, bool *done);
 
 /*
  * DICT protocol handler.
@@ -96,7 +96,7 @@ static CURLcode Curl_dict(struct connectdata *conn, bool *done);
 const struct Curl_handler Curl_handler_dict = {
   "DICT",                               /* scheme */
   ZERO_NULL,                            /* setup_connection */
-  Curl_dict,                            /* do_it */
+  dict_do,                              /* do_it */
   ZERO_NULL,                            /* done */
   ZERO_NULL,                            /* do_more */
   ZERO_NULL,                            /* connect_it */
@@ -129,7 +129,7 @@ static char *unescape_word(struct SessionHandle *data, const char *inp)
     for(ptr = newp;
         (byte = *ptr) != 0;
         ptr++) {
-      if ((byte <= 32) || (byte == 127) ||
+      if((byte <= 32) || (byte == 127) ||
           (byte == '\'') || (byte == '\"') || (byte == '\\')) {
         dictp[olen++] = '\\';
       }
@@ -142,7 +142,7 @@ static char *unescape_word(struct SessionHandle *data, const char *inp)
   return dictp;
 }
 
-static CURLcode Curl_dict(struct connectdata *conn, bool *done)
+static CURLcode dict_do(struct connectdata *conn, bool *done)
 {
   char *word;
   char *eword;
@@ -155,8 +155,8 @@ static CURLcode Curl_dict(struct connectdata *conn, bool *done)
   struct SessionHandle *data=conn->data;
   curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
 
-  char *path = data->reqdata.path;
-  curl_off_t *bytecount = &data->reqdata.keep.bytecount;
+  char *path = data->state.path;
+  curl_off_t *bytecount = &data->req.bytecount;
 
   *done = TRUE; /* unconditionally */
 
@@ -164,35 +164,35 @@ static CURLcode Curl_dict(struct connectdata *conn, bool *done)
     /* AUTH is missing */
   }
 
-  if (strnequal(path, DICT_MATCH, sizeof(DICT_MATCH)-1) ||
+  if(strnequal(path, DICT_MATCH, sizeof(DICT_MATCH)-1) ||
       strnequal(path, DICT_MATCH2, sizeof(DICT_MATCH2)-1) ||
       strnequal(path, DICT_MATCH3, sizeof(DICT_MATCH3)-1)) {
 
     word = strchr(path, ':');
-    if (word) {
+    if(word) {
       word++;
       database = strchr(word, ':');
-      if (database) {
+      if(database) {
         *database++ = (char)0;
         strategy = strchr(database, ':');
-        if (strategy) {
+        if(strategy) {
           *strategy++ = (char)0;
           nthdef = strchr(strategy, ':');
-          if (nthdef) {
+          if(nthdef) {
             *nthdef++ = (char)0;
           }
         }
       }
     }
 
-    if ((word == NULL) || (*word == (char)0)) {
+    if((word == NULL) || (*word == (char)0)) {
       infof(data, "lookup word is missing");
       word=(char *)"default";
     }
-    if ((database == NULL) || (*database == (char)0)) {
+    if((database == NULL) || (*database == (char)0)) {
       database = (char *)"!";
     }
-    if ((strategy == NULL) || (*strategy == (char)0)) {
+    if((strategy == NULL) || (*strategy == (char)0)) {
       strategy = (char *)".";
     }
 
@@ -223,28 +223,28 @@ static CURLcode Curl_dict(struct connectdata *conn, bool *done)
     if(result)
       return result;
   }
-  else if (strnequal(path, DICT_DEFINE, sizeof(DICT_DEFINE)-1) ||
+  else if(strnequal(path, DICT_DEFINE, sizeof(DICT_DEFINE)-1) ||
            strnequal(path, DICT_DEFINE2, sizeof(DICT_DEFINE2)-1) ||
            strnequal(path, DICT_DEFINE3, sizeof(DICT_DEFINE3)-1)) {
 
     word = strchr(path, ':');
-    if (word) {
+    if(word) {
       word++;
       database = strchr(word, ':');
-      if (database) {
+      if(database) {
         *database++ = (char)0;
         nthdef = strchr(database, ':');
-        if (nthdef) {
+        if(nthdef) {
           *nthdef++ = (char)0;
         }
       }
     }
 
-    if ((word == NULL) || (*word == (char)0)) {
+    if((word == NULL) || (*word == (char)0)) {
       infof(data, "lookup word is missing");
       word=(char *)"default";
     }
-    if ((database == NULL) || (*database == (char)0)) {
+    if((database == NULL) || (*database == (char)0)) {
       database = (char *)"!";
     }
 
@@ -276,12 +276,12 @@ static CURLcode Curl_dict(struct connectdata *conn, bool *done)
   else {
 
     ppath = strchr(path, '/');
-    if (ppath) {
+    if(ppath) {
       int i;
 
       ppath++;
       for (i = 0; ppath[i]; i++) {
-        if (ppath[i] == ':')
+        if(ppath[i] == ':')
           ppath[i] = ' ';
       }
       result = Curl_sendf(sockfd, conn,

lib/easy.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -127,7 +127,7 @@ static CURLcode win32_init(void)
 
   err = WSAStartup(wVersionRequested, &wsaData);
 
-  if (err != 0)
+  if(err != 0)
     /* Tell the user that we couldn't find a useable */
     /* winsock.dll.     */
     return CURLE_FAILED_INIT;
@@ -138,7 +138,7 @@ static CURLcode win32_init(void)
   /* wVersionRequested in wVersion. wHighVersion contains the */
   /* highest supported version. */
 
-  if ( LOBYTE( wsaData.wVersion ) != LOBYTE(wVersionRequested) ||
+  if( LOBYTE( wsaData.wVersion ) != LOBYTE(wVersionRequested) ||
        HIBYTE( wsaData.wVersion ) != HIBYTE(wVersionRequested) ) {
     /* Tell the user that we couldn't find a useable */
 
@@ -168,7 +168,7 @@ static void idna_init (void)
   char buf[60];
   UINT cp = GetACP();
 
-  if (!getenv("CHARSET") && cp > 0) {
+  if(!getenv("CHARSET") && cp > 0) {
     snprintf(buf, sizeof(buf), "CHARSET=cp%u", cp);
     putenv(buf);
   }
@@ -212,7 +212,7 @@ curl_calloc_callback Curl_ccalloc = (curl_calloc_callback)calloc;
  */
 CURLcode curl_global_init(long flags)
 {
-  if (initialized++)
+  if(initialized++)
     return CURLE_OK;
 
   /* Setup the default memory functions here (again) */
@@ -222,14 +222,14 @@ CURLcode curl_global_init(long flags)
   Curl_cstrdup = (curl_strdup_callback)system_strdup;
   Curl_ccalloc = (curl_calloc_callback)calloc;
 
-  if (flags & CURL_GLOBAL_SSL)
-    if (!Curl_ssl_init()) {
+  if(flags & CURL_GLOBAL_SSL)
+    if(!Curl_ssl_init()) {
       DEBUGF(fprintf(stderr, "Error: Curl_ssl_init failed\n"));
       return CURLE_FAILED_INIT;
     }
 
-  if (flags & CURL_GLOBAL_WIN32)
-    if (win32_init() != CURLE_OK) {
+  if(flags & CURL_GLOBAL_WIN32)
+    if(win32_init() != CURLE_OK) {
       DEBUGF(fprintf(stderr, "Error: win32_init failed\n"));
       return CURLE_FAILED_INIT;
     }
@@ -267,16 +267,16 @@ CURLcode curl_global_init_mem(long flags, curl_malloc_callback m,
   CURLcode code = CURLE_OK;
 
   /* Invalid input, return immediately */
-  if (!m || !f || !r || !s || !c)
+  if(!m || !f || !r || !s || !c)
     return CURLE_FAILED_INIT;
 
   /* Already initialized, don't do it again */
-  if ( initialized )
+  if( initialized )
     return CURLE_OK;
 
   /* Call the actual init function first */
   code = curl_global_init(flags);
-  if (code == CURLE_OK) {
+  if(code == CURLE_OK) {
     Curl_cmalloc = m;
     Curl_cfree = f;
     Curl_cstrdup = s;
@@ -293,18 +293,18 @@ CURLcode curl_global_init_mem(long flags, curl_malloc_callback m,
  */
 void curl_global_cleanup(void)
 {
-  if (!initialized)
+  if(!initialized)
     return;
 
-  if (--initialized)
+  if(--initialized)
     return;
 
   Curl_global_host_cache_dtor();
 
-  if (init_flags & CURL_GLOBAL_SSL)
+  if(init_flags & CURL_GLOBAL_SSL)
     Curl_ssl_cleanup();
 
-  if (init_flags & CURL_GLOBAL_WIN32)
+  if(init_flags & CURL_GLOBAL_WIN32)
     win32_cleanup();
 
 #ifdef __AMIGA__
@@ -324,7 +324,7 @@ CURL *curl_easy_init(void)
   struct SessionHandle *data;
 
   /* Make sure we inited the global SSL stuff */
-  if (!initialized) {
+  if(!initialized) {
     res = curl_global_init(CURL_GLOBAL_DEFAULT);
     if(res) {
       /* something in the global init failed, return nothing */
@@ -348,6 +348,7 @@ CURL *curl_easy_init(void)
  * easy handle.
  */
 
+#undef curl_easy_setopt
 CURLcode curl_easy_setopt(CURL *curl, CURLoption tag, ...)
 {
   va_list arg;
@@ -465,17 +466,27 @@ CURLcode curl_easy_perform(CURL *curl)
   if(!data)
     return CURLE_BAD_FUNCTION_ARGUMENT;
 
