RELEASE-NOTES: synced with ecd624b8e7

CMake: Build fix.
Do not match the trailing '\n' in the regular expression as this would make us dump a ) parenthesis on a new line. This fixes the following error: would get transformed into: ) Bug: http://curl.haxx.se/mail/lib-2010-10/0065.html Reported by: Dimitre Dimitrov
2010-10-12 23:30:35 +02:00 · 2010-10-12 23:25:51 +02:00 · 2010-10-12 22:56:21 +02:00 · 2010-10-12 12:13:32 -07:00 · 2010-10-12 11:22:18 -07:00 · 2010-10-12 15:31:41 +02:00
215 changed files with 9096 additions and 5768 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -40,3 +40,4 @@ tags
 TAGS
 *~
 aclocal.m4.bak
+CHANGES.dist
--- a/Android.mk
+++ b/Android.mk
@@ -12,29 +12,37 @@
 # shown. Now, from the external/curl/ directory, run curl's normal configure
 # command with flags that match what Android itself uses. This will mean
 # putting the compiler directory into the PATH, putting the -I, -isystem and
-# -D options into CPPFLAGS, putting the -m, -f, -O and -nostdlib options into
-# CFLAGS, and putting the -Wl, -L and -l options into LIBS, along with the path
-# to the files libgcc.a, crtbegin_dynamic.o, and ccrtend_android.o. Remember
-# that the paths must be absolute since you will not be running configure from
-# the same directory as the Android make.  The normal cross-compiler options
-# must also be set.
+# -D options into CPPFLAGS, putting the -W, -m, -f, -O and -nostdlib options
+# into CFLAGS, and putting the -Wl, -L and -l options into LIBS, along with the
+# path to the files libgcc.a, crtbegin_dynamic.o, and ccrtend_android.o.
+# Remember that the paths must be absolute since you will not be running
+# configure from the same directory as the Android make.  The normal
+# cross-compiler options must also be set. Note that the -c, -o, -MD and
+# similar flags must not be set.
+#
+# To see all the LIBS options, you'll need to do the "showcommands" trick on an
+# executable that's already buildable and watch what flags Android uses to link
+# it (dhcpcd is a good choice to watch). You'll also want to add -L options to
+# LIBS that point to the out/.../obj/lib/ and out/.../obj/system/lib/
+# directories so that additional libraries can be found and used by curl.
 #
 # The end result will be a configure command that looks something like this
-# (the environment variable A is set to the Android root path):
+# (the environment variable A is set to the Android root path which makes the
+# command shorter):
 #
 #  A=`realpath ../..` && \
 #  PATH="$A/prebuilt/linux-x86/toolchain/arm-eabi-X/bin:$PATH" \
 #  ./configure --host=arm-linux CC=arm-eabi-gcc \
 #  CPPFLAGS="-I $A/system/core/include ..." \
 #  CFLAGS="-nostdlib -fno-exceptions -Wno-multichar ..." \
-#  LIB="$A/prebuilt/linux-x86/toolchain/arm-eabi-X/lib/gcc/arm-eabi/X\
-#  /interwork/libgcc.a ..." \
+#  LIBS="$A/prebuilt/linux-x86/toolchain/arm-eabi-X/lib/gcc/arm-eabi/X\
+#  /interwork/libgcc.a ..."
 #
 # Finally, copy the file COPYING to NOTICE so that the curl license gets put
-# into the right place (see the note about this below).
+# into the right place (but see the note about this below).
 #
 # Dan Fandrich
-# May 2010
+# August 2010

 LOCAL_PATH:= $(call my-dir)

@@ -82,7 +90,7 @@ include $(BUILD_STATIC_LIBRARY)

 include $(CLEAR_VARS)
 include $(LOCAL_PATH)/src/Makefile.inc
-LOCAL_SRC_FILES := $(addprefix src/,$(CURL_SOURCES))
+LOCAL_SRC_FILES := $(addprefix src/,$(CURL_CFILES))

 LOCAL_MODULE := curl
 LOCAL_STATIC_LIBRARIES := libcurl
@@ -90,8 +98,8 @@ LOCAL_SYSTEM_SHARED_LIBRARIES := libc

 LOCAL_C_INCLUDES += $(LOCAL_PATH)/include $(LOCAL_PATH)/lib

-# This will also need to include $(CURLX_ONES) in order to correctly link
-# against a dynamic library
+# This may also need to include $(CURLX_ONES) in order to correctly link
+# if libcurl is changed to be built as a dynamic library
 LOCAL_CFLAGS += $(common_CFLAGS)

 include $(BUILD_EXECUTABLE)
--- a/2375
+++ b/2375
--- a/CHANGES.0
+++ b/CHANGES.0
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -831,7 +831,7 @@ function(TRANSFORM_MAKEFILE_INC INPUT_FILE OUTPUT_FILE)
  string(REPLACE "$(top_builddir)" "\${CURL_BINARY_DIR}" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})

  string(REGEX REPLACE "\\\\\n" "<22>!<21>" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})
-  string(REGEX REPLACE "([a-zA-Z_][a-zA-Z0-9_]*)[\t ]*=[\t ]*([^\n]*\n)" "SET(\\1 \\2)\n" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})
+  string(REGEX REPLACE "([a-zA-Z_][a-zA-Z0-9_]*)[\t ]*=[\t ]*([^\n]*)" "SET(\\1 \\2)" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})
  string(REPLACE "<22>!<21>" "\n" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})

  string(REGEX REPLACE "\\$\\(([a-zA-Z_][a-zA-Z0-9_]*)\\)" "\${\\1}" MAKEFILE_INC_TEXT ${MAKEFILE_INC_TEXT})    # Replace $() with ${}
--- a/118
+++ b/118
@@ -1,26 +1,76 @@
 #!/bin/bash
 # This script performs all of the steps needed to build a
 # universal binary libcurl.framework for Mac OS X 10.4 or greater.
+#
+# Hendrik Visage:
+#  Generalizations added since  Snowleopard (10.6) do not include
+# the 10.4u SDK.
+#
+# Also note:
+# 10.5 is the *ONLY* SDK that support PPC64 :( -- 10.6 do not have ppc64 support
+#If you need to have PPC64 support then change below to 1
+PPC64_NEEDED=0
+
+# For me the default is to develop for the platform I am on, and if you
+#desire compatibility with older versions then change USE_OLD to 1 :)
+USE_OLD=0

 VERSION=`/usr/bin/sed -ne 's/^#define LIBCURL_VERSION "\(.*\)"/\1/p' include/curl/curlver.h`
+FRAMEWORK_VERSION=Versions/Release-$VERSION

-SDK32='/Developer/SDKs/MacOSX10.4u.sdk'
+#I also wanted to "copy over" the system, and thus the reason I added the
+# version to Versions/Release-7.20.1 etc.
+# now a simple rsync -vaP libcurl.framework /Library/Frameworks will install it
+# and setup the right paths to this version, leaving the system version
+# "intact", so you can "fix" it later with the links to Versions/A/...

-MINVER32='-mmacosx-version-min=10.4'

-ARCHES32='-arch ppc -arch i386'
+OLD_SDK=`ls  /Developer/SDKs|head -1`
+NEW_SDK=`ls -r /Developer/SDKs|head -1`

-SDK64='/Developer/SDKs/MacOSX10.5.sdk'
+if test "0"$USE_OLD -gt 0
+then
+ SDK32=$OLD_SDK
+else
+ SDK32=$NEW_SDK
+fi

-MINVER64='-mmacosx-version-min=10.5'
+MACVER=`echo $SDK32|sed -e s/[a-zA-Z]//g -e s/.\$//`

-ARCHES64='-arch ppc64 -arch x86_64'
+SDK32_DIR='/Developer/SDKs/'$SDK32
+MINVER32='-mmacosx-version-min='$MACVER
+ARCHES32='-arch i386 -arch ppc'

-if test -d $SDK32; then
+
+if test $PPC64_NEEDED -gt 0
+then
+  SDK64=10.5
+  ARCHES64='-arch x86_64 -arch ppc64'
+  SDK64=`ls  /Developer/SDKs|grep 10.5|head -1`
+else
+ ARCHES64='-arch x86_64'
+ #We "know" that 10.4 and earlier do not support 64bit
+ OLD_SDK64=`ls  /Developer/SDKs|egrep -v "10.[0-4]"|head -1`
+ NEW_SDK64=`ls -r /Developer/SDKs|egrep -v "10.[0-4]"|head -1`
+ if test $USE_OLD -gt 0
+  then
+   SDK64=$OLD_SDK64
+  else
+   SDK64=$NEW_SDK64
+  fi
+fi
+
+SDK64_DIR='/Developer/SDKs/'$SDK64
+MACVER64=`echo $SDK64|sed -e s/[a-zA-Z]//g -e s/.\$//`
+
+MINVER64='-mmacosx-version-min='$MACVER64
+
+if test ! -z $SDK32; then
  echo "----Configuring libcurl for 32 bit universal framework..."
+  make clean
  ./configure --disable-dependency-tracking --disable-static --with-gssapi \
-    CFLAGS="-Os -isysroot $SDK32 $ARCHES32 $MINVER32" \
-    LDFLAGS="-Wl,-syslibroot,$SDK32 $ARCHES32 $MINVER32 -Wl,-headerpad_max_install_names" \
+    CFLAGS="-Os -isysroot $SDK32_DIR $ARCHES32 $MINVER32" \
+    LDFLAGS="-Wl,-syslibroot,$SDK32_DIR $ARCHES32 $MINVER32 -Wl,-headerpad_max_install_names" \
    CC=$CC

  echo "----Building 32 bit libcurl..."
@@ -28,40 +78,43 @@ if test -d $SDK32; then

  echo "----Creating 32 bit framework..."
  rm -r libcurl.framework
-  mkdir -p libcurl.framework/Versions/A/Resources
-  cp lib/.libs/libcurl.dylib libcurl.framework/Versions/A/libcurl
-  install_name_tool -id @executable_path/../Frameworks/libcurl.framework/Versions/A/libcurl libcurl.framework/Versions/A/libcurl
-  /usr/bin/sed -e "s/7\.12\.3/$VERSION/" lib/libcurl.plist >libcurl.framework/Versions/A/Resources/Info.plist
-  mkdir -p libcurl.framework/Versions/A/Headers/curl
-  cp include/curl/*.h libcurl.framework/Versions/A/Headers/curl
+  mkdir -p libcurl.framework/${FRAMEWORK_VERSION}/Resources
+  cp lib/.libs/libcurl.dylib libcurl.framework/${FRAMEWORK_VERSION}/libcurl
+  install_name_tool -id @executable_path/../Frameworks/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl
+  /usr/bin/sed -e "s/7\.12\.3/$VERSION/" lib/libcurl.plist >libcurl.framework/${FRAMEWORK_VERSION}/Resources/Info.plist
+  mkdir -p libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl
+  cp include/curl/*.h libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl
  pushd libcurl.framework
-  ln -fs Versions/A/libcurl libcurl
-  ln -fs Versions/A/Resources Resources
-  ln -fs Versions/A/Headers Headers
+  ln -fs ${FRAMEWORK_VERSION}/libcurl libcurl
+  ln -fs ${FRAMEWORK_VERSION}/Resources Resources
+  ln -fs ${FRAMEWORK_VERSION}/Headers Headers
  cd Versions
-  ln -fs A Current
+  ln -fs ${FRAMEWORK_VERSION} Current

-  if test -d $SDK64; then
+  echo TEsting for SDK64
+  if test -d $SDK64_DIR; then
+  echo entering...
    popd
    make clean
    echo "----Configuring libcurl for 64 bit universal framework..."
    ./configure --disable-dependency-tracking --disable-static --with-gssapi \
-      CFLAGS="-Os -isysroot $SDK64 $ARCHES64 $MINVER64" \
-      LDFLAGS="-Wl,-syslibroot,$SDK64 $ARCHES64 $MINVER64 -Wl,-headerpad_max_install_names" \
+      CFLAGS="-Os -isysroot $SDK64_DIR $ARCHES64 $MINVER64" \
+      LDFLAGS="-Wl,-syslibroot,$SDK64_DIR $ARCHES64 $MINVER64 -Wl,-headerpad_max_install_names" \
      CC=$CC

    echo "----Building 64 bit libcurl..."
    make

    echo "----Appending 64 bit framework to 32 bit framework..."
-    cp lib/.libs/libcurl.dylib libcurl.framework/Versions/A/libcurl64
-    install_name_tool -id @executable_path/../Frameworks/libcurl.framework/Versions/A/libcurl libcurl.framework/Versions/A/libcurl64
-    cp libcurl.framework/Versions/A/libcurl libcurl.framework/Versions/A/libcurl32
-    lipo libcurl.framework/Versions/A/libcurl32 libcurl.framework/Versions/A/libcurl64 -create -output libcurl.framework/Versions/A/libcurl
-    rm libcurl.framework/Versions/A/libcurl32 libcurl.framework/Versions/A/libcurl64
-    cp libcurl.framework/Versions/A/Headers/curl/curlbuild.h libcurl.framework/Versions/A/Headers/curl/curlbuild32.h
-    cp include/curl/curlbuild.h libcurl.framework/Versions/A/Headers/curl/curlbuild64.h
-    cat >libcurl.framework/Versions/A/Headers/curl/curlbuild.h <<EOF
+    cp lib/.libs/libcurl.dylib libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
+    install_name_tool -id @executable_path/../Frameworks/libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
+    cp libcurl.framework/${FRAMEWORK_VERSION}/libcurl libcurl.framework/${FRAMEWORK_VERSION}/libcurl32
+    pwd
+    lipo libcurl.framework/${FRAMEWORK_VERSION}/libcurl32 libcurl.framework/${FRAMEWORK_VERSION}/libcurl64 -create -output libcurl.framework/${FRAMEWORK_VERSION}/libcurl
+    rm libcurl.framework/${FRAMEWORK_VERSION}/libcurl32 libcurl.framework/${FRAMEWORK_VERSION}/libcurl64
+    cp libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl/curlbuild.h libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl/curlbuild32.h
+    cp include/curl/curlbuild.h libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl/curlbuild64.h
+    cat >libcurl.framework/${FRAMEWORK_VERSION}/Headers/curl/curlbuild.h <<EOF
 #ifdef __LP64__
 #include "curl/curlbuild64.h"
 #else
@@ -70,9 +123,10 @@ if test -d $SDK32; then
 EOF
  fi

-  lipo -info libcurl.framework/Versions/A/libcurl
+  pwd
+  lipo -info libcurl.framework/${FRAMEWORK_VERSION}/libcurl
  echo "libcurl.framework is built and can now be included in other projects."
  echo "Copy libcurl.framework to your bundle's Contents/Frameworks folder, ~/Library/Frameworks or /Library/Frameworks."
 else
-  echo "Building libcurl.framework requires Mac OS X 10.4 or later with the MacOSX10.4u SDK installed."
+  echo "Building libcurl.framework requires Mac OS X 10.4 or later with the MacOSX10.4/5/6 SDK installed."
 fi
--- a/Makefile.dist
+++ b/Makefile.dist
@@ -54,17 +54,23 @@ borland-clean:
 	cd ..\src
 	make -f Makefile.b32 clean

-watcom:
+watcom: .SYMBOLIC
 	cd lib
-	wmake -f Makefile.Watcom
+	wmake -u -f Makefile.Watcom
 	cd ..\src
-	wmake -f Makefile.Watcom
+	wmake -u -f Makefile.Watcom

-watcom-clean:
+watcom-clean: .SYMBOLIC
 	cd lib
-	wmake -f Makefile.Watcom clean
+	wmake -u -f Makefile.Watcom clean
 	cd ..\src
-	wmake -f Makefile.Watcom clean
+	wmake -u -f Makefile.Watcom clean
+
+watcom-vclean: .SYMBOLIC
+	cd lib
+	wmake -u -f Makefile.Watcom vclean
+	cd ..\src
+	wmake -u -f Makefile.Watcom vclean

 mingw32:
 	$(MAKE) -C lib -f Makefile.m32
@@ -90,13 +96,13 @@ mingw32-clean:
 	$(MAKE) -C lib -f Makefile.m32 clean
 	$(MAKE) -C src -f Makefile.m32 clean

-vc-clean:
+vc-clean: $(VC)
 	cd lib
 	nmake -f Makefile.$(VC) clean
 	cd ..\src
 	nmake -f Makefile.$(VC) clean

-vc-all:
+vc-all: $(VC)
 	cd lib
 	nmake -f Makefile.$(VC) cfg=release
 	nmake -f Makefile.$(VC) cfg=release-ssl
@@ -121,85 +127,85 @@ vc-all:
 	nmake -f Makefile.$(VC) cfg=debug-dll-zlib-dll
 	nmake -f Makefile.$(VC) cfg=debug-dll-ssl-dll-zlib-dll

-vc:
+vc: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release
 	cd ..\src
 	nmake /f Makefile.$(VC)

-vc-x64:
+vc-x64: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release

-vc-zlib:
+vc-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-zlib

-vc-ssl:
+vc-ssl: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl

-vc-ssl-zlib:
+vc-ssl-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-zlib

-vc-x64-ssl-zlib:
+vc-x64-ssl-zlib: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib
 	cd ..\src
 	nmake /f Makefile.$(VC) MACHINE=x64 cfg=release-ssl-zlib

-vc-ssl-dll:
+vc-ssl-dll: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-dll
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-dll

-vc-dll-ssl-dll:
+vc-dll-ssl-dll: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-dll-ssl-dll
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-dll-ssl-dll

-vc-dll:
+vc-dll: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-dll
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-dll

-vc-dll-zlib-dll:
+vc-dll-zlib-dll: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-dll-zlib-dll
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-dll-zlib-dll

-vc-dll-ssl-dll-zlib-dll:
+vc-dll-ssl-dll-zlib-dll: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-dll-ssl-dll-zlib-dll
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-dll-ssl-dll-zlib-dll

-vc-ssl-dll-zlib-dll:
+vc-ssl-dll-zlib-dll: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-ssl-dll-zlib-dll
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-ssl-dll-zlib-dll

-vc-zlib-dll:
+vc-zlib-dll: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release-zlib-dll
 	cd ..\src
 	nmake /f Makefile.$(VC) cfg=release-zlib-dll

-vc-sspi:
+vc-sspi: $(VC)
 	cd lib
 	nmake /f Makefile.$(VC) cfg=release WINDOWS_SSPI=1
 	cd ..\src
@@ -261,6 +267,8 @@ linux: all

 linux-ssl: ssl

+# We don't need to do anything for vc6.
+vc6:

 vc8: lib/Makefile.vc8 src/Makefile.vc8

@@ -283,6 +291,17 @@ src/Makefile.vc9: src/Makefile.vc6
 	@echo "generate $@"
 	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc9/g" -e "s/VC6/VC9/g" src/Makefile.vc6 > src/Makefile.vc9

+# VC10 makefiles are for use with VS2010
+vc10: lib/Makefile.vc10 src/Makefile.vc10
+
+lib/Makefile.vc10: lib/Makefile.vc6
+	@echo "generate $@"
+	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc10/g" -e "s/VC6/VC10/g" lib/Makefile.vc6 > lib/Makefile.vc10
+
+src/Makefile.vc10: src/Makefile.vc6
+	@echo "generate $@"
+	@sed -e "s#/GX /DWIN32 /YX#/EHsc /DWIN32#" -e "s#/GZ#/RTC1#" -e "s/ws2_32.lib/ws2_32.lib/g" -e "s/vc6/vc10/g" -e "s/VC6/VC10/g" src/Makefile.vc6 > src/Makefile.vc10
+
 ca-bundle: lib/mk-ca-bundle.pl
 	@echo "generate a fresh ca-bundle.crt"
 	@perl $< -b -l -u lib/ca-bundle.crt
--- a/87
+++ b/87
@@ -1,43 +1,61 @@
-Curl and libcurl 7.21.0
+Curl and libcurl 7.21.2

- Public curl releases:         116
+ Public curl releases:         118
 Command line options:         138
 curl_easy_setopt() options:   180
 Public functions in libcurl:  58
 Known libcurl bindings:       39
- Contributors:                 794
+ Contributors:                 817

 This release includes the following changes:

- o added the --proto and -proto-redir options
- o new configure option --enable-threaded-resolver
- o improve TELNET ability with libcurl
- o added support for PolarSSL
- o added support for FTP wildcard matching and downloads
- o added support for RTMP
- o introducing new LDAP code for new enough OpenLDAP
- o OpenLDAP support enabled for cygwin builds
- o added CURLINFO_PRIMARY_PORT, CURLINFO_LOCAL_IP and CURLINFO_LOCAL_PORT
+ o curl -T: ignore file size of special files
+ o Added GOPHER protocol support
+ o Added mk-ca-bundle.vbs script
+ o c-ares build now requires c-ares >= 1.6.0

 This release includes the following bugfixes:

- o prevent needless reverse name lookups
- o detect GSS on ancient Linux distros
- o GnuTLS: EOF caused error when it wasn't
- o GnuTLS: SSL handshake phase is non-blocking
- o -J/--remote-header-name strips CRLF
- o MSVC makefiles now use ws2_32.lib instead of wsock32.lib
- o -O crash on windows
- o SSL handshake timeout underflow in libcurl-NSS
- o multi interface missed storing connection time
- o broken CRL support in libcurl-NSS
- o ignore response-body on redirect even if compressed
- o OpenSSL handshake state-machine for multi interface
- o TFTP timeout option sent correctly
- o TFTP block id wrap
- o curl_multi_socket_action() timeout handles inaccuracy in timers better
- o SCP/SFTP failure to respect the timeout
- o spurious SSL connection aborts with OpenSSL
+ o --remote-header-name security vulnerability fixed:
+   http://curl.haxx.se/docs/adv_20101013.html
+
+ o multi: support the timeouts correctly, fixes known bug #62
+ o multi: use timeouts properly for MAX_RECV/SEND_SPEED
+ o negotiation: Wrong proxy authorization
+ o multi: avoid sending multiple complete messages
+ o cmdline: make -F type= accept ;charset=
+ o RESUME_FROM: clarify what ftp uploads do
+ o http: handle trailer headers in all chunked responses
+ o Curl_is_connected: use correct errno
+ o Added SSPI build to Watcom makefile
+ o progress: callback for POSTs less than MAX_INITIAL_POST_SIZE
+ o linking problem on Fedora 13
+ o Link curl and the test apps with -lrt explicitly when necessary
+ o chunky parser: only rewind stream internally if needed
+ o remote-header-name: don't output filename when NULL
+ o Curl_timeleft: avoid returning "no timeout" by mistake
+ o timeout: use the correct start value as offset
+ o FTP: fix wrong timeout trigger
+ o buildconf got better output on failures
+ o rtsp: avoid SIGSEGV on malformed header
+ o LDAP: Support for tunnelling queries through HTTP proxy
+ o configure's --enable-werror had a bashism
+ o test565: Don't hardcode IP:PORT
+ o configure: check for gcrypt if using GnuTLS
+ o configure: don't enable RTMP if the lib detect fails
+ o curl_easy_duphandle: clone the c-ares handle correctly
+ o MacOSX-Framework: updates for Snowleopard
+ o support URL containing colon without trailing port number
+ o parsedate: allow time specified without seconds
+ o curl_easy_escape: don't escape "unreserved" characters
+ o SFTP: avoid downloading negative sizes
+ o Lots of GSS/KRB FTP fixes
+ o TFTP: Work around tftpd-hpa upload bug
+ o libcurl.m4: several fixes
+ o HTTP: remove special case for 416
+ o examples: use example.com in example URLs
+ o globbing: fix crash on unballanced open brace
+ o cmake: build fixed

 This release includes the following known bugs:

@@ -46,11 +64,10 @@ This release includes the following known bugs:
 This release would not have looked like this without help, code, reports and
 advice from friends like these:

- Rainer Canavan, Paul Howarth, Jerome Vouillon, Ruslan Gazizov, Yang Tse,
- Kamil Dudka, Alex Bligh, Ben Greear, Hoi-Ho Chan, Howard Chu, Dirk Manske,
- Pavel Raiskup, John-Mark Bell, Eric Mertens, Tor Arntsen, Douglas Kilpatrick,
- Igor Novoseltsev, Jason McDonald, Dan Fandrich, Tanguy Fautre, Guenter Knauf,
- Julien Chaffraix, Kalle Vahlman, Frank Meier, Constantine Sapuntzakis
-
+ Kamil Dudka, Ben Greear, Cameron Kaiser, Dan Fandrich, Dirk Manske,
+ Guenter Knauf, Julien Chaffraix, Quanah Gibson-Mount, Tor Arntsen,
+ Peter Pentchev, James Bursa, Fabian Keil, Michal Gorny, Mauro Iorio,
+ Hendrik Visage, Ning Dong, David McCreedy, Patrick Monnerat,
+ Tim Newsome, Dan Locks, Vlad Ureche, Dimitre Dimitrov

        Thanks! (and sorry if I forgot to mention someone)
--- a/17
+++ b/17
@@ -1,4 +1,17 @@
-To be addressed in 7.20.1 (planned release: April 2010)
+To be addressed in 7.21.2
 =========================

-261 - 
+268 - 3076430 SFTP resume with 4GB file does not work
+
+271 -
+
+To be addressed in 7.21.3
+=========================
+
+262 - Manual setting of TLS Server Name Indication - use Host:
+
+263 - Support binding DNS to local interface/IP
+
+265 - 1. FTP cmd channel and data channel validation
+
+267 - 2. Cert chain for data channel
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -2145,6 +2145,7 @@ AC_DEFUN([CURL_CHECK_LIBS_CLOCK_GETTIME_MONOTONIC], [
        else
          LIBS="$curl_cv_gclk_LIBS $curl_cv_save_LIBS"
        fi
+        CURL_LIBS="$CURL_LIBS $curl_cv_gclk_LIBS"
        AC_MSG_RESULT([$curl_cv_gclk_LIBS])
        ac_cv_func_clock_gettime="yes"
        ;;
--- a/8
+++ b/8
@@ -248,13 +248,17 @@ fi
 #--------------------------------------------------------------------------
 # m4 check
 #
-m4=`${M4:-m4} --version 2>/dev/null|head -n 1`;
+m4=`(${M4:-m4} --version || ${M4:-gm4} --version) 2>/dev/null | head -n 1`;
 m4_version=`echo $m4 | sed -e 's/^.* \([0-9]\)/\1/' -e 's/[a-z]* *$//'`

 if { echo $m4 | grep "GNU" >/dev/null 2>&1; } then
  echo "buildconf: GNU m4 version $m4_version (ok)"
 else
-  echo "buildconf: m4 version $m4 found. You need a GNU m4 installed!"
+  if test -z "$m4"; then
+    echo "buildconf: m4 version not recognized. You need a GNU m4 installed!"
+  else
+    echo "buildconf: m4 version $m4 found. You need a GNU m4 installed!"
+  fi
  exit 1
 fi

--- a/configure.ac
+++ b/configure.ac
@@ -24,7 +24,7 @@ dnl Process this file with autoconf to produce a configure script.
 AC_PREREQ(2.57)

 dnl We don't know the version number "statically" so we use a dash here
-AC_INIT([curl], [-], [a suitable curl mailing list => http://curl.haxx.se/mail/])
+AC_INIT([curl], [-], [a suitable curl mailing list: http://curl.haxx.se/mail/])

 CURL_OVERRIDE_AUTOCONF

@@ -40,6 +40,7 @@ AM_MAINTAINER_MODE
 CURL_CHECK_OPTION_DEBUG
 CURL_CHECK_OPTION_OPTIMIZE
 CURL_CHECK_OPTION_WARNINGS
+CURL_CHECK_OPTION_WERROR
 CURL_CHECK_OPTION_CURLDEBUG
 CURL_CHECK_OPTION_ARES

@@ -51,33 +52,48 @@ CURL_CHECK_PATH_SEPARATOR_REQUIRED
 CONFIGURE_OPTIONS="\"$ac_configure_args\""
 AC_SUBST(CONFIGURE_OPTIONS)

+CURL_CFLAG_EXTRAS=""
+if test X"$want_werror" = Xyes; then
+  CURL_CFLAG_EXTRAS="-Werror"
+fi
+AC_SUBST(CURL_CFLAG_EXTRAS)
+
 dnl SED is mandatory for configure process and libtool.
 dnl Set it now, allowing it to be changed later.
-AC_PATH_PROG([SED], [sed], [not_found],
-  [$PATH:/usr/bin:/usr/local/bin])
-if test -z "$SED" || test "$SED" = "not_found"; then
-  AC_MSG_ERROR([sed not found in PATH. Cannot continue without sed.])
+if test -z "$SED"; then
+  dnl allow it to be overridden
+  AC_PATH_PROG([SED], [sed], [not_found],
+    [$PATH:/usr/bin:/usr/local/bin])
+  if test -z "$SED" || test "$SED" = "not_found"; then
+    AC_MSG_ERROR([sed not found in PATH. Cannot continue without sed.])
+  fi
 fi
 AC_SUBST([SED])

 dnl GREP is mandatory for configure process and libtool.
 dnl Set it now, allowing it to be changed later.
-AC_PATH_PROG([GREP], [grep], [not_found],
-  [$PATH:/usr/bin:/usr/local/bin])
-if test -z "$GREP" || test "$GREP" = "not_found"; then
-  AC_MSG_ERROR([grep not found in PATH. Cannot continue without grep.])
+if test -z "$GREP"; then
+  dnl allow it to be overridden
+  AC_PATH_PROG([GREP], [grep], [not_found],
+    [$PATH:/usr/bin:/usr/local/bin])
+  if test -z "$GREP" || test "$GREP" = "not_found"; then
+    AC_MSG_ERROR([grep not found in PATH. Cannot continue without grep.])
+  fi
 fi
 AC_SUBST([GREP])

 dnl EGREP is mandatory for configure process and libtool.
 dnl Set it now, allowing it to be changed later.
-if echo a | ($GREP -E '(a|b)') >/dev/null 2>&1; then
-  AC_MSG_CHECKING([for egrep])
-  EGREP="$GREP -E"
-  AC_MSG_RESULT([$EGREP])
-else
-  AC_PATH_PROG([EGREP], [egrep], [not_found],
-    [$PATH:/usr/bin:/usr/local/bin])
+if test -z "$EGREP"; then
+  dnl allow it to be overridden
+  if echo a | ($GREP -E '(a|b)') >/dev/null 2>&1; then
+    AC_MSG_CHECKING([for egrep])
+    EGREP="$GREP -E"
+    AC_MSG_RESULT([$EGREP])
+  else
+    AC_PATH_PROG([EGREP], [egrep], [not_found],
+      [$PATH:/usr/bin:/usr/local/bin])
+  fi
 fi
 if test -z "$EGREP" || test "$EGREP" = "not_found"; then
  AC_MSG_ERROR([egrep not found in PATH. Cannot continue without egrep.])
@@ -86,10 +102,13 @@ AC_SUBST([EGREP])

 dnl AR is mandatory for configure process and libtool.
 dnl This is target dependent, so check it as a tool.
-AC_PATH_TOOL([AR], [ar], [not_found],
-  [$PATH:/usr/bin:/usr/local/bin])
-if test -z "$AR" || test "$AR" = "not_found"; then
-  AC_MSG_ERROR([ar not found in PATH. Cannot continue without ar.])
+if test -z "$AR"; then
+  dnl allow it to be overridden
+  AC_PATH_TOOL([AR], [ar], [not_found],
+    [$PATH:/usr/bin:/usr/local/bin])
+  if test -z "$AR" || test "$AR" = "not_found"; then
+    AC_MSG_ERROR([ar not found in PATH. Cannot continue without ar.])
+  fi
 fi
 AC_SUBST([AR])

@@ -209,6 +228,9 @@ case $host in
 esac
 AC_MSG_RESULT($mimpure)
 AM_CONDITIONAL(MIMPURE, test x$mimpure = xyes)
+
+dnl 'STATICLIB' is, in spite of its name, not generic but only for static-only
+dnl builds on Windows
 AM_CONDITIONAL(STATICLIB, false)

 AC_MSG_CHECKING([if we need BUILDING_LIBCURL])
@@ -394,7 +416,6 @@ AC_HELP_STRING([--disable-ldaps],[Disable LDAPS support]),
         AC_MSG_RESULT(yes)
         AC_DEFINE(HAVE_LDAP_SSL, 1, [Use LDAPS implementation])
         AC_SUBST(HAVE_LDAP_SSL, [1])
-         curl_ldaps_msg="enabled"
       fi
       ;;
  esac ],[
@@ -406,7 +427,6 @@ AC_HELP_STRING([--disable-ldaps],[Disable LDAPS support]),
         AC_MSG_RESULT(yes)
         AC_DEFINE(HAVE_LDAP_SSL, 1, [Use LDAPS implementation])
         AC_SUBST(HAVE_LDAP_SSL, [1])
-         curl_ldaps_msg="enabled"
       fi ]
 )

@@ -548,6 +568,22 @@ AC_HELP_STRING([--disable-smtp],[Disable SMTP support]),
       AC_MSG_RESULT(yes)
 )

+AC_MSG_CHECKING([whether to support gopher])
+AC_ARG_ENABLE(gopher,
+AC_HELP_STRING([--enable-gopher],[Enable Gopher support])
+AC_HELP_STRING([--disable-gopher],[Disable Gopher support]),
+[ case "$enableval" in
+  no)
+       AC_MSG_RESULT(no)
+       AC_DEFINE(CURL_DISABLE_GOPHER, 1, [to disable Gopher])
+       AC_SUBST(CURL_DISABLE_GOPHER, [1])
+       ;;
+  *)   AC_MSG_RESULT(yes)
+       ;;
+  esac ],
+       AC_MSG_RESULT(yes)
+)
+

 dnl **********************************************************************
 dnl Check for built-in manual
@@ -742,6 +778,8 @@ ac_cv_func_strcasecmp="no"

 CURL_CHECK_LIBS_CONNECT

+CURL_NETWORK_LIBS=$LIBS
+
 dnl **********************************************************************
 dnl In case that function clock_gettime with monotonic timer is available,
 dnl check for additional required libraries.
@@ -852,6 +890,10 @@ if test x$CURL_DISABLE_LDAP != x1 ; then
  fi
 fi

+if test x$CURL_DISABLE_LDAPS != x1 ; then
+    curl_ldaps_msg="enabled"
+fi
+
 dnl **********************************************************************
 dnl Checks for IPv6
 dnl **********************************************************************
@@ -1694,6 +1736,20 @@ if test "$OPENSSL_ENABLED" != "1"; then

 fi dnl OPENSSL != 1

+dnl ---
+dnl If GnuTLS is enabled, we MUST verify that it uses libgcrypt since
+dnl curl code relies on that but recent GnuTLS versions can in fact build
+dnl with different crypto libraries which curl right now cannot handle
+dnl ---
+
+if test "$GNUTLS_ENABLED" = "1"; then
+  AC_CHECK_LIB(gcrypt,
+               gcry_control, ,
+    [
+      AC_MSG_ERROR([need GnuTLS built with gcrypt to function with GnuTLS])
+    ])
+fi
+
 dnl ----------------------------------------------------
 dnl check for PolarSSL
 dnl ----------------------------------------------------
@@ -1962,7 +2018,9 @@ if test X"$OPT_LIBSSH2" != Xno; then

       dnl libssh2_version is a post 1.0 addition
       dnl libssh2_init and libssh2_exit were added in 1.2.5
-       AC_CHECK_FUNCS( libssh2_version libssh2_init libssh2_exit)
+       dnl libssh2_scp_send64 was added in 1.2.6
+       AC_CHECK_FUNCS( libssh2_version libssh2_init libssh2_exit \
+                       libssh2_scp_send64 )

       LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$DIR_SSH2"
       export LD_LIBRARY_PATH
@@ -2009,6 +2067,7 @@ if test X"$OPT_LIBRTMP" != Xno; then
    ;;
  off)
    dnl no --with-librtmp option given, just check default places
+    LIB_RTMP="-lrtmp"
    ;;
  *)
    dnl use the given --with-librtmp spot
@@ -2027,13 +2086,19 @@ if test X"$OPT_LIBRTMP" != Xno; then
  CPPFLAGS="$CPPFLAGS $CPP_RTMP"
  LIBS="$LIBS $LIB_RTMP"

-  AC_CHECK_LIB(rtmp, RTMP_Init)
-
-  AC_CHECK_HEADERS(librtmp/rtmp.h,
-    curl_rtmp_msg="enabled (librtmp)"
-    LIBRTMP_ENABLED=1
-    AC_DEFINE(USE_LIBRTMP, 1, [if librtmp is in use])
-    AC_SUBST(USE_LIBRTMP, [1])
+  AC_CHECK_LIB(rtmp, RTMP_Init,
+    [
+     AC_CHECK_HEADERS(librtmp/rtmp.h,
+        curl_rtmp_msg="enabled (librtmp)"
+        LIBRTMP_ENABLED=1
+        AC_DEFINE(USE_LIBRTMP, 1, [if librtmp is in use])
+        AC_SUBST(USE_LIBRTMP, [1])
+     )
+    ],
+      dnl not found, revert back to clean variables
+      LDFLAGS=$CLEANLDFLAGS
+      CPPFLAGS=$CLEANCPPFLAGS
+      LIBS=$CLEANLIBS
  )

  if test X"$OPT_LIBRTMP" != Xoff &&
@@ -2041,12 +2106,6 @@ if test X"$OPT_LIBRTMP" != Xno; then
    AC_MSG_ERROR([librtmp libs and/or directories were not found where specified!])
  fi

-  if test "$LIBRTMP_ENABLED" != "1"; then
-    dnl no librtmp, revert back to clean variables
-    LDFLAGS=$CLEANLDFLAGS
-    CPPFLAGS=$CLEANCPPFLAGS
-    LIBS=$CLEANLIBS
-  fi
 fi

 dnl **********************************************************************
@@ -2435,6 +2494,13 @@ AM_CONDITIONAL(USE_MANUAL, test x"$USE_MANUAL" = x1)
 CURL_CHECK_LIB_ARES
 AM_CONDITIONAL(USE_EMBEDDED_ARES, test x$embedded_ares = xyes)

+if test "x$enable_shared" = "xyes"; then
+  build_libhostname=yes
+else
+  build_libhostname=no
+fi
+AM_CONDITIONAL(BUILD_LIBHOSTNAME, test x$build_libhostname = xyes)
+
 CURL_CHECK_OPTION_THREADED_RESOLVER

 if test "x$want_thres" = xyes && test "x$want_ares" = xyes; then
@@ -2627,10 +2693,15 @@ LIBCURL_LIBS=$LIBS
 AC_SUBST(LIBCURL_LIBS)
 AC_SUBST(CURL_LIBS)
 AC_SUBST(TEST_SERVER_LIBS)
+AC_SUBST(CURL_NETWORK_LIBS)
 LIBS=$ALL_LIBS  dnl LIBS is a magic variable that's used for every link

 AM_CONDITIONAL(CROSSCOMPILING, test x$cross_compiling = xyes)

+dnl yes or no
+ENABLE_SHARED="$enable_shared"
+AC_SUBST(ENABLE_SHARED)
+
 dnl
 dnl For keeping supported features and protocols also in pkg-config file
 dnl since it is more cross-compile frient than curl-config
@@ -2659,7 +2730,8 @@ fi
 if test "x$USE_WINDOWS_SSPI" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES SSPI"
 fi
-if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" -o "x$GNUTLS_ENABLED" = "x1"; then
+if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
+    -o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1"; then
  SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
 fi

@@ -2699,6 +2771,9 @@ fi
 if test "x$CURL_DISABLE_TFTP" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS TFTP"
 fi
+if test "x$CURL_DISABLE_GOPHER" != "x1"; then
+  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS GOPHER"
+fi
 if test "x$CURL_DISABLE_POP3" != "x1"; then
  SUPPORT_PROTOCOLS="$SUPPORT_PROTOCOLS POP3"
  if test "x$SSL_ENABLED" = "x1"; then
@@ -2746,6 +2821,7 @@ squeeze LIBS
 squeeze CURL_LIBS
 squeeze LIBCURL_LIBS
 squeeze TEST_SERVER_LIBS
+squeeze CURL_NETWORK_LIBS

 squeeze SUPPORT_FEATURES
 squeeze SUPPORT_PROTOCOLS
--- a/curl-config.in
+++ b/curl-config.in
@@ -6,7 +6,7 @@
 #                            | (__| |_| |  _ <| |___
 #                             \___|\___/|_| \_\_____|
 #
-# Copyright (C) 2001 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+# Copyright (C) 2001 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
 #
 # This software is licensed as described in the file COPYING, which
 # you should have received as part of this distribution. The terms
@@ -32,6 +32,7 @@ Usage: curl-config [OPTION]

 Available values for OPTION include:

+  --built-shared says 'yes' if libcurl was built shared
  --ca        ca bundle install path
  --cc        compiler
  --cflags    pre-processor and compiler flags
@@ -64,6 +65,10 @@ while test $# -gt 0; do
    esac

    case "$1" in
+    --built-shared)
+        echo @ENABLE_SHARED@
+        ;;
+
    --ca)
 	echo "@CURL_CA_BUNDLE@"
 	;;
@@ -87,6 +92,7 @@ while test $# -gt 0; do
            echo "$protocol"
        done
 	;;
+
    --version)
 	echo libcurl @VERSION@
 	exit 0
--- a/docs/CONTRIBUTE
+++ b/docs/CONTRIBUTE
@@ -268,7 +268,7 @@

  [separate the above single line from the rest with an empty line]

-  [full description, no wider than 65 columns that describe as much as
+  [full description, no wider than 72 columns that describe as much as
  possible as to why this change is made, and possibly what things
  it fixes and everything else that is related]
   ---- stop ----
--- a/docs/FAQ
+++ b/docs/FAQ
@@ -1,4 +1,4 @@
-Updated: Nov 7, 2009 (http://curl.haxx.se/docs/faq.html)
+Updated: October 6, 2010 (http://curl.haxx.se/docs/faq.html)
                                  _   _ ____  _
                              ___| | | |  _ \| |
                             / __| | | | |_) | |
@@ -20,6 +20,8 @@ FAQ
  1.10 How many are using curl?
  1.11 Why don't you update ca-bundle.crt
  1.12 I have a problem who can I chat with?
+  1.13 curl's ECCN number?
+  1.14 How do I submit my patch?

 2. Install Related Problems
  2.1 configure doesn't find OpenSSL even when it is installed
@@ -48,6 +50,7 @@ FAQ
  3.16 What certificates do I need when I use SSL?
  3.17 How do I list the root dir of an FTP server?
  3.18 Can I use curl to send a POST/PUT and not wait for a response?
+  3.19 How do I get HTTP from a host using a specific IP address?

 4. Running Problems
  4.1 Problems connecting to SSL servers.
@@ -74,6 +77,7 @@ FAQ
  4.16 My HTTP POST or PUT requests are slow!
  4.17 Non-functional connect timeouts on Windows
  4.18 file:// URLs containing drive letters (Windows, NetWare)
+  4.19 Why doesn't cURL return an error when the network cable is unplugged?

 5. libcurl Issues
  5.1 Is libcurl thread-safe?
@@ -83,7 +87,7 @@ FAQ
  5.5 Does CURLOPT_WRITEDATA and CURLOPT_READDATA work on win32 ?
  5.6 What about Keep-Alive or persistent connections?
  5.7 Link errors when building libcurl on Windows!
-  5.8 libcurl.so.3: open failed: No such file or directory
+  5.8 libcurl.so.X: open failed: No such file or directory
  5.9 How does libcurl resolve host names?
  5.10 How do I prevent libcurl from writing the response to stdout?
  5.11 How do I make libcurl not receive the whole HTTP response?
@@ -122,8 +126,10 @@ FAQ

  libcurl

-    A free and easy-to-use client-side URL transfer library, supporting FTP,
-    FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, FILE, LDAP and LDAPS.
+    A free and easy-to-use client-side URL transfer library, supporting DICT,
+    FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, POP3,
+    POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP.
+
    libcurl supports HTTPS certificates, HTTP POST, HTTP PUT, FTP uploading,
    kerberos, HTTP form based upload, proxies, cookies, user+password
    authentication, file transfer resume, http proxy tunneling and more!
@@ -141,9 +147,8 @@ FAQ

    A command line tool for getting or sending files using URL syntax.

-    Since curl uses libcurl, it supports a range of common Internet protocols,
-    currently including HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, LDAP, LDAPS,
-    DICT, TELNET and FILE.
+    Since curl uses libcurl, curl supports the same wide range of common
+    Internet protocols that libcurl does.

  We pronounce curl and cURL with an initial k sound: [kurl].

@@ -307,9 +312,9 @@ FAQ
  as used by numerous applications that include libcurl binaries in their
  distribution packages (like Adobe Acrobat Reader and Google Earth).

-  More than 90 known named companies use curl in commercial environments and
-  products. More than 100 known named open source projects depend on
-  (lib)curl.
+  More than a hundred known named companies use curl in commercial
+  environments and products and more than a hundred known named open source
+  projects depend on (lib)curl.

  In a poll on the curl web site mid-2005, more than 50% of the 300+ answers
  estimated a user base of one million users or more.
@@ -319,6 +324,12 @@ FAQ
  based web servers. A guess is that a fair amount of these Linux
  installations have curl installed.

+  The Debian project maintains statistics on packages installed by people
+  who have voluntarily run their package counting application.  In mid-2010,
+  libcurl3 was installed on over 55000 such systems (62% of reporting systems)
+  and was one of the 320 most popular installed packages (out of about 107000
+  possible packages).
+
  All this taken together, there is no doubt that there are millions of
  (lib)curl users.

@@ -327,6 +338,7 @@ FAQ
  http://curl.haxx.se/libcurl/using/apps.html
  http://counter.li.org/estimates.php
  http://news.netcraft.com/archives/2005/03/14/fedora_makes_rapid_progress.html
+  http://qa.debian.org/popcon.php?package=curl

  1.11 Why don't you update ca-bundle.crt

@@ -357,6 +369,41 @@ FAQ
  IRC network irc.freenode.net. If you're polite and nice, chances are big
  that you can get -- or provide -- help instantly.

+  1.13 curl's ECCN number?
+
+  The US government restricts exports of software that contains or uses
+  cryptography. When doing so, the Export Control Classification Number (ECCN)
+  is used to identify the level of export control etc.
+
+  ASF gives a good explanation at http://www.apache.org/dev/crypto.html
+
+  We believe curl's number might be ECCN 5D002, another possibility is
+  5D992. It seems necessary to write them, asking to confirm.
+
+  Comprehensible explanations of the meaning of such numbers and how to
+  obtain them (resp.) are here
+
+  http://www.bis.doc.gov/licensing/exportingbasics.htm
+  http://www.bis.doc.gov/licensing/do_i_needaneccn.html
+
+  An incomprehensible description of the two numbers above is here
+  http://www.access.gpo.gov/bis/ear/pdf/ccl5-pt2.pdf
+
+  1.14 How do I submit my patch?
+
+  When you have made a patch or a change of whatever sort, and want to submit
+  that to the project, there are a few different ways we prefer:
+
+  o send a patch to the curl-library mailing list. We're many subscribers
+    there and there are lots of people who can review patches, comment on them
+    and "receive" them properly.
+
+  o if your patch changes or fixes a bug, you can also opt to submit a bug
+    report in the bug tracker and attach your patch there. There are less
+    people involved there.
+
+  Lots of more details are found in the CONTRIBUTE and INTERNALS docs.
+

 2. Install Related Problems

@@ -399,10 +446,10 @@ FAQ

  2.2 Does curl work/build with other SSL libraries?

-  Curl has been written to use OpenSSL, GnuTLS, yassl or NSS, although there
-  should not be many problems using a different library. If anyone does "port"
-  curl to use a different SSL library, we are of course very interested in
-  getting the patch!
+  Curl has been written to use OpenSSL, GnuTLS, yassl, NSS or PolarSSL,
+  although there should not be many problems using a different library. If
+  anyone does "port" curl to use a different SSL library, we are of course
+  very interested in getting the patch!

  2.3 Where can I find a copy of LIBEAY32.DLL?

@@ -614,6 +661,9 @@ FAQ
    provide this in order to prove that you actually are who you claim to be.
    If the server doesn't require this, you don't need a client certificate.

+    A client certificate is always used together with a private key, and the
+    private key has a pass phrase that protects it.
+
  - Server certificate. The server you communicate with has a server
    certificate. You can and should verify this certificate to make sure that
    you are truly talking to the real server and not a server impersonating
@@ -621,8 +671,9 @@ FAQ

  - Certificate Authority certificate ("CA cert"). You often have several CA
    certs in a CA cert bundle that can be used to verify a server certificate
-    that was signed by one of the authorities in the bundle. curl comes with a
-    default CA cert bundle. You can override the default.
+    that was signed by one of the authorities in the bundle. curl does not
+    come with a CA cert bundle but most curl installs provide one. You can
+    also override the default.

    The server certificate verification process is made by using a Certificate
    Authority certificate ("CA cert") that was used to sign the server
@@ -653,6 +704,17 @@ FAQ

  But you could easily write your own program using libcurl to do such stunts.

+  3.19 How do I get HTTP from a host using a specific IP address?
+
+  For example, you may be trying out a web site installation that isn't yet in
+  the DNS. Or you have a site using multiple IP addresses for a given host
+  name and you want to address a specific one out of the set.
+
+  Set a custom Host: header that identifies the server name you want to reach
+  but use the target IP address in the URL:
+
+    curl --header "Host: www.example.com" http://127.0.0.1/
+

 4. Running Problems

@@ -801,10 +863,8 @@ FAQ

  4.9 Curl can't authenticate to the server that requires NTLM?

-  This is supported in curl 7.10.6 or later. No earlier curl version knows
-  of this magic. Later versions require the OpenSSL, GnuTLS or Microsoft
-  Windows libraries to provide this functionality. Using the NSS library
-  will not provide NTLM authentication functionality in curl.
+  NTLM support requires OpenSSL, GnuTLS, NSS or Microsoft Windows libraries at
+  build-time to provide this functionality.

  NTLM is a Microsoft proprietary protocol. Proprietary formats are evil. You
  should not use such ones.
@@ -944,6 +1004,31 @@ FAQ

  In either case, cURL should now be looking for the correct file.

+  4.19 Why doesn't cURL return an error when the network cable is unplugged?
+
+  Unplugging the cable is not an error situation. The TCP/IP protocol stack
+  was designed to be fault tolerant, so even though there may be a physical
+  break somewhere the connection shouldn't be affected, just possibly
+  delayed.  Eventually, the physical break will be fixed or the data will be
+  re-routed around the physical problem.
+
+  In such cases, the TCP/IP stack is responsible for detecting when the
+  network connection is irrevocably lost. Since with some protocols it is
+  perfectly legal for the client wait indefinitely for data, the stack may
+  never report a problem, and even when it does, it can take up to 20 minutes
+  for it to detect an issue.  The curl option --keepalive-time enables
+  keep-alive support in the TCP/IP stack which makes it periodically probe the
+  connection to make sure it is still available to send data. That should
+  reliably detect any TCP/IP network failure.
+
+  But even that won't detect the network going down before the TCP/IP
+  connection is established (e.g. during a DNS lookup) or using protocols that
+  don't use TCP.  To handle those situations, curl offers a number of timeouts
+  on its own. --speed-limit/--speed-time will abort if the data transfer rate
+  falls too low, and --connect-timeout and --max-time can be used to put an
+  overall timeout on the connection phase or the entire transfer.
+
+
 5. libcurl Issues

  5.1 Is libcurl thread-safe?
@@ -1044,11 +1129,14 @@ FAQ

  When building an application that uses the static libcurl library, you must
  add -DCURL_STATICLIB to your CFLAGS. Otherwise the linker will look for
-  dynamic import symbols. If you get linker error like "unknown symbol
-  __imp__curl_easy_init ..." you have linked against the wrong (static)
-  library.  If you want to use the libcurl.dll and import lib, you don't need
-  any extra CFLAGS, but use one of the import libraries below. These are the
-  libraries produced by the various lib/Makefile.* files:
+  dynamic import symbols. If you're using Visual Studio, you need to instead
+  add CURL_STATICLIB in the "Preprocessor Definitions" section.
+
+  If you get linker error like "unknown symbol __imp__curl_easy_init ..." you
+  have linked against the wrong (static) library.  If you want to use the
+  libcurl.dll and import lib, you don't need any extra CFLAGS, but use one of
+  the import libraries below. These are the libraries produced by the various
+  lib/Makefile.* files:

  Target:          static lib.   import lib for libcurl*.dll.
  -----------------------------------------------------------
@@ -1058,13 +1146,14 @@ FAQ
  Borland:         libcurl.lib   libcurl_imp.lib


-  5.8 libcurl.so.3: open failed: No such file or directory
+  5.8 libcurl.so.X: open failed: No such file or directory

  This is an error message you might get when you try to run a program linked
  with a shared version of libcurl and your run-time linker (ld.so) couldn't
-  find the shared library named libcurl.so.3.
+  find the shared library named libcurl.so.X. (Where X is the number of the
+  current libcurl ABI, typically 3 or 4).

-  You need to make sure that ld.so finds libcurl.so.3. You can do that
+  You need to make sure that ld.so finds libcurl.so.X. You can do that
  multiple ways, and it differs somewhat between different operating systems,
  but they are usually:

@@ -1100,10 +1189,10 @@ FAQ
    Using this offers asynchronous name resolves but it currently has no IPv6
    support.

-  - The Windows threaded resolver. It use:
+  - The threaded resolver (default option on Windows). It uses:

-    A - gethostbyname() on plain ipv4 windows hosts
-    B - getaddrinfo() on ipv6-enabled windows hosts
+    A - gethostbyname() on plain ipv4 hosts
+    B - getaddrinfo() on ipv6-enabled hosts

  Also note that libcurl never resolves or reverse-lookups addresses given as
  pure numbers, such as 127.0.0.1 or ::1.
@@ -1182,7 +1271,9 @@ FAQ
  to do "LIST -a" or similar to see them.

  The application thus needs to parse the LIST output. One such existing
-  list parser is available at http://cr.yp.to/ftpparse.html
+  list parser is available at http://cr.yp.to/ftpparse.html  Versions of
+  libcurl since 7.21.0 also provide the ability to specify a wildcard to
+  download multiple files from one FTP directory.


 6. License Issues
--- a/docs/FEATURES
+++ b/docs/FEATURES
@@ -43,7 +43,7 @@ HTTP
 - POST
 - Pipelining
 - multipart formpost (RFC1867-style)
- - authentication: Basic, Digest, NTLM(*1), GSS-Negotiate/Negotiate(*3) and
+ - authentication: Basic, Digest, NTLM(*9), GSS-Negotiate/Negotiate(*3) and
   SPNEGO (*4) to server and proxy
 - resume (both GET and PUT)
 - follow redirects
@@ -125,7 +125,7 @@ FILE
 FOOTNOTES
 =========

-  *1 = requires OpenSSL, GnuTLS, NSS or yassl
+  *1 = requires OpenSSL, GnuTLS, NSS, yassl or PolarSSL
  *2 = requires OpenLDAP
  *3 = requires a GSSAPI-compliant library, such as Heimdal or similar.
  *4 = requires FBopenssl
@@ -133,3 +133,4 @@ FOOTNOTES
  *6 = requires c-ares
  *7 = requires OpenSSL or NSS, as GnuTLS only supports SSLv3 and TLSv1
  *8 = requires libssh2
+  *9 = requires OpenSSL, GnuTLS, NSS or yassl
--- a/docs/HISTORY
+++ b/docs/HISTORY
@@ -157,6 +157,20 @@ September 2005:

 More than 100,000 unique visitors of the curl web site. 25 mirrors.

+December 2005:
+
+ security vulnerability: libcurl URL Buffer Overflow
+
+January 2006:
+
+ We dropped support for Gopher. We found bugs in the implementation that
+ turned out having been introduced years ago, so with the conclusion that
+ nobody had found out in all this time we removed it instead of fixing it.
+
+March 2006:
+
+ security vulnerability: libcurl TFTP Packet Buffer Overflow
+
 April 2006:

 Added the multi_socket() API
@@ -174,6 +188,10 @@ February 2007:

 Added support for the Mozilla NSS library to do the SSL/TLS stuff

+July 2007:
+
+ security vulnerability: libcurl GnuTLS insufficient cert verification
+
 November 2008:

 Command line options:         128
@@ -184,3 +202,43 @@ November 2008:

 145,000 unique visitors. >100 GB downloaded.

+March 2009:
+
+ security vulnerability: libcurl Arbitrary File Access
+
+August 2009:
+
+ security vulnerability: libcurl embedded zero in cert name
+
+December 2009:
+
+ Added support for IMAP, POP3 and SMTP
+
+January 2010:
+
+ Added support for RTSP
+
+February 2010:
+
+ security vulnerability: libcurl data callback excessive length
+
+March 2010:
+
+ The project switched over to use git instead of CVS for source code control
+
+May 2010:
+
+ Added support for RTMP
+
+ Added support for PolarSSL to do the SSL/TLS stuff
+
+August 2010:
+
+ Public curl releases:         117
+ Command line options:         138
+ curl_easy_setopt() options:   180
+ Public functions in libcurl:  58
+ Known libcurl bindings:       39
+ Contributors:                 808
+
+ Gopher support added (re-added actually)
--- a/docs/INSTALL
+++ b/docs/INSTALL
@@ -139,6 +139,9 @@ UNIX
     To build with NSS support instead of OpenSSL for SSL/TLS, note that
     you need to use both --without-ssl and --with-nss.

+     To build with PolarSSL support instead of OpenSSL for SSL/TLS, note that
+     you need to use both --without-ssl and --with-polarssl.
+
     To get GSSAPI support, build with --with-gssapi and have the MIT or
     Heimdal Kerberos 5 packages installed.

@@ -779,6 +782,11 @@ VxWorks
   To clean the build results type 'make -f ./Makefile.vxworks clean'.


+Android
+=======
+   See the build notes in the Android.mk file.
+
+
 CROSS COMPILE
 =============
   (This section was graciously brought to us by Jim Duey, with additions by
@@ -908,7 +916,7 @@ PORTS
        - Alpha OpenVMS V7.1-1H2
        - Alpha Tru64 v5.0 5.1
        - AVR32 Linux
-        - ARM Android 1.5
+        - ARM Android 1.5, 2.1
        - ARM INTEGRITY
        - ARM iPhone OS
        - Cell Linux
@@ -972,10 +980,17 @@ PORTS
 Useful URLs
 ===========

-OpenSSL   http://www.openssl.org
-MingW     http://www.mingw.org
-OpenLDAP  http://www.openldap.org
-Zlib      http://www.gzip.org/zlib/
+c-ares    http://daniel.haxx.se/projects/c-ares/license.html
+GNU GSS   http://www.gnu.org/software/gss/
+GnuTLS    http://www.gnu.org/software/gnutls/
+Heimdal   http://www.pdc.kth.se/heimdal/
+libidn    http://www.gnu.org/software/libidn/
 libssh2   http://www.libssh2.org
-
-
+MingW     http://www.mingw.org
+MIT Kerberos http://web.mit.edu/kerberos/www/dist/
+NSS       http://www.mozilla.org/projects/security/pki/nss/
+OpenLDAP  http://www.openldap.org
+OpenSSL   http://www.openssl.org
+PolarSSL  http://polarssl.org
+yassl     http://www.yassl.com/
+Zlib      http://www.gzip.org/zlib/
--- a/docs/INTERNALS
+++ b/docs/INTERNALS
@@ -37,7 +37,7 @@ Portability
 GnuTLS       1.2
 zlib         1.1.4
 libssh2      0.16
- c-ares       1.5.0
+ c-ares       1.6.0
 libidn       0.4.1
 *yassl       1.4.0 (http://curl.haxx.se/mail/lib-2008-02/0093.html)
 openldap     2.0
--- a/docs/KNOWN_BUGS
+++ b/docs/KNOWN_BUGS
@@ -3,6 +3,11 @@ join in and help us correct one or more of these! Also be sure to check the
 changelog of the current development status, as one or more of these problems
 may have been fixed since this was written!

+76. The SOCKET type in Win64 is 64 bits large (and thus so is curl_socket_t on
+  that platform), and long is only 32 bits. It makes it impossible for
+  curl_easy_getinfo() to return a socket properly with the CURLINFO_LASTSOCKET
+  option as for all other operating systems.
+
 75. NTLM authentication involving unicode user name or password.
  http://curl.haxx.se/mail/lib-2009-10/0024.html
  http://curl.haxx.se/bug/view.cgi?id=2944325
@@ -49,11 +54,6 @@ may have been fixed since this was written!
  handle with curl_easy_cleanup() and create a new. Some more details:
  http://curl.haxx.se/mail/lib-2009-04/0300.html

-62. CURLOPT_TIMEOUT does not work properly with the regular multi and
-  multi_socket interfaces. The work-around for apps is to simply remove the
-  easy handle once the time is up. See also:
-  http://curl.haxx.se/bug/view.cgi?id=2501457
-
 61. If an upload using Expect: 100-continue receives an HTTP 417 response,
  it ought to be automatically resent without the Expect:.  A workaround is
  for the client application to redo the transfer after disabling Expect:.
@@ -63,10 +63,6 @@ may have been fixed since this was written!
  is waiting for the the 100-continue response.
  http://curl.haxx.se/mail/lib-2008-08/0462.html

-59. If the CURLOPT_PORT option is used on an FTP URL like
-  "ftp://example.com/file;type=A" using a proxy, the ";type=A" is stripped off.
-  See the comment in parse_remote_port()
-
 58. It seems sensible to be able to use CURLOPT_NOBODY and
  CURLOPT_FAILONERROR with FTP to detect if a file exists or not, but it is
  not working: http://curl.haxx.se/mail/lib-2008-07/0295.html
@@ -91,7 +87,7 @@ may have been fixed since this was written!

 52. Gautam Kachroo's issue that identifies a problem with the multi interface
  where a connection can be re-used without actually being properly
-  SSL-negoatiated:
+  SSL-negotiated:
  http://curl.haxx.se/mail/lib-2008-01/0277.html

 49. If using --retry and the transfer timeouts (possibly due to using -m or
@@ -141,12 +137,13 @@ may have been fixed since this was written!
 30. You need to use -g to the command line tool in order to use RFC2732-style
  IPv6 numerical addresses in URLs.

-29. IPv6 URLs with zone ID is not supported.
+29. IPv6 URLs with zone ID is not nicely supported.
  http://www.ietf.org/internet-drafts/draft-fenner-literal-zone-02.txt (expired)
  specifies the use of a plus sign instead of a percent when specifying zone
  IDs in URLs to get around the problem of percent signs being
  special. According to the reporter, Firefox deals with the URL _with_ a
  percent letter (which seems like a blatant URL spec violation).
+  libcurl supports zone IDs where the percent sign is URL-escaped (i.e. %25).

   See http://curl.haxx.se/bug/view.cgi?id=1371118

@@ -189,7 +186,7 @@ may have been fixed since this was written!
  would not meaningfully support NUL characters within RFC 959 <string>,
  anyway (e.g., UNIX pathnames may not contain NUL).

-14. Test case 165 might fail on system which has libidn present, but with an
+14. Test case 165 might fail on a system which has libidn present, but with an
  old iconv version (2.1.3 is a known bad version), since it doesn't recognize
  the charset when named ISO8859-1. Changing the name to ISO-8859-1 makes the
  test pass, but instead makes it fail on Solaris hosts that use its native
--- a/docs/THANKS
+++ b/docs/THANKS
@@ -6,6 +6,7 @@

 Aaron Oneal
 Adam D. Moss
+Adam Light
 Adam Piggott
 Adrian Schuur
 Akos Pasztory
@@ -15,6 +16,7 @@ Albert Choy
 Ale Vesely
 Aleksandar Milivojevic
 Alessandro Vesely
+Alex Bligh
 Alex Fishman
 Alex Neblett
 Alex Suykov
@@ -71,6 +73,7 @@ Axel Tillequin
 Balint Szilakszi
 Bart Whiteley
 Bas Mevissen
+Ben Darnell
 Ben Greear
 Ben Madsen
 Ben Van Hof
@@ -204,6 +207,7 @@ Dominick Meglio
 Doug Kaufman
 Doug Porter
 Douglas E. Wegscheid
+Douglas Kilpatrick
 Douglas R. Horner
 Douglas Steinwand
 Dov Murik
@@ -227,6 +231,7 @@ Eric Cooper
 Eric Landes
 Eric Lavigne
 Eric Melville
+Eric Mertens
 Eric Rautman
 Eric Thelin
 Eric Vergnaud
@@ -248,6 +253,7 @@ Forrest Cahoon
 Frank Hempel
 Frank Keeney
 Frank McGeough
+Frank Meier
 Frank Ticheler
 Fred Machado
 Fred New
@@ -300,6 +306,8 @@ Hauke Duden
 Heikki Korpela
 Henrik Storner
 Hidemoto Nakada
+Hoi-Ho Chan
+Howard Chu
 Hzhijun
 Ian Ford
 Ian Gulliver
@@ -333,8 +341,10 @@ Jamie Lokier
 Jamie Newton
 Jamie Wilkinson
 Jan Kunder
+Jan Van Boghout
 Jared Lundell
 Jari Sundell
+Jason McDonald
 Jason S. Priebe
 Jay Austin
 Jayesh A Shah
@@ -353,6 +363,7 @@ Jeff Weber
 Jeffrey Pohlmeyer
 Jeremy Friesner
 Jerome Muffat-Meridol
+Jerome Vouillon
 Jes Badwal
 Jesper Jensen
 Jesse Noller
@@ -377,9 +388,11 @@ John Lightsey
 John McGowan
 John P. McCaskey
 John Wilkinson
+John-Mark Bell
 Johnny Luong
 Jon Grubbs
 Jon Nelson
+Jon Sargeant
 Jon Travis
 Jon Turner
 Jonas Forsman
@@ -404,6 +417,7 @@ J
 J<EFBFBD>rn Hartroth
 Kai Sommerfeld
 Kai-Uwe Rommel
+Kalle Vahlman
 Kamil Dudka
 Kang-Jin Lee
 Karl Moerder
@@ -525,11 +539,13 @@ Michal Bonino
 Michal Marek
 Michele Bini
 Mihai Ionescu
+Mikael Johansson
 Mikael Sennerholm
 Mike Bytnar
 Mike Crowe
 Mike Dobbs
 Mike Hommey
+Mike Power
 Mike Protts
 Mike Revi
 Miklos Nemeth
@@ -574,12 +590,14 @@ Patrick Scott
 Patrick Smith
 Patrik Thunstrom
 Paul Harrington
+Paul Howarth
 Paul Marquis
 Paul Moore
 Paul Nolan
 Paul Querna
 Pavel Cenek
 Pavel Orehov
+Pavel Raiskup
 Pawel A. Gajda
 Pawel Kierski
 Pedro Neves
@@ -609,12 +627,14 @@ Philippe Raoult
 Philippe Vaucher
 Pierre
 Pierre Brico
+Pierre Joye
 Pooyan McSporran
 Pramod Sharma
 Puneet Pawaia
 Quagmire
 Rafa Muyo
 Rafael Sagula
+Rainer Canavan
 Rainer Koenig
 Ralf S. Engelschall
 Ralph Beckmann
@@ -652,6 +672,7 @@ Robert Foreman
 Robert Iakobashvili
 Robert Olson
 Robert Weaver
+Robin Cornelius
 Robin Johnson
 Robin Kay
 Robson Braga Araujo
@@ -665,6 +686,7 @@ Ron Zapp
 Rosimildo da Silva
 Roy Shan
 Rune Kleveland
+Ruslan Gazizov
 Ryan Chan
 Ryan Nelson
 S. Moonesamy
@@ -691,6 +713,7 @@ Shard
 Shawn Poulson
 Shmulik Regev
 Siddhartha Prakash Jain
+Sidney San Martin
 Siegfried Gyuricsko
 Simon Dick
 Simon Josefsson
--- a/docs/TODO
+++ b/docs/TODO
@@ -22,7 +22,6 @@
 2.2 Remove easy interface internally
 2.3 Avoid having to remove/readd handles
 2.4 Fix HTTP Pipelining for PUT
- 2.5 Make curl_multi_info_read faster

 3. Documentation
 3.1  More and better
@@ -56,18 +55,17 @@
 7.7 Support other SSL libraries
 7.8  Support SRP on the TLS layer
 7.9 improve configure --with-ssl
- 7.10 Make NTLM work with other crypto functions

 8. GnuTLS
 8.1 SSL engine stuff
 8.2 SRP
 8.3 check connection
+ 8.4 non-gcrypt

 9. Other protocols

 10. New protocols
 10.1 RSYNC
- 10.2 RTMP

 11. Client
 11.1 sync
@@ -185,11 +183,6 @@
 serial requests and currently libcurl only supports that for HEAD and GET
 requests but it should also be possible for PUT.

-2.5 Make curl_multi_info_read faster
-
- When checking if there's info to return, this function scans over ALL added
- easy handles every time. That makes this function unnecessary heavy and slow.
-
 3. Documentation

 3.1  More and better
@@ -342,14 +335,6 @@ to provide the data to send.
 make the configure --with-ssl option first check for OpenSSL, then GnuTLS,
 then NSS...

-7.10 Make NTLM work with other crypto functions
-
- Get NTLM working using the functions provided by NSS etc. Not strictly
- SSL/TLS related, but hey... Another option is to get available DES and MD4
- source code from the cryptopp library. They are fine license-wise, but are
- C++. NTLM currenly only works when libcurl is built with OpenSSL or GnuTLS
- support.
-
 8. GnuTLS

 8.1 SSL engine stuff
@@ -366,6 +351,17 @@ to provide the data to send.
 Add a way to check if the connection seems to be alive, to correspond to the
 SSL_peak() way we use with OpenSSL.

+8.4 non-gcrypt
+
+ libcurl assumes that there are gcrypt functions available when
+ GnuTLS is.
+
+ GnuTLS can be built to use libnettle instead as crypto library,
+ which breaks the previously mentioned assumption
+
+ The correct fix would be to detect which crypto layer that is in use and
+ adapt our code to use that instead of blindly assuming gcrypt.
+
 9. Other protocols

 10. New protocols
@@ -375,12 +371,6 @@ to provide the data to send.
 There's no RFC for protocol nor URI/URL format.  An implementation should
 most probably use an existing rsync library, such as librsync.

-10.2 RTMP
-
- There exists a patch that claims to introduce this protocol:
- http://osdir.com/ml/gnu.gnash.devel2/2006-11/msg00278.html, further details
- in the feature-request: http://curl.haxx.se/bug/feature.cgi?id=1843469
-
 11. Client

 11.1 sync
--- a/docs/TheArtOfHttpScripting
+++ b/docs/TheArtOfHttpScripting
@@ -38,10 +38,10 @@ Date:    May 28, 2008
 request a particular action, and then the server replies a few text lines
 before the actual requested content is sent to the client.

- Using curl's option -v will display what kind of commands curl sends to the
- server, as well as a few other informational texts. -v is the single most
- useful option when it comes to debug or even understand the curl<->server
- interaction.
+ Using curl's option --verbose (-v as a short option) will display what kind of
+ commands curl sends to the server, as well as a few other informational texts. 
+ --verbose is the single most useful option when it comes to debug or even
+ understand the curl<->server interaction.

