7.19.2 coming up

paused.

CHANGES

@@ -6,6 +6,46 @@
 
                                   Changelog
 
+Version 7.19.2 (13 November 2008)
+
+Michal Marek (13 Nov 2008)
+- Fixed a potential data loss in Curl_client_write() when the transfer is
+  paused.
+
+Daniel Stenberg (11 Nov 2008)
+- Rainer Canavan filed bug #2255627
+  (http://curl.haxx.se/bug/view.cgi?id=2255627) which pointed out that a
+  program using libcurl's multi interface to download a HTTPS page with a
+  libcurl built powered by OpenSSL, would easily get silly and instead hand
+  over SSL details as data instead of the actual HTTP headers and body. This
+  happened because libcurl would consider the connection handshake done too
+  early. This problem was introduced at September 22nd 2008 with my fix of the
+  bug #2107377
+
+  The correct fix is now instead done within the GnuTLS-handling code, as both
+  the OpenSSL and the NSS code already deal with this situation in similar
+  fashion. I added test case 560 in an attempt to verify this fix, but
+  unfortunately it didn't trigger it even before this fix!
+
+Yang Tse (11 Nov 2008)
+- Related with bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535)
+  Daniel Fandrich noticed that curl_addrinfo was also missing in the build
+  process of other four non-configure platforms. Added now.
+
+Daniel Fandrich (7 Nov 2008)
+- The getifaddrs() version of Curl_if2ip() crashed when used on a Linux
+  system with a TEQL load-balancing device configured, which doesn't
+  have an address.  Thanks to Adam Sampson for spotting this (bug #2234923).
+
+Yang Tse (6 Nov 2008)
+- Merged existing IPv4 and IPv6 Curl_ip2addr functions into a single one
+  which now also takes a protocol address family argument.
+
+- Bug #2230535 (http://curl.haxx.se/bug/view.cgi?id=2230535) pointed out a
+  problem with MSVC 6 makefile that caused a build failure. It was noted that
+  the curl_addrinfo.obj reference was missing. I took the opportunity to sort
+  the list in which this was missing. Issue submitted by John Wilkinson.
+
 Version 7.19.1 (5 November 2008)
 
 Daniel Stenberg (4 Nov 2008)

RELEASE-NOTES

@@ -1,6 +1,6 @@
-Curl and libcurl 7.19.1
+Curl and libcurl 7.19.2
 
- Public curl releases:         107
+ Public curl releases:         108
  Command line options:         128
  curl_easy_setopt() options:   158
  Public functions in libcurl:  58
@@ -9,41 +9,14 @@ Curl and libcurl 7.19.1
 
 This release includes the following changes:
 
- o pkg-config can now show supported_protocols and supported_features
+ o 
- o Added CURLOPT_CERTINFO and CURLINFO_CERTINFO
- o Added CURLOPT_POSTREDIR
- o Better detect HTTP 1.0 servers and don't do HTTP 1.1 requests on them
- o configure --disable-proxy disables proxy support
- o Added CURLOPT_USERNAME and CURLOPT_PASSWORD
- o --interface now works with IPv6 connections on glibc systems
- o Added CURLOPT_PROXYUSERNAME and CURLOPT_PROXYPASSWORD
 
 This release includes the following bugfixes:
 
- o MingW32 non-configure builds are now largefile feature enabled by default
+ o build failure when using MSVC 6 makefile and on four platforms more
- o NetWare LIBC builds are now largefile feature enabled by default
+ o crash when using --interface name on Linux systems with a TEQL device
- o curl_easy_pause() could behave wrongly on unpause
+ o using the multi interface to download a HTTPS page with libcurl built
- o cookies with invalid expire dates are now considered expired
+   powered by OpenSSL could download "rubbish" instead of actual content
- o HTTP pipelining over proxy
- o fix regression in configure script which affected OpenSSL builds on MSYS
- o GnuTLS-based multi interface doing HTTPS over proxy failed
- o recv() failures cause CURLE_RECV_ERROR
- o SFTP over SOCKS crash fixed
- o thread-safety issues addressed for NSS-powered libcurls
- o removed the use of mktime() and gmtime(_r)() in date parsing and conversions
- o HTTP Digest with a blank realm did wrong
- o CURLINFO_REDIRECT_URL didn't work with the multi interface
- o CURLOPT_RANGE now works for SFTP downloads
- o FTP SIZE response 550 now causes CURLE_REMOTE_FILE_NOT_FOUND
- o CURLINFO_PRIMARY_IP fixed for persistent connection re-use cases
- o remove_handle/add_handle multi interface timer callback flaw
- o CURLINFO_REDIRECT_URL memory leak and wrong-doing
- o case insensitive string matching works in Turkish too
- o Solaris builds get _REENTRANT defined properly and work again
- o Garbage sent on chunky upload after curl_easy_pause()
- o ipv4 name resolves when libcurl is built with ipv6-enabled c-ares
- o undersized IPv6 address internal buffer truncated long IPv6 addresses
- o CURLINFO_FILETIME works for file:// transfers as well
 
 This release includes the following known bugs:
 
@@ -56,12 +29,7 @@ Other curl-related news:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:
 
- Keith Mok, Yang Tse, Daniel Fandrich, Guenter Knauf, Dmitriy Sergeyev,
+ John Wilkinson, Adam Sampson, Daniel Fandrich, Yang Tse, Rainer Canavan,
- Linus Nielsen Feltzing, Martin Drasar, Stefan Krause, Dmitry Kurochkin,
+ Michal Marek
- Mike Revi, Andres Garcia, Michael Goffioul, Markus Moeller, Rob Crittenden,
- Jamie Lokier, Emanuele Bovisio, Maxim Ivanov, Ian Lynagh, Daniel Egger,
- Igor Novoseltsev, John Wilkinson, Pascal Terjan, Steve Roskowski,
- Daniel Johnson
- 
 
         Thanks! (and sorry if I forgot to mention someone)

TODO-RELEASE

@@ -1,18 +1,13 @@
-To be addressed before 7.19.1 (planned release: November 2008)
+To be addressed in 7.19.3 (planned release: January 2009)
-=============================
-
-To be addressed in 7.19.2 (planned release: January 2009)
 =========================
 
-188 - "Curl keep special character in filename when saving" bug #2192220
-
-189 - "NTLM authentication and POST wrong behavior" bug #2203193
-
-190 - "Using NTLM proxy will lose form-data. Makes NTLM unusable." bug #2210686
-
 191 - "proposed patch for curl/libssh2 bugfix"
       http://curl.haxx.se/mail/archive-2008-10/0000.html
 
+192 - "infinite loop during GSS authentication" bug #2221237
 
-192 - 
+193 - Fix zero-byte file transfers
 
+194 - remove "Pragma: no-cache" from default HTTP requests
+
+195 - 

configure.ac

@@ -2016,11 +2016,13 @@ CURL_CHECK_MSG_NOSIGNAL
 CURL_CHECK_FUNC_ALARM
 CURL_CHECK_FUNC_FDOPEN
 CURL_CHECK_FUNC_FREEADDRINFO
+CURL_CHECK_FUNC_FREEIFADDRS
 CURL_CHECK_FUNC_FTRUNCATE
 CURL_CHECK_FUNC_GETADDRINFO
 CURL_CHECK_FUNC_GETHOSTBYADDR_R
 CURL_CHECK_FUNC_GETHOSTBYNAME_R
 CURL_CHECK_FUNC_GETHOSTNAME
+CURL_CHECK_FUNC_GETIFADDRS
 CURL_CHECK_FUNC_GETSERVBYPORT_R
 CURL_CHECK_FUNC_GMTIME_R
 CURL_CHECK_FUNC_INET_NTOA_R
@@ -2063,7 +2065,6 @@ AC_CHECK_FUNCS([basename \
   fork \
   geteuid \
   gethostbyaddr \
-  getifaddrs \
   getpass_r \
   getppid \
   getprotobyname \

docs/THANKS

@@ -182,6 +182,7 @@ Edin Kadribasic
 Eduard Bloch
 Eetu Ojanen
 Ellis Pritchard
+Emanuele Bovisio
 Emil Romanus
 Emiliano Ida
 Enrico Scholz
@@ -257,10 +258,12 @@ Henrik Storner
 Hzhijun
 Ian Ford
 Ian Gulliver
+Ian Lynagh
 Ian Turner
 Ian Wilkes
 Ignacio Vazquez-Abrams
 Igor Franchuk
+Igor Novoseltsev
 Igor Polyakov
 Ilguiz Latypov
 Ilja van Sprundel
@@ -317,6 +320,7 @@ John Kelly
 John Lask
 John Lightsey
 John McGowan
+John Wilkinson
 Johnny Luong
 Jon Grubbs
 Jon Travis
@@ -348,6 +352,7 @@ Katie Wang
 Kees Cook
 Keith MacDonald
 Keith McGuigan
+Keith Mok
 Ken Hirsch
 Ken Rastatter
 Kent Boortz
@@ -407,6 +412,7 @@ Markus Moeller
 Markus Oberhumer
 Martijn Koster
 Martin C. Martin
+Martin Drasar
 Martin Hedenfalk
 Martin Skinner
 Marty Kuhrt
@@ -422,12 +428,14 @@ Matthew Blain
 Matthew Clarke
 Maurice Barnum
 Max Katsev
+Maxim Ivanov
 Maxim Perenesenko
 Mekonikum
 Mettgut Jamalla
 Michael Benedict
 Michael Calmer
 Michael Curtis
+Michael Goffioul
 Michael Jahn
 Michael Jerris
 Michael Mealling
@@ -441,6 +449,7 @@ Mike Bytnar
 Mike Dobbs
 Mike Hommey
 Mike Protts
+Mike Revi
 Miklos Nemeth
 Mitz Wark
 Mohamed Lrhazi
@@ -475,6 +484,7 @@ Olaf Stueben
 Olaf St<53>ben
 Oren Tirosh
 P R Schaffner
+Pascal Terjan
 Patrick Bihan-Faou
 Patrick Monnerat
 Patrick Smith
@@ -606,6 +616,7 @@ Steve Lhomme
 Steve Little
 Steve Marx
 Steve Oliphant
+Steve Roskowski
 Steven Bazyl
 Steven G. Johnson
 Stoned Elipot

docs/TODO

@@ -15,16 +15,12 @@
  1.1 Zero-copy interface
  1.2 More data sharing
  1.3 struct lifreq
- 1.4 Get IP address
+ 1.4 signal-based resolver timeouts
- 1.5 c-ares ipv6
- 1.6 configure-based info in public headers
- 1.7 signal-based resolver timeouts
 