-  if ( ! (data->share && data->share->hostcache) ) {
+  if( ! (data->share && data->share->hostcache) ) {
+    /* this handle is not using a shared dns cache */
 
-    if (Curl_global_host_cache_use(data) &&
+    if(data->set.global_dns_cache &&
        (data->dns.hostcachetype != HCACHE_GLOBAL)) {
-      if (data->dns.hostcachetype == HCACHE_PRIVATE)
+      /* global dns cache was requested but still isn't */
+      struct curl_hash *ptr;
+
+      if(data->dns.hostcachetype == HCACHE_PRIVATE)
+        /* if the current cache is private, kill it first */
         Curl_hash_destroy(data->dns.hostcache);
-      data->dns.hostcache = Curl_global_host_cache_get();
+
+      ptr = Curl_global_host_cache_init();
+      if(ptr) {
+        /* only do this if the global cache init works */
+        data->dns.hostcache = ptr;
         data->dns.hostcachetype = HCACHE_GLOBAL;
       }
+    }
 
-    if (!data->dns.hostcache) {
+    if(!data->dns.hostcache) {
       data->dns.hostcachetype = HCACHE_PRIVATE;
       data->dns.hostcache = Curl_mk_dnscache();
 
@@ -520,7 +531,7 @@ void Curl_easy_addmulti(struct SessionHandle *data,
                         void *multi)
 {
   data->multi = multi;
-  if (multi == NULL)
+  if(multi == NULL)
     /* the association is cleared, mark the easy handle as not used by an
        interface */
     data->state.used_interface = Curl_if_none;
@@ -528,15 +539,16 @@ void Curl_easy_addmulti(struct SessionHandle *data,
 
 void Curl_easy_initHandleData(struct SessionHandle *data)
 {
-    memset(&data->reqdata, 0, sizeof(struct HandleData));
+    memset(&data->req, 0, sizeof(struct SingleRequest));
 
-    data->reqdata.maxdownload = -1;
+    data->req.maxdownload = -1;
 }
 
 /*
  * curl_easy_getinfo() is an external interface that allows an app to retrieve
  * information from a performed transfer and similar.
  */
+#undef curl_easy_getinfo
 CURLcode curl_easy_getinfo(CURL *curl, CURLINFO info, ...)
 {
   va_list arg;
@@ -579,7 +591,7 @@ CURL *curl_easy_duphandle(CURL *incurl)
     outcurl->state.headersize=HEADERSIZE;
 
     /* copy all userdefined values */
-    if (Curl_dupset(outcurl, data) != CURLE_OK)
+    if(Curl_dupset(outcurl, data) != CURLE_OK)
       break;
 
     if(data->state.used_interface == Curl_if_multi)
@@ -676,11 +688,11 @@ void curl_easy_reset(CURL *curl)
 {
   struct SessionHandle *data = (struct SessionHandle *)curl;
 
-  Curl_safefree(data->reqdata.pathbuffer);
-  data->reqdata.pathbuffer=NULL;
+  Curl_safefree(data->state.pathbuffer);
+  data->state.pathbuffer=NULL;
 
-  Curl_safefree(data->reqdata.proto.generic);
-  data->reqdata.proto.generic=NULL;
+  Curl_safefree(data->state.proto.generic);
+  data->state.proto.generic=NULL;
 
   /* zero out UserDefined data: */
   Curl_freeset(data);
@@ -733,9 +745,11 @@ void curl_easy_reset(CURL *curl)
    */
   data->set.ssl.verifypeer = TRUE;
   data->set.ssl.verifyhost = 2;
-#ifdef CURL_CA_BUNDLE
-  /* This is our prefered CA cert bundle since install time */
+  /* This is our prefered CA cert bundle/path since install time */
+#if defined(CURL_CA_BUNDLE)
   (void) curl_easy_setopt(curl, CURLOPT_CAINFO, (char *) CURL_CA_BUNDLE);
+#elif defined(CURL_CA_PATH)
+  (void) curl_easy_setopt(curl, CURLOPT_CAPATH, (char *) CURL_CA_PATH);
 #endif
 
   data->set.ssh_auth_types = CURLSSH_AUTH_DEFAULT; /* defaults to any auth
@@ -744,6 +758,107 @@ void curl_easy_reset(CURL *curl)
   data->set.new_directory_perms = 0755; /* Default permissions */
 }
 
+/*
+ * curl_easy_pause() allows an application to pause or unpause a specific
+ * transfer and direction. This function sets the full new state for the
+ * current connection this easy handle operates on.
+ *
+ * NOTE: if you have the receiving paused and you call this function to remove
+ * the pausing, you may get your write callback called at this point.
+ *
+ * Action is a bitmask consisting of CURLPAUSE_* bits in curl/curl.h
+ */
+CURLcode curl_easy_pause(CURL *curl, int action)
+{
+  struct SessionHandle *data = (struct SessionHandle *)curl;
+  struct SingleRequest *k = &data->req;
+  CURLcode result = CURLE_OK;
+
+  /* first switch off both pause bits */
+  int newstate = k->keepon &~ (KEEP_READ_PAUSE| KEEP_WRITE_PAUSE);
+
+  /* set the new desired pause bits */
+  newstate |= ((action & CURLPAUSE_RECV)?KEEP_READ_PAUSE:0) |
+    ((action & CURLPAUSE_SEND)?KEEP_WRITE_PAUSE:0);
+
+  /* put it back in the keepon */
+  k->keepon = newstate;
+
+  if(!(newstate & KEEP_READ_PAUSE) && data->state.tempwrite) {
+    /* we have a buffer for writing that we now seem to be able to deliver since
+       the receive pausing is lifted! */
+
+    /* get the pointer, type and length in local copies since the function may
+       return PAUSE again and then we'll get a new copy allocted and stored in
+       the tempwrite variables */
+    char *tempwrite = data->state.tempwrite;
+    size_t tempsize = data->state.tempwritesize;
+    int temptype = data->state.tempwritetype;
+    size_t chunklen;
+
+    /* clear tempwrite here just to make sure it gets cleared if there's no
+       further use of it, and make sure we don't clear it after the function
+       invoke as it may have been set to a new value by then */
+    data->state.tempwrite = NULL;
+
+    /* since the write callback API is define to never exceed
+       CURL_MAX_WRITE_SIZE bytes in a single call, and since we may in fact
+       have more data than that in our buffer here, we must loop sending the
+       data in multiple calls until there's no data left or we get another
+       pause returned.
+
+       A tricky part is that the function we call will "buffer" the data
+       itself when it pauses on a particular buffer, so we may need to do some
+       extra trickery if we get a pause return here.
+    */
+    do {
+      chunklen = (tempsize > CURL_MAX_WRITE_SIZE)?CURL_MAX_WRITE_SIZE:tempsize;
+
+      result = Curl_client_write(data->state.current_conn,
+                                 temptype, tempwrite, chunklen);
+      if(!result)
+        /* failures abort the loop at once */
+        break;
+
+      if(data->state.tempwrite && (tempsize - chunklen)) {
+        /* Ouch, the reading is again paused and the block we send is now
+           "cached". If this is the final chunk we can leave it like this, but
+           if we have more chunks that is cached after this, we need to free
+           the newly cached one and put back a version that is truly the entire
+           contents that is saved for later
+        */
+        char *newptr;
+
+        free(data->state.tempwrite); /* free the one just cached as it isn't
+                                        enough */
+
+        /* note that tempsize is still the size as before the callback was
+           used, and thus the whole piece of data to keep */
+        newptr = malloc(tempsize);
+        if(!newptr) {
+          result = CURLE_OUT_OF_MEMORY;
+          /* tempwrite will be freed further down */
+          break;
+        }
+        data->state.tempwrite = newptr; /* store new pointer */
+        memcpy(newptr, tempwrite, tempsize);
+        data->state.tempwritesize = tempsize; /* store new size */
+        /* tempwrite will be freed further down */
+        break; /* go back to pausing until further notice */
+      }
+      else {
+        tempsize -= chunklen;  /* left after the call above */
+        tempwrite += chunklen; /* advance the pointer */
+      }
+
+    } while((result == CURLE_OK) && tempsize);
+
+    free(tempwrite); /* this is unconditionally no longer used */
+  }
+
+  return result;
+}
+
 #ifdef CURL_DOES_CONVERSIONS
 /*
  * Curl_convert_to_network() is an internal function
@@ -789,7 +904,7 @@ CURLcode Curl_convert_to_network(struct SessionHandle *data,
     in_bytes = out_bytes = length;
     rc = iconv(data->outbound_cd, (const char**)&input_ptr, &in_bytes,
                &output_ptr, &out_bytes);
-    if ((rc == ICONV_ERROR) || (in_bytes != 0)) {
+    if((rc == ICONV_ERROR) || (in_bytes != 0)) {
       error = ERRNO;
       failf(data,
         "The Curl_convert_to_network iconv call failed with errno %i: %s",
@@ -849,7 +964,7 @@ CURLcode Curl_convert_from_network(struct SessionHandle *data,
     in_bytes = out_bytes = length;
     rc = iconv(data->inbound_cd, (const char **)&input_ptr, &in_bytes,
                &output_ptr, &out_bytes);
-    if ((rc == ICONV_ERROR) || (in_bytes != 0)) {
+    if((rc == ICONV_ERROR) || (in_bytes != 0)) {
       error = ERRNO;
       failf(data,
         "The Curl_convert_from_network iconv call failed with errno %i: %s",
@@ -910,14 +1025,14 @@ CURLcode Curl_convert_from_utf8(struct SessionHandle *data,
     in_bytes = out_bytes = length;
     rc = iconv(data->utf8_cd, &input_ptr, &in_bytes,
                &output_ptr, &out_bytes);
-    if ((rc == ICONV_ERROR) || (in_bytes != 0)) {
+    if((rc == ICONV_ERROR) || (in_bytes != 0)) {
       error = ERRNO;
       failf(data,
         "The Curl_convert_from_utf8 iconv call failed with errno %i: %s",
              error, strerror(error));
       return CURLE_CONV_FAILED;
     }
-    if (output_ptr < input_ptr) {
+    if(output_ptr < input_ptr) {
       /* null terminate the now shorter output string */
       *output_ptr = 0x00;
     }

lib/escape.c

@@ -112,7 +112,7 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength)
 