 2. URL

@@ -62,9 +62,9 @@ Date:    May 28, 2008
 that that URL holds.

 All HTTP replies contain a set of headers that are normally hidden, use
- curl's -i option to display them as well as the rest of the document. You can
- also ask the remote server for ONLY the headers by using the -I option (which
- will make curl issue a HEAD request).
+ curl's --include (-i) option to display them as well as the rest of the
+ document. You can also ask the remote server for ONLY the headers by using the
+ --head (-I) option (which will make curl issue a HEAD request).

 4. Forms

@@ -103,7 +103,7 @@ Date:    May 28, 2008
  To make curl do the GET form post for you, just enter the expected created
  URL:

-        curl "www.hotmail.com/when/junk.cgi?birthyear=1905&press=OK"
+        curl "http://www.hotmail.com/when/junk.cgi?birthyear=1905&press=OK"

 4.2 POST

@@ -127,7 +127,7 @@ Date:    May 28, 2008
  And to use curl to post this form with the same data filled in as before, we
  could do it like:

-        curl -d "birthyear=1905&press=%20OK%20" www.hotmail.com/when/junk.cgi
+        curl --data "birthyear=1905&press=%20OK%20" http://www.hotmail.com/when/junk.cgi

  This kind of POST will use the Content-Type
  application/x-www-form-urlencoded and is the most widely used POST kind.
@@ -139,7 +139,7 @@ Date:    May 28, 2008

  Recent curl versions can in fact url-encode POST data for you, like this:

-        curl --data-urlencode "name=I am Daniel" www.example.com
+        curl --data-urlencode "name=I am Daniel" http://www.example.com

 4.3 File Upload POST

@@ -160,7 +160,7 @@ Date:    May 28, 2008

  To post to a form like this with curl, you enter a command line like:

-        curl -F upload=@localfilename -F press=OK [URL]
+        curl --form upload=@localfilename --form press=OK [URL]

 4.4 Hidden Fields

@@ -181,7 +181,7 @@ Date:    May 28, 2008
  To post this with curl, you won't have to think about if the fields are
  hidden or not. To curl they're all the same:

-        curl -d "birthyear=1905&press=OK&person=daniel" [URL]
+        curl --data "birthyear=1905&press=OK&person=daniel" [URL]

 4.5 Figure Out What A POST Looks Like

@@ -204,7 +204,7 @@ Date:    May 28, 2008

 Put a file to a HTTP server with curl:

-        curl -T uploadfile www.uploadhttp.com/receive.cgi
+        curl --upload-file uploadfile http://www.uploadhttp.com/receive.cgi

 6. HTTP Authentication

@@ -217,7 +217,7 @@ Date:    May 28, 2008

 To tell curl to use a user and password for authentication:

-        curl -u name:password www.secrets.com
+        curl --user name:password http://www.secrets.com

 The site might require a different authentication method (check the headers
 returned by the server), and then --ntlm, --digest, --negotiate or even
@@ -228,7 +228,7 @@ Date:    May 28, 2008
 may require its own user and password to allow the client to get through to
 the Internet. To specify those with curl, run something like:

-        curl -U proxyuser:proxypassword curl.haxx.se
+        curl --proxy-user proxyuser:proxypassword curl.haxx.se

 If your proxy requires the authentication to be done using the NTLM method,
 use --proxy-ntlm, if it requires Digest use --proxy-digest.
@@ -257,7 +257,7 @@ Date:    May 28, 2008

 Use curl to set the referer field with:

-        curl -e http://curl.haxx.se daniel.haxx.se
+        curl --referer http://curl.haxx.se http://daniel.haxx.se

 8. User Agent

@@ -275,11 +275,11 @@ Date:    May 28, 2008

 To make curl look like Internet Explorer on a Windows 2000 box:

-        curl -A "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" [URL]
+        curl --user-agent "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)" [URL]

 Or why not look like you're using Netscape 4.73 on a Linux (PIII) box:

-        curl -A "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" [URL]
+        curl --user-agent "Mozilla/4.73 [en] (X11; U; Linux 2.2.15 i686)" [URL]

 9. Redirects

@@ -294,11 +294,12 @@ Date:    May 28, 2008

 To tell curl to follow a Location:

-        curl -L www.sitethatredirects.com
+        curl --location http://www.sitethatredirects.com

 If you use curl to POST to a site that immediately redirects you to another
- page, you can safely use -L and -d/-F together. Curl will only use POST in
- the first request, and then revert to GET in the following operations.
+ page, you can safely use --location (-L) and --data/--form together. Curl will
+ only use POST in the first request, and then revert to GET in the following
+ operations.

 10. Cookies

@@ -320,16 +321,16 @@ Date:    May 28, 2008
 The simplest way to send a few cookies to the server when getting a page with
 curl is to add them on the command line like:

-        curl -b "name=Daniel" www.cookiesite.com
+        curl --cookie "name=Daniel" http://www.cookiesite.com

 Cookies are sent as common HTTP headers. This is practical as it allows curl
 to record cookies simply by recording headers. Record cookies with curl by
- using the -D option like:
+ using the --dump-header (-D) option like:

-        curl -D headers_and_cookies www.cookiesite.com
+        curl --dump-header headers_and_cookies http://www.cookiesite.com

- (Take note that the -c option described below is a better way to store
- cookies.)
+ (Take note that the --cookie-jar option described below is a better way to
+ store cookies.)

 Curl has a full blown cookie parsing engine built-in that comes to use if you
 want to reconnect to a server and use cookies that were stored from a
@@ -337,24 +338,24 @@ Date:    May 28, 2008
 believing you had a previous connection). To use previously stored cookies,
 you run curl like:

-        curl -b stored_cookies_in_file www.cookiesite.com
+        curl --cookie stored_cookies_in_file http://www.cookiesite.com

- Curl's "cookie engine" gets enabled when you use the -b option. If you only
- want curl to understand received cookies, use -b with a file that doesn't
- exist. Example, if you want to let curl understand cookies from a page and
- follow a location (and thus possibly send back cookies it received), you can
- invoke it like:
+ Curl's "cookie engine" gets enabled when you use the --cookie option. If you
+ only want curl to understand received cookies, use --cookie with a file that
+ doesn't exist. Example, if you want to let curl understand cookies from a page 
+ and follow a location (and thus possibly send back cookies it received), you
+ can invoke it like:

-        curl -b nada -L www.cookiesite.com
+        curl --cookie nada --location http://www.cookiesite.com

 Curl has the ability to read and write cookie files that use the same file
 format that Netscape and Mozilla do. It is a convenient way to share cookies
- between browsers and automatic scripts. The -b switch automatically detects
- if a given file is such a cookie file and parses it, and by using the
- -c/--cookie-jar option you'll make curl write a new cookie file at the end of
+ between browsers and automatic scripts. The --cookie (-b) switch automatically
+ detects if a given file is such a cookie file and parses it, and by using the
+ --cookie-jar (-c) option you'll make curl write a new cookie file at the end of
 an operation:

-        curl -b cookies.txt -c newcookies.txt www.cookiesite.com
+        curl --cookie cookies.txt --cookie-jar newcookies.txt http://www.cookiesite.com

 11. HTTPS

@@ -381,13 +382,13 @@ Date:    May 28, 2008
  can be specified on the command line or if not, entered interactively when
  curl queries for it. Use a certificate with curl on a HTTPS server like:

-        curl -E mycert.pem https://that.secure.server.com
+        curl --cert mycert.pem https://that.secure.server.com

  curl also tries to verify that the server is who it claims to be, by
  verifying the server's certificate against a locally stored CA cert
  bundle. Failing the verification will cause curl to deny the connection. You
-  must then use -k in case you want to tell curl to ignore that the server
-  can't be verified.
+  must then use --insecure (-k) in case you want to tell curl to ignore that
+  the server can't be verified.

  More about server certificate verification and ca cert bundles can be read
  in the SSLCERTS document, available online here:
@@ -402,17 +403,17 @@ Date:    May 28, 2008
 For example, you can change the POST request to a PROPFIND and send the data
 as "Content-Type: text/xml" (instead of the default Content-Type) like this:

-        curl -d "<xml>" -H "Content-Type: text/xml" -X PROPFIND url.com
+        curl --data "<xml>" --header "Content-Type: text/xml" --request PROPFIND url.com

 You can delete a default header by providing one without content. Like you
 can ruin the request by chopping off the Host: header:

-        curl -H "Host:" http://mysite.com
+        curl --header "Host:" http://mysite.com

 You can add headers the same way. Your server may want a "Destination:"
 header, and you can add it:

-        curl -H "Destination: http://moo.com/nowhere" http://url.com
+        curl --header "Destination: http://moo.com/nowhere" http://url.com

 13. Web Login

@@ -456,8 +457,8 @@ Date:    May 28, 2008
 * Use the --trace-ascii option to store fully detailed logs of the requests
   for easier analyzing and better understanding

- * Make sure you check for and use cookies when needed (both reading with -b
-   and writing with -c)
+ * Make sure you check for and use cookies when needed (both reading with
+   --cookie and writing with --cookie-jar)

 * Set user-agent to one like a recent popular browser does

--- a/docs/curl.1
+++ b/docs/curl.1
@@ -29,8 +29,9 @@ curl \- transfer a URL
 .SH DESCRIPTION
 .B curl
 is a tool to transfer data from or to a server, using one of the supported
-protocols (HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or
-FILE).  The command is designed to work without user interaction.
+protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP,
+LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET and TFTP).  The
+command is designed to work without user interaction.

 curl offers a busload of useful tricks like proxy support, user
 authentication, FTP upload, HTTP post, SSL connections, cookies, file transfer
@@ -55,16 +56,16 @@ or you can get sequences of alphanumeric series by using [] as in:
 ftp://ftp.numericals.com/file[001-100].txt    (with leading zeros)
 ftp://ftp.letters.com/file[a-z].txt

-No nesting of the sequences is supported at the moment, but you can use
-several ones next to each other:
+Nested sequences are not supported, but you can use several ones next to each
+other:

 http://any.org/archive[1996-1999]/vol[1-4]/part{a,b,c}.html

 You can specify any amount of URLs on the command line. They will be fetched
 in a sequential manner in the specified order.

-Since curl 7.15.1 you can also specify a step counter for the ranges, so that
-you can get every Nth number or letter:
+You can specify a step counter for the ranges to get every Nth number or
+letter:

 http://www.numericals.com/file[1-100:10].txt
 http://www.letters.com/file[a-z:2].txt
@@ -87,8 +88,8 @@ invokes.
 curl normally displays a progress meter during operations, indicating the amount
 of transferred data, transfer speeds and estimated time left, etc.

-However, since curl displays this data to the terminal by default, if you invoke
-curl to do an operation and it is about to write data to the terminal, it
+curl displays this data to the terminal by default, so if you invoke curl to
+do an operation and it is about to write data to the terminal, it
 \fIdisables\fP the progress meter as otherwise it would mess up the output
 mixing progress meter and response data.

@@ -300,8 +301,8 @@ away. EPRT and LPRT are extensions to the original FTP protocol, and may not wor
 on all servers, but they enable more functionality in a better way than the
 traditional PORT command.

-Since curl 7.19.0, \fB--eprt\fP can be used to explicitly enable EPRT again
-and \fB--no-eprt\fP is an alias for \fB--disable-eprt\fP.
+\fB--eprt\fP can be used to explicitly enable EPRT again and \fB--no-eprt\fP
+is an alias for \fB--disable-eprt\fP.

 Disabling EPRT only changes the active behavior. If you want to switch to
 passive mode you need to not use \fI-P/--ftp-port\fP or force it with
@@ -311,8 +312,8 @@ passive mode you need to not use \fI-P/--ftp-port\fP or force it with
 transfers. Curl will normally always first attempt to use EPSV before PASV,
 but with this option, it will not try using EPSV.

-Since curl 7.19.0, \fB--epsv\fP can be used to explicitly enable EPRT again
-and \fB--no-epsv\fP is an alias for \fB--disable-epsv\fP.
+\fB--epsv\fP can be used to explicitly enable EPRT again and \fB--no-epsv\fP
+is an alias for \fB--disable-epsv\fP.

 Disabling EPSV only changes the passive behavior. If you want to switch to
 active mode you need to use \fI-P/--ftp-port\fP.
--- a/docs/examples/.gitignore
+++ b/docs/examples/.gitignore
@@ -0,0 +1,32 @@
+10-at-a-time
+anyauthput
+certinfo
+chkspeed
+cookie_interface
+debug
+fileupload
+fopen
+ftp-wildcard
+ftpget
+ftpgetinfo
+ftpgetresp
+ftpupload
+getinfo
+getinmemory
+http-post
+httpcustomheader
+httpput
+https
+multi-app
+multi-debugcallback
+multi-double
+multi-post
+multi-single
+persistant
+post-callback
+postit2
+sendrecv
+sepheaders
+simple
+simplepost
+simplessl
--- a/docs/examples/10-at-a-time.c
+++ b/docs/examples/10-at-a-time.c
@@ -119,7 +119,7 @@ int main(void)
  }

  while (U) {
-    while (CURLM_CALL_MULTI_PERFORM == curl_multi_perform(cm, &U));
+    curl_multi_perform(cm, &U);

    if (U) {
      FD_ZERO(&R);
--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@@ -1,16 +1,12 @@
 # These are all libcurl example programs to be test compiled
-check_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
-  debug fileupload fopen ftpget ftpgetresp ftpupload \
-  getinfo getinmemory http-post httpput \
-  https multi-app multi-debugcallback multi-double \
-  multi-post multi-single persistant post-callback \
-  postit2 sepheaders simple simplepost simplessl \
-  sendrecv httpcustomheader certinfo chkspeed ftpgetinfo
+check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
+  fopen ftpget ftpgetresp ftpupload getinfo getinmemory http-post httpput  \
+  https multi-app multi-debugcallback multi-double multi-post multi-single \
+  persistant post-callback postit2 sepheaders simple simplepost simplessl  \
+  sendrecv httpcustomheader certinfo chkspeed ftpgetinfo ftp-wildcard

 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
-COMPLICATED_EXAMPLES = \
- curlgtk.c curlx.c htmltitle.cc cacertinmem.c ftpuploadresume.c \
- ghiper.c hiperfifo.c htmltidy.c multithread.c \
- opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c
-
+COMPLICATED_EXAMPLES = curlgtk.c curlx.c htmltitle.cc cacertinmem.c	   \
+  ftpuploadresume.c ghiper.c hiperfifo.c htmltidy.c multithread.c	   \
+  opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c evhiperfifo.c
--- a/docs/examples/cacertinmem.c
+++ b/docs/examples/cacertinmem.c
@@ -111,7 +111,7 @@ int main(void)
  rv=curl_easy_setopt(ch,CURLOPT_WRITEHEADER, stderr);
  rv=curl_easy_setopt(ch,CURLOPT_SSLCERTTYPE,"PEM");
  rv=curl_easy_setopt(ch,CURLOPT_SSL_VERIFYPEER,1L);
-  rv=curl_easy_setopt(ch, CURLOPT_URL, "https://www.cacert.org/");
+  rv=curl_easy_setopt(ch, CURLOPT_URL, "https://www.example.com/");

  /* first try: retrieve page without cacerts' certificate -> will fail
   */
--- a/docs/examples/certinfo.c
+++ b/docs/examples/certinfo.c
@@ -20,7 +20,7 @@ int main(int argc, char **argv)

  curl = curl_easy_init();
  if(curl) {
-    curl_easy_setopt(curl, CURLOPT_URL, "https://www.networking4all.com/");
+    curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/");

    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu);

--- a/docs/examples/chkspeed.c
+++ b/docs/examples/chkspeed.c
@@ -40,6 +40,8 @@ static size_t WriteCallback(void *ptr, size_t size, size_t nmemb, void *data)
 {
  /* we are not interested in the downloaded bytes itself,
     so we only return the size we would have saved ... */
+  (void)ptr;  /* unused */
+  (void)data; /* unused */
  return (size_t)(size * nmemb);
 }

@@ -48,7 +50,7 @@ int main(int argc, char *argv[])
  CURL *curl_handle;
  CURLcode res;
  int prtsep = 0, prttime = 0;
-  char *url = URL_1M;
+  const char *url = URL_1M;
  char *appname = argv[0];

  if (argc > 1) {
@@ -135,17 +137,17 @@ int main(int argc, char *argv[])

    /* check for bytes downloaded */
    res = curl_easy_getinfo(curl_handle, CURLINFO_SIZE_DOWNLOAD, &val);
-    if((CURLE_OK == res) && val)
+    if((CURLE_OK == res) && (val>0))
      printf("Data downloaded: %0.0f bytes.\n", val);

    /* check for total download time */
    res = curl_easy_getinfo(curl_handle, CURLINFO_TOTAL_TIME, &val);
-    if((CURLE_OK == res) && val)
+    if((CURLE_OK == res) && (val>0))
      printf("Total download time: %0.3f sec.\n", val);

    /* check for average download speed */
    res = curl_easy_getinfo(curl_handle, CURLINFO_SPEED_DOWNLOAD, &val);
-    if((CURLE_OK == res) && val)
+    if((CURLE_OK == res) && (val>0))
      printf("Average download speed: %0.3f kbyte/sec.\n", val / 1024);

  } else {
--- a/docs/examples/cookie_interface.c
+++ b/docs/examples/cookie_interface.c
@@ -53,7 +53,7 @@ main(void)
  if (curl) {
    char nline[256];

-    curl_easy_setopt(curl, CURLOPT_URL, "http://www.google.com/"); /* google.com sets "PREF" cookie */
+    curl_easy_setopt(curl, CURLOPT_URL, "http://www.example.com/");
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
    curl_easy_setopt(curl, CURLOPT_COOKIEFILE, ""); /* just to start the cookie engine */
    res = curl_easy_perform(curl);
--- a/docs/examples/debug.c
+++ b/docs/examples/debug.c
@@ -118,7 +118,7 @@ int main(void)
    /* the DEBUGFUNCTION has no effect until we enable VERBOSE */
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);

-    curl_easy_setopt(curl, CURLOPT_URL, "curl.haxx.se");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/");
    res = curl_easy_perform(curl);

    /* always cleanup */
--- a/docs/examples/evhiperfifo.c
+++ b/docs/examples/evhiperfifo.c
@@ -68,7 +68,6 @@ typedef struct _GlobalInfo
  struct ev_io fifo_event;
  struct ev_timer timer_event;
  CURLM *multi;
-  int prev_running;
  int still_running;
  FILE* input;
 } GlobalInfo;
@@ -122,7 +121,6 @@ static void mcode_or_die(const char *where, CURLMcode code)
    switch ( code )
    {
    case CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
-    case CURLM_OK:                 s="CURLM_OK";                 break;
    case CURLM_BAD_HANDLE:         s="CURLM_BAD_HANDLE";         break;
    case CURLM_BAD_EASY_HANDLE:    s="CURLM_BAD_EASY_HANDLE";    break;
    case CURLM_OUT_OF_MEMORY:      s="CURLM_OUT_OF_MEMORY";      break;
@@ -144,54 +142,33 @@ static void mcode_or_die(const char *where, CURLMcode code)


 /* Check for completed transfers, and remove their easy handles */
-static void check_run_count(GlobalInfo *g)
+static void check_multi_info(GlobalInfo *g)
 {
-  DPRINT("%s prev %i still %i\n", __PRETTY_FUNCTION__,
-         g->prev_running, g->still_running);
-  if ( g->prev_running > g->still_running )
-  {
-    char *eff_url=NULL;
-    CURLMsg *msg;
-    int msgs_left;
-    ConnInfo *conn=NULL;
-    CURL*easy;
-    CURLcode res;
+  char *eff_url;
+  CURLMsg *msg;
+  int msgs_left;
+  ConnInfo *conn;
+  CURL *easy;
+  CURLcode res;

-    fprintf(MSG_OUT, "REMAINING: %d\n", g->still_running);
-    /*
-      I am still uncertain whether it is safe to remove an easy
-      handle from inside the curl_multi_info_read loop, so here I
-      will search for completed transfers in the inner "while"
-      loop, and then remove them in the outer "do-while" loop...
-    */
-    do
-    {
-      easy=NULL;
-      while ( (msg = curl_multi_info_read(g->multi, &msgs_left)) )
-      {
-        if ( msg->msg == CURLMSG_DONE )
-        {
-          easy=msg->easy_handle;
-          res=msg->data.result;
-        }
-
-        if ( easy )
-        {
-          curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn);
-          curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url);
-          fprintf(MSG_OUT, "DONE: %s => (%d) %s\n", eff_url, res, conn->error);
-          curl_multi_remove_handle(g->multi, easy);
-          free(conn->url);
-          curl_easy_cleanup(easy);
-          free(conn);
-        }
-      }
-    } while ( easy );
+  fprintf(MSG_OUT, "REMAINING: %d\n", g->still_running);
+  while ((msg = curl_multi_info_read(g->multi, &msgs_left))) {
+    if (msg->msg == CURLMSG_DONE) {
+      easy = msg->easy_handle;
+      res = msg->data.result;
+      curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn);
+      curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url);
+      fprintf(MSG_OUT, "DONE: %s => (%d) %s\n", eff_url, res, conn->error);
+      curl_multi_remove_handle(g->multi, easy);
+      free(conn->url);
+      curl_easy_cleanup(easy);
+      free(conn);
+    }
  }
-  g->prev_running = g->still_running;
 }


+
 /* Called by libevent when we get action on a multi socket */
 static void event_cb(EV_P_ struct ev_io *w, int revents)
 {
@@ -201,12 +178,9 @@ static void event_cb(EV_P_ struct ev_io *w, int revents)

  int action = (revents&EV_READ?CURL_POLL_IN:0)|
    (revents&EV_WRITE?CURL_POLL_OUT:0);
-  do
-  {
-    rc = curl_multi_socket_action(g->multi, w->fd, action, &g->still_running);
-  } while ( rc == CURLM_CALL_MULTI_PERFORM );
-  mcode_or_die("event_cb: curl_multi_socket", rc);
-  check_run_count(g);
+  rc = curl_multi_socket_action(g->multi, w->fd, action, &g->still_running);
+  mcode_or_die("event_cb: curl_multi_socket_action", rc);
+  check_multi_info(g);
  if ( g->still_running <= 0 )
  {
    fprintf(MSG_OUT, "last transfer done, kill timeout\n");
@@ -222,12 +196,9 @@ static void timer_cb(EV_P_ struct ev_timer *w, int revents)
  GlobalInfo *g = (GlobalInfo *)w->data;
  CURLMcode rc;

-  do
-  {
-    rc = curl_multi_socket_action(g->multi, CURL_SOCKET_TIMEOUT, 0, &g->still_running);
-  } while ( rc == CURLM_CALL_MULTI_PERFORM );
-  mcode_or_die("timer_cb: curl_multi_socket", rc);
-  check_run_count(g);
+  rc = curl_multi_socket_action(g->multi, CURL_SOCKET_TIMEOUT, 0, &g->still_running);
+  mcode_or_die("timer_cb: curl_multi_socket_action", rc);
+  check_multi_info(g);
 }

 /* Clean up the SockInfo structure */
@@ -364,11 +335,11 @@ static void new_conn(char *url, GlobalInfo *g )

  fprintf(MSG_OUT,
          "Adding easy %p to multi %p (%s)\n", conn->easy, g->multi, url);
-  rc =curl_multi_add_handle(g->multi, conn->easy);
+  rc = curl_multi_add_handle(g->multi, conn->easy);
  mcode_or_die("new_conn: curl_multi_add_handle", rc);

-  mcode_or_die("new_conn: curl_multi_socket_all", rc);
-  check_run_count(g);
+  /* note that the add_handle() will set a time-out to trigger very soon so
+     that the necessary socket_action() call will be called by this app */
 }

 /* This gets called whenever data is received from the fifo */
@@ -448,10 +419,9 @@ int main(int argc, char **argv)
  curl_multi_setopt(g.multi, CURLMOPT_SOCKETDATA, &g);
  curl_multi_setopt(g.multi, CURLMOPT_TIMERFUNCTION, multi_timer_cb);
  curl_multi_setopt(g.multi, CURLMOPT_TIMERDATA, &g);
-  do
-  {
-    rc = curl_multi_socket_all(g.multi, &g.still_running);
-  } while ( CURLM_CALL_MULTI_PERFORM == rc );
+
+  /* we don't call any curl_multi_socket*() function yet as we have no handles
+     added! */

  ev_loop(g.loop, 0);
  curl_multi_cleanup(g.multi);
--- a/docs/examples/fopen.c
+++ b/docs/examples/fopen.c
@@ -144,6 +144,8 @@ fill_buffer(URL_FILE *file,int want,int waittime)
    do
    {
        int maxfd = -1;
+        long curl_timeo = -1;
+
        FD_ZERO(&fdread);
        FD_ZERO(&fdwrite);
        FD_ZERO(&fdexcep);
@@ -152,6 +154,15 @@ fill_buffer(URL_FILE *file,int want,int waittime)
        timeout.tv_sec = 60; /* 1 minute */
        timeout.tv_usec = 0;

+        curl_multi_timeout(multi_handle, &curl_timeo);
+        if(curl_timeo >= 0) {
+          timeout.tv_sec = curl_timeo / 1000;
+          if(timeout.tv_sec > 1)
+            timeout.tv_sec = 1;
+          else
+            timeout.tv_usec = (curl_timeo % 1000) * 1000;
+        }
+
        /* get file descriptors from the transfers */
        curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);

@@ -173,12 +184,7 @@ fill_buffer(URL_FILE *file,int want,int waittime)

        default:
            /* timeout or readable/writable sockets */
-            /* note we *could* be more efficient and not wait for
-             * CURLM_CALL_MULTI_PERFORM to clear here and check it on re-entry
-             * but that gets messy */
-            while(curl_multi_perform(multi_handle, &file->still_running) ==
-                  CURLM_CALL_MULTI_PERFORM);
-
+            curl_multi_perform(multi_handle, &file->still_running);
            break;
        }
    } while(file->still_running && (file->buffer_pos < want));
@@ -249,8 +255,7 @@ url_fopen(const char *url,const char *operation)
        curl_multi_add_handle(multi_handle, file->handle.curl);

        /* lets start the fetch */
-        while(curl_multi_perform(multi_handle, &file->still_running) ==
-              CURLM_CALL_MULTI_PERFORM );
+        curl_multi_perform(multi_handle, &file->still_running);

        if((file->buffer_pos == 0) && (!file->still_running))
        {
--- a/docs/examples/ftp-wildcard.c
+++ b/docs/examples/ftp-wildcard.c
@@ -0,0 +1,135 @@
+/*****************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ */
+
+#include <curl/curl.h>
+#include <stdio.h>
+
+struct callback_data {
+  FILE *output;
+};
+
+static long file_is_comming(struct curl_fileinfo *finfo,
+                            struct callback_data *data,
+                            int remains);
+
+static long file_is_downloaded(struct callback_data *data);
+
+static size_t write_it(char *buff, size_t size, size_t nmemb,
+                       struct callback_data *data);
+
+int main(int argc, char **argv)
+{
+  int rc = CURLE_OK;
+
+  /* curl easy handle */
+  CURL *handle;
+
+  /* help data */
+  struct callback_data data = { 0 };
+
+  /* global initialization */
+  rc = curl_global_init(CURL_GLOBAL_ALL);
+  if(rc)
+    return rc;
+
+  /* initialization of easy handle */
+  handle = curl_easy_init();
+  if(!handle) {
+    curl_global_cleanup();
+    return CURLE_OUT_OF_MEMORY;
+  }
+
+  /* turn on wildcard matching */
+  curl_easy_setopt(handle, CURLOPT_WILDCARDMATCH, 1L);
+
+  /* callback is called before download of concrete file started */
+  curl_easy_setopt(handle, CURLOPT_CHUNK_BGN_FUNCTION, file_is_comming);
+
+  /* callback is called after data from the file have been transferred */
+  curl_easy_setopt(handle, CURLOPT_CHUNK_END_FUNCTION, file_is_downloaded);
+
+  /* this callback will write contents into files */
+  curl_easy_setopt(handle, CURLOPT_WRITEFUNCTION, write_it);
+
+  /* put transfer data into callbacks */
+  curl_easy_setopt(handle, CURLOPT_CHUNK_DATA, &data);
+  curl_easy_setopt(handle, CURLOPT_WRITEDATA, &data);
+
+  /* curl_easy_setopt(handle, CURLOPT_VERBOSE, 1L); */
+
+  /* set an URL containing wildcard pattern (only in the last part) */
+  if(argc == 2)
+    curl_easy_setopt(handle, CURLOPT_URL, argv[1]);
+  else
+    curl_easy_setopt(handle, CURLOPT_URL, "ftp://example.com/test/*");
+
+  /* and start transfer! */
+  rc = curl_easy_perform(handle);
+
+  curl_easy_cleanup(handle);
+  curl_global_cleanup();
+  return rc;
+}
+
+static long file_is_comming(struct curl_fileinfo *finfo,
+                            struct callback_data *data,
+                            int remains)
+{
+  printf("%3d %40s %10luB ", remains, finfo->filename,
+         (unsigned long)finfo->size);
+
+  switch(finfo->filetype) {
+  case CURLFILETYPE_DIRECTORY:
+    printf(" DIR\n");
+    break;
+  case CURLFILETYPE_FILE:
+    printf("FILE ");
+    break;
+  default:
+    printf("OTHER\n");
+    break;
+  }
+
+  if(finfo->filetype == CURLFILETYPE_FILE) {
+    /* do not transfer files >= 50B */
+    if(finfo->size > 50) {
+      printf("SKIPPED\n");
+      return CURL_CHUNK_BGN_FUNC_SKIP;
+    }
+
+    data->output = fopen(finfo->filename, "w");
+    if(!data->output) {
+      return CURL_CHUNK_BGN_FUNC_FAIL;
+    }
+  }
+
+  return CURL_CHUNK_BGN_FUNC_OK;
+}
+
+static long file_is_downloaded(struct callback_data *data)
+{
+  if(data->output) {
+    printf("DOWNLOADED\n");
+    fclose(data->output);
+    data->output = 0x0;
+  }
+  return CURL_CHUNK_END_FUNC_OK;
+}
+
+static size_t write_it(char *buff, size_t size, size_t nmemb,
+                       struct callback_data *data)
+{
+  size_t written = 0;
+  if(data->output)
+    written = fwrite(buff, size, nmemb, data->output);
+  else
+    /* listing output */
+    written = fwrite(buff, size, nmemb, stdout);
+  return written;
+}
--- a/docs/examples/ftpget.c
+++ b/docs/examples/ftpget.c
@@ -52,12 +52,10 @@ int main(void)
  curl = curl_easy_init();
  if(curl) {
    /*
-     * Get curl 7.9.2 from sunet.se's FTP site. curl 7.9.2 is most likely not
-     * present there by the time you read this, so you'd better replace the
-     * URL with one that works!
+     * You better replace the URL with one that works!
     */
    curl_easy_setopt(curl, CURLOPT_URL,
-                     "ftp://ftp.sunet.se/pub/www/utilities/curl/curl-7.9.2.tar.gz");
+                     "ftp://ftp.example.com/pub/www/utilities/curl/curl-7.9.2.tar.gz");
    /* Define our callback to get called when there's data to be written */
    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, my_fwrite);
    /* Set a pointer to our struct to pass to the callback */
--- a/docs/examples/ftpgetinfo.c
+++ b/docs/examples/ftpgetinfo.c
@@ -28,8 +28,7 @@ static size_t throw_away(void *ptr, size_t size, size_t nmemb, void *data)

 int main(void)
 {
-  /* Check for binutils 2.19.1 from ftp.gnu.org's FTP site. */
-  char ftpurl[] = "ftp://ftp.gnu.org/gnu/binutils/binutils-2.19.1.tar.bz2";
+  char ftpurl[] = "ftp://ftp.example.com/gnu/binutils/binutils-2.19.1.tar.bz2";
  CURL *curl;
  CURLcode res;
  const time_t filetime;
--- a/docs/examples/ftpgetresp.c
+++ b/docs/examples/ftpgetresp.c
@@ -43,7 +43,7 @@ int main(int argc, char **argv)
  curl = curl_easy_init();
  if(curl) {
    /* Get a file listing from sunet */
-    curl_easy_setopt(curl, CURLOPT_URL, "ftp://ftp.sunet.se/");
+    curl_easy_setopt(curl, CURLOPT_URL, "ftp://ftp.example.com/");
    curl_easy_setopt(curl, CURLOPT_WRITEDATA, ftpfile);
    /* If you intend to use this on windows with a libcurl DLL, you must use
       CURLOPT_WRITEFUNCTION as well */
--- a/docs/examples/ftpupload.c
+++ b/docs/examples/ftpupload.c
@@ -30,7 +30,7 @@

 #define LOCAL_FILE      "/tmp/uploadthis.txt"
 #define UPLOAD_FILE_AS  "while-uploading.txt"
-#define REMOTE_URL      "ftp://localhost/"  UPLOAD_FILE_AS
+#define REMOTE_URL      "ftp://example.com/"  UPLOAD_FILE_AS
 #define RENAME_FILE_TO  "renamed-and-fine.txt"

 /* NOTE: if you want this example to work on Windows with libcurl as a
--- a/docs/examples/ftpuploadresume.c
+++ b/docs/examples/ftpuploadresume.c
@@ -32,7 +32,8 @@ int __cdecl _snscanf(const char * input, size_t length, const char * format, ...