  2. libcurl - multi interface
  2.1 More non-blocking
- 2.2 Pause transfers
+ 2.2 Remove easy interface internally
- 2.3 Remove easy interface internally
+ 2.3 Avoid having to remove/readd handles
- 2.4 Avoid having to remove/readd handles
 
  3. Documentation
  3.1  More and better
@@ -39,9 +35,8 @@
  4.7 ASCII support
 
  5. HTTP
- 5.1 Other HTTP versions with CONNECT
+ 5.1 Better persistency for HTTP 1.0
- 5.2 Better persistency for HTTP 1.0
+ 5.2 support FF3 sqlite cookie files
- 5.3 support FF3 sqlite cookie files
 
  6. TELNET
  6.1 ditch stdin
@@ -52,14 +47,13 @@
  7. SSL
  7.1 Disable specific versions
  7.2 Provide mutex locking API
- 7.3 dumpcert
+ 7.3 Evaluate SSL patches
- 7.4 Evaluate SSL patches
+ 7.4 Cache OpenSSL contexts
- 7.5 Cache OpenSSL contexts
+ 7.5 Export session ids
- 7.6 Export session ids
+ 7.6 Provide callback for cert verification
- 7.7 Provide callback for cert verification
+ 7.7 Support other SSL libraries
- 7.8 Support other SSL libraries
+ 7.8  Support SRP on the TLS layer
- 7.9  Support SRP on the TLS layer
+ 7.9 improve configure --with-ssl
- 7.10 improve configure --with-ssl
 
  8. GnuTLS
  8.1 Make NTLM work without OpenSSL functions
@@ -132,37 +126,7 @@
  SIOCGIFADDR on newer Solaris versions as they claim the latter is obsolete.
  To support ipv6 interface addresses for network interfaces properly.
 
-1.4 Get IP address
+1.4 signal-based resolver timeouts
-
- Add the following to curl_easy_getinfo(): GET_HTTP_IP, GET_FTP_IP and
- GET_FTP_DATA_IP. Return a string with the used IP.
-
-1.5 c-ares ipv6
-
- Make libcurl built with c-ares use c-ares' IPv6 abilities. They weren't
- present when we first added c-ares support but they have been added since!
- When this is done and works, we can actually start considering making c-ares
- powered libcurl the default build (which of course would require that we'd
- bundle the c-ares source code in the libcurl source code releases).
-
-1.6 configure-based info in public headers
-
- Make the public headers include the proper system includes based on what was
- present at the time when configure was run. Currently, the sys/select.h
- header is for example included by curl/multi.h only on specific platforms we
- know MUST have it. This is error-prone. We therefore want the header files to
- adapt to configure results. Those results must be stored in a new header and
- they must use a curl name space, i.e not be HAVE_* prefix (as that would risk
- a collision with other apps that use libcurl and that runs configure).
-
- Work on this has been started but hasn't been finished, and the initial patch
- and some details are found here:
- http://curl.haxx.se/mail/lib-2006-12/0084.html
-
- The remaining problems to solve involve the platforms that can't run
- configure.
-
-1.7 signal-based resolver timeouts
 
  libcurl built without an asynchronous resolver library uses alarm() to time
  out DNS lookups. When a timeout occurs, this causes libcurl to jump from the
@@ -181,17 +145,7 @@
  Make sure we don't ever loop because of non-blocking sockets returning
  EWOULDBLOCK or similar. The GnuTLS connection etc.
 
-2.2 Pause transfers
+2.2 Remove easy interface internally
-
- Make transfers treated more carefully. We need a way to tell libcurl we have
- data to write, as the current system expects us to upload data each time the
- socket is writable and there is no way to say that we want to upload data
- soon just not right now, without that aborting the upload. The opposite
- situation should be possible as well, that we tell libcurl we're ready to
- accept read data. Today libcurl feeds the data as soon as it is available for
- reading, no matter what.
-
-2.3 Remove easy interface internally
 
  Make curl_easy_perform() a wrapper-function that simply creates a multi
  handle, adds the easy handle to it, runs curl_multi_perform() until the
@@ -200,7 +154,7 @@
  internally use and assume the multi interface. The select()-loop should use
  curl_multi_socket().
 
-2.4 Avoid having to remove/readd handles
+2.3 Avoid having to remove/readd handles
 
  curl_multi_handle_control() - this can control the easy handle (while) added
  to a multi handle in various ways:
@@ -269,18 +223,12 @@
 
 5. HTTP
 
-5.1 Other HTTP versions with CONNECT
+5.1 Better persistency for HTTP 1.0
-
- When doing CONNECT to a HTTP proxy, libcurl always uses HTTP/1.0. This has
- never been reported as causing trouble to anyone, but should be considered to
- use the HTTP version the user has chosen.
-
-5.2 Better persistency for HTTP 1.0
 
  "Better" support for persistent connections over HTTP 1.0
  http://curl.haxx.se/bug/feature.cgi?id=1089001
 
-5.3 support FF3 sqlite cookie files
+5.2 support FF3 sqlite cookie files
 
  Firefox 3 is changing from its former format to a a sqlite database instead.
  We should consider how (lib)curl can/should support this.
@@ -323,17 +271,12 @@ to provide the data to send.
  library, so that the same application code can use mutex-locking
  independently of OpenSSL or GnutTLS being used.
 
-7.3 dumpcert
+7.3 Evaluate SSL patches
-
- Anton Fedorov's "dumpcert" patch:
- http://curl.haxx.se/mail/lib-2004-03/0088.html
-
-7.4 Evaluate SSL patches
 
  Evaluate/apply Gertjan van Wingerde's SSL patches:
  http://curl.haxx.se/mail/lib-2004-03/0087.html
 
-7.5 Cache OpenSSL contexts
+7.4 Cache OpenSSL contexts
 
  "Look at SSL cafile - quick traces look to me like these are done on every
  request as well, when they should only be necessary once per ssl context (or
@@ -343,7 +286,7 @@ to provide the data to send.
  style connections are re-used. It will make us use slightly more memory but
  it will libcurl do less creations and deletions of SSL contexts.
 
-7.6 Export session ids
+7.5 Export session ids
 
  Add an interface to libcurl that enables "session IDs" to get
  exported/imported. Cris Bailiff said: "OpenSSL has functions which can
@@ -351,24 +294,24 @@ to provide the data to send.
  the state from such a buffer at a later date - this is used by mod_ssl for
  apache to implement and SSL session ID cache".
 
-7.7 Provide callback for cert verification
+7.6 Provide callback for cert verification
 
  OpenSSL supports a callback for customised verification of the peer
  certificate, but this doesn't seem to be exposed in the libcurl APIs. Could
  it be? There's so much that could be done if it were!
 
-7.8 Support other SSL libraries
+7.7 Support other SSL libraries
 
  Make curl's SSL layer capable of using other free SSL libraries.  Such as
  MatrixSSL (http://www.matrixssl.org/).
 
-7.9  Support SRP on the TLS layer
+7.8  Support SRP on the TLS layer
 
  Peter Sylvester's patch for SRP on the TLS layer.  Awaits OpenSSL support for
  this, no need to support this in libcurl before there's an OpenSSL release
  that does it.
 
-7.10 improve configure --with-ssl
+7.9 improve configure --with-ssl
 
  make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
  then NSS...

docs/libcurl/curl_easy_setopt.3

@@ -1315,15 +1315,15 @@ Pass a long as parameter. It contains the time in seconds that the transfer
 should be below the \fICURLOPT_LOW_SPEED_LIMIT\fP for the library to consider
 it too slow and abort.
 .IP CURLOPT_MAX_SEND_SPEED_LARGE
-Pass a curl_off_t as parameter.  If an upload exceeds this speed on cumulative
+Pass a curl_off_t as parameter.  If an upload exceeds this speed (counted in
-average during the transfer, the transfer will pause to keep the average rate
+bytes per second) on cumulative average during the transfer, the transfer will
-less than or equal to the parameter value.  Defaults to unlimited
+pause to keep the average rate less than or equal to the parameter value.
-speed. (Added in 7.15.5)
+Defaults to unlimited speed. (Added in 7.15.5)
 .IP CURLOPT_MAX_RECV_SPEED_LARGE
-Pass a curl_off_t as parameter.  If a download exceeds this speed on
+Pass a curl_off_t as parameter.  If a download exceeds this speed (counted in
-cumulative average during the transfer, the transfer will pause to keep the
+bytes per second) on cumulative average during the transfer, the transfer will
-average rate less than or equal to the parameter value. Defaults to unlimited
+pause to keep the average rate less than or equal to the parameter
-speed. (Added in 7.15.5)
+value. Defaults to unlimited speed. (Added in 7.15.5)
 .IP CURLOPT_MAXCONNECTS
 Pass a long. The set number will be the persistent connection cache size. The
 set amount will be the maximum amount of simultaneously open connections that

include/curl/curlver.h

@@ -31,13 +31,13 @@
 
 /* This is the version number of the libcurl package from which this header
    file origins: */
-#define LIBCURL_VERSION "7.19.1-CVS"
+#define LIBCURL_VERSION "7.19.2-CVS"
 
 /* The numeric version number is also available "in parts" by using these
    defines: */
 #define LIBCURL_VERSION_MAJOR 7
 #define LIBCURL_VERSION_MINOR 19
-#define LIBCURL_VERSION_PATCH 1
+#define LIBCURL_VERSION_PATCH 2
 
 /* This is the numeric version of the libcurl version number, meant for easier
    parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -54,7 +54,7 @@
    and it is always a greater number in a more recent release. It makes
    comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071301
+#define LIBCURL_VERSION_NUM 0x071302
 
 /*
  * This is the date and time when the full source package was created. The

lib/Makefile.m32

@@ -5,7 +5,7 @@
 ## and optionally OpenSSL (0.9.8), libssh2 (0.18), zlib (1.2.3)
 ##
 ## Usage:
-## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
+## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [IDN=1] [SSPI=1] [IPV6=1] [LDAPS=1] [DYN=1]
 ##
 ## Hint: you can also set environment vars to control the build, f.e.:
 ## set ZLIB_PATH=c:/zlib-1.2.3
@@ -21,12 +21,16 @@ ZLIB_PATH = ../../zlib-1.2.3
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8g
+OPENSSL_PATH = ../../openssl-0.9.8i
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
 LIBSSH2_PATH = ../../libssh2-0.18
 endif
+# Edit the path below to point to the base of your libidn package.
+ifndef LIBIDN_PATH
+LIBIDN_PATH = ../../libidn-1.11
+endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
 LDAP_SDK = c:/novell/ndk/cldapsdk/win32
@@ -72,6 +76,11 @@ ifdef ZLIB
   CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H
   DLL_LIBS += -L$(ZLIB_PATH) -lz
 endif
+ifdef IDN
+  INCLUDES += -I"$(LIBIDN_PATH)/include"
+  CFLAGS += -DUSE_LIBIDN
+  DLL_LIBS += -L$(LIBIDN_PATH)/lib -lidn
+endif
 ifdef SSPI
   CFLAGS += -DUSE_WINDOWS_SSPI
 endif

lib/Makefile.netware

@@ -20,7 +20,7 @@ endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8h
+OPENSSL_PATH = ../../openssl-0.9.8i
 endif
 