 #ifdef CURL_DOES_CONVERSIONS
 /* escape sequences are always in ASCII so convert them on non-ASCII hosts */
-      if (!handle ||
+      if(!handle ||
           (Curl_convert_to_network(handle, &in, 1) != CURLE_OK)) {
         /* Curl_convert_to_network calls failf if unsuccessful */
         free(ns);
@@ -163,7 +163,7 @@ char *curl_easy_unescape(CURL *handle, const char *string, int length,
 
 #ifdef CURL_DOES_CONVERSIONS
 /* escape sequences are always in ASCII so convert them on non-ASCII hosts */
-      if (!handle ||
+      if(!handle ||
           (Curl_convert_from_network(handle, &in, 1) != CURLE_OK)) {
         /* Curl_convert_from_network calls failf if unsuccessful */
         free(ns);

lib/file.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -70,6 +70,7 @@
 
 #endif
 
+#include "strtoofft.h"
 #include "urldata.h"
 #include <curl/curl.h>
 #include "progress.h"
@@ -94,9 +95,10 @@
  * Forward declarations.
  */
 
-static CURLcode Curl_file(struct connectdata *, bool *done);
-static CURLcode Curl_file_done(struct connectdata *conn,
+static CURLcode file_do(struct connectdata *, bool *done);
+static CURLcode file_done(struct connectdata *conn,
                           CURLcode status, bool premature);
+static CURLcode file_connect(struct connectdata *conn, bool *done);
 
 /*
  * FILE scheme handler.
@@ -105,10 +107,10 @@ static CURLcode Curl_file_done(struct connectdata *conn,
 const struct Curl_handler Curl_handler_file = {
   "FILE",                               /* scheme */
   ZERO_NULL,                            /* setup_connection */
-  Curl_file,                            /* do_it */
-  Curl_file_done,                       /* done */
+  file_do,                              /* do_it */
+  file_done,                            /* done */
   ZERO_NULL,                            /* do_more */
-  ZERO_NULL,                            /* connect_it */
+  file_connect,                         /* connect_it */
   ZERO_NULL,                            /* connecting */
   ZERO_NULL,                            /* doing */
   ZERO_NULL,                            /* proto_getsock */
@@ -118,15 +120,70 @@ const struct Curl_handler Curl_handler_file = {
   PROT_FILE                             /* protocol */
 };
 
+
+ /*
+  Check if this is a range download, and if so, set the internal variables
+  properly. This code is copied from the FTP implementation and might as
+  well be factored out.
+ */
+static CURLcode file_range(struct connectdata *conn)
+{
+  curl_off_t from, to;
+  curl_off_t totalsize=-1;
+  char *ptr;
+  char *ptr2;
+  struct SessionHandle *data = conn->data;
+
+  if(data->state.use_range && data->state.range) {
+    from=curlx_strtoofft(data->state.range, &ptr, 0);
+    while(ptr && *ptr && (isspace((int)*ptr) || (*ptr=='-')))
+      ptr++;
+    to=curlx_strtoofft(ptr, &ptr2, 0);
+    if(ptr == ptr2) {
+      /* we didn't get any digit */
+      to=-1;
+    }
+    if((-1 == to) && (from>=0)) {
+      /* X - */
+      data->state.resume_from = from;
+      DEBUGF(infof(data, "RANGE %" FORMAT_OFF_T " to end of file\n",
+                   from));
+    }
+    else if(from < 0) {
+      /* -Y */
+      totalsize = -from;
+      data->req.maxdownload = -from;
+      data->state.resume_from = from;
+      DEBUGF(infof(data, "RANGE the last %" FORMAT_OFF_T " bytes\n",
+                   totalsize));
+    }
+    else {
+      /* X-Y */
+      totalsize = to-from;
+      data->req.maxdownload = totalsize+1; /* include last byte */
+      data->state.resume_from = from;
+      DEBUGF(infof(data, "RANGE from %" FORMAT_OFF_T
+                   " getting %" FORMAT_OFF_T " bytes\n",
+                   from, data->req.maxdownload));
+    }
+    DEBUGF(infof(data, "range-download from %" FORMAT_OFF_T
+                 " to %" FORMAT_OFF_T ", totally %" FORMAT_OFF_T " bytes\n",
+                 from, to, data->req.maxdownload));
+  }
+  else
+    data->req.maxdownload = -1;
+  return CURLE_OK;
+}
+
 /*
- * Curl_file_connect() gets called from Curl_protocol_connect() to allow us to
+ * file_connect() gets called from Curl_protocol_connect() to allow us to
  * do protocol-specific actions at connect-time.  We emulate a
  * connect-then-transfer protocol and "connect" to the file here
  */
-CURLcode Curl_file_connect(struct connectdata *conn)
+static CURLcode file_connect(struct connectdata *conn, bool *done)
 {
   struct SessionHandle *data = conn->data;
-  char *real_path = curl_easy_unescape(data, data->reqdata.path, 0, NULL);
+  char *real_path = curl_easy_unescape(data, data->state.path, 0, NULL);
   struct FILEPROTO *file;
   int fd;
 #if defined(WIN32) || defined(MSDOS) || defined(__EMX__)
@@ -141,17 +198,17 @@ CURLcode Curl_file_connect(struct connectdata *conn)
      sessionhandle, deal with it */
   Curl_reset_reqproto(conn);
 
-  if (!data->reqdata.proto.file) {
+  if(!data->state.proto.file) {
     file = (struct FILEPROTO *)calloc(sizeof(struct FILEPROTO), 1);
     if(!file) {
       free(real_path);
       return CURLE_OUT_OF_MEMORY;
     }
-    data->reqdata.proto.file = file;
+    data->state.proto.file = file;
   }
   else {
     /* file is not a protocol that can deal with "persistancy" */
-    file = data->reqdata.proto.file;
+    file = data->state.proto.file;
     Curl_safefree(file->freepath);
     if(file->fd != -1)
       close(file->fd);
@@ -176,7 +233,7 @@ CURLcode Curl_file_connect(struct connectdata *conn)
      with a drive letter.
   */
   actual_path = real_path;
-  if ((actual_path[0] == '/') &&
+  if((actual_path[0] == '/') &&
       actual_path[1] &&
       (actual_path[2] == ':' || actual_path[2] == '|'))
   {
@@ -186,7 +243,7 @@ CURLcode Curl_file_connect(struct connectdata *conn)
 
   /* change path separators from '/' to '\\' for DOS, Windows and OS/2 */
   for (i=0; actual_path[i] != '\0'; ++i)
-    if (actual_path[i] == '/')
+    if(actual_path[i] == '/')
       actual_path[i] = '\\';
 
   fd = open(actual_path, O_RDONLY | O_BINARY);  /* no CR/LF translation! */
@@ -199,18 +256,19 @@ CURLcode Curl_file_connect(struct connectdata *conn)
 
   file->fd = fd;
   if(!data->set.upload && (fd == -1)) {
-    failf(data, "Couldn't open file %s", data->reqdata.path);
-    Curl_file_done(conn, CURLE_FILE_COULDNT_READ_FILE, FALSE);
+    failf(data, "Couldn't open file %s", data->state.path);
+    file_done(conn, CURLE_FILE_COULDNT_READ_FILE, FALSE);
     return CURLE_FILE_COULDNT_READ_FILE;
   }
+  *done = TRUE;
 
   return CURLE_OK;
 }
 
-static CURLcode Curl_file_done(struct connectdata *conn,
+static CURLcode file_done(struct connectdata *conn,
                                CURLcode status, bool premature)
 {
-  struct FILEPROTO *file = conn->data->reqdata.proto.file;
+  struct FILEPROTO *file = conn->data->state.proto.file;
   (void)status; /* not used */
   (void)premature; /* not used */
   Curl_safefree(file->freepath);
@@ -218,9 +276,6 @@ static CURLcode Curl_file_done(struct connectdata *conn,
   if(file->fd != -1)
     close(file->fd);
 
-  free(file);
-  conn->data->reqdata.proto.file= NULL; /* clear it! */
-
   return CURLE_OK;
 }
 