 /* parse headers for Content-Length */
-size_t getcontentlengthfunc(void *ptr, size_t size, size_t nmemb, void *stream) {
+size_t getcontentlengthfunc(void *ptr, size_t size, size_t nmemb, void *stream)
+{
  int r;
  long len = 0;

@@ -46,7 +47,8 @@ size_t getcontentlengthfunc(void *ptr, size_t size, size_t nmemb, void *stream)
 }

 /* discard downloaded data */
-size_t discardfunc(void *ptr, size_t size, size_t nmemb, void *stream) {
+size_t discardfunc(void *ptr, size_t size, size_t nmemb, void *stream)
+{
  return size * nmemb;
 }

@@ -143,13 +145,14 @@ int upload(CURL *curlhandle, const char * remotepath, const char * localpath,
  }
 }

-int main(int c, char **argv) {
+int main(int c, char **argv)
+{
  CURL *curlhandle = NULL;

  curl_global_init(CURL_GLOBAL_ALL);
  curlhandle = curl_easy_init();

-  upload(curlhandle, "ftp://user:pass@host/path/file", "C:\\file", 0, 3);
+  upload(curlhandle, "ftp://user:pass@example.com/path/file", "C:\\file", 0, 3);

  curl_easy_cleanup(curlhandle);
  curl_global_cleanup();
--- a/docs/examples/getinfo.c
+++ b/docs/examples/getinfo.c
@@ -19,7 +19,7 @@ int main(void)
  curl = curl_easy_init();
  if(curl) {
    /* http://curl.haxx.se/libcurl/c/curl_easy_setopt.html#CURLOPTURL */
-    curl_easy_setopt(curl, CURLOPT_URL, "curl.haxx.se");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://www.example.com/");
    /* http://curl.haxx.se/libcurl/c/curl_easy_perform.html */
    res = curl_easy_perform(curl);

--- a/docs/examples/getinmemory.c
+++ b/docs/examples/getinmemory.c
@@ -8,8 +8,6 @@
 *
 * Example source code to show how the callback function can be used to
 * download data into a chunk of memory instead of storing it in a file.
- *
- * This exact source code has not been verified to work.
 */

 #include <stdio.h>
@@ -17,25 +15,12 @@
 #include <string.h>

 #include <curl/curl.h>
-#include <curl/types.h>
-#include <curl/easy.h>

 struct MemoryStruct {
  char *memory;
  size_t size;
 };

-static void *myrealloc(void *ptr, size_t size);
-
-static void *myrealloc(void *ptr, size_t size)
-{
-  /* There might be a realloc() out there that doesn't like reallocing
-     NULL pointers, so we take care of it here */
-  if(ptr)
-    return realloc(ptr, size);
-  else
-    return malloc(size);
-}

 static size_t
 WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data)
@@ -43,22 +28,28 @@ WriteMemoryCallback(void *ptr, size_t size, size_t nmemb, void *data)
  size_t realsize = size * nmemb;
  struct MemoryStruct *mem = (struct MemoryStruct *)data;

-  mem->memory = myrealloc(mem->memory, mem->size + realsize + 1);
-  if (mem->memory) {
-    memcpy(&(mem->memory[mem->size]), ptr, realsize);
-    mem->size += realsize;
-    mem->memory[mem->size] = 0;
+  mem->memory = realloc(mem->memory, mem->size + realsize + 1);
+  if (mem->memory == NULL) {
+    /* out of memory! */
+    printf("not enough memory (realloc returned NULL)\n");
+    exit(EXIT_FAILURE);
  }
+
+  memcpy(&(mem->memory[mem->size]), ptr, realsize);
+  mem->size += realsize;
+  mem->memory[mem->size] = 0;
+
  return realsize;
 }

+
 int main(int argc, char **argv)
 {
  CURL *curl_handle;

  struct MemoryStruct chunk;

-  chunk.memory=NULL; /* we expect realloc(NULL, size) to work */
+  chunk.memory = malloc(1);  /* will be grown as needed by the realloc above */
  chunk.size = 0;    /* no data at this point */

  curl_global_init(CURL_GLOBAL_ALL);
@@ -67,7 +58,7 @@ int main(int argc, char **argv)
  curl_handle = curl_easy_init();

  /* specify URL to get */
-  curl_easy_setopt(curl_handle, CURLOPT_URL, "http://cool.haxx.se/");
+  curl_easy_setopt(curl_handle, CURLOPT_URL, "http://www.example.com/");

  /* send all data to this function  */
  curl_easy_setopt(curl_handle, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
@@ -96,6 +87,8 @@ int main(int argc, char **argv)
   * you're done with it, you should free() it as a nice application.
   */

+  printf("%lu bytes retrieved\n", chunk.size);
+
  if(chunk.memory)
    free(chunk.memory);

--- a/docs/examples/ghiper.c
+++ b/docs/examples/ghiper.c
@@ -58,10 +58,7 @@ callback.
 typedef struct _GlobalInfo {
  CURLM *multi;
  guint timer_event;
-  int prev_running;
  int still_running;
-  int requested; /* count: curl_easy_init() */
-  int completed; /* count: curl_easy_cleanup() */
 } GlobalInfo;


@@ -95,7 +92,6 @@ static void mcode_or_die(const char *where, CURLMcode code) {
    const char *s;
    switch (code) {
      case     CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
-      case     CURLM_OK:                 s="CURLM_OK";                 break;
      case     CURLM_BAD_HANDLE:         s="CURLM_BAD_HANDLE";         break;
      case     CURLM_BAD_EASY_HANDLE:    s="CURLM_BAD_EASY_HANDLE";    break;
      case     CURLM_OUT_OF_MEMORY:      s="CURLM_OUT_OF_MEMORY";      break;
@@ -113,62 +109,43 @@ static void mcode_or_die(const char *where, CURLMcode code) {


 /* Check for completed transfers, and remove their easy handles */
-static void check_run_count(GlobalInfo *g)
+static void check_multi_info(GlobalInfo *g)
 {
-  if (g->prev_running > g->still_running) {
-    char *eff_url=NULL;
-    CURLMsg *msg;
-    int msgs_left;
-    ConnInfo *conn=NULL;
-    CURL*easy;
-    CURLcode res;
+  char *eff_url;
+  CURLMsg *msg;
+  int msgs_left;
+  ConnInfo *conn;
+  CURL *easy;
+  CURLcode res;

-    MSG_OUT("REMAINING: %d\n", g->still_running);
-    /*
-      I am still uncertain whether it is safe to remove an easy handle
-      from inside the curl_multi_info_read loop, so here I will search
-      for completed transfers in the inner "while" loop, and then remove
-      them in the outer "do-while" loop...
-   */
-    do {
-      easy=NULL;
-      while ((msg = curl_multi_info_read(g->multi, &msgs_left))) {
-        if (msg->msg == CURLMSG_DONE) {
-          easy=msg->easy_handle;
-          res=msg->data.result;
-          break;
-        }
-      }
-      if (easy) {
-          curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn);
-          curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url);
-          MSG_OUT("DONE: %s => (%d) %s\n", eff_url, res, conn->error);
-          curl_multi_remove_handle(g->multi, easy);
-          g_free(conn->url);
-          curl_easy_cleanup(easy);
-          g_free(conn);
-          g->completed++;
-      }
-    } while ( easy );
-    MSG_OUT("Requested: %d Completed:%d\n", g->requested, g->completed);
+  MSG_OUT("REMAINING: %d\n", g->still_running);
+  while ((msg = curl_multi_info_read(g->multi, &msgs_left))) {
+    if (msg->msg == CURLMSG_DONE) {
+      easy = msg->easy_handle;
+      res = msg->data.result;
+      curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn);
+      curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url);
+      MSG_OUT("DONE: %s => (%d) %s\n", eff_url, res, conn->error);
+      curl_multi_remove_handle(g->multi, easy);
+      free(conn->url);
+      curl_easy_cleanup(easy);
+      free(conn);
+    }
  }
-  g->prev_running = g->still_running;
 }



-
 /* Called by glib when our timeout expires */
 static gboolean timer_cb(gpointer data)
 {
  GlobalInfo *g = (GlobalInfo *)data;
  CURLMcode rc;

-  do {
-    rc = curl_multi_socket(g->multi, CURL_SOCKET_TIMEOUT, &g->still_running);
-  } while (rc == CURLM_CALL_MULTI_PERFORM);
-  mcode_or_die("timer_cb: curl_multi_socket", rc);
-  check_run_count(g);
+  rc = curl_multi_socket_action(g->multi,
+                                  CURL_SOCKET_TIMEOUT, 0, &g->still_running);
+  mcode_or_die("timer_cb: curl_multi_socket_action", rc);
+  check_multi_info(g);
  return FALSE;
 }

@@ -198,11 +175,15 @@ static gboolean event_cb(GIOChannel *ch, GIOCondition condition, gpointer data)
  GlobalInfo *g = (GlobalInfo*) data;
  CURLMcode rc;
  int fd=g_io_channel_unix_get_fd(ch);
-  do {
-    rc = curl_multi_socket(g->multi, fd, &g->still_running);
-  } while (rc == CURLM_CALL_MULTI_PERFORM);
-  mcode_or_die("event_cb: curl_multi_socket", rc);
-  check_run_count(g);
+
+  int action =
+    (condition & G_IO_IN ? CURL_CSELECT_IN : 0) |
+    (condition & G_IO_OUT ? CURL_CSELECT_OUT : 0);
+
+  rc = curl_multi_socket_action(g->multi, fd, action, &g->still_running);
+  mcode_or_die("event_cb: curl_multi_socket_action", rc);
+
+  check_multi_info(g);
  if(g->still_running) {
    return TRUE;
  } else {
@@ -338,12 +319,9 @@ static void new_conn(char *url, GlobalInfo *g )
  MSG_OUT("Adding easy %p to multi %p (%s)\n", conn->easy, g->multi, url);
  rc =curl_multi_add_handle(g->multi, conn->easy);
  mcode_or_die("new_conn: curl_multi_add_handle", rc);
-  g->requested++;
-  do {
-    rc = curl_multi_socket_all(g->multi, &g->still_running);
-  } while (CURLM_CALL_MULTI_PERFORM == rc);
-  mcode_or_die("new_conn: curl_multi_socket_all", rc);
-  check_run_count(g);
+
+  /* note that the add_handle() will set a time-out to trigger very soon so
+     that the necessary socket_action() call will be called by this app */
 }


@@ -451,9 +429,10 @@ int main(int argc, char **argv)
  curl_multi_setopt(g->multi, CURLMOPT_SOCKETDATA, g);
  curl_multi_setopt(g->multi, CURLMOPT_TIMERFUNCTION, update_timeout_cb);
  curl_multi_setopt(g->multi, CURLMOPT_TIMERDATA, g);
-  do {
-    rc = curl_multi_socket_all(g->multi, &g->still_running);
-  } while (CURLM_CALL_MULTI_PERFORM == rc);
+
+  /* we don't call any curl_multi_socket*() function yet as we have no handles
+     added! */
+
  g_main_loop_run(gmain);
  curl_multi_cleanup(g->multi);
  return 0;
--- a/docs/examples/hiperfifo.c
+++ b/docs/examples/hiperfifo.c
@@ -62,7 +62,6 @@ typedef struct _GlobalInfo {
  struct event fifo_event;
  struct event timer_event;
  CURLM *multi;
-  int prev_running;
  int still_running;
  FILE* input;
 } GlobalInfo;
@@ -110,7 +109,6 @@ static void mcode_or_die(const char *where, CURLMcode code)
    const char *s;
    switch (code) {
      case     CURLM_CALL_MULTI_PERFORM: s="CURLM_CALL_MULTI_PERFORM"; break;
-      case     CURLM_OK:                 s="CURLM_OK";                 break;
      case     CURLM_BAD_HANDLE:         s="CURLM_BAD_HANDLE";         break;
      case     CURLM_BAD_EASY_HANDLE:    s="CURLM_BAD_EASY_HANDLE";    break;
      case     CURLM_OUT_OF_MEMORY:      s="CURLM_OUT_OF_MEMORY";      break;
@@ -132,44 +130,29 @@ static void mcode_or_die(const char *where, CURLMcode code)


 /* Check for completed transfers, and remove their easy handles */
-static void check_run_count(GlobalInfo *g)
+static void check_multi_info(GlobalInfo *g)
 {
-  if (g->prev_running > g->still_running) {
-    char *eff_url=NULL;
-    CURLMsg *msg;
-    int msgs_left;
-    ConnInfo *conn=NULL;
-    CURL*easy;
-    CURLcode res;
+  char *eff_url;
+  CURLMsg *msg;
+  int msgs_left;
+  ConnInfo *conn;
+  CURL *easy;
+  CURLcode res;

-    fprintf(MSG_OUT, "REMAINING: %d\n", g->still_running);
-    /*
-      I am still uncertain whether it is safe to remove an easy handle
-      from inside the curl_multi_info_read loop, so here I will search
-      for completed transfers in the inner "while" loop, and then remove
-      them in the outer "do-while" loop...
-   */
-    do {
-      easy=NULL;
-      while ((msg = curl_multi_info_read(g->multi, &msgs_left))) {
-        if (msg->msg == CURLMSG_DONE) {
-          easy=msg->easy_handle;
-          res=msg->data.result;
-          break;
-        }
-      }
-      if (easy) {
-          curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn);
-          curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url);
-          fprintf(MSG_OUT, "DONE: %s => (%d) %s\n", eff_url, res, conn->error);
-          curl_multi_remove_handle(g->multi, easy);
-          free(conn->url);
-          curl_easy_cleanup(easy);
-          free(conn);
-      }
-    } while ( easy );
+  fprintf(MSG_OUT, "REMAINING: %d\n", g->still_running);
+  while ((msg = curl_multi_info_read(g->multi, &msgs_left))) {
+    if (msg->msg == CURLMSG_DONE) {
+      easy = msg->easy_handle;
+      res = msg->data.result;
+      curl_easy_getinfo(easy, CURLINFO_PRIVATE, &conn);
+      curl_easy_getinfo(easy, CURLINFO_EFFECTIVE_URL, &eff_url);
+      fprintf(MSG_OUT, "DONE: %s => (%d) %s\n", eff_url, res, conn->error);
+      curl_multi_remove_handle(g->multi, easy);
+      free(conn->url);
+      curl_easy_cleanup(easy);
+      free(conn);
+    }
  }
-  g->prev_running = g->still_running;
 }


@@ -181,16 +164,13 @@ static void event_cb(int fd, short kind, void *userp)
  CURLMcode rc;

  int action =
-    (kind&EV_READ?CURL_CSELECT_IN:0)|
-    (kind&EV_WRITE?CURL_CSELECT_OUT:0);
-
-  do {
-    rc = curl_multi_socket_action(g->multi, fd, action, &g->still_running);
-  } while (rc == CURLM_CALL_MULTI_PERFORM);
+    (kind & EV_READ ? CURL_CSELECT_IN : 0) |
+    (kind & EV_WRITE ? CURL_CSELECT_OUT : 0);

+  rc = curl_multi_socket_action(g->multi, fd, action, &g->still_running);
  mcode_or_die("event_cb: curl_multi_socket_action", rc);

-  check_run_count(g);
+  check_multi_info(g);
  if ( g->still_running <= 0 ) {
    fprintf(MSG_OUT, "last transfer done, kill timeout\n");
    if (evtimer_pending(&g->timer_event, NULL)) {
@@ -209,12 +189,10 @@ static void timer_cb(int fd, short kind, void *userp)
  (void)fd;
  (void)kind;

-  do {
-    rc = curl_multi_socket_action(g->multi,
+  rc = curl_multi_socket_action(g->multi,
                                  CURL_SOCKET_TIMEOUT, 0, &g->still_running);
-  } while (rc == CURLM_CALL_MULTI_PERFORM);
  mcode_or_die("timer_cb: curl_multi_socket_action", rc);
-  check_run_count(g);
+  check_multi_info(g);
 }


@@ -340,7 +318,7 @@ static void new_conn(char *url, GlobalInfo *g )
  curl_easy_setopt(conn->easy, CURLOPT_PROGRESSDATA, conn);
  fprintf(MSG_OUT,
          "Adding easy %p to multi %p (%s)\n", conn->easy, g->multi, url);
-  rc =curl_multi_add_handle(g->multi, conn->easy);
+  rc = curl_multi_add_handle(g->multi, conn->easy);
  mcode_or_die("new_conn: curl_multi_add_handle", rc);

  /* note that the add_handle() will set a time-out to trigger very soon so
--- a/docs/examples/https.c
+++ b/docs/examples/https.c
@@ -17,7 +17,7 @@ int main(void)

  curl = curl_easy_init();
  if(curl) {
-    curl_easy_setopt(curl, CURLOPT_URL, "https://sourceforge.net/");
+    curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");

 #ifdef SKIP_PEER_VERIFICATION
    /*
--- a/docs/examples/multi-app.c
+++ b/docs/examples/multi-app.c
@@ -43,9 +43,9 @@ int main(int argc, char **argv)
      handles[i] = curl_easy_init();

  /* set the options (I left out a few, you'll get the point anyway) */
-  curl_easy_setopt(handles[HTTP_HANDLE], CURLOPT_URL, "http://website.com");
+  curl_easy_setopt(handles[HTTP_HANDLE], CURLOPT_URL, "http://example.com");

-  curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_URL, "ftp://ftpsite.com");
+  curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_URL, "ftp://example.com");
  curl_easy_setopt(handles[FTP_HANDLE], CURLOPT_UPLOAD, 1L);

  /* init a multi stack */
@@ -56,8 +56,7 @@ int main(int argc, char **argv)
      curl_multi_add_handle(multi_handle, handles[i]);

  /* we start some action by calling perform right away */
-  while(CURLM_CALL_MULTI_PERFORM ==
-        curl_multi_perform(multi_handle, &still_running));
+  curl_multi_perform(multi_handle, &still_running);

  while(still_running) {
    struct timeval timeout;
@@ -68,6 +67,8 @@ int main(int argc, char **argv)
    fd_set fdexcep;
    int maxfd = -1;

+    long curl_timeo = -1;
+
    FD_ZERO(&fdread);
    FD_ZERO(&fdwrite);
    FD_ZERO(&fdexcep);
@@ -76,6 +77,15 @@ int main(int argc, char **argv)
    timeout.tv_sec = 1;
    timeout.tv_usec = 0;

+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
    /* get file descriptors from the transfers */
    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);

@@ -97,8 +107,7 @@ int main(int argc, char **argv)
    default:
      /* one or more of curl's file descriptors say there's data to read
         or write */
-      while(CURLM_CALL_MULTI_PERFORM ==
-            curl_multi_perform(multi_handle, &still_running));
+      curl_multi_perform(multi_handle, &still_running);
      break;
    }
  }
--- a/docs/examples/multi-debugcallback.c
+++ b/docs/examples/multi-debugcallback.c
@@ -118,7 +118,7 @@ int main(int argc, char **argv)
  http_handle = curl_easy_init();

  /* set the options (I left out a few, you'll get the point anyway) */
-  curl_easy_setopt(http_handle, CURLOPT_URL, "http://www.haxx.se/");
+  curl_easy_setopt(http_handle, CURLOPT_URL, "http://www.example.com/");

  curl_easy_setopt(http_handle, CURLOPT_DEBUGFUNCTION, my_trace);
  curl_easy_setopt(http_handle, CURLOPT_VERBOSE, 1L);
@@ -130,8 +130,7 @@ int main(int argc, char **argv)
  curl_multi_add_handle(multi_handle, http_handle);

  /* we start some action by calling perform right away */
-  while(CURLM_CALL_MULTI_PERFORM ==
-        curl_multi_perform(multi_handle, &still_running));
+  curl_multi_perform(multi_handle, &still_running);

  while(still_running) {
    struct timeval timeout;
@@ -142,6 +141,8 @@ int main(int argc, char **argv)
    fd_set fdexcep;
    int maxfd = -1;

+    long curl_timeo = -1;
+
    FD_ZERO(&fdread);
    FD_ZERO(&fdwrite);
    FD_ZERO(&fdexcep);
@@ -150,6 +151,15 @@ int main(int argc, char **argv)
    timeout.tv_sec = 1;
    timeout.tv_usec = 0;

+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
    /* get file descriptors from the transfers */
    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);

@@ -170,8 +180,7 @@ int main(int argc, char **argv)
    case 0:
    default:
      /* timeout or readable/writable sockets */
-      while(CURLM_CALL_MULTI_PERFORM ==
-            curl_multi_perform(multi_handle, &still_running));
+      curl_multi_perform(multi_handle, &still_running);
      break;
    }
  }
--- a/docs/examples/multi-double.c
+++ b/docs/examples/multi-double.c
@@ -34,7 +34,7 @@ int main(int argc, char **argv)
  http_handle2 = curl_easy_init();

  /* set options */
-  curl_easy_setopt(http_handle, CURLOPT_URL, "http://www.haxx.se/");
+  curl_easy_setopt(http_handle, CURLOPT_URL, "http://www.example.com/");

  /* set options */
  curl_easy_setopt(http_handle2, CURLOPT_URL, "http://localhost/");
@@ -47,8 +47,7 @@ int main(int argc, char **argv)
  curl_multi_add_handle(multi_handle, http_handle2);

  /* we start some action by calling perform right away */
-  while(CURLM_CALL_MULTI_PERFORM ==
-        curl_multi_perform(multi_handle, &still_running));
+  curl_multi_perform(multi_handle, &still_running);

  while(still_running) {
    struct timeval timeout;
@@ -59,6 +58,8 @@ int main(int argc, char **argv)
    fd_set fdexcep;
    int maxfd = -1;

+    long curl_timeo = -1;
+
    FD_ZERO(&fdread);
    FD_ZERO(&fdwrite);
    FD_ZERO(&fdexcep);
@@ -67,6 +68,15 @@ int main(int argc, char **argv)
    timeout.tv_sec = 1;
    timeout.tv_usec = 0;

+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
    /* get file descriptors from the transfers */
    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);

@@ -85,8 +95,7 @@ int main(int argc, char **argv)
    case 0:
    default:
      /* timeout or readable/writable sockets */
-      while(CURLM_CALL_MULTI_PERFORM ==
-            curl_multi_perform(multi_handle, &still_running));
+      curl_multi_perform(multi_handle, &still_running);
      break;
    }
  }
--- a/docs/examples/multi-post.c
+++ b/docs/examples/multi-post.c
@@ -58,8 +58,7 @@ int main(int argc, char *argv[])
  if(curl && multi_handle) {

    /* what URL that receives this POST */
-    curl_easy_setopt(curl, CURLOPT_URL,
-                     "http://www.fillinyoururl.com/upload.cgi");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://www.example.com/upload.cgi");
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);

    curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist);
@@ -67,8 +66,7 @@ int main(int argc, char *argv[])

    curl_multi_add_handle(multi_handle, curl);

-    while(CURLM_CALL_MULTI_PERFORM ==
-          curl_multi_perform(multi_handle, &still_running));
+    curl_multi_perform(multi_handle, &still_running);

    while(still_running) {
      struct timeval timeout;
@@ -79,6 +77,8 @@ int main(int argc, char *argv[])
      fd_set fdexcep;
      int maxfd = -1;

+      long curl_timeo = -1;
+
      FD_ZERO(&fdread);
      FD_ZERO(&fdwrite);
      FD_ZERO(&fdexcep);
@@ -87,6 +87,15 @@ int main(int argc, char *argv[])
      timeout.tv_sec = 1;
      timeout.tv_usec = 0;

+      curl_multi_timeout(multi_handle, &curl_timeo);
+      if(curl_timeo >= 0) {
+        timeout.tv_sec = curl_timeo / 1000;
+        if(timeout.tv_sec > 1)
+          timeout.tv_sec = 1;
+        else
+          timeout.tv_usec = (curl_timeo % 1000) * 1000;
+      }
+
      /* get file descriptors from the transfers */
      curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);

@@ -107,8 +116,7 @@ int main(int argc, char *argv[])
      default:
        /* timeout or readable/writable sockets */
        printf("perform!\n");
-        while(CURLM_CALL_MULTI_PERFORM ==
-              curl_multi_perform(multi_handle, &still_running));
+        curl_multi_perform(multi_handle, &still_running);
        printf("running: %d!\n", still_running);
        break;
      }
--- a/docs/examples/multi-single.c
+++ b/docs/examples/multi-single.c
@@ -32,7 +32,7 @@ int main(int argc, char **argv)
  http_handle = curl_easy_init();

  /* set the options (I left out a few, you'll get the point anyway) */
-  curl_easy_setopt(http_handle, CURLOPT_URL, "http://www.haxx.se/");
+  curl_easy_setopt(http_handle, CURLOPT_URL, "http://www.example.com/");

  /* init a multi stack */
  multi_handle = curl_multi_init();
@@ -41,8 +41,7 @@ int main(int argc, char **argv)
  curl_multi_add_handle(multi_handle, http_handle);

  /* we start some action by calling perform right away */
-  while(CURLM_CALL_MULTI_PERFORM ==
-        curl_multi_perform(multi_handle, &still_running));
+  curl_multi_perform(multi_handle, &still_running);

  while(still_running) {
    struct timeval timeout;
@@ -53,6 +52,8 @@ int main(int argc, char **argv)
    fd_set fdexcep;
    int maxfd = -1;

+    long curl_timeo = -1;
+
    FD_ZERO(&fdread);
    FD_ZERO(&fdwrite);
    FD_ZERO(&fdexcep);
@@ -61,6 +62,15 @@ int main(int argc, char **argv)
    timeout.tv_sec = 1;
    timeout.tv_usec = 0;

+    curl_multi_timeout(multi_handle, &curl_timeo);
+    if(curl_timeo >= 0) {
+      timeout.tv_sec = curl_timeo / 1000;
+      if(timeout.tv_sec > 1)
+        timeout.tv_sec = 1;
+      else
+        timeout.tv_usec = (curl_timeo % 1000) * 1000;
+    }
+
    /* get file descriptors from the transfers */
    curl_multi_fdset(multi_handle, &fdread, &fdwrite, &fdexcep, &maxfd);

@@ -81,8 +91,7 @@ int main(int argc, char **argv)
    case 0:
    default:
      /* timeout or readable/writable sockets */
-      while(CURLM_CALL_MULTI_PERFORM ==
-            curl_multi_perform(multi_handle, &still_running));
+      curl_multi_perform(multi_handle, &still_running);
      break;
    }
  }
--- a/docs/examples/persistant.c
+++ b/docs/examples/persistant.c
@@ -24,12 +24,12 @@ int main(int argc, char **argv)
    curl_easy_setopt(curl, CURLOPT_HEADER, 1L);

    /* get the first document */
-    curl_easy_setopt(curl, CURLOPT_URL, "http://curl.haxx.se/");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/");
    res = curl_easy_perform(curl);

    /* get another document from the same server using the same
       connection */
-    curl_easy_setopt(curl, CURLOPT_URL, "http://curl.haxx.se/docs/");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/docs/");
    res = curl_easy_perform(curl);

    /* always cleanup */
--- a/docs/examples/post-callback.c
+++ b/docs/examples/post-callback.c
@@ -51,8 +51,8 @@ int main(void)
  curl = curl_easy_init();
  if(curl) {
    /* First set the URL that is about to receive our POST. */
-    curl_easy_setopt(curl, CURLOPT_URL,
-                     "http://receivingsite.com.pooh/index.cgi");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/index.cgi");
+
    /* Now specify we want to POST data */
    curl_easy_setopt(curl, CURLOPT_POST, 1L);

--- a/docs/examples/postit2.c
+++ b/docs/examples/postit2.c
@@ -67,7 +67,7 @@ int main(int argc, char *argv[])
  headerlist = curl_slist_append(headerlist, buf);
  if(curl) {
    /* what URL that receives this POST */
-    curl_easy_setopt(curl, CURLOPT_URL, "http://curl.haxx.se/examplepost.cgi");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com/examplepost.cgi");
    if ( (argc == 2) && (!strcmp(argv[1], "noexpectheader")) )
      /* only disable 100-continue header if explicitly requested */
      curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headerlist);
--- a/docs/examples/sampleconv.c
+++ b/docs/examples/sampleconv.c
@@ -75,7 +75,7 @@ int main(void)

  curl = curl_easy_init();
  if(curl) {
-    curl_easy_setopt(curl, CURLOPT_URL, "curl.haxx.se");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");

    /* use platform-specific functions for codeset conversions */
    curl_easy_setopt(curl, CURLOPT_CONV_FROM_NETWORK_FUNCTION,
--- a/docs/examples/sendrecv.c
+++ b/docs/examples/sendrecv.c
@@ -48,13 +48,13 @@ int main(void)
  CURL *curl;
  CURLcode res;
  /* Minimalistic http request */
-  const char *request = "GET / HTTP/1.0\r\nHost: curl.haxx.se\r\n\r\n";
+  const char *request = "GET / HTTP/1.0\r\nHost: example.com\r\n\r\n";
  int sockfd; /* socket */
  size_t iolen;

  curl = curl_easy_init();
  if(curl) {
-    curl_easy_setopt(curl, CURLOPT_URL, "curl.haxx.se");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
    /* Do not do the transfer - only connect to host */
    curl_easy_setopt(curl, CURLOPT_CONNECT_ONLY, 1L);
    res = curl_easy_perform(curl);
--- a/docs/examples/sepheaders.c
+++ b/docs/examples/sepheaders.c
@@ -35,7 +35,7 @@ int main(int argc, char **argv)
  curl_handle = curl_easy_init();

  /* set URL to get */
-  curl_easy_setopt(curl_handle, CURLOPT_URL, "http://curl.haxx.se");
+  curl_easy_setopt(curl_handle, CURLOPT_URL, "http://example.com");

  /* no progress meter please */
  curl_easy_setopt(curl_handle, CURLOPT_NOPROGRESS, 1L);
--- a/docs/examples/simple.c
+++ b/docs/examples/simple.c
@@ -17,7 +17,7 @@ int main(void)

  curl = curl_easy_init();
  if(curl) {
-    curl_easy_setopt(curl, CURLOPT_URL, "curl.haxx.se");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
    res = curl_easy_perform(curl);

    /* always cleanup */
--- a/docs/examples/simplepost.c
+++ b/docs/examples/simplepost.c
@@ -20,7 +20,7 @@ int main(void)

  curl = curl_easy_init();
  if(curl) {
-    curl_easy_setopt(curl, CURLOPT_URL, "http://posthere.com");
+    curl_easy_setopt(curl, CURLOPT_URL, "http://example.com");
    curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postthis);

    /* if we don't provide POSTFIELDSIZE, libcurl will strlen() by
--- a/docs/examples/threaded-ssl.c
+++ b/docs/examples/threaded-ssl.c
@@ -91,10 +91,10 @@ void init_locks(void)

 /* List of URLs to fetch.*/
 const char * const urls[]= {
-  "https://www.sf.net/",
-  "https://www.openssl.org/",
-  "https://www.sf.net/",
-  "https://www.openssl.org/",
+  "https://www.example.com/",
+  "https://www2.example.com/",
+  "https://www3.example.com/",
+  "https://www4.example.com/",
 };

 static void *pull_one_url(void *url)
--- a/docs/libcurl/curl_easy_getinfo.3
+++ b/docs/libcurl/curl_easy_getinfo.3
@@ -198,6 +198,9 @@ working with the socket, you must call curl_easy_cleanup() as usual and let
 libcurl close the socket and cleanup other resources associated with the
 handle. This is typically used in combination with \fICURLOPT_CONNECT_ONLY\fP.
 (Added in 7.15.2)
+
+NOTE: this API is not really working on win64, since the SOCKET type on win64
+is 64 bit large while its 'long' is only 32 bits.
 .IP CURLINFO_FTP_ENTRY_PATH
 Pass a pointer to a char pointer to receive a pointer to a string holding the
 path of the entry path. That is the initial path libcurl ended up in when
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -138,7 +138,7 @@ Using the rules above, a file name pattern can be constructed:
 .SH CALLBACK OPTIONS
 .IP CURLOPT_WRITEFUNCTION
 Function pointer that should match the following prototype: \fBsize_t
-function( void *ptr, size_t size, size_t nmemb, void *stream);\fP This
+function( void *ptr, size_t size, size_t nmemb, void *userdata);\fP This
 function gets called by libcurl as soon as there is data received that needs
 to be saved. The size of the data pointed to by \fIptr\fP is \fIsize\fP
 multiplied with \fInmemb\fP, it will not be zero terminated. Return the number
@@ -157,7 +157,7 @@ Set this option to NULL to get the internal default function. The internal
 default function will write the data to the FILE * given with
 \fICURLOPT_WRITEDATA\fP.

-Set the \fIstream\fP argument with the \fICURLOPT_WRITEDATA\fP option.
+Set the \fIuserdata\fP argument with the \fICURLOPT_WRITEDATA\fP option.

 The callback function will be passed as much data as possible in all invokes,
 but you cannot possibly make any assumptions. It may be one byte, it may be
@@ -180,7 +180,7 @@ This option is also known with the older name \fICURLOPT_FILE\fP, the name
 \fICURLOPT_WRITEDATA\fP was introduced in 7.9.7.
 .IP CURLOPT_READFUNCTION
 Function pointer that should match the following prototype: \fBsize_t
-function( void *ptr, size_t size, size_t nmemb, void *stream);\fP This
+function( void *ptr, size_t size, size_t nmemb, void *userdata);\fP This
 function gets called by libcurl as soon as it needs to read data in order to
 send it to the peer. The data area pointed at by the pointer \fIptr\fP may be
 filled with at most \fIsize\fP multiplied with \fInmemb\fP number of
@@ -201,9 +201,9 @@ From 7.18.0, the function can return CURL_READFUNC_PAUSE which then will cause
 reading from this connection to become paused. See \fIcurl_easy_pause(3)\fP
 for further details.

-If you set the callback pointer to NULL, or don't set it at all, the default
-internal read function will be used. It is simply doing an fread() on the FILE
-* stream set with \fICURLOPT_READDATA\fP.
+If you set this callback pointer to NULL, or don't set it at all, the default
+internal read function will be used. It is doing an fread() on the FILE *
+userdata set with \fICURLOPT_READDATA\fP.
 .IP CURLOPT_READDATA
 Data pointer to pass to the file read function. If you use the
 \fICURLOPT_READFUNCTION\fP option, this is the pointer you'll get as input. If
@@ -313,13 +313,13 @@ Pass a pointer that will be untouched by libcurl and passed as the first
 argument in the progress callback set with \fICURLOPT_PROGRESSFUNCTION\fP.
 .IP CURLOPT_HEADERFUNCTION
 Function pointer that should match the following prototype: \fIsize_t
-function( void *ptr, size_t size, size_t nmemb, void *stream);\fP. This
+function( void *ptr, size_t size, size_t nmemb, void *userdata);\fP. This
 function gets called by libcurl as soon as it has received header data. The
 header callback will be called once for each header and only complete header
 lines are passed on to the callback. Parsing headers should be easy enough
 using this. The size of the data pointed to by \fIptr\fP is \fIsize\fP
 multiplied with \fInmemb\fP. Do not assume that the header line is zero
-terminated! The pointer named \fIstream\fP is the one you set with the
+terminated! The pointer named \fIuserdata\fP is the one you set with the
 \fICURLOPT_WRITEHEADER\fP option. The callback function must return the number
 of bytes actually taken care of. If that amount differs from the amount passed
 to your function, it'll signal an error to the library. This will abort the
@@ -452,7 +452,7 @@ You will need to override these definitions if they are different on your
 system.
 .IP CURLOPT_INTERLEAVEFUNCTION
 Function pointer that should match the following prototype: \fIsize_t
-function( void *ptr, size_t size, size_t nmemb, void *stream)\fP. This
+function( void *ptr, size_t size, size_t nmemb, void *userdata)\fP. This
 function gets called by libcurl as soon as it has received interleaved RTP
 data. This function gets called for each $ block and therefore contains
 exactly one upper-layer protocol unit (e.g.  one RTP packet). Curl writes the
@@ -472,8 +472,9 @@ request, (e.g.  \fICURL_RTSPREQ_PAUSE\fP) then the response handler will
 process any pending RTP data before marking the request as finished.  (Added
 in 7.20.0)
 .IP CURLOPT_INTERLEAVEDATA
-This is the stream that will be passed to \fICURLOPT_INTERLEAVEFUNCTION\fP when
-interleaved RTP data is received. (Added in 7.20.0)
+This is the userdata pointer that will be passed to
+\fICURLOPT_INTERLEAVEFUNCTION\fP when interleaved RTP data is received. (Added
+in 7.20.0)
 .IP CURLOPT_CHUNK_BGN_FUNCTION
 Function pointer that should match the following prototype: \fBlong function
 (const void *transfer_info, void *ptr, int remains)\fP. This function gets
@@ -1258,9 +1259,15 @@ A parameter set to 1 tells the library to just list the names of files in a
 directory, instead of doing a full directory listing that would include file
 sizes, dates etc. This works for FTP and SFTP URLs.

-This causes an FTP NLST command to be sent on an FTP server.  Beware
-that some FTP servers list only files in their response to NLST; they
-might not include subdirectories and symbolic links.
+This causes an FTP NLST command to be sent on an FTP server.  Beware that some
+FTP servers list only files in their response to NLST; they might not include
+subdirectories and symbolic links.
+
+Setting this option to 1 also implies a directory listing even if the URL
+doesn't end with a slash, which otherwise is necessary.
+
+Do NOT use this option if you also use \fICURLOPT_WILDCARDMATCH\fP as it will
+effectively break that feature then.