 # Edit the path below to point to the base of your LibSSH2 package.
@@ -28,6 +28,11 @@ ifndef LIBSSH2_PATH
 LIBSSH2_PATH = ../../libssh2-0.18
 endif
 
+# Edit the path below to point to the base of your libidn package.
+ifndef LIBIDN_PATH
+LIBIDN_PATH = ../../libidn-1.11
+endif
+
 ifndef INSTDIR
 INSTDIR	= ..$(DS)curl-$(LIBCURL_VERSION_STR)-bin-nw
 endif
@@ -183,6 +188,10 @@ else
 	IMPORTS += @$(ZLIB_PATH)/nw/$(LIBARCH)/libz.imp
 endif
 endif
+ifdef WITH_IDN
+	INCLUDES += -I$(LIBIDN_PATH)/include
+	LDLIBS += $(LIBIDN_PATH)/lib/libidn.$(LIBEXT)
+endif
 
 ifeq ($(LIBARCH),LIBC)
 	INCLUDES += -I$(SDK_LIBC)/include
@@ -536,6 +545,10 @@ endif
 ifdef WITH_SSH2
 	@echo $(DL)#define USE_LIBSSH2 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LIBSSH2_H 1$(DL) >> $@
+endif
+ifdef WITH_IDN
+	@echo $(DL)#define HAVE_LIBIDN 1$(DL) >> $@
+	@echo $(DL)#define HAVE_TLD_H 1$(DL) >> $@
 endif
 	@echo $(DL)#ifdef __GNUC__$(DL) >> $@
 	@echo $(DL)#define HAVE_VARIADIC_MACROS_GCC 1$(DL) >> $@

lib/Makefile.riscos

@@ -7,13 +7,13 @@ objs =	o.base64 o.connect o.cookie o.dict \
 	o.dllinit o.easy o.escape o.file \
 	o.formdata o.ftp o.getenv \
 	o.getinfo o.getpass o.hostip \
-    o.hostip4 o.hostsyn o.http \
+	o.hostip4 o.hostsyn o.http \
 	o.http_chunks o.inet_ntop o.inet_pton o.if2ip o.krb4 o.ldap \
 	o.memdebug o.mprintf o.netrc o.parsedate o.progress \
 	o.security o.select o.sendf o.speedcheck o.ssluse \
 	o.strequal o.strtok o.telnet o.timeval \
 	o.transfer o.url o.version o.strtoofft o.sslgen o.gtls \
-	o.rawstr
+	o.rawstr o.curl_addrinfo
 
 # Compile options:
 linkopts	= -o libcurl
@@ -33,6 +33,9 @@ o.connect:	c.connect
 o.cookie:	c.cookie
 		gcc $(compileropts) -c -o cookie.o c.cookie
 
+o.curl_addrinfo:	c.curl_addrinfo
+		gcc $(compileropts) -c -o curl_addrinfo.o c.curl_addrinfo
+
 o.dict:	c.dict
 		gcc $(compileropts) -c -o dict.o c.dict
 

lib/Makefile.vc6

@@ -426,62 +426,63 @@ clean:
 #
 X_OBJS= \
 	$(DIROBJ)\base64.obj \
+	$(DIROBJ)\connect.obj \
+	$(DIROBJ)\content_encoding.obj \
 	$(DIROBJ)\cookie.obj \
-	$(DIROBJ)\transfer.obj \
+	$(DIROBJ)\curl_addrinfo.obj \
+	$(DIROBJ)\dict.obj \
+	$(DIROBJ)\easy.obj \
 	$(DIROBJ)\escape.obj \
+	$(DIROBJ)\file.obj \
 	$(DIROBJ)\formdata.obj \
 	$(DIROBJ)\ftp.obj \
-	$(DIROBJ)\http.obj \
-	$(DIROBJ)\http_chunks.obj \
-	$(DIROBJ)\ldap.obj \
-	$(DIROBJ)\dict.obj \
-	$(DIROBJ)\telnet.obj \
-	$(DIROBJ)\parsedate.obj \
 	$(DIROBJ)\getenv.obj \
+	$(DIROBJ)\getinfo.obj \
 	$(DIROBJ)\gtls.obj \
-	$(DIROBJ)\inet_pton.obj \
+	$(DIROBJ)\hash.obj \
-	$(DIROBJ)\hostip.obj \
-	$(DIROBJ)\hostasyn.obj \
-	$(DIROBJ)\hostsyn.obj \
 	$(DIROBJ)\hostares.obj \
-	$(DIROBJ)\hostthre.obj \
+	$(DIROBJ)\hostasyn.obj \
+	$(DIROBJ)\hostip.obj \
 	$(DIROBJ)\hostip4.obj \
 	$(DIROBJ)\hostip6.obj \
-	$(DIROBJ)\inet_ntop.obj \
+	$(DIROBJ)\hostsyn.obj \
-	$(DIROBJ)\if2ip.obj \
+	$(DIROBJ)\hostthre.obj \
-	$(DIROBJ)\mprintf.obj \
+	$(DIROBJ)\http.obj \
-	$(DIROBJ)\netrc.obj \
+	$(DIROBJ)\http_chunks.obj \
-	$(DIROBJ)\progress.obj \
-	$(DIROBJ)\sendf.obj \
-	$(DIROBJ)\speedcheck.obj \
-	$(DIROBJ)\sslgen.obj \
-	$(DIROBJ)\ssluse.obj \
-	$(DIROBJ)\timeval.obj \
-	$(DIROBJ)\url.obj \
-	$(DIROBJ)\file.obj \
-	$(DIROBJ)\getinfo.obj \
-	$(DIROBJ)\version.obj \
-	$(DIROBJ)\easy.obj \
-	$(DIROBJ)\strequal.obj \
-	$(DIROBJ)\strtok.obj \
-	$(DIROBJ)\strtoofft.obj \
-	$(DIROBJ)\connect.obj \
-	$(DIROBJ)\hash.obj \
-	$(DIROBJ)\llist.obj \
-	$(DIROBJ)\share.obj \
-	$(DIROBJ)\multi.obj \
 	$(DIROBJ)\http_digest.obj \
-        $(DIROBJ)\http_negotiate.obj \
+	$(DIROBJ)\http_negotiate.obj \
-        $(DIROBJ)\http_ntlm.obj \
+	$(DIROBJ)\http_ntlm.obj \
+	$(DIROBJ)\if2ip.obj \
+	$(DIROBJ)\inet_ntop.obj \
+	$(DIROBJ)\inet_pton.obj \
+	$(DIROBJ)\ldap.obj \
+	$(DIROBJ)\llist.obj \
 	$(DIROBJ)\md5.obj \
 	$(DIROBJ)\memdebug.obj \
-	$(DIROBJ)\strerror.obj \
+	$(DIROBJ)\mprintf.obj \
-	$(DIROBJ)\select.obj \
+	$(DIROBJ)\multi.obj \
-	$(DIROBJ)\content_encoding.obj \
+	$(DIROBJ)\netrc.obj \
-	$(DIROBJ)\tftp.obj \
+	$(DIROBJ)\parsedate.obj \
-	$(DIROBJ)\splay.obj \
+	$(DIROBJ)\progress.obj \
-	$(DIROBJ)\socks.obj \
 	$(DIROBJ)\rawstr.obj \
+	$(DIROBJ)\select.obj \
+	$(DIROBJ)\sendf.obj \
+	$(DIROBJ)\share.obj \
+	$(DIROBJ)\socks.obj \
+	$(DIROBJ)\speedcheck.obj \
+	$(DIROBJ)\splay.obj \
+	$(DIROBJ)\sslgen.obj \
+	$(DIROBJ)\ssluse.obj \
+	$(DIROBJ)\strequal.obj \
+	$(DIROBJ)\strerror.obj \
+	$(DIROBJ)\strtok.obj \
+	$(DIROBJ)\strtoofft.obj \
+	$(DIROBJ)\telnet.obj \
+	$(DIROBJ)\tftp.obj \
+	$(DIROBJ)\timeval.obj \
+	$(DIROBJ)\transfer.obj \
+	$(DIROBJ)\url.obj \
+	$(DIROBJ)\version.obj \
 	$(RESOURCE)
 
 all : $(TARGET)

lib/connect.c

@@ -91,7 +91,6 @@
 #include "multiif.h"
 #include "sockaddr.h" /* required for Curl_sockaddr_storage */
 #include "inet_ntop.h"
-#include "inet_pton.h"
 #include "sslgen.h" /* for Curl_ssl_check_cxn() */
 
 /* The last #include file should be: */

lib/curl_addrinfo.c

@@ -190,7 +190,8 @@ Curl_getaddrinfo_ex(const char *nodename,
 
   *result = cafirst;
 
-  return error; /* This is not a CURLcode */
+  /* This is not a CURLcode */
+  return error;
 }
 #endif /* HAVE_GETADDRINFO */
 
@@ -254,6 +255,8 @@ Curl_he2ai(const struct hostent *he, int port)
     /* no input == no output! */
     return NULL;
 
+  DEBUGASSERT((he->h_name != NULL) && (he->h_addr_list != NULL));
+
   for(i=0; (curr = he->h_addr_list[i]) != NULL; i++) {
 
     int ss_size;
@@ -300,7 +303,7 @@ Curl_he2ai(const struct hostent *he, int port)
 
     switch (ai->ai_family) {
     case AF_INET:
-      addr = (struct sockaddr_in *)ai->ai_addr; /* storage area for this info */
+      addr = (void *)ai->ai_addr; /* storage area for this info */
 
       memcpy(&addr->sin_addr, curr, sizeof(struct in_addr));
       addr->sin_family = (unsigned short)(he->h_addrtype);
@@ -309,7 +312,7 @@ Curl_he2ai(const struct hostent *he, int port)
 
 #ifdef ENABLE_IPV6
     case AF_INET6:
-      addr6 = (struct sockaddr_in6 *)ai->ai_addr; /* storage area for this info */
+      addr6 = (void *)ai->ai_addr; /* storage area for this info */
 
       memcpy(&addr6->sin6_addr, curr, sizeof(struct in6_addr));
       addr6->sin6_family = (unsigned short)(he->h_addrtype);
@@ -330,6 +333,100 @@ Curl_he2ai(const struct hostent *he, int port)
 }
 