@@ -232,7 +287,7 @@ static CURLcode Curl_file_done(struct connectdata *conn,
 
 static CURLcode file_upload(struct connectdata *conn)
 {
-  struct FILEPROTO *file = conn->data->reqdata.proto.file;
+  struct FILEPROTO *file = conn->data->state.proto.file;
   const char *dir = strchr(file->path, DIRSEP);
   FILE *fp;
   CURLcode res=CURLE_OK;
@@ -251,7 +306,7 @@ static CURLcode file_upload(struct connectdata *conn)
    */
   conn->fread_func = data->set.fread_func;
   conn->fread_in = data->set.in;
-  conn->data->reqdata.upload_fromhere = buf;
+  conn->data->req.upload_fromhere = buf;
 
   if(!dir)
     return CURLE_FILE_COULDNT_READ_FILE; /* fix: better error code */
@@ -259,7 +314,7 @@ static CURLcode file_upload(struct connectdata *conn)
   if(!dir[1])
      return CURLE_FILE_COULDNT_READ_FILE; /* fix: better error code */
 
-  if(data->reqdata.resume_from)
+  if(data->state.resume_from)
     fp = fopen( file->path, "ab" );
   else {
     int fd;
@@ -271,7 +326,7 @@ static CURLcode file_upload(struct connectdata *conn)
     fd = open(file->path, O_WRONLY|O_CREAT|O_TRUNC,
               conn->data->set.new_file_perms);
 #endif /* !(WIN32 || MSDOS || __EMX__) */
-    if (fd < 0) {
+    if(fd < 0) {
       failf(data, "Can't open %s for writing", file->path);
       return CURLE_WRITE_ERROR;
     }
@@ -288,38 +343,38 @@ static CURLcode file_upload(struct connectdata *conn)
     Curl_pgrsSetUploadSize(data, data->set.infilesize);
 
   /* treat the negative resume offset value as the case of "-" */
-  if(data->reqdata.resume_from < 0){
-    if(stat(file->path, &file_stat)){
+  if(data->state.resume_from < 0) {
+    if(stat(file->path, &file_stat)) {
       fclose(fp);
       failf(data, "Can't get the size of %s", file->path);
       return CURLE_WRITE_ERROR;
     }
     else
-      data->reqdata.resume_from = (curl_off_t)file_stat.st_size;
+      data->state.resume_from = (curl_off_t)file_stat.st_size;
   }
 
-  while (res == CURLE_OK) {
+  while(res == CURLE_OK) {
     int readcount;
     res = Curl_fillreadbuffer(conn, BUFSIZE, &readcount);
     if(res)
       break;
 
-    if (readcount <= 0)  /* fix questionable compare error. curlvms */
+    if(readcount <= 0)  /* fix questionable compare error. curlvms */
       break;
 
     nread = (size_t)readcount;
 
     /*skip bytes before resume point*/
-    if(data->reqdata.resume_from) {
-      if( (curl_off_t)nread <= data->reqdata.resume_from ) {
-        data->reqdata.resume_from -= nread;
+    if(data->state.resume_from) {
+      if( (curl_off_t)nread <= data->state.resume_from ) {
+        data->state.resume_from -= nread;
         nread = 0;
         buf2 = buf;
       }
       else {
-        buf2 = buf + data->reqdata.resume_from;
-        nread -= data->reqdata.resume_from;
-        data->reqdata.resume_from = 0;
+        buf2 = buf + data->state.resume_from;
+        nread -= (size_t)data->state.resume_from;
+        data->state.resume_from = 0;
       }
     }
     else
@@ -350,14 +405,14 @@ static CURLcode file_upload(struct connectdata *conn)
 }
 
 /*
- * Curl_file() is the protocol-specific function for the do-phase, separated
+ * file_do() is the protocol-specific function for the do-phase, separated
  * from the connect-phase above. Other protocols merely setup the transfer in
  * the do-phase, to have it done in the main transfer loop but since some
  * platforms we support don't allow select()ing etc on file handles (as
  * opposed to sockets) we instead perform the whole do-operation in this
  * function.
  */
-static CURLcode Curl_file(struct connectdata *conn, bool *done)
+static CURLcode file_do(struct connectdata *conn, bool *done)
 {
   /* This implementation ignores the host name in conformance with
      RFC 1738. Only local files (reachable via the standard file system)
@@ -371,6 +426,7 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
   curl_off_t expected_size=0;
   bool fstated=FALSE;
   ssize_t nread;
+  size_t bytestoread;
   struct SessionHandle *data = conn->data;
   char *buf = data->state.buffer;
   curl_off_t bytecount = 0;
@@ -379,7 +435,6 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
 
   *done = TRUE; /* unconditionally */
 
-  Curl_readwrite_init(conn);
   Curl_initinfo(data);
   Curl_pgrsStartNow(data);
 
@@ -387,7 +442,7 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
     return file_upload(conn);
 
   /* get the fd from the connection phase */
-  fd = conn->data->reqdata.proto.file->fd;
+  fd = conn->data->state.proto.file->fd;
 
   /* VMS: This only works reliable for STREAMLF files */
   if( -1 != fstat(fd, &statbuf)) {
@@ -399,7 +454,7 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
   /* If we have selected NOBODY and HEADER, it means that we only want file
      information. Which for FILE can't be much more than the file size and
      date. */
-  if(conn->bits.no_body && data->set.include_header && fstated) {
+  if(data->set.opt_no_body && data->set.include_header && fstated) {
     CURLcode result;
     snprintf(buf, sizeof(data->state.buffer),
              "Content-Length: %" FORMAT_OFF_T "\r\n", expected_size);
@@ -436,14 +491,32 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
     return result;
   }
 
-  if (data->reqdata.resume_from <= expected_size)
-    expected_size -= data->reqdata.resume_from;
+  /* Check whether file range has been specified */
+  file_range(conn);
+
+  /* Adjust the start offset in case we want to get the N last bytes
+   * of the stream iff the filesize could be determined */
+  if(data->state.resume_from < 0) {
+    if(!fstated) {
+      failf(data, "Can't get the size of file.");
+      return CURLE_READ_ERROR;
+    }
+    else
+      data->state.resume_from += (curl_off_t)statbuf.st_size;
+  }
+
+  if(data->state.resume_from <= expected_size)
+    expected_size -= data->state.resume_from;
   else {
     failf(data, "failed to resume file:// transfer");
     return CURLE_BAD_DOWNLOAD_RESUME;
   }
 
-  if (fstated && (expected_size == 0))
+  /* A high water mark has been specified so we obey... */
+  if (data->req.maxdownload > 0)
+    expected_size = data->req.maxdownload;
+
+  if(fstated && (expected_size == 0))
     return CURLE_OK;
 
   /* The following is a shortcut implementation of file reading
@@ -453,24 +526,27 @@ static CURLcode Curl_file(struct connectdata *conn, bool *done)
   if(fstated)
     Curl_pgrsSetDownloadSize(data, expected_size);
 
-  if(data->reqdata.resume_from) {
-    if(data->reqdata.resume_from !=
-       lseek(fd, data->reqdata.resume_from, SEEK_SET))
+  if(data->state.resume_from) {
+    if(data->state.resume_from !=
+       lseek(fd, data->state.resume_from, SEEK_SET))
       return CURLE_BAD_DOWNLOAD_RESUME;
   }
 
   Curl_pgrsTime(data, TIMER_STARTTRANSFER);
 
-  while (res == CURLE_OK) {
-    nread = read(fd, buf, BUFSIZE-1);
+  while(res == CURLE_OK) {
+    /* Don't fill a whole buffer if we want less than all data */
+    bytestoread = (expected_size < BUFSIZE-1)?(size_t)expected_size:BUFSIZE-1;
+    nread = read(fd, buf, bytestoread);
 
-    if ( nread > 0)
+    if( nread > 0)
       buf[nread] = 0;
 
-    if (nread <= 0)
+    if (nread <= 0 || expected_size == 0)
       break;
 
     bytecount += nread;
+    expected_size -= nread;
 
     res = Curl_client_write(conn, CLIENTWRITE_BODY, buf, nread);
     if(res)

lib/file.h

@@ -25,7 +25,5 @@
  ***************************************************************************/
 #ifndef CURL_DISABLE_FILE
 extern const struct Curl_handler Curl_handler_file;
-
-CURLcode Curl_file_connect(struct connectdata *);
 #endif
 #endif

lib/formdata.c

@@ -187,7 +187,7 @@ AddHttpPost(char * name, size_t namelength,
   else
     return NULL;
 
-  if (parent_post) {
+  if(parent_post) {
     /* now, point our 'more' to the original 'more' */
     post->more = parent_post->more;
 
@@ -224,16 +224,16 @@ static FormInfo * AddFormInfo(char *value,
   form_info = (FormInfo *)malloc(sizeof(FormInfo));
   if(form_info) {
     memset(form_info, 0, sizeof(FormInfo));
-    if (value)
+    if(value)
       form_info->value = value;
-    if (contenttype)
+    if(contenttype)
       form_info->contenttype = contenttype;
     form_info->flags = HTTPPOST_FILENAME;
   }
   else
     return NULL;
 
-  if (parent_form_info) {
+  if(parent_form_info) {
     /* now, point our 'more' to the original 'more' */
     form_info->more = parent_form_info->more;
 
@@ -316,7 +316,7 @@ static char *memdup(const char *src, size_t buffer_length)
   bool add = FALSE;
   char *buffer;
 
-  if (buffer_length)
+  if(buffer_length)
     length = buffer_length;
   else if(src) {
     length = strlen(src);
@@ -327,13 +327,13 @@ static char *memdup(const char *src, size_t buffer_length)
     return strdup((char *)"");
 
   buffer = (char*)malloc(length+add);
-  if (!buffer)
+  if(!buffer)
     return NULL; /* fail */
 
   memcpy(buffer, src, length);
 