 (This option was known as CURLOPT_FTPLISTONLY up to 7.16.4)
 .IP CURLOPT_APPEND
@@ -1538,6 +1545,10 @@ want the transfer to start from. Set this option to 0 to make the transfer
 start from the beginning (effectively disabling resume). For FTP, set this
 option to -1 to make the transfer start from the end of the target file
 (useful to continue an interrupted upload).
+
+When doing uploads with FTP, the resume position is where in the local/source
+file libcurl should try to resume the upload from and it will then append the
+source file to the remote target file.
 .IP CURLOPT_RESUME_FROM_LARGE
 Pass a curl_off_t as parameter. It contains the offset in number of bytes that
 you want the transfer to start from. (Added in 7.11.0)
--- a/docs/libcurl/curl_multi_socket_action.3
+++ b/docs/libcurl/curl_multi_socket_action.3
@@ -112,14 +112,15 @@ timeout value to use when waiting for socket activities.
 them for activity. This can be done through your application code, or by way
 of an external library such as libevent or glib.

-6. Wait for activity on any of libcurl's sockets, use the timeout value your
+6. Call curl_multi_socket_action() to kickstart everything. To get one or more
+callbacks called.
+
+7. Wait for activity on any of libcurl's sockets, use the timeout value your
 callback has been told

-7, When activity is detected, call curl_multi_socket_action() for the
+8, When activity is detected, call curl_multi_socket_action() for the
 socket(s) that got action. If no activity is detected and the timeout expires,
 call \fIcurl_multi_socket_action(3)\fP with \fICURL_SOCKET_TIMEOUT\fP
-
-8. Go back to step 6.
 .SH AVAILABILITY
 This function was added in libcurl 7.15.4, and is deemed stable since 7.16.0.
 .SH "SEE ALSO"
--- a/docs/libcurl/libcurl-tutorial.3
+++ b/docs/libcurl/libcurl-tutorial.3
@@ -275,6 +275,10 @@ NSS

 is claimed to be thread-safe already without anything required.

+PolarSSL
+
+ Required actions unknown.
+
 yassl

 Required actions unknown.
@@ -1233,6 +1237,15 @@ are used to generate structured data. Characters like embedded carriage
 returns or ampersands could allow the user to create additional headers or
 fields that could cause malicious transactions.

+.IP "Server-supplied Names"
+A server can supply data which the application may, in some cases, use as
+a file name. The curl command-line tool does this with --remote-header-name,
+using the Content-disposition: header to generate a file name.  An application
+could also use CURLINFO_EFFECTIVE_URL to generate a file name from a
+server-supplied redirect URL. Special care must be taken to sanitize such
+names to avoid the possibility of a malicious server supplying one like
+"/etc/passwd", "\autoexec.bat" or even ".bashrc".
+
 .IP "Server Certificates"
 A secure application should never use the CURLOPT_SSL_VERIFYPEER option to
 disable certificate validation. There are numerous attacks that are enabled
--- a/docs/libcurl/libcurl.m4
+++ b/docs/libcurl/libcurl.m4
@@ -61,7 +61,7 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
  AH_TEMPLATE([LIBCURL_PROTOCOL_SMTP],[Defined if libcurl supports SMTP])

  AC_ARG_WITH(libcurl,
-     AC_HELP_STRING([--with-libcurl=DIR],[look for the curl library in DIR]),
+     AC_HELP_STRING([--with-libcurl=PREFIX],[look for the curl library in PREFIX/lib and headers in PREFIX/include]),
     [_libcurl_with=$withval],[_libcurl_with=ifelse([$1],,[yes],[$1])])

  if test "$_libcurl_with" != "no" ; then
@@ -75,10 +75,10 @@ AC_DEFUN([LIBCURL_CHECK_CONFIG],
     if test -d "$_libcurl_with" ; then
        LIBCURL_CPPFLAGS="-I$withval/include"
        _libcurl_ldflags="-L$withval/lib"
-        AC_PATH_PROG([_libcurl_config],[curl-config],["$withval/bin"],
+        AC_PATH_PROG([_libcurl_config],[curl-config],[],
                     ["$withval/bin"])
     else
-        AC_PATH_PROG([_libcurl_config],[curl-config])
+        AC_PATH_PROG([_libcurl_config],[curl-config],[],[$PATH])
     fi

     if test x$_libcurl_config != "x" ; then
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -722,6 +722,7 @@ typedef enum {
 #define CURLPROTO_RTMPTE (1<<22)
 #define CURLPROTO_RTMPS  (1<<23)
 #define CURLPROTO_RTMPTS (1<<24)
+#define CURLPROTO_GOPHER (1<<25)
 #define CURLPROTO_ALL    (~0) /* enable everything */

 /* long may be 32 or 64 bits, but we should never depend on anything else
--- a/include/curl/curlver.h
+++ b/include/curl/curlver.h
@@ -30,13 +30,13 @@

 /* This is the version number of the libcurl package from which this header
   file origins: */
-#define LIBCURL_VERSION "7.21.0-DEV"
+#define LIBCURL_VERSION "7.21.2-DEV"

 /* The numeric version number is also available "in parts" by using these
   defines: */
 #define LIBCURL_VERSION_MAJOR 7
 #define LIBCURL_VERSION_MINOR 21
-#define LIBCURL_VERSION_PATCH 0
+#define LIBCURL_VERSION_PATCH 2

 /* This is the numeric version of the libcurl version number, meant for easier
   parsing and comparions by programs. The LIBCURL_VERSION_NUM define will
@@ -53,7 +53,7 @@
   and it is always a greater number in a more recent release. It makes
   comparisons with greater than and less than work.
 */
-#define LIBCURL_VERSION_NUM 0x071500
+#define LIBCURL_VERSION_NUM 0x071502

 /*
 * This is the date and time when the full source package was created. The
--- a/include/curl/typecheck-gcc.h
+++ b/include/curl/typecheck-gcc.h
@@ -7,7 +7,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -25,11 +25,16 @@
 /* wraps curl_easy_setopt() with typechecking */

 /* To add a new kind of warning, add an
- *   if(_curl_is_sometype_option(_curl_opt) && ! _curl_is_sometype(value))
- *     _curl_easy_setopt_err_sometype();
+ *   if(_curl_is_sometype_option(_curl_opt))
+ *     if(!_curl_is_sometype(value))
+ *       _curl_easy_setopt_err_sometype();
 * block and define _curl_is_sometype_option, _curl_is_sometype and
 * _curl_easy_setopt_err_sometype below
 *
+ * NOTE: We use two nested 'if' statements here instead of the && operator, in
+ *       order to work around gcc bug #32061.  It affects only gcc 4.3.x/4.4.x
+ *       when compiling with -Wlogical-op.
+ *
 * To add an option that uses the same type as an existing option, you'll just
 * need to extend the appropriate _curl_*_option macro
 */
@@ -37,51 +42,66 @@
 __extension__ ({                                                              \
  __typeof__ (option) _curl_opt = option;                                     \
  if (__builtin_constant_p(_curl_opt)) {                                      \
-    if (_curl_is_long_option(_curl_opt) && !_curl_is_long(value))             \
-      _curl_easy_setopt_err_long();                                           \
-    if (_curl_is_off_t_option(_curl_opt) && !_curl_is_off_t(value))           \
-      _curl_easy_setopt_err_curl_off_t();                                     \
-    if (_curl_is_string_option(_curl_opt) && !_curl_is_string(value))         \
-      _curl_easy_setopt_err_string();                                         \
-    if (_curl_is_write_cb_option(_curl_opt) && !_curl_is_write_cb(value))     \
-      _curl_easy_setopt_err_write_callback();                                 \
-    if ((_curl_opt) == CURLOPT_READFUNCTION && !_curl_is_read_cb(value))      \
-      _curl_easy_setopt_err_read_cb();                                        \
-    if ((_curl_opt) == CURLOPT_IOCTLFUNCTION && !_curl_is_ioctl_cb(value))    \
-      _curl_easy_setopt_err_ioctl_cb();                                       \
-    if ((_curl_opt) == CURLOPT_SOCKOPTFUNCTION && !_curl_is_sockopt_cb(value))\
-      _curl_easy_setopt_err_sockopt_cb();                                     \
-    if ((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION &&                          \
-            !_curl_is_opensocket_cb(value))                                   \
-      _curl_easy_setopt_err_opensocket_cb();                                  \
-    if ((_curl_opt) == CURLOPT_PROGRESSFUNCTION &&                            \
-            !_curl_is_progress_cb(value))                                     \
-      _curl_easy_setopt_err_progress_cb();                                    \
-    if ((_curl_opt) == CURLOPT_DEBUGFUNCTION && !_curl_is_debug_cb(value))    \
-      _curl_easy_setopt_err_debug_cb();                                       \
-    if ((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION &&                            \
-            !_curl_is_ssl_ctx_cb(value))                                      \
-      _curl_easy_setopt_err_ssl_ctx_cb();                                     \
-    if (_curl_is_conv_cb_option(_curl_opt) && !_curl_is_conv_cb(value))       \
-      _curl_easy_setopt_err_conv_cb();                                        \
-    if ((_curl_opt) == CURLOPT_SEEKFUNCTION && !_curl_is_seek_cb(value))      \
-      _curl_easy_setopt_err_seek_cb();                                        \
-    if (_curl_is_cb_data_option(_curl_opt) && !_curl_is_cb_data(value))       \
-      _curl_easy_setopt_err_cb_data();                                        \
-    if ((_curl_opt) == CURLOPT_ERRORBUFFER && !_curl_is_error_buffer(value))  \
-      _curl_easy_setopt_err_error_buffer();                                   \
-    if ((_curl_opt) == CURLOPT_STDERR && !_curl_is_FILE(value))               \
-      _curl_easy_setopt_err_FILE();                                           \
-    if (_curl_is_postfields_option(_curl_opt) && !_curl_is_postfields(value)) \
-      _curl_easy_setopt_err_postfields();                                     \
-    if ((_curl_opt) == CURLOPT_HTTPPOST &&                                    \
-            !_curl_is_arr((value), struct curl_httppost))                     \
-      _curl_easy_setopt_err_curl_httpost();                                   \
-    if (_curl_is_slist_option(_curl_opt) &&                                   \
-            !_curl_is_arr((value), struct curl_slist))                        \
-      _curl_easy_setopt_err_curl_slist();                                     \
-    if ((_curl_opt) == CURLOPT_SHARE && !_curl_is_ptr((value), CURLSH))       \
-      _curl_easy_setopt_err_CURLSH();                                         \
+    if (_curl_is_long_option(_curl_opt))                                      \
+      if (!_curl_is_long(value))                                              \
+        _curl_easy_setopt_err_long();                                         \
+    if (_curl_is_off_t_option(_curl_opt))                                     \
+      if (!_curl_is_off_t(value))                                             \
+        _curl_easy_setopt_err_curl_off_t();                                   \
+    if (_curl_is_string_option(_curl_opt))                                    \
+      if (!_curl_is_string(value))                                            \
+        _curl_easy_setopt_err_string();                                       \
+    if (_curl_is_write_cb_option(_curl_opt))                                  \
+      if (!_curl_is_write_cb(value))                                          \
+        _curl_easy_setopt_err_write_callback();                               \
+    if ((_curl_opt) == CURLOPT_READFUNCTION)                                  \
+      if (!_curl_is_read_cb(value))                                           \
+        _curl_easy_setopt_err_read_cb();                                      \
+    if ((_curl_opt) == CURLOPT_IOCTLFUNCTION)                                 \
+      if (!_curl_is_ioctl_cb(value))                                          \
+        _curl_easy_setopt_err_ioctl_cb();                                     \
+    if ((_curl_opt) == CURLOPT_SOCKOPTFUNCTION)                               \
+      if (!_curl_is_sockopt_cb(value))                                        \
+        _curl_easy_setopt_err_sockopt_cb();                                   \
+    if ((_curl_opt) == CURLOPT_OPENSOCKETFUNCTION)                            \
+      if (!_curl_is_opensocket_cb(value))                                     \
+        _curl_easy_setopt_err_opensocket_cb();                                \
+    if ((_curl_opt) == CURLOPT_PROGRESSFUNCTION)                              \
+      if (!_curl_is_progress_cb(value))                                       \
+        _curl_easy_setopt_err_progress_cb();                                  \
+    if ((_curl_opt) == CURLOPT_DEBUGFUNCTION)                                 \
+      if (!_curl_is_debug_cb(value))                                          \
+        _curl_easy_setopt_err_debug_cb();                                     \
+    if ((_curl_opt) == CURLOPT_SSL_CTX_FUNCTION)                              \
+      if (!_curl_is_ssl_ctx_cb(value))                                        \
+        _curl_easy_setopt_err_ssl_ctx_cb();                                   \
+    if (_curl_is_conv_cb_option(_curl_opt))                                   \
+      if (!_curl_is_conv_cb(value))                                           \
+        _curl_easy_setopt_err_conv_cb();                                      \
+    if ((_curl_opt) == CURLOPT_SEEKFUNCTION)                                  \
+      if (!_curl_is_seek_cb(value))                                           \
+        _curl_easy_setopt_err_seek_cb();                                      \
+    if (_curl_is_cb_data_option(_curl_opt))                                   \
+      if (!_curl_is_cb_data(value))                                           \
+        _curl_easy_setopt_err_cb_data();                                      \
+    if ((_curl_opt) == CURLOPT_ERRORBUFFER)                                   \
+      if (!_curl_is_error_buffer(value))                                      \
+        _curl_easy_setopt_err_error_buffer();                                 \
+    if ((_curl_opt) == CURLOPT_STDERR)                                        \
+      if (!_curl_is_FILE(value))                                              \
+        _curl_easy_setopt_err_FILE();                                         \
+    if (_curl_is_postfields_option(_curl_opt))                                \
+      if (!_curl_is_postfields(value))                                        \
+        _curl_easy_setopt_err_postfields();                                   \
+    if ((_curl_opt) == CURLOPT_HTTPPOST)                                      \
+      if (!_curl_is_arr((value), struct curl_httppost))                       \
+        _curl_easy_setopt_err_curl_httpost();                                 \
+    if (_curl_is_slist_option(_curl_opt))                                     \
+      if (!_curl_is_arr((value), struct curl_slist))                          \
+        _curl_easy_setopt_err_curl_slist();                                   \
+    if ((_curl_opt) == CURLOPT_SHARE)                                         \
+      if (!_curl_is_ptr((value), CURLSH))                                     \
+        _curl_easy_setopt_err_CURLSH();                                       \
  }                                                                           \
  curl_easy_setopt(handle, _curl_opt, value);                                 \
 })
@@ -92,15 +112,18 @@ __extension__ ({                                                              \
 __extension__ ({                                                              \
  __typeof__ (info) _curl_info = info;                                        \
  if (__builtin_constant_p(_curl_info)) {                                     \
-    if (_curl_is_string_info(_curl_info) && !_curl_is_arr((arg), char *))     \
-      _curl_easy_getinfo_err_string();                                        \
-    if (_curl_is_long_info(_curl_info) && !_curl_is_arr((arg), long))         \
-      _curl_easy_getinfo_err_long();                                          \
-    if (_curl_is_double_info(_curl_info) && !_curl_is_arr((arg), double))     \
-      _curl_easy_getinfo_err_double();                                        \
-    if (_curl_is_slist_info(_curl_info) &&                                    \
-           !_curl_is_arr((arg), struct curl_slist *))                         \
-      _curl_easy_getinfo_err_curl_slist();                                    \
+    if (_curl_is_string_info(_curl_info))                                     \
+      if (!_curl_is_arr((arg), char *))                                       \
+        _curl_easy_getinfo_err_string();                                      \
+    if (_curl_is_long_info(_curl_info))                                       \
+      if (!_curl_is_arr((arg), long))                                         \
+        _curl_easy_getinfo_err_long();                                        \
+    if (_curl_is_double_info(_curl_info))                                     \
+      if (!_curl_is_arr((arg), double))                                       \
+        _curl_easy_getinfo_err_double();                                      \
+    if (_curl_is_slist_info(_curl_info))                                      \
+      if (!_curl_is_arr((arg), struct curl_slist *))                          \
+        _curl_easy_getinfo_err_curl_slist();                                  \
  }                                                                           \
  curl_easy_getinfo(handle, _curl_info, arg);                                 \
 })
@@ -230,6 +253,12 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
   (option) == CURLOPT_SSH_PRIVATE_KEYFILE ||                                 \
   (option) == CURLOPT_CRLFILE ||                                             \
   (option) == CURLOPT_ISSUERCERT ||                                          \
+   (option) == CURLOPT_SOCKS5_GSSAPI_SERVICE ||                               \
+   (option) == CURLOPT_SSH_KNOWNHOSTS ||                                      \
+   (option) == CURLOPT_MAIL_FROM ||                                           \
+   (option) == CURLOPT_RTSP_SESSION_ID ||                                     \
+   (option) == CURLOPT_RTSP_STREAM_URI ||                                     \
+   (option) == CURLOPT_RTSP_TRANSPORT ||                                      \
   0)

 /* evaluates to true if option takes a curl_write_callback argument */
@@ -256,6 +285,10 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
   (option) == CURLOPT_SSL_CTX_DATA ||                                        \
   (option) == CURLOPT_SEEKDATA ||                                            \
   (option) == CURLOPT_PRIVATE ||                                             \
+   (option) == CURLOPT_SSH_KEYDATA ||                                         \
+   (option) == CURLOPT_INTERLEAVEDATA ||                                      \
+   (option) == CURLOPT_CHUNK_DATA ||                                          \
+   (option) == CURLOPT_FNMATCH_DATA ||                                        \
   0)

 /* evaluates to true if option takes a POST data argument (void* or char*) */
@@ -272,6 +305,7 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_slist,
   (option) == CURLOPT_POSTQUOTE ||                                           \
   (option) == CURLOPT_PREQUOTE ||                                            \
   (option) == CURLOPT_TELNETOPTIONS ||                                       \
+   (option) == CURLOPT_MAIL_RCPT ||                                           \
   0)

 /* groups of curl_easy_getinfo infos that take the same type of argument */
--- a/lib/Makefile.Watcom
+++ b/lib/Makefile.Watcom
@@ -3,57 +3,131 @@
 #  G. Vanem <gvanem@broadpark.no>
 #

-TARGETS = libcurl_wc.dll libcurl_wc_imp.lib libcurl_wc.lib
+!ifndef %watcom
+!error WATCOM environment variable not set!
+!else
+SYS_INCL = -I$(%watcom)\h\nt -I$(%watcom)\h
+SYS_LIBS = $(%watcom)\lib386\nt;$(%watcom)\lib386
+!endif
+
+!ifdef %libname
+LIBNAME = $(%libname)
+!else
+LIBNAME = libcurl
+!endif
+TARGETS = $(LIBNAME).dll $(LIBNAME)_imp.lib $(LIBNAME).lib

 CC = wcc386
+LD = wlink
+AR = wlib
+RC = wrc

-CFLAGS = -3s -mf -d3 -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm -bt=nt &
-         -bd -d+ -dWIN32 -dCURL_CA_BUNDLE=getenv("CURL_CA_BUNDLE")                 &
-         -dBUILDING_LIBCURL -dHAVE_SPNEGO=1 -dENABLE_IPV6                          &
-         -dDEBUG=1 -dDEBUGBUILD -d_WIN32_WINNT=0x0501 -dWINBERAPI=__declspec(cdecl) &
-         -dWINLDAPAPI=__declspec(cdecl) -I. -I..\include
+!ifdef __LOADDLL__
+!  loaddll wcc386  wccd386
+!  loaddll wpp386  wppd386
+!  loaddll wlib    wlibd
+!  if $(__VERSION__) > 1270
+!    loaddll wlink   wlinkd
+!  else
+!    loaddll wlink   wlink
+!  endif
+!endif
+
+!if $(__VERSION__) < 1250                                                                                                           
+RM = del /q /f 2>NUL
+!else                                                                                                                               
+RM = rm -f                                                                                                                          
+!endif
+MD = mkdir
+RD = rmdir /q /s 2>NUL
+CP = copy
+
+CFLAGS = -3r -mf -hc -zff -zgf -zq -zm -zc -s -fr=con -w2 -fpi -oilrtfm &
+         -wcd=201 -bt=nt -d+ -dWIN32 -dCURL_WANTS_CA_BUNDLE_ENV         &
+         -dBUILDING_LIBCURL -dHAVE_SPNEGO=1 -I. -I..\include $(SYS_INCL)
+
+!ifdef %debug
+DEBUG  = -dDEBUG=1 -dDEBUGBUILD
+CFLAGS += -d3 $(DEBUG)
+!else
+CFLAGS += -d0
+!endif
+
+!ifdef %use_ipv6
+CFLAGS += -d_WIN32_WINNT=0x0501 -dENABLE_IPV6
+!endif
+
+!ifdef %use_sspi
+CFLAGS += -dUSE_WINDOWS_SSPI
+!endif

 #
 # Change to suite.
 #
-ZLIB_ROOT  = ..\..\..\zlib-1.2.3
-USE_ZLIB   = 0
-USE_ARES   = 0
-USE_WATT32 = 0
+!ifdef %zlib_root
+ZLIB_ROOT = $(%zlib_root)
+!else
+ZLIB_ROOT = ..\..\zlib-1.2.5
+!endif

-!ifeq USE_ZLIB 1
+!ifdef %libssh2_root
+LIBSSH2_ROOT = $(%libssh2_root)
+!else
+LIBSSH2_ROOT = ..\..\libssh2-1.2.7
+!endif
+
+!ifdef %librtmp_root
+LIBRTMP_ROOT = $(%librtmp_root)
+!else
+LIBRTMP_ROOT = ..\..\librtmp-2.3
+!endif
+
+!ifdef %openssl_root
+OPENSSL_ROOT = $(%openssl_root)
+!else
+OPENSSL_ROOT = ..\..\openssl-0.9.8o
+!endif
+
+!ifdef %ares_root
+ARES_ROOT = $(%ares_root)
+!else
+ARES_ROOT = ..\ares
+!endif
+
+!ifdef %use_zlib
 CFLAGS += -dHAVE_ZLIB_H -dHAVE_LIBZ -I$(ZLIB_ROOT)
 !endif

-!ifeq USE_ARES 1
-CFLAGS += -dUSE_ARES -I..\ares
+!ifdef %use_rtmp
+CFLAGS += -dUSE_LIBRTMP -I$(LIBRTMP_ROOT)
 !endif

-!ifeq USE_WATT32 1
+!ifdef %use_ssh2
+CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H -I$(LIBSSH2_ROOT)\include -I$(LIBSSH2_ROOT)\win32
+!endif
+
+!ifdef %use_ssl
+CFLAGS += -wcd=138 -dUSE_OPENSSL -dUSE_SSLEAY -I$(OPENSSL_ROOT)\inc32
+!endif
+
+!ifdef %use_ares
+CFLAGS += -dUSE_ARES -I$(ARES_ROOT)
+!endif
+
+!ifdef %use_watt32
 CFLAGS += -dUSE_WATT32 -I$(%watt_root)\inc
 !endif

 OBJ_BASE = WC_Win32.obj
-C_ARG    = $(OBJ_BASE)\wcc386.arg
 LINK_ARG = $(OBJ_BASE)\dyn\wlink.arg
 LIB_ARG  = $(OBJ_BASE)\stat\wlib.arg

-# Unfortunately, we can't include Makefile.inc here because wmake doesn't
-# use backslash as the line continuation character by default
-CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	&
-  cookie.c http.c sendf.c ftp.c url.c dict.c if2ip.c speedcheck.c	&
-  ldap.c ssluse.c version.c getenv.c escape.c mprintf.c telnet.c	&
-  netrc.c getinfo.c transfer.c strequal.c easy.c security.c krb4.c	&
-  curl_fnmatch.c fileinfo.c ftplistparser.c wildcard.c			&
-  krb5.c memdebug.c http_chunks.c strtok.c connect.c llist.c hash.c	&
-  multi.c content_encoding.c share.c http_digest.c md5.c curl_rand.c	&
-  http_negotiate.c http_ntlm.c inet_pton.c strtoofft.c strerror.c	&
-  hostares.c hostasyn.c hostip4.c hostip6.c hostsyn.c hostthre.c	&
-  inet_ntop.c parsedate.c select.c gtls.c sslgen.c tftp.c splay.c	&
-  strdup.c socks.c ssh.c nss.c qssl.c rawstr.c curl_addrinfo.c          &
-  socks_gssapi.c socks_sspi.c curl_sspi.c slist.c nonblock.c		&
-  curl_memrchr.c imap.c pop3.c smtp.c pingpong.c rtsp.c curl_threads.c	&
-  warnless.c hmac.c polarssl.c curl_rtmp.c openldap.c
+# In order to process Makefile.inc wmake must be called with -u switch!
+!ifndef %MAKEFLAGS
+!error You MUST call wmake with the -u switch!
+!else
+!include Makefile.inc
+!endif

 OBJS = $(CSOURCES:.c=.obj)
 OBJS = $OBJ_DIR\$(OBJS: = $OBJ_DIR\)
@@ -61,506 +135,88 @@ OBJS = $OBJ_DIR\$(OBJS: = $OBJ_DIR\)
 #
 # Use $(OBJS) as a template to generate $(OBJS_STAT) and $(OBJS_DYN).
 #
-OBJ_DIR   = $(OBJ_BASE)\stat
-OBJS_STAT = $+ $(OBJS) $-
+OBJ_DIR    = $(OBJ_BASE)\stat
+OBJS_STAT  = $+ $(OBJS) $-

-OBJ_DIR  = $(OBJ_BASE)\dyn
-OBJS_DYN = $+ $(OBJS) $-
+OBJ_DIR    = $(OBJ_BASE)\dyn
+OBJS_DYN   = $+ $(OBJS) $-

-RESOURCE = $(OBJ_BASE)\dyn\libcurl.res
+CURLBUILDH = ..\include\curl\curlbuild.h
+RESOURCE   = $(OBJ_BASE)\dyn\libcurl.res

-all: $(OBJ_BASE) $(C_ARG) $(TARGETS) .SYMBOLIC
+all: $(CURLBUILDH) $(OBJ_BASE) $(TARGETS) .SYMBOLIC
 	@echo Welcome to libcurl

-$(OBJ_BASE):
-	- mkdir $(OBJ_BASE)
-	- mkdir $(OBJ_BASE)\stat
-	- mkdir $(OBJ_BASE)\dyn
-
-libcurl_wc.dll libcurl_wc_imp.lib: $(OBJS_DYN) $(RESOURCE) $(LINK_ARG)
-	wlink name libcurl_wc.dll @$(LINK_ARG)
-
-libcurl_wc.lib: $(OBJS_STAT) $(LIB_ARG)
-	wlib -q -b- c $@ @$(LIB_ARG)
-
 clean: .SYMBOLIC
-	- rm -f $(OBJS_STAT) $(OBJS_DYN) $(RESOURCE) $(C_ARG) $(LINK_ARG) $(LIB_ARG)
+	-$(RM) $(OBJS_STAT)
+	-$(RM) $(OBJS_DYN)
+	-$(RM) $(RESOURCE) $(LINK_ARG) $(LIB_ARG)

-vclean realclean: clean .SYMBOLIC
-	- rm -f $(TARGETS) libcurl_wc.map
-	- rmdir $(OBJ_BASE)\stat
-	- rmdir $(OBJ_BASE)\dyn
-	- rmdir $(OBJ_BASE)
+vclean distclean: clean .SYMBOLIC
+	-$(RM) $(TARGETS) $(LIBNAME).map $(LIBNAME).sym
+	-$(RD) $(OBJ_BASE)\stat
+	-$(RD) $(OBJ_BASE)\dyn
+	-$(RD) $(OBJ_BASE)
+
+$(OBJ_BASE):
+	-$(MD) $^@
+	-$(MD) $^@\stat
+	-$(MD) $^@\dyn
+
+$(CURLBUILDH): .EXISTSONLY
+	$(CP) $^@.dist $^@
+
+$(LIBNAME).dll: $(OBJS_DYN) $(RESOURCE) $(LINK_ARG)
+	$(LD) name $^@ @$]@
+
+$(LIBNAME).lib: $(OBJS_STAT) $(LIB_ARG)
+	$(AR) -q -b -c $^@ @$]@

 .ERASE
 $(RESOURCE): libcurl.rc
-        wrc -dDEBUGBUILD=1 -q -r -zm -I..\include -fo=$@ libcurl.rc
+	$(RC) $(DEBUG) -q -r -zm -I..\include $(SYS_INCL) $[@ -fo=$^@

 .ERASE
 .c{$(OBJ_BASE)\dyn}.obj:
-	$(CC) $[@ @$(C_ARG) -fo=$@
+	$(CC) $(CFLAGS) -bd -br $[@ -fo=$^@

 .ERASE
 .c{$(OBJ_BASE)\stat}.obj:
-	$(CC) $[@ @$(C_ARG) -DCURL_STATICLIB -fo=$@
-
-$(C_ARG): $(__MAKEFILES__)
-	%create $^@
-	%append $^@ $(CFLAGS)
+	$(CC) $(CFLAGS) -DCURL_STATICLIB $[@ -fo=$^@

 $(LINK_ARG): $(__MAKEFILES__)
 	%create $^@
 	@%append $^@ system nt dll
 	@%append $^@ file { $(OBJS_DYN) }
-	@%append $^@ option quiet, map, caseexact, eliminate, implib=libcurl_wc_imp.lib,
-	@%append $^@ res=$(RESOURCE) libpath $(%watcom)\lib386;$(%watcom)\lib386\nt
-	@%append $^@ library clib3s.lib, wldap32.lib
-!ifeq USE_WATT32 1
+!ifdef %debug
+	@%append $^@ debug all
+	@%append $^@ option symfile
+!endif
+	@%append $^@ option quiet, map, caseexact, eliminate, implib=$(LIBNAME)_imp.lib,
+	@%append $^@ res=$(RESOURCE) libpath $(SYS_LIBS)
+	@%append $^@ library wldap32.lib
+!ifdef %use_watt32
 	@%append $^@ library $(%watt_root)\lib\wattcpw_imp.lib
 !else
 	@%append $^@ library ws2_32.lib
 !endif
-!ifeq USE_ZLIB 1
+!ifdef %use_zlib
 	@%append $^@ library $(ZLIB_ROOT)\zlib.lib
 !endif
-!ifeq USE_ARES 1
-	@%append $^@ library ..\ares\cares.lib
+!ifdef %use_rtmp
+	@%append $^@ library $(LIBRTMP_ROOT)\librtmp\librtmp.lib
+!endif
+!ifdef %use_ssh2
+	@%append $^@ library $(LIBSSH2_ROOT)\win32\libssh2.lib
+!endif
+!ifdef %use_ssl
+	@%append $^@ library $(OPENSSL_ROOT)\out32\libeay32.lib, $(OPENSSL_ROOT)\out32\ssleay32.lib
+!endif
+!ifdef %use_ares
+	@%append $^@ library $(ARES_ROOT)\cares.lib
 !endif

 $(LIB_ARG): $(__MAKEFILES__)
 	%create $^@
-	for %f in ($(OBJS_STAT)) do @%append $^@ +- %f
+	@for %f in ($(OBJS_STAT)) do @%append $^@ +- %f