 
+struct namebuff {
+  struct hostent hostentry;
+  union {
+    struct in_addr  ina4;
+#ifdef ENABLE_IPV6
+    struct in6_addr ina6;
+#endif
+  } addrentry;
+  char *h_addr_list[2];
+};
+
+
+/*
+ * Curl_ip2addr()
+ *
+ * This function takes an internet address, in binary form, as input parameter
+ * along with its address family and the string version of the address, and it
+ * returns a Curl_addrinfo chain filled in correctly with information for the
+ * given address/host
+ */
+
+Curl_addrinfo *
+Curl_ip2addr(int af, const void *inaddr, const char *hostname, int port)
+{
+  Curl_addrinfo *ai;
+
+#if defined(VMS) && \
+    defined(__INITIAL_POINTER_SIZE) && (__INITIAL_POINTER_SIZE == 64)
+#pragma pointer_size save
+#pragma pointer_size short
+#pragma message disable PTRMISMATCH
+#endif
+
+  struct hostent  *h;
+  struct namebuff *buf;
+  char  *addrentry;
+  char  *hoststr;
+  int    addrsize;
+
+  DEBUGASSERT(inaddr && hostname);
+
+  buf = malloc(sizeof(struct namebuff));
+  if(!buf)
+    return NULL;
+
+  hoststr = strdup(hostname);
+  if(!hoststr) {
+    free(buf);
+    return NULL;
+  }
+
+  switch(af) {
+  case AF_INET:
+    addrsize = sizeof(struct in_addr);
+    addrentry = (void *)&buf->addrentry.ina4;
+    memcpy(addrentry, inaddr, sizeof(struct in_addr));
+    break;
+#ifdef ENABLE_IPV6
+  case AF_INET6:
+    addrsize = sizeof(struct in6_addr);
+    addrentry = (void *)&buf->addrentry.ina6;
+    memcpy(addrentry, inaddr, sizeof(struct in6_addr));
+    break;
+#endif
+  default:
+    free(hoststr);
+    free(buf);
+    return NULL;
+  }
+
+  h = &buf->hostentry;
+  h->h_name = hoststr;
+  h->h_aliases = NULL;
+  h->h_addrtype = (short)af;
+  h->h_length = (short)addrsize;
+  h->h_addr_list = &buf->h_addr_list[0];
+  h->h_addr_list[0] = addrentry;
+  h->h_addr_list[1] = NULL; /* terminate list of entries */
+
+#if defined(VMS) && \
+    defined(__INITIAL_POINTER_SIZE) && (__INITIAL_POINTER_SIZE == 64)
+#pragma pointer_size restore
+#pragma message enable PTRMISMATCH
+#endif
+
+  ai = Curl_he2ai(h, port);
+
+  free(hoststr);
+  free(buf);
+
+  return ai;
+}
+
+
 #if defined(CURLDEBUG) && defined(HAVE_FREEADDRINFO)
 /*
  * curl_dofreeaddrinfo()

lib/curl_addrinfo.h

@@ -78,6 +78,8 @@ Curl_getaddrinfo_ex(const char *nodename,
 Curl_addrinfo *
 Curl_he2ai(const struct hostent *he, int port);
 
+Curl_addrinfo *
+Curl_ip2addr(int af, const void *inaddr, const char *hostname, int port);
 
 #if defined(CURLDEBUG) && defined(HAVE_FREEADDRINFO)
 void

lib/ftp.c

@@ -85,6 +85,7 @@
 #include "connect.h"
 #include "strerror.h"
 #include "inet_ntop.h"
+#include "inet_pton.h"
 #include "select.h"
 #include "parsedate.h" /* for the week day and month names */
 #include "sockaddr.h" /* required for Curl_sockaddr_storage */
@@ -1105,41 +1106,39 @@ static CURLcode ftp_state_use_port(struct connectdata *conn,
 
   (void)fcmd; /* not used in the IPv4 code */
   if(ftpportstr) {
-    in_addr_t in;
+    struct in_addr in;
 
-    /* First check if the given name is an IP address */
+    /* First check if the given string is an IP address */
-    in=inet_addr(ftpportstr);
+    if(Curl_inet_pton(AF_INET, ftpportstr, &in) > 0) {
-
-    if(in != CURL_INADDR_NONE)
       /* this is an IPv4 address */
-      addr = Curl_ip2addr(in, ftpportstr, 0);
+      addr = Curl_ip2addr(AF_INET, &in, ftpportstr, 0);
-    else {
+    }
-      if(Curl_if2ip(AF_INET, ftpportstr, myhost, sizeof(myhost))) {
+    /* otherwise check if the given string is an interface */
-        /* The interface to IP conversion provided a dotted address */
+    else if(Curl_if2ip(AF_INET, ftpportstr, myhost, sizeof(myhost))) {
-        in=inet_addr(myhost);
+      /* The interface to IP conversion provided a dotted address */
-        addr = Curl_ip2addr(in, myhost, 0);
+      if(Curl_inet_pton(AF_INET, myhost, &in) > 0)
-      }
+        addr = Curl_ip2addr(AF_INET, &in, myhost, 0);
-      else if(strlen(ftpportstr)> 1) {
+    }
-        /* might be a host name! */
+    else if(strlen(ftpportstr)> 1) {
-        struct Curl_dns_entry *h=NULL;
+      /* might be a host name! */
-        int rc = Curl_resolv(conn, ftpportstr, 0, &h);
+      struct Curl_dns_entry *h=NULL;
-        if(rc == CURLRESOLV_PENDING)
+      int rc = Curl_resolv(conn, ftpportstr, 0, &h);
-          /* BLOCKING */
+      if(rc == CURLRESOLV_PENDING)
-          rc = Curl_wait_for_resolv(conn, &h);
+        /* BLOCKING */
-        if(h) {
+        rc = Curl_wait_for_resolv(conn, &h);
-          addr = h->addr;
+      if(h) {
-          /* when we return from this function, we can forget about this entry
+        addr = h->addr;
-             so we can unlock it now already */
+        /* when we return from this function, we can forget about this entry
-          Curl_resolv_unlock(data, h);
+           so we can unlock it now already */
+        Curl_resolv_unlock(data, h);
 
-          freeaddr = FALSE; /* make sure we don't free 'addr' in this function
+        freeaddr = FALSE; /* make sure we don't free 'addr' in this function
-                               since it points to a DNS cache entry! */
+                             since it points to a DNS cache entry! */
-        } /* (h) */
+      } /* (h) */
-        else {
+      else {
-          infof(data, "Failed to resolve host name %s\n", ftpportstr);
+        infof(data, "Failed to resolve host name %s\n", ftpportstr);
-        }
+      }
-      } /* strlen */
+    } /* strlen */
-    } /* CURL_INADDR_NONE */
   } /* ftpportstr */
 
   if(!addr) {

lib/gtls.c

@@ -263,6 +263,11 @@ Curl_gtls_connect(struct connectdata *conn,
   struct in_addr addr;
 #endif
 
+  if(conn->ssl[sockindex].state == ssl_connection_complete)
+    /* to make us tolerant against being called more than once for the
+       same connection */
+    return CURLE_OK;
+
   if(!gtls_inited)
     _Curl_gtls_init();
 

lib/hostares.c

@@ -289,80 +289,6 @@ CURLcode Curl_wait_for_resolv(struct connectdata *conn,
   return rc;
 }
 
-#ifdef ENABLE_IPV6 /* CURLRES_IPV6 */
-
-struct namebuf6 {
-  struct hostent  hostentry;
-  struct in6_addr addrentry;
-  char *h_addr_list[2];
-};
-
-/*
- * Curl_ip2addr6() takes an ipv6 internet address as input parameter
- * together with a pointer to the string version of the address, and it
- * returns a Curl_addrinfo chain filled in correctly with information for this
- * address/host.
- *
- * The input parameters ARE NOT checked for validity but they are expected
- * to have been checked already when this is called.
- */
-Curl_addrinfo *Curl_ip2addr6(struct in6_addr *in,
-			     const char *hostname, int port)
-{
-  Curl_addrinfo *ai;
-
-#if defined(VMS) && \
-    defined(__INITIAL_POINTER_SIZE) && (__INITIAL_POINTER_SIZE == 64)
-#pragma pointer_size save
-#pragma pointer_size short
-#pragma message disable PTRMISMATCH
-#endif
-
-  struct hostent  *h;
-  struct in6_addr *addrentry;
-  struct namebuf6 *buf;
-  char  *hoststr;
-
-  DEBUGASSERT(in && hostname);
-
-  buf = malloc(sizeof(struct namebuf6));
-  if(!buf)
-    return NULL;
-
-  hoststr = strdup(hostname);
-  if(!hoststr) {
-    free(buf);
-    return NULL;
-  }
-
-  addrentry = &buf->addrentry;
-  memcpy(addrentry, in, sizeof(struct in6_addr));
-
-  h = &buf->hostentry;
-  h->h_name = hoststr;
-  h->h_aliases = NULL;
-  h->h_addrtype = AF_INET6;
-  h->h_length = sizeof(struct in6_addr);
-  h->h_addr_list = &buf->h_addr_list[0];
-  h->h_addr_list[0] = (char*)addrentry;
-  h->h_addr_list[1] = NULL; /* terminate list of entries */
-
-#if defined(VMS) && \
-    defined(__INITIAL_POINTER_SIZE) && (__INITIAL_POINTER_SIZE == 64)
-#pragma pointer_size restore
-#pragma message enable PTRMISMATCH
-#endif
-
-  ai = Curl_he2ai(h, port);
-
-  free(hoststr);
-  free(buf);
-
-  return ai;
-}
-#endif /* CURLRES_IPV6 */
-
-
 
 /*
  * Curl_getaddrinfo() - when using ares
@@ -379,22 +305,24 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
 {
   char *bufp;
   struct SessionHandle *data = conn->data;
-  in_addr_t in = inet_addr(hostname);
+  struct in_addr in;
   int family = PF_INET;
 #ifdef ENABLE_IPV6 /* CURLRES_IPV6 */
   struct in6_addr in6;
 #endif /* CURLRES_IPV6 */
   *waitp = FALSE;
 
-  if(in != CURL_INADDR_NONE) {
+  /* First check if this is an IPv4 address string */
+  if(Curl_inet_pton(AF_INET, hostname, &in) > 0) {
     /* This is a dotted IP address 123.123.123.123-style */
-    return Curl_ip2addr(in, hostname, port);
+    return Curl_ip2addr(AF_INET, &in, hostname, port);
   }
 