   /* if length unknown do null termination */
-  if (add)
+  if(add)
     buffer[length] = '\0';
 
   return buffer;
@@ -418,16 +418,16 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
   /*
    * Loop through all the options set. Break if we have an error to report.
    */
-  while (return_value == CURL_FORMADD_OK) {
+  while(return_value == CURL_FORMADD_OK) {
 
     /* first see if we have more parts of the array param */
-    if ( array_state ) {
+    if( array_state ) {
       /* get the upcoming option from the given array */
       option = forms->option;
       array_value = (char *)forms->value;
 
       forms++; /* advance this to next entry */
-      if (CURLFORM_END == option) {
+      if(CURLFORM_END == option) {
         /* end of array state */
         array_state = FALSE;
         continue;
@@ -436,7 +436,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
     else {
       /* This is not array-state, get next option */
       option = va_arg(params, CURLformoption);
-      if (CURLFORM_END == option)
+      if(CURLFORM_END == option)
         break;
     }
 
@@ -447,7 +447,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
         return_value = CURL_FORMADD_ILLEGAL_ARRAY;
       else {
         forms = va_arg(params, struct curl_forms *);
-        if (forms)
+        if(forms)
           array_state = TRUE;
         else
           return_value = CURL_FORMADD_NULL;
@@ -465,19 +465,19 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       current_form->flags |= HTTPPOST_PTRNAME; /* fall through */
 #endif
     case CURLFORM_COPYNAME:
-      if (current_form->name)
+      if(current_form->name)
         return_value = CURL_FORMADD_OPTION_TWICE;
       else {
         char *name = array_state?
           array_value:va_arg(params, char *);
-        if (name)
+        if(name)
           current_form->name = name; /* store for the moment */
         else
           return_value = CURL_FORMADD_NULL;
       }
       break;
     case CURLFORM_NAMELENGTH:
-      if (current_form->namelength)
+      if(current_form->namelength)
         return_value = CURL_FORMADD_OPTION_TWICE;
       else
         current_form->namelength =
@@ -490,19 +490,19 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
     case CURLFORM_PTRCONTENTS:
       current_form->flags |= HTTPPOST_PTRCONTENTS; /* fall through */
     case CURLFORM_COPYCONTENTS:
-      if (current_form->value)
+      if(current_form->value)
         return_value = CURL_FORMADD_OPTION_TWICE;
       else {
         char *value =
           array_state?array_value:va_arg(params, char *);
-        if (value)
+        if(value)
           current_form->value = value; /* store for the moment */
         else
           return_value = CURL_FORMADD_NULL;
       }
       break;
     case CURLFORM_CONTENTSLENGTH:
-      if (current_form->contentslength)
+      if(current_form->contentslength)
         return_value = CURL_FORMADD_OPTION_TWICE;
       else
         current_form->contentslength =
@@ -511,12 +511,12 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
 
       /* Get contents from a given file name */
     case CURLFORM_FILECONTENT:
-      if (current_form->flags != 0)
+      if(current_form->flags != 0)
         return_value = CURL_FORMADD_OPTION_TWICE;
       else {
         const char *filename = array_state?
           array_value:va_arg(params, char *);
-        if (filename) {
+        if(filename) {
           current_form->value = strdup(filename);
           if(!current_form->value)
             return_value = CURL_FORMADD_MEMORY;
@@ -536,10 +536,10 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
         const char *filename = array_state?array_value:
           va_arg(params, char *);
 
-        if (current_form->value) {
-          if (current_form->flags & HTTPPOST_FILENAME) {
-            if (filename) {
-              if ((current_form = AddFormInfo(strdup(filename),
+        if(current_form->value) {
+          if(current_form->flags & HTTPPOST_FILENAME) {
+            if(filename) {
+              if((current_form = AddFormInfo(strdup(filename),
                                               NULL, current_form)) == NULL)
                 return_value = CURL_FORMADD_MEMORY;
             }
@@ -550,7 +550,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
             return_value = CURL_FORMADD_OPTION_TWICE;
         }
         else {
-          if (filename) {
+          if(filename) {
             current_form->value = strdup(filename);
             if(!current_form->value)
               return_value = CURL_FORMADD_MEMORY;
@@ -570,10 +570,10 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
         const char *filename = array_state?array_value:
           va_arg(params, char *);
 
-        if (current_form->value) {
-          if (current_form->flags & HTTPPOST_BUFFER) {
-            if (filename) {
-              if ((current_form = AddFormInfo(strdup(filename),
+        if(current_form->value) {
+          if(current_form->flags & HTTPPOST_BUFFER) {
+            if(filename) {
+              if((current_form = AddFormInfo(strdup(filename),
                                               NULL, current_form)) == NULL)
                 return_value = CURL_FORMADD_MEMORY;
             }
@@ -584,7 +584,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
             return_value = CURL_FORMADD_OPTION_TWICE;
         }
         else {
-          if (filename) {
+          if(filename) {
             current_form->value = strdup(filename);
             if(!current_form->value)
               return_value = CURL_FORMADD_MEMORY;
@@ -598,12 +598,12 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
 
     case CURLFORM_BUFFERPTR:
         current_form->flags |= HTTPPOST_PTRBUFFER;
-      if (current_form->buffer)
+      if(current_form->buffer)
         return_value = CURL_FORMADD_OPTION_TWICE;
       else {
         char *buffer =
           array_state?array_value:va_arg(params, char *);
-        if (buffer)
+        if(buffer)
           current_form->buffer = buffer; /* store for the moment */
         else
           return_value = CURL_FORMADD_NULL;
@@ -611,7 +611,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       break;
 
     case CURLFORM_BUFFERLENGTH:
-      if (current_form->bufferlength)
+      if(current_form->bufferlength)
         return_value = CURL_FORMADD_OPTION_TWICE;
       else
         current_form->bufferlength =
@@ -622,10 +622,10 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
       {
         const char *contenttype =
           array_state?array_value:va_arg(params, char *);
-        if (current_form->contenttype) {
-          if (current_form->flags & HTTPPOST_FILENAME) {
-            if (contenttype) {
-              if ((current_form = AddFormInfo(NULL,
+        if(current_form->contenttype) {
+          if(current_form->flags & HTTPPOST_FILENAME) {
+            if(contenttype) {
+              if((current_form = AddFormInfo(NULL,
                                               strdup(contenttype),
                                               current_form)) == NULL)
                 return_value = CURL_FORMADD_MEMORY;
@@ -637,7 +637,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
             return_value = CURL_FORMADD_OPTION_TWICE;
         }
         else {
-          if (contenttype) {
+          if(contenttype) {
             current_form->contenttype = strdup(contenttype);
             if(!current_form->contenttype)
               return_value = CURL_FORMADD_MEMORY;
@@ -692,7 +692,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
     for(form = first_form;
         form != NULL;
         form = form->more) {
-      if ( ((!form->name || !form->value) && !post) ||
+      if( ((!form->name || !form->value) && !post) ||
            ( (form->contentslength) &&
              (form->flags & HTTPPOST_FILENAME) ) ||
            ( (form->flags & HTTPPOST_FILENAME) &&
@@ -709,7 +709,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
         break;
       }
       else {
-        if ( ((form->flags & HTTPPOST_FILENAME) ||
+        if( ((form->flags & HTTPPOST_FILENAME) ||
               (form->flags & HTTPPOST_BUFFER)) &&
              !form->contenttype ) {
           /* our contenttype is missing */
@@ -721,23 +721,23 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
           }
           form->contenttype_alloc = TRUE;
         }
-        if ( !(form->flags & HTTPPOST_PTRNAME) &&
+        if( !(form->flags & HTTPPOST_PTRNAME) &&
              (form == first_form) ) {
           /* copy name (without strdup; possibly contains null characters) */
           form->name = memdup(form->name, form->namelength);
-          if (!form->name) {
+          if(!form->name) {
             return_value = CURL_FORMADD_MEMORY;
             break;
           }
           form->name_alloc = TRUE;
         }
-        if ( !(form->flags & HTTPPOST_FILENAME) &&
+        if( !(form->flags & HTTPPOST_FILENAME) &&
              !(form->flags & HTTPPOST_READFILE) &&
              !(form->flags & HTTPPOST_PTRCONTENTS) &&
              !(form->flags & HTTPPOST_PTRBUFFER) ) {
           /* copy value (without strdup; possibly contains null characters) */
           form->value = memdup(form->value, form->contentslength);
-          if (!form->value) {
+          if(!form->value) {
             return_value = CURL_FORMADD_MEMORY;
             break;
           }
@@ -756,7 +756,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
           break;
         }
 
-        if (form->contenttype)
+        if(form->contenttype)
           prevtype = form->contenttype;
       }
     }
@@ -780,7 +780,7 @@ CURLFORMcode FormAdd(struct curl_httppost **httppost,
 
   /* always delete the allocated memory before returning */
   form = first_form;
-  while (form != NULL) {
+  while(form != NULL) {
     FormInfo *delete_form;
 
     delete_form = form;
@@ -820,7 +820,7 @@ static CURLcode AddFormData(struct FormData **formp,
 {
   struct FormData *newform = (struct FormData *)
     malloc(sizeof(struct FormData));
-  if (!newform)
+  if(!newform)
     return CURLE_OUT_OF_MEMORY;
   newform->next = NULL;
 
@@ -829,7 +829,7 @@ static CURLcode AddFormData(struct FormData **formp,
     length = strlen((char *)line);
 
   newform->line = (char *)malloc(length+1);
-  if (!newform->line) {
+  if(!newform->line) {
     free(newform);
     return CURLE_OUT_OF_MEMORY;
   }
@@ -845,7 +845,7 @@ static CURLcode AddFormData(struct FormData **formp,
   else
     *formp = newform;
 