-#
-# Dependencies based on "gcc -MM .."
-#
-$(OBJ_DIR)\file.obj: file.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h strtoofft.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h &
-  progress.h sendf.h escape.h file.h speedcheck.h getinfo.h transfer.h &
-  url.h curl_memory.h parsedate.h ..\include\curl\mprintf.h memdebug.h
-$(OBJ_DIR)\timeval.obj: timeval.c timeval.h setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\base64.obj: base64.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\mprintf.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h urldata.h cookie.h ..\include\curl\curl.h &
-  formdata.h timeval.h http_chunks.h hostip.h hash.h llist.h &
-  curl_addrinfo.h splay.h easyif.h curl_base64.h curl_memory.h memdebug.h
-$(OBJ_DIR)\hostip.obj: hostip.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  share.h strerror.h url.h inet_ntop.h ..\include\curl\mprintf.h curl_memory.h &
-  memdebug.h
-$(OBJ_DIR)\progress.obj: progress.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  progress.h ..\include\curl\mprintf.h
-$(OBJ_DIR)\formdata.obj: formdata.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  urldata.h cookie.h formdata.h timeval.h http_chunks.h hostip.h hash.h &
-  llist.h curl_addrinfo.h splay.h easyif.h strequal.h curl_memory.h &
-  curl_rand.h ..\include\curl\mprintf.h memdebug.h
-$(OBJ_DIR)\cookie.obj: cookie.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\mprintf.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h urldata.h cookie.h ..\include\curl\curl.h &
-  formdata.h timeval.h http_chunks.h hostip.h hash.h llist.h &
-  curl_addrinfo.h splay.h strequal.h strtok.h sendf.h curl_memory.h share.h &
-  strtoofft.h rawstr.h memdebug.h curl_memrchr.h
-$(OBJ_DIR)\http.obj: http.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h &
-  transfer.h sendf.h easyif.h progress.h curl_base64.h strequal.h &
-  sslgen.h http_digest.h http_ntlm.h http_negotiate.h url.h share.h &
-  http.h curl_memory.h select.h parsedate.h strtoofft.h multiif.h rawstr.h &
-  ..\include\curl\mprintf.h memdebug.h
-$(OBJ_DIR)\sendf.obj: sendf.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  urldata.h cookie.h formdata.h timeval.h http_chunks.h hostip.h hash.h &
-  llist.h curl_addrinfo.h splay.h sendf.h connect.h sslgen.h ssh.h &
-  multiif.h ..\include\curl\mprintf.h curl_memory.h strerror.h easyif.h &
-  memdebug.h
-$(OBJ_DIR)\ftp.obj: ftp.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  urldata.h cookie.h formdata.h timeval.h http_chunks.h hostip.h hash.h &
-  llist.h curl_addrinfo.h splay.h sendf.h easyif.h if2ip.h progress.h &
-  transfer.h escape.h http.h socks.h ftp.h strtoofft.h strequal.h &
-  sslgen.h connect.h strerror.h inet_ntop.h inet_pton.h select.h &
-  parsedate.h sockaddr.h multiif.h url.h ..\include\curl\mprintf.h &
-  curl_memory.h memdebug.h
-$(OBJ_DIR)\url.obj: url.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h netrc.h &
-  sslgen.h transfer.h sendf.h progress.h strequal.h strerror.h escape.h &
-  strtok.h share.h content_encoding.h http_digest.h http_negotiate.h &
-  select.h multiif.h easyif.h speedcheck.h rawstr.h ftp.h dict.h telnet.h &
-  tftp.h http.h file.h curl_ldap.h ssh.h url.h connect.h inet_ntop.h &
-  http_ntlm.h socks.h ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\dict.obj: dict.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h &
-  transfer.h sendf.h progress.h strequal.h dict.h rawstr.h &
-  ..\include\curl\mprintf.h memdebug.h
-$(OBJ_DIR)\if2ip.obj: if2ip.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h inet_ntop.h strequal.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h if2ip.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\speedcheck.obj: speedcheck.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h urldata.h cookie.h &
-  formdata.h timeval.h http_chunks.h hostip.h hash.h llist.h &
-  curl_addrinfo.h splay.h sendf.h multiif.h speedcheck.h
-$(OBJ_DIR)\ldap.obj: ldap.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\ssluse.obj: ssluse.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  url.h inet_pton.h ssluse.h connect.h strequal.h select.h sslgen.h &
-  rawstr.h ..\include\curl\mprintf.h
-$(OBJ_DIR)\version.obj: version.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  urldata.h cookie.h formdata.h timeval.h http_chunks.h hostip.h hash.h &
-  llist.h curl_addrinfo.h splay.h sslgen.h ..\include\curl\mprintf.h
-$(OBJ_DIR)\getenv.obj: getenv.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  curl_memory.h memdebug.h
-$(OBJ_DIR)\escape.obj: escape.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  curl_memory.h urldata.h cookie.h formdata.h timeval.h http_chunks.h hostip.h &
-  hash.h llist.h curl_addrinfo.h splay.h easyif.h &
-  ..\include\curl\mprintf.h memdebug.h
-$(OBJ_DIR)\mprintf.obj: mprintf.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\mprintf.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h curl_memory.h ..\include\curl\curl.h memdebug.h
-$(OBJ_DIR)\telnet.obj: telnet.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h &
-  transfer.h sendf.h telnet.h connect.h ..\include\curl\mprintf.h &
-  arpa_telnet.h curl_memory.h select.h strequal.h rawstr.h memdebug.h
-$(OBJ_DIR)\netrc.obj: netrc.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  netrc.h strequal.h strtok.h curl_memory.h rawstr.h ..\include\curl\mprintf.h &
-  memdebug.h
-$(OBJ_DIR)\getinfo.obj: getinfo.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  urldata.h cookie.h formdata.h timeval.h http_chunks.h hostip.h hash.h &
-  llist.h curl_addrinfo.h splay.h getinfo.h curl_memory.h sslgen.h connect.h &
-  memdebug.h
-$(OBJ_DIR)\transfer.obj: transfer.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h strtoofft.h strequal.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h rawstr.h urldata.h &
-  cookie.h formdata.h timeval.h http_chunks.h hostip.h hash.h llist.h &
-  curl_addrinfo.h splay.h netrc.h content_encoding.h transfer.h sendf.h &
-  speedcheck.h progress.h http.h url.h getinfo.h sslgen.h http_digest.h &
-  http_ntlm.h http_negotiate.h share.h curl_memory.h select.h multiif.h &
-  easyif.h ..\include\curl\mprintf.h memdebug.h
-$(OBJ_DIR)\strequal.obj: strequal.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h strequal.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h
-$(OBJ_DIR)\easy.obj: easy.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h strequal.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h urldata.h cookie.h &
-  formdata.h timeval.h http_chunks.h hostip.h hash.h llist.h &
-  curl_addrinfo.h splay.h transfer.h sslgen.h url.h getinfo.h share.h &
-  strdup.h curl_memory.h progress.h easyif.h select.h sendf.h http_ntlm.h &
-  curl_rand.h connect.h ..\include\curl\mprintf.h memdebug.h
-$(OBJ_DIR)\security.obj: security.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\krb4.obj: krb4.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\krb5.obj: krb5.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\memdebug.obj: memdebug.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  ..\include\curl\mprintf.h urldata.h cookie.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h curl_memory.h &
-  memdebug.h
-$(OBJ_DIR)\http_chunks.obj: http_chunks.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  urldata.h cookie.h ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  content_encoding.h http.h curl_memory.h easyif.h ..\include\curl\mprintf.h &
-  memdebug.h
-$(OBJ_DIR)\strtok.obj: strtok.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h strtok.h
-$(OBJ_DIR)\connect.obj: connect.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\mprintf.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h urldata.h cookie.h ..\include\curl\curl.h &
-  formdata.h timeval.h http_chunks.h hostip.h hash.h llist.h &
-  curl_addrinfo.h splay.h sendf.h if2ip.h strerror.h connect.h curl_memory.h &
-  select.h url.h multiif.h sockaddr.h inet_ntop.h sslgen.h memdebug.h
-$(OBJ_DIR)\llist.obj: llist.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h llist.h curl_memory.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h memdebug.h
-$(OBJ_DIR)\hash.obj: hash.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h hash.h llist.h &
-  ..\include\curl\mprintf.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h curl_memory.h &
-  ..\include\curl\curl.h memdebug.h
-$(OBJ_DIR)\multi.obj: multi.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  urldata.h cookie.h formdata.h timeval.h http_chunks.h hostip.h hash.h &
-  llist.h curl_addrinfo.h splay.h transfer.h url.h connect.h progress.h &
-  easyif.h multiif.h sendf.h http.h ..\include\curl\mprintf.h curl_memory.h &
-  memdebug.h
-$(OBJ_DIR)\content_encoding.obj: content_encoding.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\share.obj: share.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  urldata.h cookie.h formdata.h timeval.h http_chunks.h hostip.h hash.h &
-  llist.h curl_addrinfo.h splay.h share.h curl_memory.h memdebug.h
-$(OBJ_DIR)\http_digest.obj: http_digest.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  urldata.h cookie.h ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  rawstr.h curl_base64.h curl_md5.h http_digest.h strtok.h url.h curl_memory.h &
-  easyif.h ..\include\curl\mprintf.h memdebug.h
-$(OBJ_DIR)\md5.obj: md5.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h curl_md5.h
-$(OBJ_DIR)\http_negotiate.obj: http_negotiate.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\http_ntlm.obj: http_ntlm.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  urldata.h cookie.h ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h easyif.h &
-  sendf.h rawstr.h curl_base64.h http_ntlm.h url.h curl_memory.h ssluse.h &
-  ..\include\curl\mprintf.h memdebug.h
-$(OBJ_DIR)\inet_pton.obj: inet_pton.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  inet_pton.h
-$(OBJ_DIR)\strtoofft.obj: strtoofft.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  strtoofft.h
-$(OBJ_DIR)\strerror.obj: strerror.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  strerror.h urldata.h cookie.h formdata.h timeval.h http_chunks.h &
-  hostip.h hash.h llist.h curl_addrinfo.h splay.h &
-  ..\include\curl\mprintf.h
-$(OBJ_DIR)\hostares.obj: hostares.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  share.h strerror.h url.h multiif.h inet_pton.h connect.h select.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\hostasyn.obj: hostasyn.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  share.h strerror.h url.h ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\hostip4.obj: hostip4.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  share.h strerror.h url.h inet_pton.h ..\include\curl\mprintf.h curl_memory.h &
-  memdebug.h
-$(OBJ_DIR)\hostip6.obj: hostip6.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  share.h strerror.h url.h inet_pton.h connect.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\hostsyn.obj: hostsyn.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  share.h strerror.h url.h ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\hostthre.obj: hostthre.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  share.h strerror.h url.h multiif.h inet_pton.h &
-  ..\include\curl\mprintf.h inet_ntop.h curl_memory.h memdebug.h
-$(OBJ_DIR)\inet_ntop.obj: inet_ntop.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\mprintf.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h inet_ntop.h
-$(OBJ_DIR)\parsedate.obj: parsedate.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h rawstr.h parsedate.h
-$(OBJ_DIR)\select.obj: select.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h ..\include\curl\curl.h &
-  ..\include\curl\curlver.h ..\include\curl\curlrules.h &
-  ..\include\curl\easy.h ..\include\curl\multi.h ..\include\curl\curl.h &
-  urldata.h cookie.h formdata.h timeval.h http_chunks.h hostip.h hash.h &
-  llist.h curl_addrinfo.h splay.h connect.h select.h
-$(OBJ_DIR)\gtls.obj: gtls.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\sslgen.obj: sslgen.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sslgen.h &
-  ssluse.h gtls.h nssg.h qssl.h sendf.h rawstr.h url.h curl_memory.h &
-  progress.h memdebug.h
-$(OBJ_DIR)\tftp.obj: tftp.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h &
-  transfer.h sendf.h tftp.h progress.h connect.h strerror.h sockaddr.h &
-  url.h ..\include\curl\mprintf.h curl_memory.h select.h memdebug.h
-$(OBJ_DIR)\splay.obj: splay.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h splay.h
-$(OBJ_DIR)\strdup.obj: strdup.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h strdup.h
-$(OBJ_DIR)\socks.obj: socks.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  strequal.h select.h connect.h socks.h memdebug.h
-$(OBJ_DIR)\ssh.obj: ssh.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\nss.obj: nss.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h urldata.h cookie.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h formdata.h timeval.h &
-  http_chunks.h hostip.h hash.h llist.h curl_addrinfo.h splay.h sendf.h &
-  url.h connect.h strequal.h select.h sslgen.h ..\include\curl\mprintf.h
-$(OBJ_DIR)\qssl.obj: qssl.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h
-$(OBJ_DIR)\nonblock.obj: nonblock.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h nonblock.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h
-$(OBJ_DIR)\rawstr.obj: rawstr.c setup.h config-win32.h ..\include\curl\curlbuild.h &
-  ..\include\curl\curlrules.h setup_once.h rawstr.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h
-$(OBJ_DIR)\curl_addrinfo.obj: curl_addrinfo.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h curl_addrinfo.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\curl_rand.obj: curl_rand.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h curl_rand.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\curl_memrchr.obj: curl_memrchr.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h curl_memrchr.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\imap.obj: imap.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h imap.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\pop3.obj: pop3.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h pop3.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\smtp.obj: smtp.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h smtp.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
-$(OBJ_DIR)\pingpong.obj: pingpong.c setup.h config-win32.h &
-  ..\include\curl\curlbuild.h ..\include\curl\curlrules.h setup_once.h &
-  ..\include\curl\curl.h ..\include\curl\curlver.h &
-  ..\include\curl\curlrules.h ..\include\curl\easy.h &
-  ..\include\curl\multi.h ..\include\curl\curl.h pingpong.h &
-  ..\include\curl\mprintf.h curl_memory.h memdebug.h
--- a/lib/Makefile.am
+++ b/lib/Makefile.am
@@ -37,13 +37,17 @@ EXTRA_DIST = Makefile.b32 Makefile.m32 Makefile.vc6 Makefile.riscos $(DSP) \
 Makefile.netware nwlib.c nwos.c libcurl.imp msvcproj.head msvcproj.foot   \
 config-win32ce.h config-os400.h setup-os400.h config-symbian.h		   \
 Makefile.Watcom config-tpf.h $(DOCS) $(VCPROJ) mk-ca-bundle.pl		   \
- firefox-db2pem.sh $(CMAKE_DIST) config-vxworks.h Makefile.vxworks
+ mk-ca-bundle.vbs firefox-db2pem.sh $(CMAKE_DIST) config-vxworks.h	   \
+ Makefile.vxworks

 CLEANFILES = $(DSP) $(VCPROJ)

 lib_LTLIBRARIES = libcurl.la
 LIBCURL_LIBS = @LIBCURL_LIBS@

+# This might hold -Werror
+CFLAGS += @CURL_CFLAG_EXTRAS@
+
 # Specify our include paths here, and do it relative to $(top_srcdir) and
 # $(top_builddir), to ensure that these paths which belong to the library
 # being currently built and tested are searched before the library which
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -1,30 +1,40 @@
 # ./lib/Makefile.inc
+# Using the backslash as line continuation character might be problematic
+# with some make flavours, as Watcom's wmake showed us already. If we
+# ever want to change this in a portable manner then we should consider
+# this idea (posted to the libcurl list by Adam Kellas):
+# CSRC1 = file1.c file2.c file3.c
+# CSRC2 = file4.c file5.c file6.c
+# CSOURCES = $(CSRC1) $(CSRC2)

 CSOURCES = file.c timeval.c base64.c hostip.c progress.c formdata.c	\
  cookie.c http.c sendf.c ftp.c url.c dict.c if2ip.c speedcheck.c	\
  ldap.c ssluse.c version.c getenv.c escape.c mprintf.c telnet.c	\
  netrc.c getinfo.c transfer.c strequal.c easy.c security.c krb4.c	\
-  curl_fnmatch.c fileinfo.c ftplistparser.c wildcard.c \
-  krb5.c memdebug.c http_chunks.c strtok.c connect.c llist.c hash.c	\
-  multi.c content_encoding.c share.c http_digest.c md5.c curl_rand.c	\
+  curl_fnmatch.c fileinfo.c ftplistparser.c wildcard.c krb5.c		\
+  memdebug.c http_chunks.c strtok.c connect.c llist.c hash.c multi.c	\
+  content_encoding.c share.c http_digest.c md4.c md5.c curl_rand.c	\
  http_negotiate.c http_ntlm.c inet_pton.c strtoofft.c strerror.c	\
  hostares.c hostasyn.c hostip4.c hostip6.c hostsyn.c hostthre.c	\
  inet_ntop.c parsedate.c select.c gtls.c sslgen.c tftp.c splay.c	\
-  strdup.c socks.c ssh.c nss.c qssl.c rawstr.c curl_addrinfo.c          \
+  strdup.c socks.c ssh.c nss.c qssl.c rawstr.c curl_addrinfo.c		\
  socks_gssapi.c socks_sspi.c curl_sspi.c slist.c nonblock.c		\
  curl_memrchr.c imap.c pop3.c smtp.c pingpong.c rtsp.c curl_threads.c	\
-  warnless.c hmac.c polarssl.c curl_rtmp.c openldap.c
+  warnless.c hmac.c polarssl.c curl_rtmp.c openldap.c curl_gethostname.c\
+  gopher.c

 HHEADERS = arpa_telnet.h netrc.h file.h timeval.h qssl.h hostip.h	\
  progress.h formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h	\
  if2ip.h speedcheck.h urldata.h curl_ldap.h ssluse.h escape.h telnet.h	\
  getinfo.h strequal.h krb4.h memdebug.h http_chunks.h curl_rand.h	\
-  curl_fnmatch.h wildcard.h fileinfo.h ftplistparser.h \
-  strtok.h connect.h llist.h hash.h content_encoding.h share.h		\
+  curl_fnmatch.h wildcard.h fileinfo.h ftplistparser.h strtok.h		\
+  connect.h llist.h hash.h content_encoding.h share.h curl_md4.h	\
  curl_md5.h http_digest.h http_negotiate.h http_ntlm.h inet_pton.h	\
  strtoofft.h strerror.h inet_ntop.h curlx.h curl_memory.h setup.h	\
  transfer.h select.h easyif.h multiif.h parsedate.h sslgen.h gtls.h	\
  tftp.h sockaddr.h splay.h strdup.h setup_once.h socks.h ssh.h nssg.h	\
  curl_base64.h rawstr.h curl_addrinfo.h curl_sspi.h slist.h nonblock.h	\
  curl_memrchr.h imap.h pop3.h smtp.h pingpong.h rtsp.h curl_threads.h	\
-  warnless.h curl_hmac.h polarssl.h curl_rtmp.h
+  warnless.h curl_hmac.h polarssl.h curl_rtmp.h curl_gethostname.h      \
+  gopher.h
+
--- a/lib/Makefile.m32
+++ b/lib/Makefile.m32
@@ -1,13 +1,13 @@
 #########################################################################
 #
 ## Makefile for building libcurl.a with MingW32 (GCC-3.2 or later)
-## and optionally OpenSSL (0.9.8), libssh2 (1.1), zlib (1.2.3)
+## and optionally OpenSSL (0.9.8), libssh2 (1.2), zlib (1.2.5)
 ##
 ## Usage:
-## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [IDN=1] [SSPI=1] [IPV6=1] [LDAPS=1] [DYN=1]
+## mingw32-make -f Makefile.m32 [SSL=1] [SSH2=1] [ZLIB=1] [IDN=1] [SSPI=1] [IPV6=1] [LDAPS=1] [RTMP=1] [DYN=1]
 ##
 ## Hint: you can also set environment vars to control the build, f.e.:
-## set ZLIB_PATH=c:/zlib-1.2.3
+## set ZLIB_PATH=c:/zlib-1.2.5
 ## set ZLIB=1
 ##
 ## Comments to: Troy Engel <tengel@sonic.net> or
@@ -20,16 +20,20 @@ ZLIB_PATH = ../../zlib-1.2.5
 endif
 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8n
+OPENSSL_PATH = ../../openssl-0.9.8o
 endif
 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-1.2.5
+LIBSSH2_PATH = ../../libssh2-1.2.7
 endif
 # Edit the path below to point to the base of your libidn package.
 ifndef LIBIDN_PATH
 LIBIDN_PATH = ../../libidn-1.18
 endif
+# Edit the path below to point to the base of your librtmp package.
+ifndef LIBRTMP_PATH
+LIBRTMP_PATH = ../../librtmp-2.3
+endif
 # Edit the path below to point to the base of your Novell LDAP NDK.
 ifndef LDAP_SDK
 LDAP_SDK = c:/novell/ndk/cldapsdk/win32
@@ -47,7 +51,7 @@ LDFLAGS = -s
 RANLIB = ranlib
 RC = windres
 RCFLAGS = --include-dir=../include -DDEBUGBUILD=0 -O COFF -i
-RM = del /q /f > NUL 2>&1
+RM = del /q /f 2>NUL
 STRIP = strip -g

 ########################################################
@@ -61,6 +65,11 @@ ifdef ARES
  DLL_LIBS += -L$(LIBCARES_PATH) -lcares
  libcurl_dll_DEPENDENCIES = $(LIBCARES_PATH)/libcares.a
 endif
+ifdef RTMP
+  INCLUDES += -I"$(LIBRTMP_PATH)"
+  CFLAGS += -DUSE_LIBRTMP
+  DLL_LIBS += -L"$(LIBRTMP_PATH)/librtmp" -lrtmp -lwinmm
+endif
 ifdef SSH2
  INCLUDES += -I"$(LIBSSH2_PATH)/include" -I"$(LIBSSH2_PATH)/win32"
  CFLAGS += -DUSE_LIBSSH2 -DHAVE_LIBSSH2_H
@@ -148,7 +157,7 @@ $(libcurl_dll_LIBRARY): $(libcurl_a_OBJECTS) $(RESOURCE) $(libcurl_dll_DEPENDENC
 clean:
 	-$(RM) $(libcurl_a_OBJECTS) $(RESOURCE)

-distrib: clean
+distclean vclean: clean
 	-$(RM) $(libcurl_a_LIBRARY) $(libcurl_dll_LIBRARY) $(libcurl_dll_a_LIBRARY)

 FORCE: ;
@@ -156,4 +165,3 @@ FORCE: ;
 $(LIBCARES_PATH)/libcares.a:
 	$(MAKE) -C $(LIBCARES_PATH) -f Makefile.m32

-
--- a/lib/Makefile.netware
+++ b/lib/Makefile.netware
@@ -19,12 +19,12 @@ endif

 # Edit the path below to point to the base of your OpenSSL package.
 ifndef OPENSSL_PATH
-OPENSSL_PATH = ../../openssl-0.9.8n
+OPENSSL_PATH = ../../openssl-0.9.8o
 endif

 # Edit the path below to point to the base of your LibSSH2 package.
 ifndef LIBSSH2_PATH
-LIBSSH2_PATH = ../../libssh2-1.2.5
+LIBSSH2_PATH = ../../libssh2-1.2.7
 endif

 # Edit the path below to point to the base of your libidn package.
@@ -32,6 +32,11 @@ ifndef LIBIDN_PATH
 LIBIDN_PATH = ../../libidn-1.18
 endif

+# Edit the path below to point to the base of your librtmp package.
+ifndef LIBRTMP_PATH
+LIBRTMP_PATH = ../../librtmp-2.3
+endif
+
 # Edit the path below to point to the base of your c-ares package.
 ifndef LIBCARES_PATH
 LIBCARES_PATH = ../ares
@@ -84,14 +89,13 @@ else
 	CC = gcc
 endif
 PERL	= perl
-# a native win32 awk can be downloaded from here:
+# Here you can find a native Win32 binary of the original awk:
 # http://www.gknw.net/development/prgtools/awk-20070501.zip
 AWK	= awk
-YACC	= bison -y
 CP	= cp -afv
 MKDIR	= mkdir
 # RM	= rm -f
-# if you want to mark the target as MTSAFE you will need a tool for
+# If you want to mark the target as MTSAFE you will need a tool for
 # generating the xdc data for the linker; here's a minimal tool:
 # http://www.gknw.net/development/prgtools/mkxdc.zip
 MPKXDC	= mkxdc
@@ -117,13 +121,13 @@ CFLAGS	+= -relax_pointers
 #CFLAGS	+= -w on
 ifeq ($(LIBARCH),LIBC)
 ifeq ($(POSIXFL),1)
-	PRELUDE = $(SDK_LIBC)/imports/posixpre.o
+	PRELUDE = $(NDK_LIBC)/imports/posixpre.o
 else
-	PRELUDE = $(SDK_LIBC)/imports/libcpre.o
+	PRELUDE = $(NDK_LIBC)/imports/libcpre.o
 endif
 	CFLAGS += -align 4
 else
-	# PRELUDE = $(SDK_CLIB)/imports/clibpre.o
+	# PRELUDE = $(NDK_CLIB)/imports/clibpre.o
 	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
 	PRELUDE = "$(MWCW_PATH)/libraries/runtime/prelude.obj"
 	# CFLAGS += -include "$(MWCW_PATH)/headers/nlm_clib_prefix.h"
@@ -140,12 +144,12 @@ CFLAGS	+= -fno-builtin -fpcc-struct-return -fno-strict-aliasing
 CFLAGS	+= -Wall # -pedantic
 ifeq ($(LIBARCH),LIBC)
 ifeq ($(POSIXFL),1)
-	PRELUDE = $(SDK_LIBC)/imports/posixpre.gcc.o
+	PRELUDE = $(NDK_LIBC)/imports/posixpre.gcc.o
 else
-	PRELUDE = $(SDK_LIBC)/imports/libcpre.gcc.o
+	PRELUDE = $(NDK_LIBC)/imports/libcpre.gcc.o
 endif
 else
-	PRELUDE = $(SDK_CLIB)/imports/clibpre.gcc.o
+	PRELUDE = $(NDK_CLIB)/imports/clibpre.gcc.o
 	# to avoid the __init_* / __deinit_* whoes dont use prelude from NDK
 	# http://www.gknw.net/development/mk_nlm/gcc_pre.zip
 	# PRELUDE = $(NDK_ROOT)/pre/prelude.o
@@ -154,9 +158,15 @@ endif
 endif

 NDK_ROOT = $(NDKBASE)/ndk
-SDK_CLIB = $(NDK_ROOT)/nwsdk
-SDK_LIBC = $(NDK_ROOT)/libc
-SDK_LDAP = $(NDK_ROOT)/cldapsdk/netware
+ifndef NDK_CLIB
+NDK_CLIB = $(NDK_ROOT)/nwsdk
+endif
+ifndef NDK_LIBC
+NDK_LIBC = $(NDK_ROOT)/libc
+endif
+ifndef NDK_LDAP
+NDK_LDAP = $(NDK_ROOT)/cldapsdk/netware
+endif
 CURL_INC = ../include
 CURL_LIB = ../lib

@@ -175,6 +185,10 @@ else
 	IMPORTS += @$(LIBSSH2_PATH)/nw/libssh2.imp
 endif
 endif
+ifdef WITH_RTMP
+	INCLUDES += -I$(LIBRTMP_PATH)
+	LDLIBS += $(LIBRTMP_PATH)/librtmp/librtmp.$(LIBEXT)
+endif
 ifdef WITH_SSL
 	INCLUDES += -I$(OPENSSL_PATH)/outinc_nw_$(LIBARCH_L)
 	LDLIBS += $(OPENSSL_PATH)/out_nw_$(LIBARCH_L)/ssl.$(LIBEXT)
@@ -197,17 +211,17 @@ ifdef WITH_IDN
 endif

 ifeq ($(LIBARCH),LIBC)
-	INCLUDES += -I$(SDK_LIBC)/include
-	# INCLUDES += -I$(SDK_LIBC)/include/nks
-	# INCLUDES += -I$(SDK_LIBC)/include/winsock
+	INCLUDES += -I$(NDK_LIBC)/include
+	# INCLUDES += -I$(NDK_LIBC)/include/nks
+	# INCLUDES += -I$(NDK_LIBC)/include/winsock
 	CFLAGS += -D_POSIX_SOURCE
 else
-	INCLUDES += -I$(SDK_CLIB)/include/nlm
-	# INCLUDES += -I$(SDK_CLIB)/include/nlm/obsolete
-	# INCLUDES += -I$(SDK_CLIB)/include
+	INCLUDES += -I$(NDK_CLIB)/include/nlm
+	# INCLUDES += -I$(NDK_CLIB)/include/nlm/obsolete
+	# INCLUDES += -I$(NDK_CLIB)/include
 endif
 ifndef DISABLE_LDAP
-	INCLUDES += -I$(SDK_LDAP)/$(LIBARCH_L)/inc
+	INCLUDES += -I$(NDK_LDAP)/$(LIBARCH_L)/inc
 endif
 CFLAGS	+= $(INCLUDES)

@@ -269,7 +283,7 @@ clean:
 	-$(RM) curl_config.h
 	-$(RM) -r $(OBJDIR)

-distclean: clean
+distclean vclean: clean
 	-$(RM) $(TARGET).$(LIBEXT) $(TARGET).nlm
 	-$(RM) certdata.txt ca-bundle.crt

@@ -323,15 +337,15 @@ endif
 ifeq ($(LIBARCH),CLIB)
 	@echo $(DL)start _Prelude$(DL) >> $@
 	@echo $(DL)exit _Stop$(DL) >> $@
-	@echo $(DL)import @$(SDK_CLIB)/imports/clib.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_CLIB)/imports/threads.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_CLIB)/imports/nlmlib.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_CLIB)/imports/socklib.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_CLIB)/imports/clib.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_CLIB)/imports/threads.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_CLIB)/imports/nlmlib.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_CLIB)/imports/socklib.imp$(DL) >> $@
 	@echo $(DL)module clib$(DL) >> $@
 ifndef DISABLE_LDAP
-	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapsdk.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapssl.imp$(DL) >> $@
-#	@echo $(DL)import @$(SDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_LDAP)/clib/imports/ldapsdk.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_LDAP)/clib/imports/ldapssl.imp$(DL) >> $@
+#	@echo $(DL)import @$(NDK_LDAP)/clib/imports/ldapx.imp$(DL) >> $@
 	@echo $(DL)module ldapsdk ldapssl$(DL) >> $@
 endif
 else
@@ -348,13 +362,13 @@ else
 	@echo $(DL)exit _LibCPostlude$(DL) >> $@
 	@echo $(DL)check _LibCCheckUnload$(DL) >> $@
 endif
-	@echo $(DL)import @$(SDK_LIBC)/imports/libc.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_LIBC)/imports/netware.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_LIBC)/imports/libc.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_LIBC)/imports/netware.imp$(DL) >> $@
 	@echo $(DL)module libc$(DL) >> $@
 ifndef DISABLE_LDAP
-	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapsdk.imp$(DL) >> $@
-	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapssl.imp$(DL) >> $@
-#	@echo $(DL)import @$(SDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_LDAP)/libc/imports/lldapsdk.imp$(DL) >> $@
+	@echo $(DL)import @$(NDK_LDAP)/libc/imports/lldapssl.imp$(DL) >> $@
+#	@echo $(DL)import @$(NDK_LDAP)/libc/imports/lldapx.imp$(DL) >> $@
 	@echo $(DL)module lldapsdk lldapssl$(DL) >> $@
 endif
 endif
@@ -425,13 +439,6 @@ else
 	@echo $(DL)#define HAVE_SYS_PARAM_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_SELECT_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TERMIOS_H 1$(DL) >> $@
-	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
-	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
-	@echo $(DL)#define HAVE_FREEADDRINFO 1$(DL) >> $@
-	@echo $(DL)#define HAVE_GETADDRINFO 1$(DL) >> $@
-	@echo $(DL)#define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG1 int$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG2 void *$(DL) >> $@
 	@echo $(DL)#define RECV_TYPE_ARG3 size_t$(DL) >> $@
@@ -451,11 +458,19 @@ else
 	@echo $(DL)#define SEND_TYPE_ARG3 size_t$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_ARG4 int$(DL) >> $@
 	@echo $(DL)#define SEND_TYPE_RETV ssize_t$(DL) >> $@
-	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
 	@echo $(DL)#define SIZEOF_OFF_T 8$(DL) >> $@
 	@echo $(DL)#define _LARGEFILE 1$(DL) >> $@
 ifdef ENABLE_IPV6
 	@echo $(DL)#define ENABLE_IPV6 1$(DL) >> $@
+	@echo $(DL)#define HAVE_AF_INET6 1$(DL) >> $@
+	@echo $(DL)#define HAVE_PF_INET6 1$(DL) >> $@
+	@echo $(DL)#define HAVE_FREEADDRINFO 1$(DL) >> $@
+	@echo $(DL)#define HAVE_GETADDRINFO 1$(DL) >> $@
+	@echo $(DL)#define HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_IN6_ADDR 1$(DL) >> $@
+	@echo $(DL)#define HAVE_STRUCT_SOCKADDR_IN6 1$(DL) >> $@
+	@echo $(DL)#define SIZEOF_STRUCT_IN6_ADDR 16$(DL) >> $@
 endif
 endif
 	@echo $(DL)#define USE_MANUAL 1$(DL) >> $@
@@ -491,7 +506,6 @@ endif
 	@echo $(DL)#define HAVE_STRFTIME 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRING_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRSTR 1$(DL) >> $@
-	@echo $(DL)#define HAVE_STRUCT_ADDRINFO 1$(DL) >> $@
 	@echo $(DL)#define HAVE_STRUCT_TIMEVAL 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_IOCTL_H 1$(DL) >> $@
 	@echo $(DL)#define HAVE_SYS_STAT_H 1$(DL) >> $@
@@ -555,6 +569,9 @@ endif
 ifdef WITH_IDN
 	@echo $(DL)#define HAVE_LIBIDN 1$(DL) >> $@
 	@echo $(DL)#define HAVE_TLD_H 1$(DL) >> $@
+endif
+ifdef WITH_RTMP
+	@echo $(DL)#define USE_LIBRTMP 1$(DL) >> $@
 endif
 	@echo $(DL)#ifdef __GNUC__$(DL) >> $@
 	@echo $(DL)#define HAVE_VARIADIC_MACROS_GCC 1$(DL) >> $@
@@ -616,6 +633,9 @@ $(CURL_INC)/curl/curlbuild.h: Makefile.netware FORCE
 	@echo $(DL)** Do not edit this file - it is created by make!$(DL) >> $@
 	@echo $(DL)** All your changes will be lost!!$(DL) >> $@
 	@echo $(DL)*/$(DL) >> $@
+	@echo $(DL)#ifndef NETWARE$(DL) >> $@
+	@echo $(DL)#error This $(notdir $@) is created for NetWare platform!$(DL) >> $@
+	@echo $(DL)#endif$(DL) >> $@
 	@echo $(DL)#ifndef __CURL_CURLBUILD_H$(DL) >> $@
 	@echo $(DL)#define __CURL_CURLBUILD_H$(DL) >> $@
 ifeq ($(LIBARCH),LIBC)
--- a/lib/Makefile.riscos
+++ b/lib/Makefile.riscos
@@ -3,7 +3,7 @@
 # Project objects:
 objs =	o.base64 o.connect o.cookie o.dict \
 	o.dllinit o.easy o.escape o.file \
-	o.formdata o.ftp o.getenv \
+	o.formdata o.ftp o.getenv o.gopher \
 	o.getinfo o.getpass o.hostip \
 	o.hostip4 o.hostsyn o.http \
 	o.http_chunks o.inet_ntop o.inet_pton o.if2ip o.krb4 o.ldap \
@@ -15,7 +15,7 @@ objs =	o.base64 o.connect o.cookie o.dict \
 	o.rawstr o.curl_addrinfo o.slist o.nonblock o.curl_rand \
 	o.curl_memrchr o.imap o.pop3 o.smtp o.pingpong o.rtsp \
 	o.curl_threads o.warnless o.hmac o.md5 o.curl_rtmp \
-	o.openldap o.polarssl
+	o.openldap o.polarssl o.md4 o.curl_gethostname


 # Compile options:
@@ -39,6 +39,9 @@ o.cookie:	c.cookie
 o.curl_addrinfo:	c.curl_addrinfo
 		gcc $(compileropts) -c -o curl_addrinfo.o c.curl_addrinfo

+o.curl_gethostname:	c.curl_gethostname
+		gcc $(compileropts) -c -o curl_gethostname.o c.curl_gethostname
+
 o.curl_memrchr:	c.curl_memrchr
 		gcc $(compileropts) -c -o curl_memrchr.o c.curl_memrchr

@@ -81,6 +84,9 @@ o.getinfo:	c.getinfo
 o.getpass:	c.getpass
 		gcc $(compileropts) -c -o getpass.o c.getpass

+o.gopher:	c.gopher
+		gcc $(compileropts) -c -o gopher.o c.gopher
+
 o.hmac:		c.hmac
 		gcc $(compileropts) -c -o hmac.o c.hmac

@@ -117,6 +123,9 @@ o.krb4:	c.krb4
 o.ldap:	c.ldap
 		gcc $(compileropts) -IOpenLDAP: -c -o ldap.o c.ldap

+o.md4:		c.md4
+		gcc $(compileropts) -c -o md4.o c.md4
+
 o.md5:		c.md5
 		gcc $(compileropts) -c -o md5.o c.md5

--- a/lib/Makefile.vc6
+++ b/lib/Makefile.vc6
@@ -54,11 +54,11 @@ IMPLIB_NAME       = libcurl_imp
 IMPLIB_NAME_DEBUG = libcurld_imp

 !IFNDEF OPENSSL_PATH
-OPENSSL_PATH   = ../../openssl-0.9.8g
+OPENSSL_PATH   = ../../openssl-0.9.8o
 !ENDIF

 !IFNDEF ZLIB_PATH
-ZLIB_PATH  = ../../zlib-1.2.3
+ZLIB_PATH  = ../../zlib-1.2.5
 !ENDIF

 !IFNDEF MACHINE
@@ -109,6 +109,10 @@ CFGSET     = FALSE
 CFLAGS = $(CFLAGS) /DUSE_WINDOWS_SSPI /I$(WINDOWS_SDK_PATH)\include
 !ENDIF

+!IFDEF USE_IPV6
+CFLAGS = $(CFLAGS) /DUSE_IPV6
+!ENDIF
+
 ##############################################################
 # Runtime library configuration

@@ -450,6 +454,7 @@ X_OBJS= \
 	$(DIROBJ)\cookie.obj \
 	$(DIROBJ)\curl_addrinfo.obj \
 	$(DIROBJ)\curl_fnmatch.obj \
+	$(DIROBJ)\curl_gethostname.obj \
 	$(DIROBJ)\curl_memrchr.obj \
 	$(DIROBJ)\curl_rand.obj \
 	$(DIROBJ)\curl_rtmp.obj \
@@ -466,6 +471,7 @@ X_OBJS= \
 	$(DIROBJ)\getenv.obj \
 	$(DIROBJ)\getinfo.obj \
 	$(DIROBJ)\gtls.obj \
+	$(DIROBJ)\gopher.obj \
 	$(DIROBJ)\hash.obj \
 	$(DIROBJ)\hmac.obj \
 	$(DIROBJ)\hostares.obj \
@@ -486,6 +492,7 @@ X_OBJS= \
 	$(DIROBJ)\inet_pton.obj \
 	$(DIROBJ)\ldap.obj \
 	$(DIROBJ)\llist.obj \
+	$(DIROBJ)\md4.obj \
 	$(DIROBJ)\md5.obj \
 	$(DIROBJ)\memdebug.obj \
 	$(DIROBJ)\mprintf.obj \
--- a/lib/README.ares
+++ b/lib/README.ares
@@ -11,7 +11,7 @@ c-ares:
  http://c-ares.haxx.se/

 NOTE
-  The latest libcurl version requires c-ares 1.4.0 or later.
+  The latest libcurl version requires c-ares 1.6.0 or later.