 #ifdef ENABLE_IPV6 /* CURLRES_IPV6 */
+  /* Otherwise, check if this is an IPv6 address string */
   if (Curl_inet_pton (AF_INET6, hostname, &in6) > 0) {
     /* This must be an IPv6 address literal.  */
-    return Curl_ip2addr6(&in6, hostname, port);
+    return Curl_ip2addr(AF_INET6, &in6, hostname, port);
   }
 
   switch(data->set.ip_version) {

lib/hostip.c

@@ -724,88 +724,3 @@ Curl_addrinfo *Curl_addrinfo_copy(const void *org, int port)
   return Curl_he2ai(orig, port);
 }
 #endif /* CURLRES_ADDRINFO_COPY */
-
-/***********************************************************************
- * Only for plain-ipv4 and c-ares builds (NOTE: c-ares builds can be IPv6
- * enabled)
- **********************************************************************/
-
-#if defined(CURLRES_IPV4) || defined(CURLRES_ARES)
-
-struct namebuf4 {
-  struct hostent hostentry;
-  struct in_addr addrentry;
-  char *h_addr_list[2];
-};
-
-/*
- * Curl_ip2addr() takes a 32bit ipv4 internet address as input parameter
- * together with a pointer to the string version of the address, and it
- * returns a Curl_addrinfo chain filled in correctly with information for this
- * address/host.
- *
- * The input parameters ARE NOT checked for validity but they are expected
- * to have been checked already when this is called.
- */
-Curl_addrinfo *Curl_ip2addr(in_addr_t num, const char *hostname, int port)
-{
-  Curl_addrinfo *ai;
-
-#if defined(VMS) && \
-    defined(__INITIAL_POINTER_SIZE) && (__INITIAL_POINTER_SIZE == 64)
-#pragma pointer_size save
-#pragma pointer_size short
-#pragma message disable PTRMISMATCH
-#endif
-
-  struct hostent  *h;
-  struct in_addr  *addrentry;
-  struct namebuf4 *buf;
-  char  *hoststr;
-
-  DEBUGASSERT(hostname);
-
-  buf = malloc(sizeof(struct namebuf4));
-  if(!buf)
-    return NULL;
-
-  hoststr = strdup(hostname);
-  if(!hoststr) {
-    free(buf);
-    return NULL;
-  }
-
-  addrentry = &buf->addrentry;
-#ifdef _CRAYC
-  /* On UNICOS, s_addr is a bit field and for some reason assigning to it
-   * doesn't work.  There must be a better fix than this ugly hack.
-   */
-  memcpy(addrentry, &num, SIZEOF_in_addr);
-#else
-  addrentry->s_addr = num;
-#endif
-
-  h = &buf->hostentry;
-  h->h_name = hoststr;
-  h->h_aliases = NULL;
-  h->h_addrtype = AF_INET;
-  h->h_length = sizeof(struct in_addr);
-  h->h_addr_list = &buf->h_addr_list[0];
-  h->h_addr_list[0] = (char*)addrentry;
-  h->h_addr_list[1] = NULL; /* terminate list of entries */
-
-#if defined(VMS) && \
-    defined(__INITIAL_POINTER_SIZE) && (__INITIAL_POINTER_SIZE == 64)
-#pragma pointer_size restore
-#pragma message enable PTRMISMATCH
-#endif
-
-  ai = Curl_he2ai(h, port);
-
-  free(hoststr);
-  free(buf);
-
-  return ai;
-}
-
-#endif /* CURLRES_IPV4 || CURLRES_ARES */

lib/hostip.h

@@ -104,11 +104,6 @@
 #define ares_destroy(x) do {} while(0)
 #endif
 
-#if defined(CURLRES_IPV6) && defined(CURLRES_ARES)
-Curl_addrinfo *Curl_ip2addr6(struct in6_addr *in,
-                             const char *hostname, int port);
-#endif
-
 struct addrinfo;
 struct hostent;
 struct SessionHandle;
@@ -224,10 +219,6 @@ CURLcode Curl_addrinfo6_callback(void *arg,
                                  Curl_addrinfo *ai);
 
 
-/* [ipv4/ares only] Creates a Curl_addrinfo struct from a numerical-only IP
-   address */
-Curl_addrinfo *Curl_ip2addr(in_addr_t num, const char *hostname, int port);
-
 /* Clone a Curl_addrinfo struct, works protocol independently */
 Curl_addrinfo *Curl_addrinfo_copy(const void *orig, int port);
 

lib/hostip4.c

@@ -118,20 +118,18 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
 #endif
   Curl_addrinfo *ai = NULL;
   struct hostent *h = NULL;
-  in_addr_t in;
+  struct in_addr in;
   struct hostent *buf = NULL;
 
 #ifdef CURL_DISABLE_VERBOSE_STRINGS
   (void)conn;
 #endif
 
-  (void)port; /* unused in IPv4 code */
-
   *waitp = 0; /* don't wait, we act synchronously */
 
-  if(1 == Curl_inet_pton(AF_INET, hostname, &in))
+  if(Curl_inet_pton(AF_INET, hostname, &in) > 0)
     /* This is a dotted IP address 123.123.123.123-style */
-    return Curl_ip2addr(in, hostname, port);
+    return Curl_ip2addr(AF_INET, &in, hostname, port);
 
 #if defined(HAVE_GETHOSTBYNAME_R)
   /*

lib/hostthre.c

@@ -70,6 +70,7 @@
 #include "strerror.h"
 #include "url.h"
 #include "multiif.h"
+#include "inet_pton.h"
 
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -665,14 +666,13 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
 {
   struct hostent *h = NULL;
   struct SessionHandle *data = conn->data;
-  in_addr_t in;
+  struct in_addr in;
 
   *waitp = 0; /* don't wait, we act synchronously */
 
-  in = inet_addr(hostname);
+  if(Curl_inet_pton(AF_INET, hostname, &in) > 0)
-  if(in != CURL_INADDR_NONE)
     /* This is a dotted IP address 123.123.123.123-style */
-    return Curl_ip2addr(in, hostname, port);
+    return Curl_ip2addr(AF_INET, &in, hostname, port);
 
   /* fire up a new resolver thread! */
   if(init_resolve_thread(conn, hostname, port, NULL)) {

lib/http.c

@@ -114,11 +114,13 @@
 static int http_getsock_do(struct connectdata *conn,
                            curl_socket_t *socks,
                            int numsocks);
-static CURLcode https_connecting(struct connectdata *conn, bool *done);
 #ifdef USE_SSL
+static CURLcode https_connecting(struct connectdata *conn, bool *done);
 static int https_getsock(struct connectdata *conn,
                          curl_socket_t *socks,
                          int numsocks);
+#else
+#define https_connecting(x,y) CURLE_COULDNT_CONNECT
 #endif
 
 /*
@@ -246,8 +248,8 @@ static CURLcode http_output_basic(struct connectdata *conn, bool proxy)
   char *authorization;
   struct SessionHandle *data=conn->data;
   char **userp;
-  char *user;
+  const char *user;
-  char *pwd;
+  const char *pwd;
 
   if(proxy) {
     userp = &conn->allocptr.proxyuserpwd;
@@ -493,6 +495,89 @@ CURLcode Curl_http_auth_act(struct connectdata *conn)
   return code;
 }
 
+
+/*
+ * Output the correct authentication header depending on the auth type
+ * and whether or not it is to a proxy.
+ */
+static CURLcode
+output_auth_headers(struct connectdata *conn,
+                    struct auth *authstatus,
+		    const char *request,
+		    const char *path,
+                    bool proxy)
+{
+  struct SessionHandle *data = conn->data;
+  const char *auth=NULL;
+  CURLcode result = CURLE_OK;
+
+#ifndef CURL_DISABLE_CRYPTO_AUTH
+  (void)request;
+  (void)path;
+#endif
+
+#ifdef HAVE_GSSAPI
+  if((authstatus->picked == CURLAUTH_GSSNEGOTIATE) &&
+     data->state.negotiate.context &&
+     !GSS_ERROR(data->state.negotiate.status)) {
+    auth="GSS-Negotiate";
+    result = Curl_output_negotiate(conn, proxy);
+    if(result)
+      return result;
+    authstatus->done = TRUE;
+  }
+  else
+#endif
+#ifdef USE_NTLM
+  if(authstatus->picked == CURLAUTH_NTLM) {
+    auth="NTLM";
+    result = Curl_output_ntlm(conn, proxy);
+    if(result)
+      return result;
+  }
+  else
+#endif
+#ifndef CURL_DISABLE_CRYPTO_AUTH
+  if(authstatus->picked == CURLAUTH_DIGEST) {
+    auth="Digest";
+    result = Curl_output_digest(conn,
+				proxy,
+				(const unsigned char *)request,
+				(const unsigned char *)path);
+    if(result)
+      return result;
+  }
+  else
+#endif
+  if(authstatus->picked == CURLAUTH_BASIC) {
+    /* Basic */
+    if((proxy && conn->bits.proxy_user_passwd &&
+       !checkheaders(data, "Proxy-authorization:")) ||
+       (!proxy && conn->bits.user_passwd &&
+       !checkheaders(data, "Authorization:"))) {
+      auth="Basic";
+      result = http_output_basic(conn, proxy);
+      if(result)
+	return result;
+    }
+    /* NOTE: this function should set 'done' TRUE, as the other auth
+       functions work that way */
+    authstatus->done = TRUE;
+  }
+
+  if(auth) {
+    infof(data, "%s auth using %s with user '%s'\n",
+	  proxy?"Proxy":"Server", auth,
+	  proxy?(conn->proxyuser?conn->proxyuser:""):
+	        (conn->user?conn->user:""));
+    authstatus->multi = (bool)(!authstatus->done);
+  }
+  else
+    authstatus->multi = FALSE;
+
+  return CURLE_OK;
+}
+
 /**
  * Curl_http_output_auth() setups the authentication headers for the
  * host/proxy and the correct authentication
@@ -516,7 +601,6 @@ http_output_auth(struct connectdata *conn,
 {
   CURLcode result = CURLE_OK;
   struct SessionHandle *data = conn->data;
-  const char *auth=NULL;
   struct auth *authhost;
   struct auth *authproxy;
 