-  if (size) {
+  if(size) {
     if((type == FORM_DATA) || (type == FORM_CONTENT))
       *size += length;
     else {
@@ -896,7 +896,7 @@ void Curl_formclean(struct FormData **form_ptr)
     free(form->line); /* free the line */
     free(form);       /* free the struct */
 
-  } while ((form = next) != NULL); /* continue */
+  } while((form = next) != NULL); /* continue */
 
   *form_ptr = NULL;
 }
@@ -920,13 +920,13 @@ CURLcode Curl_formconvert(struct SessionHandle *data, struct FormData *form)
 
   do {
     next=form->next;  /* the following form line */
-    if (form->type == FORM_DATA) {
+    if(form->type == FORM_DATA) {
       rc = Curl_convert_to_network(data, form->line, form->length);
       /* Curl_convert_to_network calls failf if unsuccessful */
-      if (rc != CURLE_OK)
+      if(rc != CURLE_OK)
         return rc;
     }
-  } while ((form = next) != NULL); /* continue */
+  } while((form = next) != NULL); /* continue */
   return CURLE_OK;
 }
 #endif /* CURL_DOES_CONVERSIONS */
@@ -944,11 +944,11 @@ int curl_formget(struct curl_httppost *form, void *arg,
   struct FormData *data, *ptr;
 
   rc = Curl_getFormData(&data, form, NULL, &size);
-  if (rc != CURLE_OK)
+  if(rc != CURLE_OK)
     return (int)rc;
 
   for (ptr = data; ptr; ptr = ptr->next) {
-    if (ptr->type == FORM_FILE) {
+    if(ptr->type == FORM_FILE) {
       char buffer[8192];
       size_t nread;
       struct Form temp;
@@ -957,16 +957,16 @@ int curl_formget(struct curl_httppost *form, void *arg,
 
       do {
         nread = readfromfile(&temp, buffer, sizeof(buffer));
-        if ((nread == (size_t) -1) || (nread != append(arg, buffer, nread))) {
-          if (temp.fp) {
+        if((nread == (size_t) -1) || (nread != append(arg, buffer, nread))) {
+          if(temp.fp) {
             fclose(temp.fp);
           }
           Curl_formclean(&data);
           return -1;
         }
-      } while (nread == sizeof(buffer));
+      } while(nread == sizeof(buffer));
     } else {
-      if (ptr->length != append(arg, ptr->line, ptr->length)) {
+      if(ptr->length != append(arg, ptr->line, ptr->length)) {
         Curl_formclean(&data);
         return -1;
       }
@@ -1005,7 +1005,7 @@ void curl_formfree(struct curl_httppost *form)
       free(form->showfilename); /* free the faked file name */
     free(form);       /* free the struct */
 
-  } while ((form = next) != NULL); /* continue */
+  } while((form = next) != NULL); /* continue */
 }
 
 #ifndef HAVE_BASENAME
@@ -1110,7 +1110,7 @@ CURLcode Curl_getFormData(struct FormData **finalform,
                         "Content-Type: multipart/form-data",
                         boundary);
 
-  if (result) {
+  if(result) {
     free(boundary);
     return result;
   }
@@ -1123,13 +1123,13 @@ CURLcode Curl_getFormData(struct FormData **finalform,
 
     if(size) {
       result = AddFormDataf(&form, &size, "\r\n");
-      if (result)
+      if(result)
         break;
     }
 
     /* boundary */
     result = AddFormDataf(&form, &size, "--%s\r\n", boundary);
-    if (result)
+    if(result)
       break;
 
     /* Maybe later this should be disabled when a custom_content_type is
@@ -1138,16 +1138,16 @@ CURLcode Curl_getFormData(struct FormData **finalform,
     */
     result = AddFormDataf(&form, &size,
                           "Content-Disposition: form-data; name=\"");
-    if (result)
+    if(result)
       break;
 
     result = AddFormData(&form, FORM_DATA, post->name, post->namelength,
                          &size);
-    if (result)
+    if(result)
       break;
 
     result = AddFormDataf(&form, &size, "\"");
-    if (result)
+    if(result)
       break;
 
     if(post->more) {
@@ -1160,7 +1160,7 @@ CURLcode Curl_getFormData(struct FormData **finalform,
                             "\r\nContent-Type: multipart/mixed,"
                             " boundary=%s\r\n",
                             fileboundary);
-      if (result)
+      if(result)
         break;
     }
 
@@ -1183,9 +1183,9 @@ CURLcode Curl_getFormData(struct FormData **finalform,
                               fileboundary,
                               (file->showfilename?file->showfilename:
                                filebasename));
-        if (filebasename)
+        if(filebasename)
           free(filebasename);
-        if (result)
+        if(result)
           break;
       }
       else if((post->flags & HTTPPOST_FILENAME) ||
@@ -1198,10 +1198,10 @@ CURLcode Curl_getFormData(struct FormData **finalform,
                               "; filename=\"%s\"",
                               (post->showfilename?post->showfilename:
                                filebasename));
-        if (filebasename)
+        if(filebasename)
           free(filebasename);
 
-        if (result)
+        if(result)
           break;
       }
 
@@ -1210,7 +1210,7 @@ CURLcode Curl_getFormData(struct FormData **finalform,
         result = AddFormDataf(&form, &size,
                               "\r\nContent-Type: %s",
                               file->contenttype);
-        if (result)
+        if(result)
           break;
       }
 
@@ -1218,11 +1218,11 @@ CURLcode Curl_getFormData(struct FormData **finalform,
       while( curList ) {
         /* Process the additional headers specified for this form */
         result = AddFormDataf( &form, &size, "\r\n%s", curList->data );
-        if (result)
+        if(result)
           break;
         curList = curList->next;
       }
-      if (result) {
+      if(result) {
         Curl_formclean(&firstform);
         free(boundary);
         return result;
@@ -1240,13 +1240,13 @@ CURLcode Curl_getFormData(struct FormData **finalform,
         /* this is not a text content, mention our binary encoding */
         result = AddFormDataf(&form, &size,
                               "\r\nContent-Transfer-Encoding: binary");
-        if (result)
+        if(result)
           break;
       }
 #endif
 
       result = AddFormDataf(&form, &size, "\r\n\r\n");
-      if (result)
+      if(result)
         break;
 
       if((post->flags & HTTPPOST_FILENAME) ||
@@ -1278,14 +1278,14 @@ CURLcode Curl_getFormData(struct FormData **finalform,
              */
             size_t nread;
             char buffer[512];
-            while ((nread = fread(buffer, 1, sizeof(buffer), fileread)) != 0) {
+            while((nread = fread(buffer, 1, sizeof(buffer), fileread)) != 0) {
               result = AddFormData(&form, FORM_CONTENT, buffer, nread, &size);
-              if (result)
+              if(result)
                 break;
             }
           }
 
-          if (result) {
+          if(result) {
             Curl_formclean(&firstform);
             free(boundary);
             return result;
@@ -1305,11 +1305,11 @@ CURLcode Curl_getFormData(struct FormData **finalform,
         }
 
       }
-      else if (post->flags & HTTPPOST_BUFFER) {
+      else if(post->flags & HTTPPOST_BUFFER) {
         /* include contents of buffer */
         result = AddFormData(&form, FORM_CONTENT, post->buffer,
                              post->bufferlength, &size);
-          if (result)
+          if(result)
             break;
       }
 
@@ -1317,11 +1317,11 @@ CURLcode Curl_getFormData(struct FormData **finalform,
         /* include the contents we got */
         result = AddFormData(&form, FORM_CONTENT, post->contents,
                              post->contentslength, &size);
-        if (result)
+        if(result)
           break;
       }
-    } while ((file = file->more) != NULL); /* for each specified file for this field */
-    if (result) {
+    } while((file = file->more) != NULL); /* for each specified file for this field */
+    if(result) {
       Curl_formclean(&firstform);
       free(boundary);
       return result;
@@ -1334,12 +1334,12 @@ CURLcode Curl_getFormData(struct FormData **finalform,
                            "\r\n--%s--",
                            fileboundary);
       free(fileboundary);
-      if (result)
+      if(result)
         break;
     }
 
-  } while ((post = post->next) != NULL); /* for each field */
-  if (result) {
+  } while((post = post->next) != NULL); /* for each field */
+  if(result) {
     Curl_formclean(&firstform);
     free(boundary);
     return result;
@@ -1349,7 +1349,7 @@ CURLcode Curl_getFormData(struct FormData **finalform,
   result = AddFormDataf(&form, &size,
                        "\r\n--%s--\r\n",
                        boundary);
-  if (result) {
+  if(result) {
     Curl_formclean(&firstform);
     free(boundary);
     return result;
@@ -1488,7 +1488,7 @@ int FormAddTest(const char * errormsg,
   int result;
   va_list arg;
   va_start(arg, last_post);
-  if ((result = FormAdd(httppost, last_post, arg)))
+  if((result = FormAdd(httppost, last_post, arg)))
     fprintf (stderr, "ERROR doing FormAdd ret: %d action: %s\n", result,
              errormsg);
   va_end(arg);
@@ -1539,11 +1539,11 @@ int main(int argc, argv_item_t argv[])
   (void) argc;
   (void) argv;
 