  Once upon the time libcurl built fine with the "original" ares. That is no
  longer true. You need to use c-ares.
--- a/lib/config-win32.h
+++ b/lib/config-win32.h
@@ -504,6 +504,10 @@
 #  define USE_WIN32_LARGE_FILES
 #endif

+#if defined(__WATCOMC__) && !defined(USE_WIN32_LARGE_FILES)
+#  define USE_WIN32_LARGE_FILES
+#endif
+
 #if defined(__POCC__)
 #  undef USE_WIN32_LARGE_FILES
 #endif
@@ -546,6 +550,13 @@
 #define CURL_LDAP_WIN 1
 #endif

+#if defined(__WATCOMC__) && defined(CURL_LDAP_WIN)
+#if __WATCOMC__ < 1280
+#define WINBERAPI  __declspec(cdecl)
+#define WINLDAPAPI __declspec(cdecl)
+#endif
+#endif
+
 #if defined(__POCC__) && defined(CURL_LDAP_WIN)
 #  define CURL_DISABLE_LDAP 1
 #endif
@@ -569,7 +580,7 @@
 /* Name of package */
 #define PACKAGE "curl"

-#if defined(__POCC__)
+#if defined(__POCC__) || (USE_IPV6)
 #  define ENABLE_IPV6 1
 #endif

--- a/lib/connect.c
+++ b/lib/connect.c
@@ -112,10 +112,11 @@ struct Curl_sockaddr_ex {

 static bool verifyconnect(curl_socket_t sockfd, int *error);

-static curl_socket_t
+static CURLcode
 singleipconnect(struct connectdata *conn,
                const Curl_addrinfo *ai, /* start connecting to this */
                long timeout_ms,
+                curl_socket_t *sock,
                bool *connected);

 /*
@@ -173,6 +174,9 @@ long Curl_timeleft(struct connectdata *conn,

  /* substract elapsed time */
  timeout_ms -= Curl_tvdiff(*nowp, data->progress.t_startsingle);
+  if(!timeout_ms)
+    /* avoid returning 0 as that means no timeout! */
+    return -1;

  return timeout_ms;
 }
@@ -180,16 +184,13 @@ long Curl_timeleft(struct connectdata *conn,
 /*
 * waitconnect() waits for a TCP connect on the given socket for the specified
 * number if milliseconds. It returns:
- * 0    fine connect
- * -1   select() error
- * 1    select() timeout
- * 2    select() returned with an error condition fd_set
 */

 #define WAITCONN_CONNECTED     0
 #define WAITCONN_SELECT_ERROR -1
 #define WAITCONN_TIMEOUT       1
 #define WAITCONN_FDSET_ERROR   2
+#define WAITCONN_ABORTED       3

 static
 int waitconnect(struct connectdata *conn,
@@ -209,9 +210,8 @@ int waitconnect(struct connectdata *conn,
    /* now select() until we get connect or timeout */
    rc = Curl_socket_ready(CURL_SOCKET_BAD, sockfd, (int)(timeout_msec>1000?
                                                          1000:timeout_msec));
-
    if(Curl_pgrsUpdate(conn))
-      return CURLE_ABORTED_BY_CALLBACK;
+      return WAITCONN_ABORTED;

    if(-1 == rc)
      /* error, no connect here, try next */
@@ -492,35 +492,44 @@ static bool verifyconnect(curl_socket_t sockfd, int *error)

 /* Used within the multi interface. Try next IP address, return TRUE if no
   more address exists or error */
-static bool trynextip(struct connectdata *conn,
-                      int sockindex,
-                      bool *connected)
+static CURLcode trynextip(struct connectdata *conn,
+                          int sockindex,
+                          bool *connected)
 {
  curl_socket_t sockfd;
  Curl_addrinfo *ai;

-  /* first close the failed socket */
-  sclose(conn->sock[sockindex]);
+  /* First clean up after the failed socket.
+     Don't close it yet to ensure that the next IP's socket gets a different
+     file descriptor, which can prevent bugs when the curl_multi_socket_action
+     interface is used with certain select() replacements such as kqueue. */
+  curl_socket_t fd_to_close = conn->sock[sockindex];
  conn->sock[sockindex] = CURL_SOCKET_BAD;
  *connected = FALSE;

-  if(sockindex != FIRSTSOCKET)
-    return TRUE; /* no next */
+  if(sockindex != FIRSTSOCKET) {
+    sclose(fd_to_close);
+    return CURLE_COULDNT_CONNECT; /* no next */
+  }

  /* try the next address */
  ai = conn->ip_addr->ai_next;

  while(ai) {
-    sockfd = singleipconnect(conn, ai, 0L, connected);
+    CURLcode res = singleipconnect(conn, ai, 0L, &sockfd, connected);
+    if(res)
+      return res;
    if(sockfd != CURL_SOCKET_BAD) {
      /* store the new socket descriptor */
      conn->sock[sockindex] = sockfd;
      conn->ip_addr = ai;
-      return FALSE;
+      sclose(fd_to_close);
+      return CURLE_OK;
    }
    ai = ai->ai_next;
  }
-  return TRUE;
+  sclose(fd_to_close);
+  return CURLE_COULDNT_CONNECT;
 }

 /* retrieves ip address and port from a sockaddr structure */
@@ -621,6 +630,7 @@ CURLcode Curl_is_connected(struct connectdata *conn,
  CURLcode code = CURLE_OK;
  curl_socket_t sockfd = conn->sock[sockindex];
  long allow = DEFAULT_CONNECT_TIMEOUT;
+  int error = 0;

  DEBUGASSERT(sockindex >= FIRSTSOCKET && sockindex <= SECONDARYSOCKET);

@@ -628,13 +638,6 @@ CURLcode Curl_is_connected(struct connectdata *conn,

  if(conn->bits.tcpconnect) {
    /* we are connected already! */
-    long allow_total = 0;
-
-    /* subtract the most strict timeout of the ones */
-    if(data->set.timeout)
-      allow_total = data->set.timeout;
-
-    Curl_expire(data, allow_total);
    *connected = TRUE;
    return CURLE_OK;
  }
@@ -648,13 +651,13 @@ CURLcode Curl_is_connected(struct connectdata *conn,
    return CURLE_OPERATION_TIMEDOUT;
  }

-  Curl_expire(data, allow);
-
  /* check for connect without timeout as we want to return immediately */
  rc = waitconnect(conn, sockfd, 0);
+  if(WAITCONN_TIMEOUT == rc)
+    /* not an error, but also no connection yet */
+    return code;

  if(WAITCONN_CONNECTED == rc) {
-    int error;
    if(verifyconnect(sockfd, &error)) {
      /* we are connected, awesome! */
      conn->bits.tcpconnect = TRUE;
@@ -666,38 +669,34 @@ CURLcode Curl_is_connected(struct connectdata *conn,
      return CURLE_OK;
    }
    /* nope, not connected for real */
-    data->state.os_errno = error;
-    infof(data, "Connection failed\n");
-    if(trynextip(conn, sockindex, connected)) {
-      failf(data, "Failed connect to %s:%ld; %s",
-            conn->host.name, conn->port, Curl_strerror(conn, error));
-      code = CURLE_COULDNT_CONNECT;
-    }
  }
-  else if(WAITCONN_TIMEOUT != rc) {
-    int error = 0;
-
+  else {
    /* nope, not connected  */
    if(WAITCONN_FDSET_ERROR == rc) {
      (void)verifyconnect(sockfd, &error);
-      data->state.os_errno = error;
-      infof(data, "%s\n",Curl_strerror(conn,error));
+      infof(data, "%s\n",Curl_strerror(conn, error));
    }
    else
      infof(data, "Connection failed\n");
-
-    if(trynextip(conn, sockindex, connected)) {
-      error = SOCKERRNO;
-      data->state.os_errno = error;
-      failf(data, "Failed connect to %s:%ld; %s",
-            conn->host.name, conn->port, Curl_strerror(conn, error));
-      code = CURLE_COULDNT_CONNECT;
-    }
  }
+
  /*
-   * If the connection failed here, we should attempt to connect to the "next
-   * address" for the given host.
+   * The connection failed here, we should attempt to connect to the "next
+   * address" for the given host. But first remember the latest error.
   */
+  if(error) {
+    data->state.os_errno = error;
+    SET_SOCKERRNO(error);
+  }
+
+  code = trynextip(conn, sockindex, connected);
+
+  if(code) {
+    error = SOCKERRNO;
+    data->state.os_errno = error;
+    failf(data, "Failed connect to %s:%ld; %s",
+          conn->host.name, conn->port, Curl_strerror(conn, error));
+  }

  return code;
 }
@@ -779,12 +778,20 @@ void Curl_sndbufset(curl_socket_t sockfd)
 #endif


-/* singleipconnect() connects to the given IP only, and it may return without
-   having connected if used from the multi interface. */
-static curl_socket_t
+/*
+ * singleipconnect()
+ *
+ * Note that even on connect fail it returns CURLE_OK, but with 'sock' set to
+ * CURL_SOCKET_BAD. Other errors will however return proper errors.
+ *
+ * singleipconnect() connects to the given IP only, and it may return without
+ * having connected if used from the multi interface.
+ */
+static CURLcode
 singleipconnect(struct connectdata *conn,
                const Curl_addrinfo *ai,
                long timeout_ms,
+                curl_socket_t *sockp,
                bool *connected)
 {
  struct Curl_sockaddr_ex addr;
@@ -794,13 +801,15 @@ singleipconnect(struct connectdata *conn,
  bool isconnected;
  struct SessionHandle *data = conn->data;
  curl_socket_t sockfd;
-  CURLcode res;
+  CURLcode res = CURLE_OK;
  const void *iptoprint;
  struct sockaddr_in * const sa4 = (void *)&addr.sa_addr;
 #ifdef ENABLE_IPV6
  struct sockaddr_in6 * const sa6 = (void *)&addr.sa_addr;
 #endif

+  *sockp = CURL_SOCKET_BAD;
+
  /*
   * The Curl_sockaddr_ex structure is basically libcurl's external API
   * curl_sockaddr structure with enough space available to directly hold
@@ -839,7 +848,7 @@ singleipconnect(struct connectdata *conn,

  if(sockfd == CURL_SOCKET_BAD)
    /* no socket, no connection */
-    return CURL_SOCKET_BAD;
+    return CURLE_OK;

 #if defined(ENABLE_IPV6) && defined(HAVE_SOCKADDR_IN6_SIN6_SCOPE_ID)
  if (conn->scope && (addr.family == AF_INET6))
@@ -892,7 +901,7 @@ singleipconnect(struct connectdata *conn,
                               CURLSOCKTYPE_IPCXN);
    if(error) {
      sclose(sockfd); /* close the socket and bail out */
-      return CURL_SOCKET_BAD;
+      return res;
    }
  }

@@ -900,7 +909,7 @@ singleipconnect(struct connectdata *conn,
  res = bindlocal(conn, sockfd, addr.family);
  if(res) {
    sclose(sockfd); /* close socket and bail out */
-    return CURL_SOCKET_BAD;
+    return res;
  }

  /* set socket non-blocking */
@@ -928,6 +937,10 @@ singleipconnect(struct connectdata *conn,
 #endif
 #endif
      rc = waitconnect(conn, sockfd, timeout_ms);
+      if(WAITCONN_ABORTED == rc) {
+        sclose(sockfd);
+        return CURLE_ABORTED_BY_CALLBACK;
+      }
      break;
    default:
      /* unknown error, fallthrough and try another address! */
@@ -943,7 +956,8 @@ singleipconnect(struct connectdata *conn,
  if((WAITCONN_TIMEOUT == rc) &&
     (data->state.used_interface == Curl_if_multi)) {
    /* Timeout when running the multi interface */
-    return sockfd;
+    *sockp = sockfd;
+    return CURLE_OK;
  }

  isconnected = verifyconnect(sockfd, &error);
@@ -953,7 +967,8 @@ singleipconnect(struct connectdata *conn,
    *connected = TRUE; /* this is a true connect */
    infof(data, "connected\n");
    Curl_updateconninfo(conn, sockfd);
-    return sockfd;
+    *sockp = sockfd;
+    return CURLE_OK;
  }
  else if(WAITCONN_TIMEOUT == rc)
    infof(data, "Timeout\n");
@@ -965,7 +980,7 @@ singleipconnect(struct connectdata *conn,
  /* connect failed or timed out */
  sclose(sockfd);

-  return CURL_SOCKET_BAD;
+  return CURLE_OK;
 }

 /*
@@ -1007,7 +1022,6 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
    failf(data, "Connection time-out");
    return CURLE_OPERATION_TIMEDOUT;
  }
-  Curl_expire(data, timeout_ms);

  /* Max time for each address */
  num_addr = Curl_num_addresses(remotehost->addr);
@@ -1030,7 +1044,11 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
       curr_addr = curr_addr->ai_next, aliasindex++) {

    /* start connecting to the IP curr_addr points to */
-    sockfd = singleipconnect(conn, curr_addr, timeout_per_addr, connected);
+    CURLcode res =
+      singleipconnect(conn, curr_addr, timeout_per_addr, &sockfd, connected);
+
+    if(res)
+      return res;

    if(sockfd != CURL_SOCKET_BAD)
      break;
@@ -1068,12 +1086,12 @@ CURLcode Curl_connecthost(struct connectdata *conn,  /* context */
 * Used to extract socket and connectdata struct for the most recent
 * transfer on the given SessionHandle.
 *
- * The socket 'long' will be -1 in case of failure!
+ * The returned socket will be CURL_SOCKET_BAD in case of failure!
 */
-CURLcode Curl_getconnectinfo(struct SessionHandle *data,
-                             long *param_longp,
-                             struct connectdata **connp)
+curl_socket_t Curl_getconnectinfo(struct SessionHandle *data,
+                                  struct connectdata **connp)
 {
+  curl_socket_t sockfd;
  if((data->state.lastconnect != -1) &&
     (data->state.connc->connects[data->state.lastconnect] != NULL)) {
    struct connectdata *c =
@@ -1081,13 +1099,13 @@ CURLcode Curl_getconnectinfo(struct SessionHandle *data,
    if(connp)
      /* only store this if the caller cares for it */
      *connp = c;
-    *param_longp = c->sock[FIRSTSOCKET];
+    sockfd = c->sock[FIRSTSOCKET];
    /* we have a socket connected, let's determine if the server shut down */
    /* determine if ssl */
    if(c->ssl[FIRSTSOCKET].use) {
      /* use the SSL context */
      if(!Curl_ssl_check_cxn(c))
-        *param_longp = -1;   /* FIN received */
+        return CURL_SOCKET_BAD;   /* FIN received */
    }
 /* Minix 3.1 doesn't support any flags on recv; just assume socket is OK */
 #ifdef MSG_PEEK
@@ -1096,13 +1114,13 @@ CURLcode Curl_getconnectinfo(struct SessionHandle *data,
      char buf;
      if(recv((RECV_TYPE_ARG1)c->sock[FIRSTSOCKET], (RECV_TYPE_ARG2)&buf,
              (RECV_TYPE_ARG3)1, (RECV_TYPE_ARG4)MSG_PEEK) == 0) {
-        *param_longp = -1;   /* FIN received */
+        return CURL_SOCKET_BAD;   /* FIN received */
      }
    }
 #endif
  }
  else
-    *param_longp = -1;
+    return CURL_SOCKET_BAD;

-  return CURLE_OK;
+  return sockfd;
 }
--- a/lib/connect.h
+++ b/lib/connect.h
@@ -47,11 +47,10 @@ long Curl_timeleft(struct connectdata *conn,
 * Used to extract socket and connectdata struct for the most recent
 * transfer on the given SessionHandle.
 *
- * The socket 'long' will be -1 in case of failure!
+ * The returned socket will be CURL_SOCKET_BAD in case of failure!
 */
-CURLcode Curl_getconnectinfo(struct SessionHandle *data,
-                             long *param_longp,
-                             struct connectdata **connp);
+curl_socket_t Curl_getconnectinfo(struct SessionHandle *data,
+                                  struct connectdata **connp);

 #ifdef WIN32
 /* When you run a program that uses the Windows Sockets API, you may
--- a/lib/content_encoding.c
+++ b/lib/content_encoding.c
@@ -123,7 +123,9 @@ inflate_stream(struct connectdata *conn,
      }

      /* Done with these bytes, exit */
-      if(status == Z_OK && z->avail_in == 0) {
+
+      /* status is always Z_OK at this point! */
+      if(z->avail_in == 0) {
        free(decomp);
        return result;
      }
--- a/lib/curl_addrinfo.c
+++ b/lib/curl_addrinfo.c
@@ -151,7 +151,10 @@ Curl_getaddrinfo_ex(const char *nodename,
    ca->ai_next      = NULL;

    if((ai->ai_addrlen > 0) && (ai->ai_addr != NULL)) {
-      ca->ai_addrlen  = ai->ai_addrlen;
+      /* typecast below avoid warning on at least win64:
+         conversion from 'size_t' to 'curl_socklen_t', possible loss of data
+      */
+      ca->ai_addrlen  = (curl_socklen_t)ai->ai_addrlen;
      if((ca->ai_addr = malloc(ca->ai_addrlen)) == NULL) {
        error = EAI_MEMORY;
        free(ca);
--- a/lib/curl_gethostname.c
+++ b/lib/curl_gethostname.c
@@ -0,0 +1,81 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#include "setup.h"
+
+#ifdef HAVE_UNISTD_H
+#  include <unistd.h>
+#endif
+
+#include "curl_gethostname.h"
+
+/*
+ * Curl_gethostname() is a wrapper around gethostname() which allows
+ * overriding the host name that the function would normally return.
+ * This capability is used by the test suite to verify exact matching
+ * of NTLM authentication, which exercises libcurl's MD4 and DES code.
+ *
+ * For libcurl debug enabled builds host name overriding takes place
+ * when environment variable CURL_GETHOSTNAME is set, using the value
+ * held by the variable to override returned host name.
+ *
+ * For libcurl shared library release builds the test suite preloads
+ * another shared library named libhostname using the LD_PRELOAD
+ * mechanism which intercepts, and might override, the gethostname()
+ * function call. In this case a given platform must support the
+ * LD_PRELOAD mechanism and additionally have environment variable
+ * CURL_GETHOSTNAME set in order to override the returned host name.
+ *
+ * For libcurl static library release builds no overriding takes place.
+ */
+
+int Curl_gethostname(char *name, GETHOSTNAME_TYPE_ARG2 namelen) {
+
+#ifndef HAVE_GETHOSTNAME
+
+  /* Allow compilation and return failure when unavailable */
+  (void) name;
+  (void) namelen;
+  return -1;
+
+#else
+
+#ifdef DEBUGBUILD
+
+  /* Override host name when environment variable CURL_GETHOSTNAME is set */
+  const char *force_hostname = getenv("CURL_GETHOSTNAME");
+  if(force_hostname) {
+    strncpy(name, force_hostname, namelen);
+    name[namelen-1] = '\0';
+    return 0;
+  }
+
+#endif /* DEBUGBUILD */
+
+  /* The call to system's gethostname() might get intercepted by the
+     libhostname library when libcurl is built as a non-debug shared
+     library when running the test suite. */
+  return gethostname(name, namelen);
+
+#endif
+
+}
--- a/lib/curl_gethostname.h
+++ b/lib/curl_gethostname.h
@@ -0,0 +1,27 @@
+#ifndef HEADER_CURL_GETHOSTNAME_H
+#define HEADER_CURL_GETHOSTNAME_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+int Curl_gethostname(char *name, GETHOSTNAME_TYPE_ARG2 namelen);
+
+#endif /* HEADER_CURL_GETHOSTNAME_H */
--- a/lib/curl_md4.h
+++ b/lib/curl_md4.h
@@ -0,0 +1,33 @@
+#ifndef HEADER_CURL_MD4_H
+#define HEADER_CURL_MD4_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#include "setup.h"
+
+/* NSS crypto library does not provide the MD4 hash algorithm, so that we have
+ * a local implementation of it */
+#ifdef USE_NSS
+void Curl_md4it(unsigned char *output, const unsigned char *input, size_t len);
+#endif /* USE_NSS */
+
+#endif /* HEADER_CURL_MD4_H */
--- a/lib/curl_sspi.c
+++ b/lib/curl_sspi.c
@@ -36,6 +36,9 @@
 #include "memdebug.h"


+/* We use our own typedef here since some headers might lack these */
+typedef PSecurityFunctionTableA (APIENTRY *INITSECURITYINTERFACE_FN_A)(VOID);
+
 /* Handle of security.dll or secur32.dll, depending on Windows version */
 HMODULE s_hSecDll = NULL;

@@ -59,7 +62,7 @@ CURLcode
 Curl_sspi_global_init(void)
 {
  OSVERSIONINFO osver;
-  INIT_SECURITY_INTERFACE_A pInitSecurityInterface;
+  INITSECURITYINTERFACE_FN_A pInitSecurityInterface;

  /* If security interface is not yet initialized try to do this */
  if(s_hSecDll == NULL) {
@@ -84,7 +87,7 @@ Curl_sspi_global_init(void)
      return CURLE_FAILED_INIT;

    /* Get address of the InitSecurityInterfaceA function from the SSPI dll */
-    pInitSecurityInterface = (INIT_SECURITY_INTERFACE_A)
+    pInitSecurityInterface = (INITSECURITYINTERFACE_FN_A)
      GetProcAddress(s_hSecDll, "InitSecurityInterfaceA");
    if(! pInitSecurityInterface)
      return CURLE_FAILED_INIT;
--- a/lib/easy.c
+++ b/lib/easy.c
@@ -700,8 +700,9 @@ CURL *curl_easy_duphandle(CURL *incurl)
    }

 #ifdef USE_ARES
-    /* If we use ares, we setup a new ares channel for the new handle */
-    if(ARES_SUCCESS != ares_init(&outcurl->state.areschannel))
+    /* If we use ares, we clone the ares channel for the new handle */
+    if(ARES_SUCCESS != ares_dup(&outcurl->state.areschannel,
+                                data->state.areschannel))
      break;
 #endif

@@ -1072,9 +1073,6 @@ static CURLcode easy_connection(struct SessionHandle *data,
                                curl_socket_t *sfd,
                                struct connectdata **connp)
 {
-  CURLcode ret;
-  long sockfd;
-
  if(data == NULL)
    return CURLE_BAD_FUNCTION_ARGUMENT;

@@ -1084,18 +1082,13 @@ static CURLcode easy_connection(struct SessionHandle *data,
    return CURLE_UNSUPPORTED_PROTOCOL;
  }

-  ret = Curl_getconnectinfo(data, &sockfd, connp);
-  if(ret != CURLE_OK)
-    return ret;
+  *sfd = Curl_getconnectinfo(data, connp);

-  if(sockfd == -1) {
+  if(*sfd == CURL_SOCKET_BAD) {
    failf(data, "Failed to get recent socket");
    return CURLE_UNSUPPORTED_PROTOCOL;
  }

-  *sfd = (curl_socket_t)sockfd; /* we know that this is actually a socket
-                                   descriptor so the typecast is fine here */
-
  return CURLE_OK;
 }

--- a/lib/escape.c
+++ b/lib/escape.c
@@ -43,8 +43,10 @@
 #include "memdebug.h"

 /* Portable character check (remember EBCDIC). Do not use isalnum() because
-its behavior is altered by the current locale. */
-static bool Curl_isalnum(unsigned char in)
+   its behavior is altered by the current locale.
+   See http://tools.ietf.org/html/rfc3986#section-2.3
+*/
+static bool Curl_isunreserved(unsigned char in)
 {
  switch (in) {
    case '0': case '1': case '2': case '3': case '4':
@@ -59,6 +61,7 @@ static bool Curl_isalnum(unsigned char in)
    case 'K': case 'L': case 'M': case 'N': case 'O':
    case 'P': case 'Q': case 'R': case 'S': case 'T':
    case 'U': case 'V': case 'W': case 'X': case 'Y': case 'Z':
+    case '-': case '.': case '_': case '~':
      return TRUE;
    default:
      break;
@@ -100,7 +103,7 @@ char *curl_easy_escape(CURL *handle, const char *string, int inlength)
  while(length--) {
    in = *string;

-    if (Curl_isalnum(in)) {
+    if (Curl_isunreserved(in)) {
      /* just copy this */
      ns[strindex++]=in;
    }
--- a/lib/ftp.c
+++ b/lib/ftp.c
@@ -324,7 +324,7 @@ static CURLcode AllowServerConnect(struct connectdata *conn)
  for(;;) {
    timeout_ms = Curl_timeleft(conn, NULL, TRUE);

-    if(timeout_ms <= 0) {
+    if(timeout_ms < 0) {
      /* if a timeout was already reached, bail out */
      failf(data, "Timeout while waiting for server connect");
      return CURLE_OPERATION_TIMEDOUT;
@@ -2424,7 +2424,7 @@ static CURLcode ftp_statemach_act(struct connectdata *conn)
           set a valid level */
        Curl_sec_request_prot(conn, data->set.str[STRING_KRB_LEVEL]);

-        if(Curl_sec_login(conn) != 0)
+        if(Curl_sec_login(conn) != CURLE_OK)
          infof(data, "Logging in with password in cleartext!\n");
        else
          infof(data, "Authentication successful\n");
@@ -3076,10 +3076,6 @@ static CURLcode ftp_done(struct connectdata *conn, CURLcode status,
  /* free the dir tree and file parts */
  freedirs(ftpc);

-#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
-  Curl_sec_fflush_fd(conn, conn->sock[SECONDARYSOCKET]);
-#endif
-
  /* shut down the socket to inform the server we're done */

 #ifdef _WIN32_WCE
@@ -3203,6 +3199,8 @@ CURLcode ftp_sendquote(struct connectdata *conn, struct curl_slist *quote)
  ssize_t nread;
  int ftpcode;
  CURLcode result;
+  struct ftp_conn *ftpc = &conn->proto.ftpc;
+  struct pingpong *pp = &ftpc->pp;

  item = quote;
  while(item) {
@@ -3222,6 +3220,8 @@ CURLcode ftp_sendquote(struct connectdata *conn, struct curl_slist *quote)

      FTPSENDF(conn, "%s", cmd);

+      pp->response = Curl_tvnow(); /* timeout relative now */
+
      result = Curl_GetFTPResponse(&nread, conn, &ftpcode);
      if(result)
        return result;
@@ -3509,7 +3509,7 @@ static CURLcode init_wc_data(struct connectdata *conn)
      path[0] = '\0';
    }
    else { /* only list */
-      conn->data->set.wildcardmatch = FALSE;
+      wildcard->state = CURLWC_CLEAN;
      ret = ftp_parse_url_path(conn);
      return ret;
    }
@@ -3526,8 +3526,10 @@ static CURLcode init_wc_data(struct connectdata *conn)

  /* INITIALIZE parselist structure */
  ftp_tmp->parser = Curl_ftp_parselist_data_alloc();
-  if(!ftp_tmp->parser)
+  if(!ftp_tmp->parser) {
+    free(ftp_tmp);
    return CURLE_OUT_OF_MEMORY;
+  }

  wildcard->tmp = ftp_tmp; /* put it to the WildcardData tmp pointer */
  wildcard->tmp_dtor = wc_data_dtor;
@@ -3858,6 +3860,10 @@ static CURLcode ftp_disconnect(struct connectdata *conn)

  Curl_pp_disconnect(pp);

+#if defined(HAVE_KRB4) || defined(HAVE_GSSAPI)
+  Curl_sec_end(conn);
+#endif
+
  return CURLE_OK;
 }

@@ -4172,6 +4178,7 @@ static CURLcode ftp_setup_connection(struct connectdata * conn)
  }

  data->state.path++;   /* don't include the initial slash */
+  data->state.slash_removed = TRUE; /* we've skipped the slash */

  /* FTP URLs support an extension like ";type=<typecode>" that
   * we'll try to get now! */
@@ -4183,6 +4190,7 @@ static CURLcode ftp_setup_connection(struct connectdata * conn)
  if(type) {
    *type = 0;                     /* it was in the middle of the hostname */
    command = Curl_raw_toupper(type[6]);
+    conn->bits.type_set = TRUE;

    switch (command) {
    case 'A': /* ASCII mode */
--- a/lib/ftplistparser.c
+++ b/lib/ftplistparser.c
@@ -61,7 +61,8 @@
 #define FTP_BUFFER_ALLOCSIZE 160

 typedef enum {
-  PL_UNIX_FILETYPE = 0,
+  PL_UNIX_TOTALSIZE = 0,
+  PL_UNIX_FILETYPE,
  PL_UNIX_PERMISSION,
  PL_UNIX_HLINKS,
  PL_UNIX_USER,
@@ -73,6 +74,11 @@ typedef enum {
 } pl_unix_mainstate;

 typedef union {
+  enum {
+    PL_UNIX_TOTALSIZE_INIT = 0,
+    PL_UNIX_TOTALSIZE_READING
+  } total_dirsize;
+
  enum {
    PL_UNIX_HLINKS_PRESPACE = 0,
    PL_UNIX_HLINKS_NUMBER
@@ -396,7 +402,7 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t nmemb,
    }

    finfo = parser->file_data;
-    finfo->b_data[finfo->b_used++] = buffer[i];
+    finfo->b_data[finfo->b_used++] = c;

    if(finfo->b_used >= finfo->b_size - 1) {
      /* if it is important, extend buffer space for file data */
@@ -418,6 +424,49 @@ size_t Curl_ftp_parselist(char *buffer, size_t size, size_t nmemb,
    switch (parser->os_type) {
    case OS_TYPE_UNIX:
      switch (parser->state.UNIX.main) {
+      case PL_UNIX_TOTALSIZE:
+        switch(parser->state.UNIX.sub.total_dirsize) {
+        case PL_UNIX_TOTALSIZE_INIT:
+          if(c == 't') {
+            parser->state.UNIX.sub.total_dirsize = PL_UNIX_TOTALSIZE_READING;
+            parser->item_length++;
+          }
+          else {
+            parser->state.UNIX.main = PL_UNIX_FILETYPE;
+            /* start FSM again not considering size of directory */
+            finfo->b_used = 0;
+            i--;
+          }
+          break;
+        case PL_UNIX_TOTALSIZE_READING:
+          parser->item_length++;
+          if(c == '\r') {
+            parser->item_length--;
+            finfo->b_used--;
+          }
+          else if(c == '\n') {
+            finfo->b_data[parser->item_length - 1] = 0;
+            if(strncmp("total ", finfo->b_data, 6) == 0) {
+              char *endptr = NULL;
+              /* here we can deal with directory size */
+              curlx_strtoofft(finfo->b_data+6, &endptr, 10);
+              if(*endptr != 0) {
+                PL_ERROR(conn, CURLE_FTP_BAD_FILE_LIST);
+                return bufflen;
+              }
+              else {
+                parser->state.UNIX.main = PL_UNIX_FILETYPE;
+                finfo->b_used = 0;
+              }
+            }
+            else {
+              PL_ERROR(conn, CURLE_FTP_BAD_FILE_LIST);
+              return bufflen;
+            }
+          }
+          break;
+        }
+        break;
      case PL_UNIX_FILETYPE:
        switch (c) {
        case '-':
--- a/lib/getinfo.c
+++ b/lib/getinfo.c
@@ -83,6 +83,7 @@ CURLcode Curl_getinfo(struct SessionHandle *data, CURLINFO info, ...)
  char **param_charp=NULL;
  struct curl_slist **param_slistp=NULL;
  int type;
+  curl_socket_t sockfd;

  union {
    struct curl_certinfo * to_certinfo;
@@ -219,7 +220,16 @@ CURLcode Curl_getinfo(struct SessionHandle *data, CURLINFO info, ...)
    *param_charp = data->state.most_recent_ftp_entrypath;
    break;
  case CURLINFO_LASTSOCKET:
-    (void)Curl_getconnectinfo(data, param_longp, NULL);
+    sockfd = Curl_getconnectinfo(data, NULL);
+
+    /* note: this is not a good conversion for systems with 64 bit sockets and
+       32 bit longs */
+    if(sockfd != CURL_SOCKET_BAD)
+      *param_longp = (long)sockfd;
+    else
+      /* this interface is documented to return -1 in case of badness, which
+         may not be the same as the CURL_SOCKET_BAD value */
+      *param_longp = -1;
    break;
  case CURLINFO_REDIRECT_URL:
    /* Return the URL this request would have been redirected to if that
--- a/lib/gopher.c
+++ b/lib/gopher.c
@@ -0,0 +1,208 @@
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#include "setup.h"
+
+#ifndef CURL_DISABLE_GOPHER
+
+/* -- WIN32 approved -- */
+#include <stdio.h>
+#include <string.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <ctype.h>
+
+#ifdef WIN32
+#include <time.h>
+#include <io.h>
+#else
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#include <netinet/in.h>
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#include <netdb.h>
+#ifdef HAVE_ARPA_INET_H
+#include <arpa/inet.h>
+#endif
+#ifdef HAVE_NET_IF_H
+#include <net/if.h>
+#endif
+#ifdef HAVE_SYS_IOCTL_H
+#include <sys/ioctl.h>
+#endif
+
+#ifdef HAVE_SYS_PARAM_H
+#include <sys/param.h>
+#endif
+
+#ifdef HAVE_SYS_SELECT_H
+#include <sys/select.h>
+#endif
+
+
+#endif
+
+#include "urldata.h"
+#include <curl/curl.h>
+#include "transfer.h"
+#include "sendf.h"
+
+#include "progress.h"
+#include "strequal.h"
+#include "gopher.h"
+#include "rawstr.h"
+#include "select.h"
+#include "url.h"
+
+#define _MPRINTF_REPLACE /* use our functions only */
+#include <curl/mprintf.h>
+
+/* The last #include file should be: */
+#include "memdebug.h"
+
+
+/*
+ * Forward declarations.
+ */
+
+static CURLcode gopher_do(struct connectdata *conn, bool *done);
+
+/*
+ * Gopher protocol handler.
+ * This is also a nice simple template to build off for simple
+ * connect-command-download protocols.
+ */
+
+const struct Curl_handler Curl_handler_gopher = {
+  "GOPHER",                             /* scheme */
+  ZERO_NULL,                            /* setup_connection */
+  gopher_do,                            /* do_it */
+  ZERO_NULL,                            /* done */
+  ZERO_NULL,                            /* do_more */
+  ZERO_NULL,                            /* connect_it */
+  ZERO_NULL,                            /* connecting */
+  ZERO_NULL,                            /* doing */
+  ZERO_NULL,                            /* proto_getsock */
+  ZERO_NULL,                            /* doing_getsock */
+  ZERO_NULL,                            /* perform_getsock */
+  ZERO_NULL,                            /* disconnect */
+  PORT_GOPHER,                          /* defport */
+  PROT_GOPHER                           /* protocol */
+};
+
+static CURLcode gopher_do(struct connectdata *conn, bool *done)
+{
+  CURLcode result=CURLE_OK;
+  struct SessionHandle *data=conn->data;
+  curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
+
+  curl_off_t *bytecount = &data->req.bytecount;
+  char *path = data->state.path;
+  char *sel;
+  char *sel_org = NULL;
+  ssize_t amount, k;
+
+  *done = TRUE; /* unconditionally */
+
+  /* Create selector. Degenerate cases: / and /1 => convert to "" */
+  if (strlen(path) <= 2)
+    sel = (char *)"";
+  else {
+    char *newp;
+    size_t j, i;
+    int len;
+
+    /* Otherwise, drop / and the first character (i.e., item type) ... */
+    newp = path;
+    newp+=2;
+
+    /* ... then turn ? into TAB for search servers, Veronica, etc. ... */
+    j = strlen(newp);
+    for(i=0; i<j; i++)
+      if(newp[i] == '?')
+        newp[i] = '\x09';
+
+    /* ... and finally unescape */
+    sel = curl_easy_unescape(data, newp, 0, &len);
+    if (!sel)
+      return CURLE_OUT_OF_MEMORY;
+    sel_org = sel;
+  }
+
+  /* We use Curl_write instead of Curl_sendf to make sure the entire buffer is
+     sent, which could be sizeable with long selectors. */
+  k = strlen(sel);
+
+  for(;;) {
+    result = Curl_write(conn, sockfd, sel, k, &amount);
+    if (CURLE_OK == result) { /* Which may not have written it all! */
+      result = Curl_client_write(conn, CLIENTWRITE_HEADER, sel, amount);
+      if(result) {
+        Curl_safefree(sel_org);
+        return result;
+      }
+      k -= amount;
+      sel += amount;
+      if (k < 1)
+        break; /* but it did write it all */
+    }
+    else {
+      failf(data, "Failed sending Gopher request");
+      Curl_safefree(sel_org);
+      return result;
+    }
+    /* Don't busyloop. The entire loop thing is a work-around as it causes a
+       BLOCKING behavior which is a NO-NO. This function should rather be
+       split up in a do and a doing piece where the pieces that aren't
+       possible to send now will be sent in the doing function repeatedly
+       until the entire request is sent.
+
+       Wait a while for the socket to be writable. Note that this doesn't
+       acknowledge the timeout.
+    */
+    Curl_socket_ready(CURL_SOCKET_BAD, sockfd, 100);
+  }
+
+  Curl_safefree(sel_org);
+
+  /* We can use Curl_sendf to send the terminal \r\n relatively safely and
+     save allocing another string/doing another _write loop. */
+  result = Curl_sendf(sockfd, conn, "\r\n");
+  if (result != CURLE_OK) {
+    failf(data, "Failed sending Gopher request");
+    return result;
+  }
+  result = Curl_client_write(conn, CLIENTWRITE_HEADER, (char *)"\r\n", 2);
+  if(result)
+    return result;
+
+  Curl_setup_transfer(conn, FIRSTSOCKET, -1, FALSE, bytecount,
+                      -1, NULL); /* no upload */
+  return CURLE_OK;
+}
+#endif /*CURL_DISABLE_GOPHER*/
--- a/lib/gopher.h
+++ b/lib/gopher.h
@@ -0,0 +1,29 @@
+#ifndef HEADER_CURL_GOPHER_H
+#define HEADER_CURL_GOPHER_H
+/***************************************************************************
+ *                                  _   _ ____  _
+ *  Project                     ___| | | |  _ \| |
+ *                             / __| | | | |_) | |
+ *                            | (__| |_| |  _ <| |___
+ *                             \___|\___/|_| \_\_____|
+ *
+ * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+ *
+ * This software is licensed as described in the file COPYING, which
+ * you should have received as part of this distribution. The terms
+ * are also available at http://curl.haxx.se/docs/copyright.html.
+ *
+ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+ * copies of the Software, and permit persons to whom the Software is
+ * furnished to do so, under the terms of the COPYING file.
+ *
+ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+ * KIND, either express or implied.
+ *
+ ***************************************************************************/
+
+#ifndef CURL_DISABLE_GOPHER
+extern const struct Curl_handler Curl_handler_gopher;
+#endif
+
+#endif /* HEADER_CURL_GOPHER_H */
--- a/lib/hostthre.c
+++ b/lib/hostthre.c
@@ -419,8 +419,6 @@ CURLcode Curl_is_resolved(struct connectdata *conn,

  if (done) {
    getaddrinfo_complete(conn);
-    if (td->poll_interval != 0)
-        Curl_expire(conn->data, 0);
    Curl_destroy_thread_data(&conn->async);

    if(!conn->async.dns) {
@@ -431,26 +429,21 @@ CURLcode Curl_is_resolved(struct connectdata *conn,
    *entry = conn->async.dns;
  } else {
    /* poll for name lookup done with exponential backoff up to 250ms */
-    int elapsed;
-
-    elapsed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
-    if (elapsed < 0) {
+    int elapsed = Curl_tvdiff(Curl_tvnow(), data->progress.t_startsingle);
+    if (elapsed < 0)
      elapsed = 0;
-    }