@@ -550,66 +634,12 @@ http_output_auth(struct connectdata *conn,
   /* Send proxy authentication header if needed */
   if(conn->bits.httpproxy &&
       (conn->bits.tunnel_proxy == proxytunnel)) {
-#ifdef HAVE_GSSAPI
+    result = output_auth_headers(conn, authproxy, request, path, TRUE);
-    if((authproxy->picked == CURLAUTH_GSSNEGOTIATE) &&
+    if(result)
-       data->state.negotiate.context &&
+      return result;
-       !GSS_ERROR(data->state.negotiate.status)) {
+  }
-      auth="GSS-Negotiate";
-      result = Curl_output_negotiate(conn, TRUE);
-      if(result)
-        return result;
-      authproxy->done = TRUE;
-    }
-    else
-#endif
-#ifdef USE_NTLM
-    if(authproxy->picked == CURLAUTH_NTLM) {
-      auth="NTLM";
-      result = Curl_output_ntlm(conn, TRUE);
-      if(result)
-        return result;
-    }
-    else
-#endif
-      if(authproxy->picked == CURLAUTH_BASIC) {
-        /* Basic */
-        if(conn->bits.proxy_user_passwd &&
-           !checkheaders(data, "Proxy-authorization:")) {
-          auth="Basic";
-          result = http_output_basic(conn, TRUE);
-          if(result)
-            return result;
-        }
-        /* NOTE: http_output_basic() should set 'done' TRUE, as the other auth
-           functions work that way */
-        authproxy->done = TRUE;
-      }
-#ifndef CURL_DISABLE_CRYPTO_AUTH
-      else if(authproxy->picked == CURLAUTH_DIGEST) {
-        auth="Digest";
-        result = Curl_output_digest(conn,
-                                    TRUE, /* proxy */
-                                    (const unsigned char *)request,
-                                    (const unsigned char *)path);
-        if(result)
-          return result;
-      }
-#else
-      (void)request;
-      (void)path;
-#endif
-      if(auth) {
-        infof(data, "Proxy auth using %s with user '%s'\n",
-              auth, conn->proxyuser?conn->proxyuser:"");
-        authproxy->multi = (bool)(!authproxy->done);
-      }
-      else
-        authproxy->multi = FALSE;
-    }
   else
 #else
-  (void)request;
-  (void)path;
   (void)proxytunnel;
 #endif /* CURL_DISABLE_PROXY */
     /* we have no proxy so let's pretend we're done authenticating
@@ -621,66 +651,9 @@ http_output_auth(struct connectdata *conn,
   if(!data->state.this_is_a_follow ||
      conn->bits.netrc ||
      !data->state.first_host ||
-     Curl_raw_equal(data->state.first_host, conn->host.name) ||
+     data->set.http_disable_hostname_check_before_authentication ||
-     data->set.http_disable_hostname_check_before_authentication) {
+     Curl_raw_equal(data->state.first_host, conn->host.name)) {
-
+    result = output_auth_headers(conn, authhost, request, path, FALSE);
-    /* Send web authentication header if needed */
-    {
-      auth = NULL;
-#ifdef HAVE_GSSAPI
-      if((authhost->picked == CURLAUTH_GSSNEGOTIATE) &&
-         data->state.negotiate.context &&
-         !GSS_ERROR(data->state.negotiate.status)) {
-        auth="GSS-Negotiate";
-        result = Curl_output_negotiate(conn, FALSE);
-        if(result)
-          return result;
-        authhost->done = TRUE;
-      }
-      else
-#endif
-#ifdef USE_NTLM
-      if(authhost->picked == CURLAUTH_NTLM) {
-        auth="NTLM";
-        result = Curl_output_ntlm(conn, FALSE);
-        if(result)
-          return result;
-      }
-      else
-#endif
-      {
-#ifndef CURL_DISABLE_CRYPTO_AUTH
-        if(authhost->picked == CURLAUTH_DIGEST) {
-          auth="Digest";
-          result = Curl_output_digest(conn,
-                                      FALSE, /* not a proxy */
-                                      (const unsigned char *)request,
-                                      (const unsigned char *)path);
-          if(result)
-            return result;
-        } else
-#endif
-        if(authhost->picked == CURLAUTH_BASIC) {
-          if(conn->bits.user_passwd &&
-             !checkheaders(data, "Authorization:")) {
-            auth="Basic";
-            result = http_output_basic(conn, FALSE);
-            if(result)
-              return result;
-          }
-          /* basic is always ready */
-          authhost->done = TRUE;
-        }
-      }
-      if(auth) {
-        infof(data, "Server auth using %s with user '%s'\n",
-              auth, conn->user);
-
-        authhost->multi = (bool)(!authhost->done);
-      }
-      else
-        authhost->multi = FALSE;
-    }
   }
   else
     authhost->done = TRUE;
@@ -1822,18 +1795,12 @@ static int http_getsock_do(struct connectdata *conn,
   return GETSOCK_WRITESOCK(0);
 }
 
+#ifdef USE_SSL
 static CURLcode https_connecting(struct connectdata *conn, bool *done)
 {
   CURLcode result;
   DEBUGASSERT((conn) && (conn->protocol & PROT_HTTPS));
 
-  if(conn->ssl[FIRSTSOCKET].use) {
-    /* in some circumstances, this already has SSL enabled and then we don't
-       need to connect SSL again */
-    *done = TRUE;
-    return CURLE_OK;
-  }
-
   /* perform SSL initialization for this socket */
   result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, done);
   if(result)
@@ -1841,6 +1808,7 @@ static CURLcode https_connecting(struct connectdata *conn, bool *done)
                                 to prevent (bad) re-use or similar */
   return result;
 }
+#endif
 
 #ifdef USE_SSLEAY
 /* This function is OpenSSL-specific. It should be made to query the generic

lib/if2ip.c

@@ -78,7 +78,8 @@ char *Curl_if2ip(int af, const char *interface, char *buf, int buf_size)
 
   if (getifaddrs(&head) >= 0) {
     for (iface=head; iface != NULL; iface=iface->ifa_next) {
-      if ((iface->ifa_addr->sa_family == af) &&
+      if ((iface->ifa_addr != NULL) &&
+          (iface->ifa_addr->sa_family == af) &&
           curl_strequal(iface->ifa_name, interface)) {
         void *addr;
         char scope[12]="";

lib/libcurl.framework.make

@@ -48,6 +48,7 @@ OBJECTS = $(TMP_DIR)/base64.o \
 	$(TMP_DIR)/connect.o \
 	$(TMP_DIR)/content_encoding.o \
 	$(TMP_DIR)/cookie.o \
+	$(TMP_DIR)/curl_addrinfo.o \
 	$(TMP_DIR)/dict.o \
 	$(TMP_DIR)/easy.o \
 	$(TMP_DIR)/escape.o \

lib/makefile.amiga

@@ -17,7 +17,7 @@ OBJS = amigaos.c base64.c connect.c content_encoding.c cookie.c dict.c easy.c \
 	ldap.c llist.c md5.c memdebug.c mprintf.c multi.c netrc.c parsedate.c \
 	progress.c security.c select.c sendf.c share.c speedcheck.c ssluse.c  \
 	strequal.c strtok.c telnet.c timeval.c transfer.c url.c version.c \
-	sslgen.c gtls.c strerror.c rawstr.c
+	sslgen.c gtls.c strerror.c rawstr.c curl_addrinfo.c
 
 all:	$(OBJS:.c=.o)
 	ar cru libcurl.a $(OBJS:.c=.o)

lib/sendf.c

@@ -425,7 +425,7 @@ static CURLcode pausewrite(struct SessionHandle *data,
 }
 
 
-/* client_write() sends data to the write callback(s)
+/* Curl_client_write() sends data to the write callback(s)
 
    The bit pattern defines to what "streams" to write to. Body and/or header.
    The defines are in sendf.h of course.
@@ -442,6 +442,9 @@ CURLcode Curl_client_write(struct connectdata *conn,
   struct SessionHandle *data = conn->data;
   size_t wrote;
 
+  if(0 == len)
+    len = strlen(ptr);
+
   /* If reading is actually paused, we're forced to append this chunk of data
      to the already held data, but only if it is the same type as otherwise it
      can't work and it'll return error instead. */
@@ -469,9 +472,6 @@ CURLcode Curl_client_write(struct connectdata *conn,
     return CURLE_OK;
   }
 
-  if(0 == len)
-    len = strlen(ptr);
-
   if(type & CLIENTWRITE_BODY) {
     if((conn->protocol&PROT_FTP) && conn->proto.ftpc.transfertype == 'A') {
 #ifdef CURL_DOES_CONVERSIONS

lib/sslgen.h

@@ -79,7 +79,6 @@ CURLcode Curl_ssl_addsessionid(struct connectdata *conn,
 #define Curl_ssl_init() 1
 #define Curl_ssl_cleanup() do { } while (0)
 #define Curl_ssl_connect(x,y) CURLE_FAILED_INIT
-#define Curl_ssl_connect_nonblocking(x,y,z) (z=z, CURLE_FAILED_INIT)
 #define Curl_ssl_close_all(x)
 #define Curl_ssl_close(x,y)
 #define Curl_ssl_shutdown(x,y) CURLE_FAILED_INIT

lib/url.c

@@ -1487,17 +1487,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
     break;
   case CURLOPT_MAX_SEND_SPEED_LARGE:
     /*
-     * The max speed limit that sends transfer more than
+     * When transfer uploads are faster then CURLOPT_MAX_SEND_SPEED_LARGE
-     * CURLOPT_MAX_SEND_PER_SECOND bytes per second the transfer is
+     * bytes per second the transfer is throttled..
-     * throttled..
      */
     data->set.max_send_speed=va_arg(param, curl_off_t);
     break;
   case CURLOPT_MAX_RECV_SPEED_LARGE:
     /*
-     * The max speed limit that sends transfer more than
+     * When receiving data faster than CURLOPT_MAX_RECV_SPEED_LARGE bytes per
-     * CURLOPT_MAX_RECV_PER_SECOND bytes per second the transfer is
+     * second the transfer is throttled..
-     * throttled..
      */
     data->set.max_recv_speed=va_arg(param, curl_off_t);
     break;

m4/curl-functions.m4

@@ -22,7 +22,7 @@
 #***************************************************************************
 
 # File version for 'aclocal' use. Keep it a single number.
-# serial 33
+# serial 34
 
 
 dnl CURL_INCLUDES_ARPA_INET
@@ -52,6 +52,33 @@ curl_includes_arpa_inet="\
 ])
 
 
+dnl CURL_INCLUDES_IFADDRS
+dnl -------------------------------------------------
+dnl Set up variable with list of headers that must be
+dnl included when ifaddrs.h is to be included.
+
+AC_DEFUN([CURL_INCLUDES_IFADDRS], [
+curl_includes_ifaddrs="\
+/* includes start */
+#ifdef HAVE_SYS_TYPES_H
+#  include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#  include <sys/socket.h>
+#endif
+#ifdef HAVE_NETINET_IN_H
+#  include <netinet/in.h>
+#endif
+#ifdef HAVE_IFADDRS_H
+#  include <ifaddrs.h>
+#endif
+/* includes end */"
+  AC_CHECK_HEADERS(
+    sys/types.h sys/socket.h netinet/in.h ifaddrs.h,
+    [], [], [$curl_includes_ifaddrs])
+])
+
+
 dnl CURL_INCLUDES_NETDB
 dnl -------------------------------------------------
 dnl Set up variable with list of headers that must be
@@ -594,6 +621,90 @@ AC_DEFUN([CURL_CHECK_FUNC_FREEADDRINFO], [
 ])
 