-  if (FormAddTest("simple COPYCONTENTS test", &httppost, &last_post,
+  if(FormAddTest("simple COPYCONTENTS test", &httppost, &last_post,
                   CURLFORM_COPYNAME, name1, CURLFORM_COPYCONTENTS, value1,
                   CURLFORM_END))
     ++errors;
-  if (FormAddTest("COPYCONTENTS  + CONTENTTYPE test", &httppost, &last_post,
+  if(FormAddTest("COPYCONTENTS  + CONTENTTYPE test", &httppost, &last_post,
                   CURLFORM_COPYNAME, name2, CURLFORM_COPYCONTENTS, value2,
                   CURLFORM_CONTENTTYPE, type2, CURLFORM_END))
     ++errors;
@@ -1551,41 +1551,41 @@ int main(int argc, argv_item_t argv[])
      correctly */
   name3[1] = '\0';
   value3[1] = '\0';
-  if (FormAddTest("PTRNAME + NAMELENGTH + COPYNAME + CONTENTSLENGTH test",
+  if(FormAddTest("PTRNAME + NAMELENGTH + COPYNAME + CONTENTSLENGTH test",
                   &httppost, &last_post,
                   CURLFORM_PTRNAME, name3, CURLFORM_COPYCONTENTS, value3,
                   CURLFORM_CONTENTSLENGTH, value3length,
                   CURLFORM_NAMELENGTH, name3length, CURLFORM_END))
     ++errors;
-  if (FormAddTest("simple PTRCONTENTS test", &httppost, &last_post,
+  if(FormAddTest("simple PTRCONTENTS test", &httppost, &last_post,
                   CURLFORM_COPYNAME, name4, CURLFORM_PTRCONTENTS, value4,
                   CURLFORM_END))
     ++errors;
   /* make null character at start to check that contentslength works
      correctly */
   value5[1] = '\0';
-  if (FormAddTest("PTRCONTENTS + CONTENTSLENGTH test", &httppost, &last_post,
+  if(FormAddTest("PTRCONTENTS + CONTENTSLENGTH test", &httppost, &last_post,
                   CURLFORM_COPYNAME, name5, CURLFORM_PTRCONTENTS, value5,
                   CURLFORM_CONTENTSLENGTH, value5length, CURLFORM_END))
     ++errors;
   /* make null character at start to check that contentslength works
      correctly */
   value6[1] = '\0';
-  if (FormAddTest("PTRCONTENTS + CONTENTSLENGTH + CONTENTTYPE test",
+  if(FormAddTest("PTRCONTENTS + CONTENTSLENGTH + CONTENTTYPE test",
                   &httppost, &last_post,
                   CURLFORM_COPYNAME, name6, CURLFORM_PTRCONTENTS, value6,
                   CURLFORM_CONTENTSLENGTH, value6length,
                   CURLFORM_CONTENTTYPE, type6, CURLFORM_END))
     ++errors;
-  if (FormAddTest("FILE + CONTENTTYPE test", &httppost, &last_post,
+  if(FormAddTest("FILE + CONTENTTYPE test", &httppost, &last_post,
                   CURLFORM_COPYNAME, name7, CURLFORM_FILE, value7,
                   CURLFORM_CONTENTTYPE, type7, CURLFORM_END))
     ++errors;
-  if (FormAddTest("FILE1 + FILE2 test", &httppost, &last_post,
+  if(FormAddTest("FILE1 + FILE2 test", &httppost, &last_post,
                   CURLFORM_COPYNAME, name8, CURLFORM_FILE, value7,
                   CURLFORM_FILE, value8, CURLFORM_END))
     ++errors;
-  if (FormAddTest("FILE1 + FILE2 + FILE3 test", &httppost, &last_post,
+  if(FormAddTest("FILE1 + FILE2 + FILE3 test", &httppost, &last_post,
                   CURLFORM_COPYNAME, name9, CURLFORM_FILE, value7,
                   CURLFORM_FILE, value8, CURLFORM_FILE, value7, CURLFORM_END))
     ++errors;
@@ -1596,11 +1596,11 @@ int main(int argc, argv_item_t argv[])
   forms[2].option = CURLFORM_FILE;
   forms[2].value  = value7;
   forms[3].option  = CURLFORM_END;
-  if (FormAddTest("FILE1 + FILE2 + FILE3 ARRAY test", &httppost, &last_post,
+  if(FormAddTest("FILE1 + FILE2 + FILE3 ARRAY test", &httppost, &last_post,
                   CURLFORM_COPYNAME, name10, CURLFORM_ARRAY, forms,
                   CURLFORM_END))
     ++errors;
-  if (FormAddTest("FILECONTENT test", &httppost, &last_post,
+  if(FormAddTest("FILECONTENT test", &httppost, &last_post,
                   CURLFORM_COPYNAME, name11, CURLFORM_FILECONTENT, value7,
                   CURLFORM_END))
     ++errors;
@@ -1628,7 +1628,7 @@ int main(int argc, argv_item_t argv[])
   fprintf(stdout, "size: ");
   fprintf(stdout, CURL_FORMAT_OFF_T, size);
   fprintf(stdout, "\n");
-  if (errors)
+  if(errors)
     fprintf(stdout, "\n==> %d Test(s) failed!\n", errors);
   else
     fprintf(stdout, "\nAll Tests seem to have worked (please check output)\n");

lib/getenv.c

@@ -46,13 +46,13 @@ char *GetEnv(const char *variable)
   char env[MAX_PATH]; /* MAX_PATH is from windef.h */
   char *temp = getenv(variable);
   env[0] = '\0';
-  if (temp != NULL)
+  if(temp != NULL)
     ExpandEnvironmentStrings(temp, env, sizeof(env));
   return (env[0] != '\0')?strdup(env):NULL;
 #else
   char *env = getenv(variable);
 #ifdef VMS
-  if (env && strcmp("HOME",variable) == 0)
+  if(env && strcmp("HOME",variable) == 0)
     env = decc$translate_vms(env);
 #endif
   return (env && env[0])?strdup(env):NULL;

lib/getinfo.c

@@ -58,7 +58,7 @@ CURLcode Curl_initinfo(struct SessionHandle *data)
   info->httpversion=0;
   info->filetime=-1; /* -1 is an illegal time and thus means unknown */
 
-  if (info->contenttype)
+  if(info->contenttype)
     free(info->contenttype);
   info->contenttype = NULL;
 
@@ -214,7 +214,7 @@ CURLcode Curl_getinfo(struct SessionHandle *data, CURLINFO info, ...)
       /* determine if ssl */
       if(c->ssl[FIRSTSOCKET].use) {
         /* use the SSL context */
-        if (!Curl_ssl_check_cxn(c))
+        if(!Curl_ssl_check_cxn(c))
           *param_longp = -1;   /* FIN received */
       }
 /* Minix 3.1 doesn't support any flags on recv; just assume socket is OK */

lib/gtls.c

@@ -5,7 +5,7 @@
  *                            | (__| |_| |  _ <| |___
  *                             \___|\___/|_| \_\_____|
  *
- * Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
  *
  * This software is licensed as described in the file COPYING, which
  * you should have received as part of this distribution. The terms
@@ -43,6 +43,7 @@
 
 #include "urldata.h"
 #include "sendf.h"
+#include "inet_pton.h"
 #include "gtls.h"
 #include "sslgen.h"
 #include "parsedate.h"
@@ -97,7 +98,7 @@ int Curl_gtls_init(void)
 static int _Curl_gtls_init(void)
 {
   int ret = 1;
-  if (!gtls_inited) {
+  if(!gtls_inited) {
     ret = gnutls_global_init()?0:1;
 #ifdef GTLSDEBUG
     gnutls_global_set_log_function(tls_log_func);
@@ -110,8 +111,10 @@ static int _Curl_gtls_init(void)
 
 int Curl_gtls_cleanup(void)
 {
-  if (gtls_inited)
+  if(gtls_inited) {
     gnutls_global_deinit();
+    gtls_inited = FALSE;
+  }
   return 1;
 }
 
@@ -148,29 +151,13 @@ static CURLcode handshake(struct connectdata *conn,
 {
   struct SessionHandle *data = conn->data;
   int rc;
-  if (!gtls_inited)
+  if(!gtls_inited)
     _Curl_gtls_init();
   do {
     rc = gnutls_handshake(session);
 
     if((rc == GNUTLS_E_AGAIN) || (rc == GNUTLS_E_INTERRUPTED)) {
-      long timeout_ms = DEFAULT_CONNECT_TIMEOUT;
-      long has_passed;
-
-      if(duringconnect && data->set.connecttimeout)
-        timeout_ms = data->set.connecttimeout;
-
-      if(data->set.timeout) {
-        /* get the strictest timeout of the ones converted to milliseconds */
-        if(data->set.timeout < timeout_ms)
-          timeout_ms = data->set.timeout;
-      }
-
-      /* Evaluate in milliseconds how much time that has passed */
-      has_passed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
-
-      /* subtract the passed time */
-      timeout_ms -= has_passed;
+      long timeout_ms = Curl_timeleft(conn, NULL, duringconnect);
 
       if(timeout_ms < 0) {
         /* a precaution, no need to continue if time already is up */
@@ -198,7 +185,7 @@ static CURLcode handshake(struct connectdata *conn,
       break;
   } while(1);
 