-    if (td->poll_interval == 0) {
+    if (td->poll_interval == 0)
      /* Start at 1ms poll interval */
      td->poll_interval = 1;
-    } else if (elapsed >= td->interval_end) {
+    else if (elapsed >= td->interval_end)
      /* Back-off exponentially if last interval expired  */
      td->poll_interval *= 2;
-    }

    if (td->poll_interval > 250)
      td->poll_interval = 250;

    td->interval_end = elapsed + td->poll_interval;
-
    Curl_expire(conn->data, td->poll_interval);
  }

@@ -484,8 +477,6 @@ Curl_addrinfo *Curl_getaddrinfo(struct connectdata *conn,
                                int port,
                                int *waitp)
 {
-  struct hostent *h = NULL;
-  struct SessionHandle *data = conn->data;
  struct in_addr in;

  *waitp = 0; /* default to synchronous response */
--- a/lib/http.c
+++ b/lib/http.c
@@ -977,12 +977,15 @@ Curl_send_buffer *Curl_add_buffer_init(void)
 * Returns CURLcode
 */
 CURLcode Curl_add_buffer_send(Curl_send_buffer *in,
-                         struct connectdata *conn,
-                         long *bytes_written, /* add the number of sent bytes
-                                                 to this counter */
-                         size_t included_body_bytes, /* how much of the buffer
-                                                        contains body data */
-                         int socketindex)
+                              struct connectdata *conn,
+
+                               /* add the number of sent bytes to this
+                                  counter */
+                              long *bytes_written,
+
+                               /* how much of the buffer contains body data */
+                              size_t included_body_bytes,
+                              int socketindex)

 {
  ssize_t amount;
@@ -1069,7 +1072,10 @@ CURLcode Curl_add_buffer_send(Curl_send_buffer *in,
         accordingly */
      http->writebytecount += bodylen;

-    *bytes_written += amount;
+    /* 'amount' can never be a very large value here so typecasting it so a
+       signed 31 bit value should not cause problems even if ssize_t is
+       64bit */
+    *bytes_written += (long)amount;

    if(http) {
      if((size_t)amount != size) {
@@ -1380,7 +1386,7 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn,
        if(CURLE_OK == result) {
          /* Now send off the request */
          result = Curl_add_buffer_send(req_buffer, conn,
-                                   &data->info.request_size, 0, sockindex);
+                                        &data->info.request_size, 0, sockindex);
        }
        req_buffer = NULL;
        if(result)
@@ -2222,7 +2228,10 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    if((conn->protocol&PROT_HTTP) &&
        data->set.upload &&
        (data->set.infilesize == -1)) {
-      if (use_http_1_1(data, conn)) {
+      if(conn->bits.authneg)
+        /* don't enable chunked during auth neg */
+        ;
+      else if(use_http_1_1(data, conn)) {
        /* HTTP, upload, unknown file size and not HTTP 1.0 */
        data->req.upload_chunky = TRUE;
      }
@@ -2527,7 +2536,8 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
  /* url */
  if (paste_ftp_userpwd)
    result = Curl_add_bufferf(req_buffer, "ftp://%s:%s@%s",
-        conn->user, conn->passwd, ppath + sizeof("ftp://") - 1);
+                              conn->user, conn->passwd,
+                              ppath + sizeof("ftp://") - 1);
  else
    result = Curl_add_buffer(req_buffer, ppath, strlen(ppath));
  if (result)
@@ -2732,7 +2742,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)

    /* fire away the whole request to the server */
    result = Curl_add_buffer_send(req_buffer, conn,
-                             &data->info.request_size, 0, FIRSTSOCKET);
+                                  &data->info.request_size, 0, FIRSTSOCKET);
    if(result)
      failf(data, "Failed sending POST request");
    else
@@ -2784,7 +2794,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)

    /* this sends the buffer and frees all the buffer resources */
    result = Curl_add_buffer_send(req_buffer, conn,
-                             &data->info.request_size, 0, FIRSTSOCKET);
+                                  &data->info.request_size, 0, FIRSTSOCKET);
    if(result)
      failf(data, "Failed sending PUT request");
    else
@@ -2884,6 +2894,8 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
        }
        if(result)
          return result;
+        /* Make sure the progress information is accurate */
+        Curl_pgrsSetUploadSize(data, postsize);
      }
      else {
        /* A huge POST coming up, do data separate from the request */
@@ -2933,7 +2945,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
    }
    /* issue the request */
    result = Curl_add_buffer_send(req_buffer, conn, &data->info.request_size,
-                             (size_t)included_body, FIRSTSOCKET);
+                                  (size_t)included_body, FIRSTSOCKET);

    if(result)
      failf(data, "Failed sending HTTP POST request");
@@ -2950,7 +2962,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)

    /* issue the request */
    result = Curl_add_buffer_send(req_buffer, conn,
-                             &data->info.request_size, 0, FIRSTSOCKET);
+                                  &data->info.request_size, 0, FIRSTSOCKET);

    if(result)
      failf(data, "Failed sending HTTP request");
@@ -3281,13 +3293,6 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
      data->req.deductheadercount =
        (100 <= k->httpcode && 199 >= k->httpcode)?data->req.headerbytecount:0;

-      if(data->state.resume_from &&
-         (data->set.httpreq==HTTPREQ_GET) &&
-         (k->httpcode == 416)) {
-        /* "Requested Range Not Satisfiable" */
-        *stop_reading = TRUE;
-      }
-
      if(!*stop_reading) {
        /* Curl_http_auth_act() checks what authentication methods
         * that are available and decides which one (if any) to
@@ -3500,9 +3505,6 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
           * message-body, and thus is always terminated by the first
           * empty line after the header fields. */
          /* FALLTHROUGH */
-        case 416: /* Requested Range Not Satisfiable, it has the
-                     Content-Length: set as the "real" document but no
-                     actual response is sent. */
        case 304:
          /* (quote from RFC2616, section 10.3.5): The 304 response
           * MUST NOT contain a message-body, and thus is always
@@ -3534,10 +3536,7 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
    /* Curl_convert_from_network calls failf if unsuccessful */
 #endif /* CURL_DOES_CONVERSIONS */

-    /* Check for Content-Length: header lines to get size. Ignore
-       the header completely if we get a 416 response as then we're
-       resuming a document that we don't get, and this header contains
-       info about the true size of the document we didn't get now. */
+    /* Check for Content-Length: header lines to get size */
    if(!k->ignorecl && !data->set.ignorecl &&
       checkprefix("Content-Length:", k->p)) {
      curl_off_t contentlength = curlx_strtoofft(k->p+15, NULL, 10);
@@ -3635,20 +3634,6 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
      /* init our chunky engine */
      Curl_httpchunk_init(conn);
    }
-
-    else if(checkprefix("Trailer:", k->p) ||
-            checkprefix("Trailers:", k->p)) {
-      /*
-       * This test helps Curl_httpchunk_read() to determine to look
-       * for well formed trailers after the zero chunksize record. In
-       * this case a CRLF is required after the zero chunksize record
-       * when no trailers are sent, or after the last trailer record.
-       *
-       * It seems both Trailer: and Trailers: occur in the wild.
-       */
-      k->trailerhdrpresent = TRUE;
-    }
-
    else if(checkprefix("Content-Encoding:", k->p) &&
            data->set.str[STRING_ENCODING]) {
      /*
--- a/lib/http.h
+++ b/lib/http.h
@@ -56,11 +56,10 @@ Curl_send_buffer *Curl_add_buffer_init(void);
 CURLcode Curl_add_bufferf(Curl_send_buffer *in, const char *fmt, ...);
 CURLcode Curl_add_buffer(Curl_send_buffer *in, const void *inptr, size_t size);
 CURLcode Curl_add_buffer_send(Curl_send_buffer *in,
-                         struct connectdata *conn,
-                         long *bytes_written,
-                         size_t included_body_bytes,
-                         int socketindex);
-
+                              struct connectdata *conn,
+                              long *bytes_written,
+                              size_t included_body_bytes,
+                              int socketindex);

 CURLcode Curl_add_timecondition(struct SessionHandle *data,
                                Curl_send_buffer *buf);
--- a/lib/http_chunks.c
+++ b/lib/http_chunks.c
@@ -184,22 +184,8 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
      if(*datap == 0x0a) {
        /* we're now expecting data to come, unless size was zero! */
        if(0 == ch->datasize) {
-          if(k->trailerhdrpresent!=TRUE) {
-            /* No Trailer: header found - revert to original Curl processing */
-            ch->state = CHUNK_STOPCR;
-
-            /* We need to increment the datap here since we bypass the
-               increment below with the immediate break */
-            length--;
-            datap++;
-
-            /* This is the final byte, continue to read the final CRLF */
-            break;
-          }
-          else {
-            ch->state = CHUNK_TRAILER; /* attempt to read trailers */
-            conn->trlPos=0;
-          }
+          ch->state = CHUNK_TRAILER; /* now check for trailers */
+          conn->trlPos=0;
        }
        else {
          ch->state = CHUNK_DATA;
@@ -280,9 +266,9 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
        datap++;
        length--;
      }
-      else {
+      else
        return CHUNKE_BAD_CHUNK;
-      }
+
      break;

    case CHUNK_POSTLF:
@@ -295,44 +281,76 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
        datap++;
        length--;
      }
-      else {
+      else
        return CHUNKE_BAD_CHUNK;
-      }

      break;

    case CHUNK_TRAILER:
-      /* conn->trailer is assumed to be freed in url.c on a
-         connection basis */
-      if(conn->trlPos >= conn->trlMax) {
-        /* in this logic we always allocate one byte more than trlMax
-           contains, just because CHUNK_TRAILER_POSTCR will append two bytes
-           so we need to make sure we have room for an extra byte */
-        char *ptr;
-        if(conn->trlMax) {
-          conn->trlMax *= 2;
-          ptr = realloc(conn->trailer, conn->trlMax + 1);
+      if(*datap == 0x0d) {
+        /* this is the end of a trailer, but if the trailer was zero bytes
+           there was no trailer and we move on */
+
+        if(conn->trlPos) {
+          /* we allocate trailer with 3 bytes extra room to fit this */
+          conn->trailer[conn->trlPos++]=0x0d;
+          conn->trailer[conn->trlPos++]=0x0a;
+          conn->trailer[conn->trlPos]=0;
+
+#ifdef CURL_DOES_CONVERSIONS
+          /* Convert to host encoding before calling Curl_client_write */
+          result = Curl_convert_from_network(conn->data,
+                                             conn->trailer,
+                                             conn->trlPos);
+          if(result != CURLE_OK)
+            /* Curl_convert_from_network calls failf if unsuccessful */
+            /* Treat it as a bad chunk */
+            return CHUNKE_BAD_CHUNK;
+
+#endif /* CURL_DOES_CONVERSIONS */
+          if(!data->set.http_te_skip) {
+            result = Curl_client_write(conn, CLIENTWRITE_HEADER,
+                                       conn->trailer, conn->trlPos);
+            if(result)
+              return CHUNKE_WRITE_ERROR;
+          }
+          conn->trlPos=0;
+          ch->state = CHUNK_TRAILER_CR;
        }
        else {
-          conn->trlMax=128;
-          ptr = malloc(conn->trlMax + 1);
+          /* no trailer, we're on the final CRLF pair */
+          ch->state = CHUNK_TRAILER_POSTCR;
+          break; /* don't advance the pointer */
        }
-        if(!ptr)
-          return CHUNKE_OUT_OF_MEMORY;
-        conn->trailer = ptr;
      }
-      conn->trailer[conn->trlPos++]=*datap;
-
-      if(*datap == 0x0d)
-        ch->state = CHUNK_TRAILER_CR;
      else {
-        datap++;
-        length--;
+        /* conn->trailer is assumed to be freed in url.c on a
+           connection basis */
+        if(conn->trlPos >= conn->trlMax) {
+          /* we always allocate three extra bytes, just because when the full
+             header has been received we append CRLF\0 */
+          char *ptr;
+          if(conn->trlMax) {
+            conn->trlMax *= 2;
+            ptr = realloc(conn->trailer, conn->trlMax + 3);
+          }
+          else {
+            conn->trlMax=128;
+            ptr = malloc(conn->trlMax + 3);
+          }
+          if(!ptr)
+            return CHUNKE_OUT_OF_MEMORY;
+          conn->trailer = ptr;
+        }
+        fprintf(stderr, "MOO: %c\n", *datap);
+        conn->trailer[conn->trlPos++]=*datap;
      }
+      datap++;
+      length--;
      break;

    case CHUNK_TRAILER_CR:
-      if(*datap == 0x0d) {
+      if(*datap == 0x0a) {
        ch->state = CHUNK_TRAILER_POSTCR;
        datap++;
        length--;
@@ -342,48 +360,17 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
      break;

    case CHUNK_TRAILER_POSTCR:
-      if(*datap == 0x0a) {
-        conn->trailer[conn->trlPos++]=0x0a;
-        conn->trailer[conn->trlPos]=0;
-        if(conn->trlPos==2) {
-          ch->state = CHUNK_STOP;
-          length--;
-
-          /*
-           * Note that this case skips over the final STOP states since we've
-           * already read the final CRLF and need to return
-           */
-
-          ch->dataleft = length;
-
-          return CHUNKE_STOP; /* return stop */
-        }
-        else {
-#ifdef CURL_DOES_CONVERSIONS
-          /* Convert to host encoding before calling Curl_client_write */
-          result = Curl_convert_from_network(conn->data,
-                                             conn->trailer,
-                                             conn->trlPos);
-          if(result != CURLE_OK) {
-            /* Curl_convert_from_network calls failf if unsuccessful */
-            /* Treat it as a bad chunk */
-            return(CHUNKE_BAD_CHUNK);
-          }
-#endif /* CURL_DOES_CONVERSIONS */
-          if(!data->set.http_te_skip) {
-            result = Curl_client_write(conn, CLIENTWRITE_HEADER,
-                                       conn->trailer, conn->trlPos);
-            if(result)
-              return CHUNKE_WRITE_ERROR;
-          }
-        }
+      /* We enter this state when a CR should arrive so we expect to
+         have to first pass a CR before we wait for LF */
+      if(*datap != 0x0d) {
+        /* not a CR then it must be another header in the trailer */
        ch->state = CHUNK_TRAILER;
-        conn->trlPos=0;
-        datap++;
-        length--;
+        break;
      }
-      else
-        return CHUNKE_BAD_CHUNK;
+      datap++;
+      length--;
+      /* now wait for the final LF */
+      ch->state = CHUNK_STOP;
      break;

    case CHUNK_STOPCR:
@@ -394,9 +381,8 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
        datap++;
        length--;
      }
-      else {
+      else
        return CHUNKE_BAD_CHUNK;
-      }
      break;

    case CHUNK_STOP:
@@ -409,9 +395,8 @@ CHUNKcode Curl_httpchunk_read(struct connectdata *conn,
        ch->dataleft = length;
        return CHUNKE_STOP; /* return stop */
      }
-      else {
+      else
        return CHUNKE_BAD_CHUNK;
-      }

    default:
      return CHUNKE_STATE_ERROR;
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -129,7 +129,6 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
                             const char *header) /* rest of the *-authenticate:
                                                    header */
 {
-  bool more = TRUE;
  char *token = NULL;
  char *tmp = NULL;
  bool foundAuth = FALSE;
@@ -159,7 +158,7 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
    /* clear off any former leftovers and init to defaults */
    Curl_digest_cleanup_one(d);

-    while(more) {
+    while(1) {
      char value[MAX_VALUE_LENGTH];
      char content[MAX_CONTENT_LENGTH];

--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -5,7 +5,7 @@
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
- * Copyright (C) 1998 - 2009, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2010, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
@@ -277,6 +277,7 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
    &conn->data->state.negotiate;
  char *encoded = NULL;
  size_t len;
+  char *userp;

 #ifdef HAVE_SPNEGO /* Handle SPNEGO */
  if(checkprefix("Negotiate", neg_ctx->protocol)) {
@@ -330,12 +331,16 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
  if(len == 0)
    return CURLE_OUT_OF_MEMORY;

-  conn->allocptr.userpwd =
-    aprintf("%sAuthorization: %s %s\r\n", proxy ? "Proxy-" : "",
-            neg_ctx->protocol, encoded);
+  userp = aprintf("%sAuthorization: %s %s\r\n", proxy ? "Proxy-" : "",
+                  neg_ctx->protocol, encoded);
+
+  if(proxy)
+    conn->allocptr.proxyuserpwd = userp;
+  else
+    conn->allocptr.userpwd = userp;
  free(encoded);
  Curl_cleanup_negotiate (conn->data);
-  return (conn->allocptr.userpwd == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;
+  return (userp == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;
 }

 static void cleanup(struct negotiatedata *neg_ctx)
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -58,6 +58,7 @@
 #include "curl_base64.h"
 #include "http_ntlm.h"
 #include "url.h"
+#include "curl_gethostname.h"
 #include "curl_memory.h"

 #define _MPRINTF_REPLACE /* use our functions only */
@@ -116,6 +117,15 @@
 #define MD5_DIGEST_LENGTH 16
 #define MD4_DIGEST_LENGTH 16

+#elif defined(USE_NSS)
+
+#include "curl_md4.h"
+#include "nssg.h"
+#include <nss.h>
+#include <pk11pub.h>
+#include <hasht.h>
+#define MD5_DIGEST_LENGTH MD5_LENGTH
+
 #elif defined(USE_WINDOWS_SSPI)

 #include "curl_sspi.h"
@@ -250,6 +260,11 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
  static const char type2_marker[] = { 0x02, 0x00, 0x00, 0x00 };
 #endif

+#ifdef USE_NSS
+  if(CURLE_OK != Curl_nss_force_init(conn->data))
+    return CURLNTLM_BAD;
+#endif
+
  ntlm = proxy?&conn->proxyntlm:&conn->ntlm;

  /* skip initial whitespaces */
@@ -351,16 +366,14 @@ static void setup_des_key(const unsigned char *key_56,
  DES_set_odd_parity(&key);
  DES_set_key(&key, ks);
 }
-#elif defined(USE_GNUTLS)
+
+#else /* defined(USE_SSLEAY) */

 /*
- * Turns a 56 bit key into the 64 bit, odd parity key and sets the key.
+ * Turns a 56 bit key into the 64 bit, odd parity key.  Used by GnuTLS and NSS.
 */
-static void setup_des_key(const unsigned char *key_56,
-                          gcry_cipher_hd_t *des)
+static void extend_key_56_to_64(const unsigned char *key_56, char *key)
 {
-  char key[8];
-
  key[0] = key_56[0];
  key[1] = (unsigned char)(((key_56[0] << 7) & 0xFF) | (key_56[1] >> 1));
  key[2] = (unsigned char)(((key_56[1] << 6) & 0xFF) | (key_56[2] >> 2));
@@ -369,10 +382,84 @@ static void setup_des_key(const unsigned char *key_56,
  key[5] = (unsigned char)(((key_56[4] << 3) & 0xFF) | (key_56[5] >> 5));
  key[6] = (unsigned char)(((key_56[5] << 2) & 0xFF) | (key_56[6] >> 6));
  key[7] = (unsigned char) ((key_56[6] << 1) & 0xFF);
+}

+#if defined(USE_GNUTLS)
+
+/*
+ * Turns a 56 bit key into the 64 bit, odd parity key and sets the key.
+ */
+static void setup_des_key(const unsigned char *key_56,
+                          gcry_cipher_hd_t *des)
+{
+  char key[8];
+  extend_key_56_to_64(key_56, key);
  gcry_cipher_setkey(*des, key, 8);
 }
-#endif
+
+#elif defined(USE_NSS)
+
+/*
+ * Expands a 56 bit key KEY_56 to 64 bit and encrypts 64 bit of data, using
+ * the expanded key.  The caller is responsible for giving 64 bit of valid
+ * data is IN and (at least) 64 bit large buffer as OUT.
+ */
+static bool encrypt_des(const unsigned char *in, unsigned char *out,
+                        const unsigned char *key_56)
+{
+  const CK_MECHANISM_TYPE mech = CKM_DES_ECB; /* DES cipher in ECB mode */
+  PK11SlotInfo *slot = NULL;
+  char key[8];                                /* expanded 64 bit key */
+  SECItem key_item;
+  PK11SymKey *symkey = NULL;
+  SECItem *param = NULL;
+  PK11Context *ctx = NULL;
+  int out_len;                                /* not used, required by NSS */
+  bool rv = FALSE;
+
+  /* use internal slot for DES encryption (requires NSS to be initialized) */
+  slot = PK11_GetInternalKeySlot();
+  if(!slot)
+    return FALSE;
+
+  /* expand the 56 bit key to 64 bit and wrap by NSS */
+  extend_key_56_to_64(key_56, key);
+  key_item.data = (unsigned char *)key;
+  key_item.len = /* hard-wired */ 8;
+  symkey = PK11_ImportSymKey(slot, mech, PK11_OriginUnwrap, CKA_ENCRYPT,
+                             &key_item, NULL);
+  if(!symkey)
+    goto fail;
+
+  /* create DES encryption context */
+  param = PK11_ParamFromIV(mech, /* no IV in ECB mode */ NULL);
+  if(!param)
+    goto fail;
+  ctx = PK11_CreateContextBySymKey(mech, CKA_ENCRYPT, symkey, param);
+  if(!ctx)
+    goto fail;
+
+  /* perform the encryption */
+  if(SECSuccess == PK11_CipherOp(ctx, out, &out_len, /* outbuflen */ 8,
+                                 (unsigned char *)in, /* inbuflen */ 8)
+      && SECSuccess == PK11_Finalize(ctx))
+    rv = /* all OK */ TRUE;
+
+fail:
+  /* cleanup */
+  if(ctx)
+    PK11_DestroyContext(ctx, PR_TRUE);
+  if(symkey)
+    PK11_FreeSymKey(symkey);
+  if(param)
+    SECITEM_FreeItem(param, PR_TRUE);
+  PK11_FreeSlot(slot);
+  return rv;
+}
+
+#endif /* defined(USE_NSS) */
+
+#endif /* defined(USE_SSLEAY) */

 /*
  * takes a 21 byte array and treats it as 3 56-bit DES keys. The
@@ -414,6 +501,10 @@ static void lm_resp(const unsigned char *keys,
  setup_des_key(keys+14, &des);
  gcry_cipher_encrypt(des, results+16, 8, plaintext, 8);
  gcry_cipher_close(des);
+#elif defined(USE_NSS)
+  encrypt_des(plaintext, results,    keys);
+  encrypt_des(plaintext, results+8,  keys+7);
+  encrypt_des(plaintext, results+16, keys+14);
 #endif
 }

@@ -470,11 +561,14 @@ static void mk_lm_hash(struct SessionHandle *data,
    setup_des_key(pw+7, &des);
    gcry_cipher_encrypt(des, lmbuffer+8, 8, magic, 8);
    gcry_cipher_close(des);
+#elif defined(USE_NSS)
+    encrypt_des(magic, lmbuffer,   pw);
+    encrypt_des(magic, lmbuffer+8, pw+7);
 #endif

    memset(lmbuffer + 16, 0, 21 - 16);
  }
-  }
+}

 #if USE_NTRESPONSES
 static void ascii_to_unicode_le(unsigned char *dest, const char *src,
@@ -525,6 +619,8 @@ static CURLcode mk_nt_hash(struct SessionHandle *data,
    gcry_md_write(MD4pw, pw, 2*len);
    memcpy (ntbuffer, gcry_md_read (MD4pw, 0), MD4_DIGEST_LENGTH);
    gcry_md_close(MD4pw);
+#elif defined(USE_NSS)
+    Curl_md4it(ntbuffer, pw, 2*len);
 #endif

    memset(ntbuffer + 16, 0, 21 - 16);
@@ -599,6 +695,11 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
  DEBUGASSERT(conn);
  DEBUGASSERT(conn->data);

+#ifdef USE_NSS
+  if(CURLE_OK != Curl_nss_force_init(conn->data))
+    return CURLE_OUT_OF_MEMORY;
+#endif
+
  if(proxy) {
    allocuserpwd = &conn->allocptr.proxyuserpwd;
    userp = conn->proxyuser;
@@ -894,7 +995,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
      user = userp;
    userlen = strlen(user);

-    if(gethostname(host, HOSTNAME_MAX)) {
+    if(Curl_gethostname(host, HOSTNAME_MAX)) {
      infof(conn->data, "gethostname() failed, continuing without!");
      hostlen = 0;
    }
@@ -926,6 +1027,11 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
      gcry_md_hd_t MD5pw;
      Curl_gtls_seed(conn->data); /* Initiate the seed if not already done */
      gcry_randomize(entropy, 8, GCRY_STRONG_RANDOM);
+#elif defined(USE_NSS)
+      PK11Context *MD5pw;
+      unsigned int outlen;
+      Curl_nss_seed(conn->data);  /* Initiate the seed if not already done */
+      PK11_GenerateRandom(entropy, 8);
 #endif

      /* 8 bytes random data as challenge in lmresp */
@@ -946,6 +1052,11 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
      gcry_md_write(MD5pw, tmp, MD5_DIGEST_LENGTH);
      memcpy(md5sum, gcry_md_read (MD5pw, 0), MD5_DIGEST_LENGTH);
      gcry_md_close(MD5pw);
+#elif defined(USE_NSS)
+      MD5pw = PK11_CreateDigestContext(SEC_OID_MD5);
+      PK11_DigestOp(MD5pw, tmp, 16);
+      PK11_DigestFinal(MD5pw, md5sum, &outlen, MD5_DIGEST_LENGTH);
+      PK11_DestroyContext(MD5pw, PR_TRUE);
 #endif

      /* We shall only use the first 8 bytes of md5sum,
--- a/lib/krb4.h
+++ b/lib/krb4.h
@@ -47,7 +47,6 @@ extern struct Curl_sec_client_mech Curl_krb5_client_mech;
 #endif

 CURLcode Curl_krb_kauth(struct connectdata *conn);
-int Curl_sec_fflush_fd(struct connectdata *conn, int fd);
 int Curl_sec_fprintf (struct connectdata *, FILE *, const char *, ...);
 int Curl_sec_getc (struct connectdata *conn, FILE *);
 int Curl_sec_putc (struct connectdata *conn, int, FILE *);
@@ -58,10 +57,10 @@ int Curl_sec_fprintf2(struct connectdata *conn, FILE *f, const char *fmt, ...);
 int Curl_sec_vfprintf2(struct connectdata *conn, FILE *, const char *, va_list);

 void Curl_sec_end (struct connectdata *);
-int Curl_sec_login (struct connectdata *);
+CURLcode Curl_sec_login (struct connectdata *);
 void Curl_sec_prot (int, char **);
 int Curl_sec_request_prot (struct connectdata *conn, const char *level);
-void Curl_sec_set_protection_level(struct connectdata *conn);
+int Curl_sec_set_protection_level(struct connectdata *conn);
 void Curl_sec_status (void);

 enum protection_level Curl_set_command_prot(struct connectdata *,
--- a/lib/krb5.c
+++ b/lib/krb5.c
@@ -75,10 +75,19 @@
 #define LOCAL_ADDR (&conn->local_addr)
 #define REMOTE_ADDR conn->ip_addr->ai_addr

+static int
+krb5_init(void *app_data)
+{
+  gss_ctx_id_t *context = app_data;
+  /* Make sure our context is initialized for krb5_end. */
+  *context = GSS_C_NO_CONTEXT;
+  return 0;
+}
+
 static int
 krb5_check_prot(void *app_data, int level)
 {
-  app_data = NULL; /* prevent compiler warning */
+  (void)app_data; /* unused */
  if(level == prot_confidential)
    return -1;
  return 0;
@@ -161,7 +170,7 @@ krb5_encode(void *app_data, const void *from, int length, int level, void **to,
 static int
 krb5_auth(void *app_data, struct connectdata *conn)
 {
-  int ret;
+  int ret = AUTH_OK;
  char *p;
  const char *host = conn->host.name;
  ssize_t nread;
@@ -169,7 +178,7 @@ krb5_auth(void *app_data, struct connectdata *conn)
  struct SessionHandle *data = conn->data;
  CURLcode result;
  const char *service = "ftp", *srv_host = "host";
-  gss_buffer_desc gssbuf, _gssresp, *gssresp;
+  gss_buffer_desc input_buffer, output_buffer, _gssresp, *gssresp;
  OM_uint32 maj, min;
  gss_name_t gssname;
  gss_ctx_id_t *context = app_data;
@@ -205,28 +214,31 @@ krb5_auth(void *app_data, struct connectdata *conn)
        return -1;
    }

-    gssbuf.value = data->state.buffer;
-    gssbuf.length = snprintf(gssbuf.value, BUFSIZE, "%s@%s", service, host);
-    maj = gss_import_name(&min, &gssbuf, GSS_C_NT_HOSTBASED_SERVICE, &gssname);
+    input_buffer.value = data->state.buffer;
+    input_buffer.length = snprintf(input_buffer.value, BUFSIZE, "%s@%s",
+                                   service, host);
+    maj = gss_import_name(&min, &input_buffer, GSS_C_NT_HOSTBASED_SERVICE,
+                          &gssname);
    if(maj != GSS_S_COMPLETE) {
      gss_release_name(&min, &gssname);
      if(service == srv_host) {
-        Curl_failf(data, "Error importing service name %s", gssbuf.value);
+        Curl_failf(data, "Error importing service name %s", input_buffer.value);
        return AUTH_ERROR;
      }
      service = srv_host;
      continue;
    }
-    {
-      gss_OID t;
-      gss_display_name(&min, gssname, &gssbuf, &t);
-      Curl_infof(data, "Trying against %s\n", gssbuf.value);
-      gss_release_buffer(&min, &gssbuf);
-    }
+    /* We pass NULL as |output_name_type| to avoid a leak. */
+    gss_display_name(&min, gssname, &output_buffer, NULL);
+    Curl_infof(data, "Trying against %s\n", output_buffer.value);
    gssresp = GSS_C_NO_BUFFER;
    *context = GSS_C_NO_CONTEXT;

    do {
+      /* Release the buffer at each iteration to avoid leaking: the first time
+         we are releasing the memory from gss_display_name. The last item is
+         taken care by a final gss_release_buffer. */
+      gss_release_buffer(&min, &output_buffer);
      ret = AUTH_OK;
      maj = gss_init_sec_context(&min,
                                 GSS_C_NO_CREDENTIAL,
@@ -238,7 +250,7 @@ krb5_auth(void *app_data, struct connectdata *conn)
                                 &chan,
                                 gssresp,
                                 NULL,
-                                 &gssbuf,
+                                 &output_buffer,
                                 NULL,
                                 NULL);

@@ -253,9 +265,9 @@ krb5_auth(void *app_data, struct connectdata *conn)
        break;
      }

-      if(gssbuf.length != 0) {
-        if(Curl_base64_encode(data, (char *)gssbuf.value, gssbuf.length, &p)
-           < 1) {
+      if(output_buffer.length != 0) {
+        if(Curl_base64_encode(data, (char *)output_buffer.value,
+                              output_buffer.length, &p) < 1) {
          Curl_infof(data, "Out of memory base64-encoding");
          ret = AUTH_CONTINUE;
          break;
@@ -298,6 +310,7 @@ krb5_auth(void *app_data, struct connectdata *conn)
    } while(maj == GSS_S_CONTINUE_NEEDED);

    gss_release_name(&min, &gssname);
+    gss_release_buffer(&min, &output_buffer);

    if(gssresp)
      free(_gssresp.value);
@@ -307,14 +320,25 @@ krb5_auth(void *app_data, struct connectdata *conn)

    service = srv_host;
  }
+  return ret;
+}
+
+static void krb5_end(void *app_data)
+{
+    OM_uint32 maj, min;
+    gss_ctx_id_t *context = app_data;
+    if (*context != GSS_C_NO_CONTEXT) {
+      maj = gss_delete_sec_context(&min, context, GSS_C_NO_BUFFER);
+      DEBUGASSERT(maj == GSS_S_COMPLETE);
+    }
 }

 struct Curl_sec_client_mech Curl_krb5_client_mech = {
    "GSSAPI",
    sizeof(gss_ctx_id_t),
-    NULL, /* init */
+    krb5_init,
    krb5_auth,
-    NULL, /* end */
+    krb5_end,
    krb5_check_prot,
    krb5_overhead,
    krb5_encode,
--- a/Show More
+++ b/Show More