 
+dnl CURL_CHECK_FUNC_FREEIFADDRS
+dnl -------------------------------------------------
+dnl Verify if freeifaddrs is available, prototyped, and
+dnl can be compiled. If all of these are true, and
+dnl usage has not been previously disallowed with
+dnl shell variable curl_disallow_freeifaddrs, then
+dnl HAVE_FREEIFADDRS will be defined.
+
+AC_DEFUN([CURL_CHECK_FUNC_FREEIFADDRS], [
+  AC_REQUIRE([CURL_INCLUDES_IFADDRS])dnl
+  #
+  tst_links_freeifaddrs="unknown"
+  tst_proto_freeifaddrs="unknown"
+  tst_compi_freeifaddrs="unknown"
+  tst_allow_freeifaddrs="unknown"
+  #
+  AC_MSG_CHECKING([if freeifaddrs can be linked])
+  AC_LINK_IFELSE([
+    AC_LANG_FUNC_LINK_TRY([freeifaddrs])
+  ],[
+    AC_MSG_RESULT([yes])
+    tst_links_freeifaddrs="yes"
+  ],[
+    AC_MSG_RESULT([no])
+    tst_links_freeifaddrs="no"
+  ])
+  #
+  if test "$tst_links_freeifaddrs" = "yes"; then
+    AC_MSG_CHECKING([if freeifaddrs is prototyped])
+    AC_EGREP_CPP([freeifaddrs],[
+      $curl_includes_ifaddrs
+    ],[
+      AC_MSG_RESULT([yes])
+      tst_proto_freeifaddrs="yes"
+    ],[
+      AC_MSG_RESULT([no])
+      tst_proto_freeifaddrs="no"
+    ])
+  fi
+  #
+  if test "$tst_proto_freeifaddrs" = "yes"; then
+    AC_MSG_CHECKING([if freeifaddrs is compilable])
+    AC_COMPILE_IFELSE([
+      AC_LANG_PROGRAM([[
+        $curl_includes_ifaddrs
+      ]],[[
+        freeifaddrs(0);
+      ]])
+    ],[
+      AC_MSG_RESULT([yes])
+      tst_compi_freeifaddrs="yes"
+    ],[
+      AC_MSG_RESULT([no])
+      tst_compi_freeifaddrs="no"
+    ])
+  fi
+  #
+  if test "$tst_compi_freeifaddrs" = "yes"; then
+    AC_MSG_CHECKING([if freeifaddrs usage allowed])
+    if test "x$curl_disallow_freeifaddrs" != "xyes"; then
+      AC_MSG_RESULT([yes])
+      tst_allow_freeifaddrs="yes"
+    else
+      AC_MSG_RESULT([no])
+      tst_allow_freeifaddrs="no"
+    fi
+  fi
+  #
+  AC_MSG_CHECKING([if freeifaddrs might be used])
+  if test "$tst_links_freeifaddrs" = "yes" &&
+     test "$tst_proto_freeifaddrs" = "yes" &&
+     test "$tst_compi_freeifaddrs" = "yes" &&
+     test "$tst_allow_freeifaddrs" = "yes"; then
+    AC_MSG_RESULT([yes])
+    AC_DEFINE_UNQUOTED(HAVE_FREEIFADDRS, 1,
+      [Define to 1 if you have the freeifaddrs function.])
+    ac_cv_func_freeifaddrs="yes"
+  else
+    AC_MSG_RESULT([no])
+    ac_cv_func_freeifaddrs="no"
+  fi
+])
+
+
 dnl CURL_CHECK_FUNC_FTRUNCATE
 dnl -------------------------------------------------
 dnl Verify if ftruncate is available, prototyped, and
@@ -1193,6 +1304,120 @@ AC_DEFUN([CURL_CHECK_FUNC_GETHOSTNAME], [
 ])
 
 
+dnl CURL_CHECK_FUNC_GETIFADDRS
+dnl -------------------------------------------------
+dnl Verify if getifaddrs is available, prototyped, can
+dnl be compiled and seems to work. If all of these are
+dnl true, and usage has not been previously disallowed
+dnl with shell variable curl_disallow_getifaddrs, then
+dnl HAVE_GETIFADDRS will be defined.
+
+AC_DEFUN([CURL_CHECK_FUNC_GETIFADDRS], [
+  AC_REQUIRE([CURL_INCLUDES_IFADDRS])dnl
+  #
+  tst_links_getifaddrs="unknown"
+  tst_proto_getifaddrs="unknown"
+  tst_compi_getifaddrs="unknown"
+  tst_works_getifaddrs="unknown"
+  tst_allow_getifaddrs="unknown"
+  #
+  AC_MSG_CHECKING([if getifaddrs can be linked])
+  AC_LINK_IFELSE([
+    AC_LANG_FUNC_LINK_TRY([getifaddrs])
+  ],[
+    AC_MSG_RESULT([yes])
+    tst_links_getifaddrs="yes"
+  ],[
+    AC_MSG_RESULT([no])
+    tst_links_getifaddrs="no"
+  ])
+  #
+  if test "$tst_links_getifaddrs" = "yes"; then
+    AC_MSG_CHECKING([if getifaddrs is prototyped])
+    AC_EGREP_CPP([getifaddrs],[
+      $curl_includes_ifaddrs
+    ],[
+      AC_MSG_RESULT([yes])
+      tst_proto_getifaddrs="yes"
+    ],[
+      AC_MSG_RESULT([no])
+      tst_proto_getifaddrs="no"
+    ])
+  fi
+  #
+  if test "$tst_proto_getifaddrs" = "yes"; then
+    AC_MSG_CHECKING([if getifaddrs is compilable])
+    AC_COMPILE_IFELSE([
+      AC_LANG_PROGRAM([[
+        $curl_includes_ifaddrs
+      ]],[[
+        if(0 != getifaddrs(0))
+          return 1;
+      ]])
+    ],[
+      AC_MSG_RESULT([yes])
+      tst_compi_getifaddrs="yes"
+    ],[
+      AC_MSG_RESULT([no])
+      tst_compi_getifaddrs="no"
+    ])
+  fi
+  #
+  dnl only do runtime verification when not cross-compiling
+  if test "x$cross_compiling" != "xyes" &&
+    test "$tst_compi_getifaddrs" = "yes"; then
+    AC_MSG_CHECKING([if getifaddrs seems to work])
+    AC_RUN_IFELSE([
+      AC_LANG_PROGRAM([[
+        $curl_includes_ifaddrs
+      ]],[[
+        struct ifaddrs *ifa = 0;
+        int error;
+
+        error = getifaddrs(&ifa);
+        if(error || !ifa)
+          exit(1); /* fail */
+        else
+          exit(0);
+      ]])
+    ],[
+      AC_MSG_RESULT([yes])
+      tst_works_getifaddrs="yes"
+    ],[
+      AC_MSG_RESULT([no])
+      tst_works_getifaddrs="no"
+    ])
+  fi
+  #
+  if test "$tst_compi_getifaddrs" = "yes" &&
+    test "$tst_works_getifaddrs" != "no"; then
+    AC_MSG_CHECKING([if getifaddrs usage allowed])
+    if test "x$curl_disallow_getifaddrs" != "xyes"; then
+      AC_MSG_RESULT([yes])
+      tst_allow_getifaddrs="yes"
+    else
+      AC_MSG_RESULT([no])
+      tst_allow_getifaddrs="no"
+    fi
+  fi
+  #
+  AC_MSG_CHECKING([if getifaddrs might be used])
+  if test "$tst_links_getifaddrs" = "yes" &&
+     test "$tst_proto_getifaddrs" = "yes" &&
+     test "$tst_compi_getifaddrs" = "yes" &&
+     test "$tst_allow_getifaddrs" = "yes" &&
+     test "$tst_works_getifaddrs" != "no"; then
+    AC_MSG_RESULT([yes])
+    AC_DEFINE_UNQUOTED(HAVE_GETIFADDRS, 1,
+      [Define to 1 if you have a working getifaddrs function.])
+    ac_cv_func_getifaddrs="yes"
+  else
+    AC_MSG_RESULT([no])
+    ac_cv_func_getifaddrs="no"
+  fi
+])
+
+
 dnl CURL_CHECK_FUNC_GETSERVBYPORT_R
 dnl -------------------------------------------------
 dnl Verify if getservbyport_r is available, prototyped,

packages/Symbian/group/libcurl.mmp

@@ -30,7 +30,7 @@ SOURCE \
   http_negotiate.c http_ntlm.c inet_pton.c strtoofft.c strerror.c   \
   hostares.c hostasyn.c hostip4.c hostip6.c hostsyn.c hostthre.c    \
   inet_ntop.c parsedate.c select.c gtls.c sslgen.c tftp.c splay.c   \
-  strdup.c socks.c ssh.c nss.c qssl.c rawstr.c
+  strdup.c socks.c ssh.c nss.c qssl.c rawstr.c curl_addrinfo.c
 
 USERINCLUDE   ../../../lib ../../../include/curl
 

src/Makefile.m32

@@ -5,7 +5,7 @@
 ## and optionally OpenSSL (0.9.8), libssh2 (0.18), zlib (1.2.3)
 ##
 ## Usage:
-## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [SSPI=1] [IPV6=1] [DYN=1]
+## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [IDN=1] [SSPI=1] [IPV6=1] [LDAPS=1] [DYN=1]
 ##
 ## Hint: you can also set environment vars to control the build, f.e.:
 ## set ZLIB_PATH=c:/zlib-1.2.3
@@ -21,12 +21,16 @@ ZLIB_PATH = ../../zlib-1.2.3
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8g
+OPENSSL_PATH = ../../openssl-0.9.8i
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
 LIBSSH2_PATH = ../../libssh2-0.18
 endif
+# Edit the path below to point to the base of your libidn package.
+ifndef LIBIDN_PATH
+LIBIDN_PATH = ../../libidn-1.11
+endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
 LDAP_SDK = c:/novell/ndk/cldapsdk/win32
@@ -82,6 +86,11 @@ ifdef ZLIB
   CFLAGS += -DHAVE_LIBZ -DHAVE_ZLIB_H
   curl_LDADD += -L$(ZLIB_PATH) -lz
 endif
+ifdef IDN
+  INCLUDES += -I"$(LIBIDN_PATH)/include"
+  CFLAGS += -DUSE_LIBIDN
+  curl_LDADD += -L$(LIBIDN_PATH)/lib -lidn
+endif
 ifdef SSPI
   CFLAGS += -DUSE_WINDOWS_SSPI
 endif

src/Makefile.netware

@@ -20,7 +20,7 @@ endif
 
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8h
+OPENSSL_PATH = ../../openssl-0.9.8i
 endif
 