-  if (rc < 0) {
+  if(rc < 0) {
     failf(data, "gnutls_handshake() failed: %s", gnutls_strerror(rc));
     return CURLE_SSL_CONNECT_ERROR;
   }
@@ -239,13 +226,20 @@ Curl_gtls_connect(struct connectdata *conn,
   size_t size;
   unsigned int algo;
   unsigned int bits;
-  time_t clock;
+  time_t certclock;
   const char *ptr;
   void *ssl_sessionid;
   size_t ssl_idsize;
+#ifdef ENABLE_IPV6
+  struct in6_addr addr;
+#else
+  struct in_addr addr;
+#endif
 
-  if (!gtls_inited) _Curl_gtls_init();
-  /* GnuTLS only supports TLSv1 (and SSLv3?) */
+  if(!gtls_inited)
+    _Curl_gtls_init();
+
+  /* GnuTLS only supports SSLv3 and TLSv1 */
   if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
     failf(data, "GnuTLS does not support SSLv2");
     return CURLE_SSL_CONNECT_ERROR;
@@ -269,7 +263,7 @@ Curl_gtls_connect(struct connectdata *conn,
     if(rc < 0) {
       infof(data, "error reading ca cert file %s (%s)\n",
             data->set.ssl.CAfile, gnutls_strerror(rc));
-      if (data->set.ssl.verifypeer)
+      if(data->set.ssl.verifypeer)
         return CURLE_SSL_CACERT_BADFILE;
     }
     else
@@ -287,11 +281,27 @@ Curl_gtls_connect(struct connectdata *conn,
   /* convenient assign */
   session = conn->ssl[sockindex].session;
 
+  if ((0 == Curl_inet_pton(AF_INET, conn->host.name, &addr)) &&
+#ifdef ENABLE_IPV6
+      (0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr)) &&
+#endif
+      (gnutls_server_name_set(session, GNUTLS_NAME_DNS, conn->host.name,
+                              strlen(conn->host.name)) < 0))
+    infof(data, "WARNING: failed to configure server name indication (SNI) "
+          "TLS extension\n");
+
   /* Use default priorities */
   rc = gnutls_set_default_priority(session);
   if(rc < 0)
     return CURLE_SSL_CONNECT_ERROR;
 
+  if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) {
+    int protocol_priority[] = { GNUTLS_SSL3, 0 };
+    gnutls_protocol_set_priority(session, protocol_priority);
+    if(rc < 0)
+      return CURLE_SSL_CONNECT_ERROR;
+  }
+
   /* Sets the priority on the certificate types supported by gnutls. Priority
      is higher for types specified before others. After specifying the types
      you want, you must append a 0. */
@@ -350,29 +360,30 @@ Curl_gtls_connect(struct connectdata *conn,
 
   chainp = gnutls_certificate_get_peers(session, &cert_list_size);
   if(!chainp) {
-    if(data->set.ssl.verifyhost) {
+    if(data->set.ssl.verifypeer) {
       failf(data, "failed to get server cert");
       return CURLE_PEER_FAILED_VERIFICATION;
     }
     infof(data, "\t common name: WARNING couldn't obtain\n");
   }
 
+  if(data->set.ssl.verifypeer) {
     /* This function will try to verify the peer's certificate and return its
-     status (trusted, invalid etc.). The value of status should be one or more
-     of the gnutls_certificate_status_t enumerated elements bitwise or'd. To
-     avoid denial of service attacks some default upper limits regarding the
-     certificate key size and chain size are set. To override them use
-     gnutls_certificate_set_verify_limits(). */
+       status (trusted, invalid etc.). The value of status should be one or
+       more of the gnutls_certificate_status_t enumerated elements bitwise
+       or'd. To avoid denial of service attacks some default upper limits
+       regarding the certificate key size and chain size are set. To override
+       them use gnutls_certificate_set_verify_limits(). */
 
     rc = gnutls_certificate_verify_peers2(session, &verify_status);
-  if (rc < 0) {
+    if(rc < 0) {
       failf(data, "server cert verify failed: %d", rc);
       return CURLE_SSL_CONNECT_ERROR;
     }
 
     /* verify_status is a bitmask of gnutls_certificate_status bits */
     if(verify_status & GNUTLS_CERT_INVALID) {
-    if (data->set.ssl.verifypeer) {
+      if(data->set.ssl.verifypeer) {
         failf(data, "server certificate verification failed. CAfile: %s",
               data->set.ssl.CAfile?data->set.ssl.CAfile:"none");
         return CURLE_SSL_CACERT;
@@ -382,6 +393,9 @@ Curl_gtls_connect(struct connectdata *conn,
     }
     else
       infof(data, "\t server certificate verification OK\n");
+  }
+  else
+    infof(data, "\t server certificate verification SKIPPED\n");
 
   /* initialize an X.509 certificate structure. */
   gnutls_x509_crt_init(&x509_cert);
@@ -409,7 +423,7 @@ Curl_gtls_connect(struct connectdata *conn,
   rc = gnutls_x509_crt_check_hostname(x509_cert, conn->host.name);
 
   if(!rc) {
-    if (data->set.ssl.verifyhost > 1) {
+    if(data->set.ssl.verifyhost > 1) {
       failf(data, "SSL: certificate subject name (%s) does not match "
             "target host name '%s'", certbuf, conn->host.dispname);
       gnutls_x509_crt_deinit(x509_cert);
@@ -423,15 +437,15 @@ Curl_gtls_connect(struct connectdata *conn,
     infof(data, "\t common name: %s (matched)\n", certbuf);
 
   /* Check for time-based validity */
-  clock = gnutls_x509_crt_get_expiration_time(x509_cert);
+  certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
 
-  if(clock == (time_t)-1) {
+  if(certclock == (time_t)-1) {
     failf(data, "server cert expiration date verify failed");
     return CURLE_SSL_CONNECT_ERROR;
   }
 
-  if(clock < time(NULL)) {
-    if (data->set.ssl.verifypeer) {
+  if(certclock < time(NULL)) {
+    if(data->set.ssl.verifypeer) {
       failf(data, "server certificate expiration date has passed.");
       return CURLE_PEER_FAILED_VERIFICATION;
     }
@@ -441,15 +455,15 @@ Curl_gtls_connect(struct connectdata *conn,
   else
     infof(data, "\t server certificate expiration date OK\n");
 
-  clock = gnutls_x509_crt_get_activation_time(x509_cert);
+  certclock = gnutls_x509_crt_get_activation_time(x509_cert);
 
-  if(clock == (time_t)-1) {
+  if(certclock == (time_t)-1) {
     failf(data, "server cert activation date verify failed");
     return CURLE_SSL_CONNECT_ERROR;
   }
 
-  if(clock > time(NULL)) {
-    if (data->set.ssl.verifypeer) {
+  if(certclock > time(NULL)) {
+    if(data->set.ssl.verifypeer) {
       failf(data, "server certificate not activated yet.");
       return CURLE_PEER_FAILED_VERIFICATION;
     }
@@ -484,11 +498,11 @@ Curl_gtls_connect(struct connectdata *conn,
   gnutls_x509_crt_get_dn(x509_cert, certbuf, &size);
   infof(data, "\t subject: %s\n", certbuf);
 
-  clock = gnutls_x509_crt_get_activation_time(x509_cert);
-  showtime(data, "start date", clock);
+  certclock = gnutls_x509_crt_get_activation_time(x509_cert);
+  showtime(data, "start date", certclock);
 
-  clock = gnutls_x509_crt_get_expiration_time(x509_cert);
-  showtime(data, "expire date", clock);
+  certclock = gnutls_x509_crt_get_expiration_time(x509_cert);
+  showtime(data, "expire date", certclock);
 
   size = sizeof(certbuf);
   gnutls_x509_crt_get_issuer_dn(x509_cert, certbuf, &size);
@@ -509,6 +523,8 @@ Curl_gtls_connect(struct connectdata *conn,
   ptr = gnutls_mac_get_name(gnutls_mac_get(session));
   infof(data, "\t MAC: %s\n", ptr);
 
+  conn->ssl[sockindex].state = ssl_connection_complete;
+
   if(!ssl_sessionid) {
     /* this session was not previously in the cache, add it now */
 
@@ -553,16 +569,16 @@ void Curl_gtls_close_all(struct SessionHandle *data)
 }
 
 static void close_one(struct connectdata *conn,
-                      int index)
+                      int idx)
 {
-  if(conn->ssl[index].session) {
-    gnutls_bye(conn->ssl[index].session, GNUTLS_SHUT_RDWR);
-    gnutls_deinit(conn->ssl[index].session);
-    conn->ssl[index].session = NULL;
+  if(conn->ssl[idx].session) {
+    gnutls_bye(conn->ssl[idx].session, GNUTLS_SHUT_RDWR);
+    gnutls_deinit(conn->ssl[idx].session);
+    conn->ssl[idx].session = NULL;
   }
-  if(conn->ssl[index].cred) {
-    gnutls_certificate_free_credentials(conn->ssl[index].cred);
-    conn->ssl[index].cred = NULL;
+  if(conn->ssl[idx].cred) {
+    gnutls_certificate_free_credentials(conn->ssl[idx].cred);
+    conn->ssl[idx].cred = NULL;
   }
 }
 
@@ -670,12 +686,12 @@ ssize_t Curl_gtls_recv(struct connectdata *conn, /* connection data */
   }
 
   *wouldblock = FALSE;
-  if (!ret) {
+  if(!ret) {
     failf(conn->data, "Peer closed the TLS connection");
     return -1;
   }
 
-  if (ret < 0) {
+  if(ret < 0) {
     failf(conn->data, "GnuTLS recv error (%d): %s",
           (int)ret, gnutls_strerror(ret));
     return -1;