 # Edit the path below to point to the base of your LibSSH2 package.
@@ -28,6 +28,11 @@ ifndef LIBSSH2_PATH
 LIBSSH2_PATH = ../../libssh2-0.18
 endif
 
+# Edit the path below to point to the base of your libidn package.
+ifndef LIBIDN_PATH
+LIBIDN_PATH = ../../libidn-1.11
+endif
+
 ifndef INSTDIR
 INSTDIR	= ..$(DS)curl-$(LIBCURL_VERSION_STR)-bin-nw
 endif
@@ -181,6 +186,10 @@ else
 	IMPORTS += @$(ZLIB_PATH)/nw/$(LIBARCH)/libz.imp
 endif
 endif
+ifdef WITH_IDN
+	# INCLUDES += -I$(LIBIDN_PATH)/include
+	LDLIBS += $(LIBIDN_PATH)/lib/libidn.$(LIBEXT)
+endif
 
 ifeq ($(LIBARCH),LIBC)
 	INCLUDES += -I$(SDK_LIBC)/include
@@ -524,6 +533,10 @@ endif
 ifdef WITH_SSH2
 	@echo $(DL)#define USE_LIBSSH2 1$(DL) >> $@
 	@echo $(DL)#define HAVE_LIBSSH2_H 1$(DL) >> $@
+endif
+ifdef WITH_IDN
+	@echo $(DL)#define HAVE_LIBIDN 1$(DL) >> $@
+	@echo $(DL)#define HAVE_TLD_H 1$(DL) >> $@
 endif
 	@echo $(DL)#ifdef __GNUC__$(DL) >> $@
 	@echo $(DL)#define HAVE_VARIADIC_MACROS_GCC 1$(DL) >> $@

tests/data/Makefile.am

@@ -59,7 +59,7 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46	   \
  test1064 test1065 test1066 test1067 test1068 test1069 test1070 test1071   \
  test1072 test1073 test1074 test1075 test1076 test1077 test1078 test1079   \
  test1080 test1081 test1082 test1083 test1084 test1085 test633 test634     \
- test635 test636 test637 test558 test559
+ test635 test636 test637 test558 test559 test1086
 
 filecheck:
 	@mkdir test-place; \

tests/data/test1086

@@ -0,0 +1,83 @@
+<testcase>
+<info>
+<keywords>
+FTP
+EPSV
+RETR
+timeout
+FAILURE
+</keywords>
+</info>
+
+# Server-side
+<reply>
+# Overload some standard FTP responses to make them shorter and faster
+# to avoid wasting time waiting for the data phase to start
+<servercmd>
+SLOWDOWN
+REPLY USER 331 OK
+REPLY PASS 230 OK
+REPLY PWD 257 "/"
+REPLY TYPE 200 OK
+</servercmd>
+<data nocheck="yes">
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+Long chunk of data that couldn't possibly be sent in the time allotted.
+</data>
+</reply>
+
+# Client-side
+<client>
+<server>
+ftp
+</server>
+<killserver>
+ftp
+</killserver>
+ <name>
+FTP download with strict timeout and slow data transfer
+ </name>
+ <command timeout="1">
+ftp://%HOSTIP:%FTPPORT/1086 -m 6
+</command>
+</client>
+
+# Verify data after the test has been "shot"
+<verify>
+# 28 is CURLE_OPERATION_TIMEDOUT
+<errorcode>
+28
+</errorcode>
+<protocol>
+USER anonymous
+PASS ftp@example.com
+PWD
+EPSV
+TYPE I
+SIZE 1086
+RETR 1086
+</protocol>
+</verify>
+</testcase>

tests/data/test500

@@ -1,4 +1,10 @@
 <testcase>
+<info>
+<keywords>
+HTTP
+HTTP GET
+</keywords>
+</info>
 #
 # Server-side
 <reply name="1">

tests/data/test501

@@ -1,4 +1,9 @@
 <testcase>
+<info>
+<keywords>
+missing URL
+</keywords>
+</info>
 #
 # Server-side
 <reply name="1">

tests/data/test502

@@ -1,4 +1,9 @@
 <testcase>
+<info>
+<keywords>
+FILE
+</keywords>
+</info>
 #
 # Server-side
 <reply>

tests/data/test560

@@ -0,0 +1,56 @@
+<testcase>
+<info>
+<keywords>
+HTTPS
+HTTP GET
+multi
+</keywords>
+</info>
+
+#
+# Server-side
+<reply>
+<data>
+HTTP/1.1 200 OK
+Date: Thu, 09 Nov 2010 14:49:00 GMT
+Server: test-server/fake
+Content-Length: 7
+
+MooMoo
+</data>
+</reply>
+
+#
+# Client-side
+<client>
+<features>
+SSL
+</features>
+<server>
+https
+</server>
+<tool>
+lib560
+</tool>
+ <name>
+simple HTTPS GET with multi interface
+ </name>
+ <command>
+https://%HOSTIP:%HTTPSPORT/560
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+^User-Agent:.*
+</strip>
+<protocol>
+GET /560 HTTP/1.1
+Host: %HOSTIP:%HTTPSPORT
+Accept: */*
+
+</protocol>
+</verify>
+</testcase>

tests/ftpserver.pl

@@ -207,6 +207,15 @@ sub sockfilt {
 }
 
 
+sub sockfiltsecondary {
+    my $l;
+    foreach $l (@_) {
+        printf DWRITE "DATA\n%04x\n", length($l);
+        print DWRITE $l;
+    }
+}
+
+
 # Send data to the client on the control stream, which happens to be plain
 # stdout.
 
@@ -237,8 +246,17 @@ sub sendcontrol {
 sub senddata {
     my $l;
     foreach $l (@_) {
-        printf DWRITE "DATA\n%04x\n", length($l);
+      if(!$controldelay) {
-        print DWRITE $l;
+        # spit it all out at once
+        sockfiltsecondary $l;
+      }
+      else {
+          # pause between each byte
+          for (split(//,$l)) {
+              sockfiltsecondary $_;
+              select(undef, undef, undef, 0.01);
+          }
+      }
     }
 }
 

tests/libtest/Makefile.am

@@ -53,7 +53,7 @@ noinst_PROGRAMS = lib500 lib501 lib502 lib503 lib504 lib505 lib506	\
   lib517 lib518 lib519 lib520 lib521 lib523 lib524 lib525 lib526 lib527	\
   lib529 lib530 lib532 lib533 lib536 lib537 lib540 lib541 lib542 lib543 \
   lib544 lib545 lib547 lib548 lib549 lib552 lib553 lib554 lib555 lib556 \
-  lib539 lib557 lib558 lib559
+  lib539 lib557 lib558 lib559 lib560
 
 # Dependencies (may need to be overriden)
 LDADD = $(LIBDIR)/libcurl.la
@@ -168,3 +168,5 @@ lib558_CFLAGS = -DLIB558
 
 lib559_SOURCES = lib558.c $(SUPPORTFILES)
 lib559_CFLAGS = -DLIB559
+
+lib560_SOURCES = lib560.c $(SUPPORTFILES)

tests/libtest/lib558.c

@@ -163,7 +163,7 @@ cleanup:
 
   curl_global_cleanup();
 
-  return 0; /* OK */
+  return result;
 }
 
 

tests/libtest/lib560.c

@@ -0,0 +1,98 @@
+/*****************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * $Id$
+ *
+ */
+#include "test.h"
+
+/*
+ * Simply download a HTTPS file!
+ *
+ * This test was added after the HTTPS-using-multi-interface with OpenSSL
+ * regression of 7.19.1 to hopefully prevent this embarassing mistake from
+ * appearing again... Unfortunately the bug wasn't triggered by this test,
+ * which presumably is because the connect to a local server is too
+ * fast/different compared to the real/distant servers we saw the bug happen
+ * with.
+ */
+int test(char *URL)
+{
+  CURL *http_handle;
+  CURLM *multi_handle;
+
+  int still_running; /* keep number of running handles */
+
+  http_handle = curl_easy_init();
+  if (!http_handle)
+    return TEST_ERR_MAJOR_BAD;
+
+  /* set options */
+  curl_easy_setopt(http_handle, CURLOPT_URL, URL);
+  curl_easy_setopt(http_handle, CURLOPT_HEADER, 1L);
+  curl_easy_setopt(http_handle, CURLOPT_SSL_VERIFYPEER, 0L);
+  curl_easy_setopt(http_handle, CURLOPT_SSL_VERIFYHOST, 0L);
+
+  /* init a multi stack */
+  multi_handle = curl_multi_init();
+  if (!multi_handle) {
+    curl_easy_cleanup(http_handle);
+    return TEST_ERR_MAJOR_BAD;
+  }
+
+  /* add the individual transfers */
+  curl_multi_add_handle(multi_handle, http_handle);
+
+  /* we start some action by calling perform right away */
+  while(CURLM_CALL_MULTI_PERFORM ==
+        curl_multi_perform(multi_handle, &still_running));
+
+  while(still_running) {
+    struct timeval timeout;
+    int rc; /* select() return code */
+
+    fd_set fdread;
+    fd_set fdwrite;
+    fd_set fdexcep;
+    int maxfd;
+
+    FD_ZERO(&fdread);
+    FD_ZERO(&fdwrite);
+    FD_ZERO(&fdexcep);
+
+    /* set a suitable timeout to play around with */
+    timeout.tv_sec = 1;
+    timeout.tv_usec = 0;
+
+    /* get file descriptors from the transfers */
+    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);
+
+    /* In a real-world program you OF COURSE check the return code of the
+       function calls, *and* you make sure that maxfd is bigger than -1 so
+       that the call to select() below makes sense! */
+
+    rc = select(maxfd+1, &fdread, &fdwrite, &fdexcep, &timeout);
+
+    switch(rc) {
+    case -1:
+      /* select error */
+      break;
+    case 0:
+    default:
+      /* timeout or readable/writable sockets */
+      while(CURLM_CALL_MULTI_PERFORM ==
+            curl_multi_perform(multi_handle, &still_running));
+      break;
+    }
+  }
+
+  curl_multi_cleanup(multi_handle);
+
+  curl_easy_cleanup(http_handle);
+
+  return 0;
+}